Nieznane wykorzystanie procesora

**Posty:** 934 · przez **AragornXT** 20 Wrz 2014, 17:20

Witam,
od paru dni spotykam się z dość mocnym, jak na mój model, nagrzewaniem się laptopa. Dodatkowo czasem pojawi się zwieszka prowadząca tylko do restartu. Niestety padłem niedawno ofiarą oszustów podszywających się pod paczkomaty, może to jest przyczyna.
Poniżej pojawią się za parę minut logi z gmera i otl

Kod: Zaznacz wszystko: GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-09-20 18:02:49 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000BEKT-22KA9T0 rev.01.01A01 465,76GB Running: 20fb4p7l.exe; Driver: C:\Users\alex\AppData\Local\Temp\aftcqaod.sys ---- Kernel code sections - GMER 2.1 ---- INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff800041b2000 45 bytes [43, 4D, 33, 31, 05, 00, 00, ...] INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 607 fffff800041b202f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...] PAGE C:\Windows\system32\drivers\ataport.SYS!DllUnload fffff88000db34a0 12 bytes {MOV RAX, 0xfffffa800398c2a0; JMP RAX} .text C:\Windows\system32\drivers\USBPORT.SYS!DllUnload fffff880070ead64 12 bytes {MOV RAX, 0xfffffa80052082a0; JMP RAX} ---- User code sections - GMER 2.1 ---- .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1768] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000765487b1 4 bytes [C2, 04, 00, 00] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1768] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075091465 2 bytes [09, 75] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1768] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000750914bb 2 bytes [09, 75] .text ... * 2 .text C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[1884] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075091465 2 bytes [09, 75] .text C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[1884] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000750914bb 2 bytes [09, 75] .text ... * 2 .text C:\Users\alex\AppData\Roaming\Dropbox\bin\Dropbox.exe[2916] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000075091465 2 bytes [09, 75] .text C:\Users\alex\AppData\Roaming\Dropbox\bin\Dropbox.exe[2916] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 00000000750914bb 2 bytes [09, 75] .text ... * 2 .text C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2300] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075091465 2 bytes [09, 75] .text C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2300] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000750914bb 2 bytes [09, 75] .text ... * 2 ---- Kernel IAT/EAT - GMER 2.1 ---- IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [fffff88001095f1c] \SystemRoot\System32\Drivers\sptd.sys [.text] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [fffff88001095cc0] \SystemRoot\System32\Drivers\sptd.sys [.text] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [fffff8800109669c] \SystemRoot\System32\Drivers\sptd.sys [.text] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong] [fffff88001096a98] \SystemRoot\System32\Drivers\sptd.sys [.text] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [fffff880010968f4] \SystemRoot\System32\Drivers\sptd.sys [.text] ---- Devices - GMER 2.1 ---- Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 fffffa80042f32c0 Device \Driver\atapi \Device\Ide\IdePort0 fffffa80042f32c0 Device \Driver\atapi \Device\Ide\IdePort1 fffffa80042f32c0 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 fffffa80042f32c0 Device \FileSystem\Ntfs \Ntfs fffffa80042fb2c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{3B4002A4-6818-4AB8-B1C2-9FA4C614123A} fffffa8004e822c0 Device \Driver\usbehci \Device\USBPDO-1 fffffa80052372c0 Device \Driver\cdrom \Device\CdRom0 fffffa8004c7a2c0 Device \Driver\cdrom \Device\CdRom1 fffffa8004c7a2c0 Device \Driver\usbehci \Device\USBFDO-0 fffffa80052372c0 Device \Driver\dtsoftbus01 \Device\DTSoftBusCtl fffffa8004c182c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{EC652FC8-E38F-4AA5-9EAA-C7A4C18A32FF} fffffa8004e822c0 Device \Driver\usbehci \Device\USBFDO-1 fffffa80052372c0 Device \Driver\dtsoftbus01 \Device\0000007d fffffa8004c182c0 Device \Driver\NetBT \Device\NetBt_Wins_Export fffffa8004e822c0 Device \Driver\atapi \Device\ScsiPort0 fffffa80042f32c0 Device \Driver\usbehci \Device\USBPDO-0 fffffa80052372c0 Device \Driver\atapi \Device\ScsiPort1 fffffa80042f32c0 ---- Trace I/O - GMER 2.1 ---- Trace ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80042f32c0]<< sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys fffffa80042f32c0 Trace 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004afd060] fffffa8004afd060 Trace 3 CLASSPNP.SYS[fffff88001b4143f] -> nt!IofCallDriver -> [0xfffffa80047d5520] fffffa80047d5520 Trace 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80047c71f0] fffffa80047c71f0 Trace \Driver\atapi[0xfffffa80047a2e40] -> IRP_MJ_CREATE -> 0xfffffa80042f32c0 fffffa80042f32c0 ---- Threads - GMER 2.1 ---- Thread C:\Windows\System32\svchost.exe [980:460] 000007fefc76f2f4 Thread C:\Windows\System32\svchost.exe [980:328] 000007fefc716204 Thread C:\Windows\System32\svchost.exe [980:1240] 000007fefad65440 Thread C:\Windows\System32\svchost.exe [980:3076] 000007fef55e6b8c Thread C:\Windows\System32\svchost.exe [980:1680] 000007fef55e1d88 Thread C:\Windows\System32\svchost.exe [980:7052] 000007fefaf82070 Thread C:\Windows\System32\svchost.exe [1016:1368] 000007fefa2d3f1c Thread C:\Windows\System32\svchost.exe [1016:3980] 000007fef4d720c0 Thread C:\Windows\System32\svchost.exe [1016:3992] 000007fef4d726a8 Thread C:\Windows\System32\svchost.exe [1016:4768] 000007fef75b88f8 Thread C:\Windows\System32\svchost.exe [1016:4328] 000007fef63344e0 Thread C:\Windows\System32\svchost.exe [1016:6836] 000007fef4d729dc Thread [1668:1720] 0000000077713e45 Thread [1668:1724] 0000000075fb7587 Thread [1668:1728] 0000000077712e25 Thread C:\Windows\WindowsMobile\wmdc.exe [2532:4116] 0000000071673804 Thread C:\Windows\WindowsMobile\wmdc.exe [2532:4128] 0000000071693368 Thread C:\Windows\system32\svchost.exe [3860:4088] 000000006fe7b5fc Thread C:\Windows\system32\svchost.exe [3860:4108] 000000006fe61760 Thread C:\Windows\system32\svchost.exe [3860:4112] 000000006fef8b1c Thread C:\Windows\system32\svchost.exe [3860:4120] 000000006fefc740 Thread C:\Windows\system32\svchost.exe [3860:4124] 000000006ff0498c Thread C:\Windows\system32\svchost.exe [3860:4168] 000000006fe76394 Thread C:\Windows\system32\svchost.exe [3860:6896] 000000006fe32234 Thread C:\Windows\system32\svchost.exe [3860:6900] 000000006fea0398 Thread [1528:4316] 0000000075fb7587 Thread [1528:4472] 0000000077712e25 Thread [1528:1860] 0000000077713e45 Thread C:\Windows\System32\svchost.exe [3988:4192] 000007fef0ff9688 ---- Processes - GMER 2.1 ---- Library C:\Users\alex\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\alex\AppData\Roaming\Dropbox\bin\Dropbox.exe [2916](2014-09-13 00:20:58) 0000000003e90000 Library c:\users\alex\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpofne7r.dll (*** suspicious ***) @ C:\Users\alex\AppData\Roaming\Dropbox\bin\Dropbox.exe [2916](2014-09-19 15:53:27) 00000000042f0000 Library C:\Users\alex\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\alex\AppData\Roaming\Dropbox\bin\Dropbox.exe [2916](2013-08-23 19:01:44) 000000006e5f0000 Library C:\Users\alex\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\alex\AppData\Roaming\Dropbox\bin\Dropbox.exe [2916] (ICU Data DLL/The ICU Project)(2013-08-23 19:01:42) 000000006dc60000 Library C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2108](2013-03-20 17:38:10) 000000006fbc0000 Library C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2108](2013-03-20 17:38:10) 000000006e940000 Library C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2108](2013-03-20 17:38:10) 000000006a1c0000 Library C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2108](2013-03-20 17:38:10) 000000006ff00000 Library C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2108](2013-03-20 17:38:10) 000000006efc0000 Library C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2108](2013-03-20 17:38:10) 000000006ed40000 Library C:\ProgramData\PLAY ONLINE\OnlineUpdate\mingwm10.dll (*** suspicious ***) @ C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe [1956] 000000006fbc0000 Library C:\ProgramData\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll (*** suspicious ***) @ C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe [1956](2013-03-20 16:54:16) 000000006e940000 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06dddc6d3 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06dddc6d3@c0cb38e1bd00 0x1E 0xF5 0x82 0xD0 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06dddc6d3@0024834f37c6 0x47 0xB2 0x43 0x08 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06dddc6d3@2013e0bf4628 0xF2 0xA2 0xA7 0x5C ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06dddc6d3@0015a07bb9e1 0x99 0x2C 0xAE 0x5B ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06dddc6d3@000d18000001 0x29 0xF2 0xDE 0x03 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x99 0x3B 0x9B 0x30 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 J:\Programy\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x35 0x3A 0xC3 0x04 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xDF 0x1F 0x9B 0x77 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06dddc6d3 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06dddc6d3@c0cb38e1bd00 0x1E 0xF5 0x82 0xD0 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06dddc6d3@0024834f37c6 0x47 0xB2 0x43 0x08 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06dddc6d3@2013e0bf4628 0xF2 0xA2 0xA7 0x5C ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06dddc6d3@0015a07bb9e1 0x99 0x2C 0xAE 0x5B ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06dddc6d3@000d18000001 0x29 0xF2 0xDE 0x03 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x99 0x3B 0x9B 0x30 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 J:\Programy\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x35 0x3A 0xC3 0x04 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xDF 0x1F 0x9B 0x77 ... ---- EOF - GMER 2.1 ----

Kod: Zaznacz wszystko: OTL logfile created on: 2014-09-20 18:04:12 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = J:\Pobierane 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,91 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 31,07% Memory free 7,82 Gb Paging File | 4,58 Gb Available in Paging File | 58,64% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 58,57 Gb Total Space | 10,10 Gb Free Space | 17,25% Space Free | Partition Type: NTFS Drive E: | 50,00 Gb Total Space | 14,97 Gb Free Space | 29,93% Space Free | Partition Type: NTFS Drive J: | 100,00 Gb Total Space | 46,63 Gb Free Space | 46,63% Space Free | Partition Type: NTFS Drive K: | 100,00 Gb Total Space | 67,19 Gb Free Space | 67,19% Space Free | Partition Type: NTFS Drive L: | 157,19 Gb Total Space | 32,87 Gb Free Space | 20,91% Space Free | Partition Type: NTFS Computer Name: ALEX-KOMPUTER | User Name: alex | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-09-20 17:16:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- J:\Pobierane\OTL.exe PRC - [2014-09-20 17:15:48 | 000,380,416 | ---- | M] () -- J:\Pobierane\20fb4p7l.exe PRC - [2014-09-19 08:10:10 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2014-09-13 02:52:04 | 036,414,624 | ---- | M] (Dropbox, Inc.) -- C:\Users\alex\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2013-07-26 12:21:17 | 000,446,208 | ---- | M] () -- C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe PRC - [2013-05-27 18:51:34 | 000,246,112 | ---- | M] () -- C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe PRC - [2013-03-21 15:19:46 | 001,341,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2012-08-17 17:48:44 | 000,019,456 | ---- | M] (Clarus, Inc.) -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe PRC - [2012-08-17 17:48:16 | 000,135,168 | ---- | M] (Clarus, Inc.) -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe PRC - [2012-07-25 03:51:06 | 000,655,712 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe PRC - [2012-07-05 19:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-04-12 05:27:08 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE PRC - [2011-06-24 13:52:26 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\S-Bar\MSIService.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-04-08 08:01:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-03-14 17:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2010-11-17 03:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-09-20 17:15:48 | 000,380,416 | ---- | M] () -- J:\Pobierane\20fb4p7l.exe MOD - [2014-09-19 17:53:27 | 000,043,008 | ---- | M] () -- c:\users\alex\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpofne7r.dll MOD - [2014-09-19 08:10:07 | 003,734,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2014-09-13 02:20:58 | 003,610,624 | ---- | M] () -- C:\Users\alex\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll MOD - [2013-08-23 21:01:44 | 025,100,288 | ---- | M] () -- C:\Users\alex\AppData\Roaming\Dropbox\bin\libcef.dll MOD - [2013-07-26 12:21:17 | 000,446,208 | ---- | M] () -- C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2013-10-23 14:26:28 | 002,572,072 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent) SRV:[b]64bit:[/b] - [2013-03-21 15:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2012-05-12 20:38:40 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2010-11-30 13:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2014-09-19 08:10:07 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-09-11 00:21:15 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-05-27 18:51:34 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc) SRV - [2012-08-17 17:48:44 | 000,019,456 | ---- | M] (Clarus, Inc.) [Auto | Running] -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe -- (SZDrvSvc) SRV - [2012-07-25 03:51:06 | 000,655,712 | ---- | M] () [Auto | Stopped] -- L:\Programy\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc) SRV - [2012-07-05 19:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-04-12 05:27:08 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc) SRV - [2011-07-13 17:27:56 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-06-24 13:52:26 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\S-Bar\MSIService.exe -- (Micro Star SCM) SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-04-08 08:01:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-03-14 17:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008-08-07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2007-05-31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2014-02-01 20:21:35 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2013-05-12 15:04:02 | 000,267,776 | ---- | M] (Jungo Connectivity) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\windrvr6.sys -- (WinDriver6) DRV:[b]64bit:[/b] - [2013-02-14 12:21:06 | 000,058,416 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:[b]64bit:[/b] - [2013-02-14 12:21:04 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:[b]64bit:[/b] - [2013-02-12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2013-01-10 09:25:22 | 000,190,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:[b]64bit:[/b] - [2013-01-10 09:25:22 | 000,059,440 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF) DRV:[b]64bit:[/b] - [2013-01-10 09:25:20 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2012-09-20 06:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:[b]64bit:[/b] - [2012-09-20 06:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:[b]64bit:[/b] - [2012-07-04 01:11:52 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2012-06-27 10:37:56 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm) DRV:[b]64bit:[/b] - [2012-06-27 10:37:56 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdm.sys -- (ss_mdm) DRV:[b]64bit:[/b] - [2012-06-27 10:37:56 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd) DRV:[b]64bit:[/b] - [2012-06-27 10:37:56 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) DRV:[b]64bit:[/b] - [2012-06-27 10:37:56 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bus.sys -- (ss_bus) DRV:[b]64bit:[/b] - [2012-06-27 10:37:56 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl) DRV:[b]64bit:[/b] - [2012-06-27 10:37:56 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdfl.sys -- (ss_mdfl) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-17 23:24:47 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri) DRV:[b]64bit:[/b] - [2012-02-17 23:24:19 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:[b]64bit:[/b] - [2012-02-17 23:24:19 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:[b]64bit:[/b] - [2011-12-02 14:23:22 | 000,223,744 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm) DRV:[b]64bit:[/b] - [2011-09-09 11:51:02 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:[b]64bit:[/b] - [2011-09-09 11:51:02 | 000,072,192 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys -- (huawei_cdcecm) DRV:[b]64bit:[/b] - [2011-09-09 11:51:02 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV:[b]64bit:[/b] - [2011-09-09 11:51:00 | 000,098,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV:[b]64bit:[/b] - [2011-08-16 17:17:46 | 000,223,232 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:[b]64bit:[/b] - [2011-07-13 01:34:18 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt) DRV:[b]64bit:[/b] - [2011-07-13 01:27:49 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2011-07-13 01:27:27 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2011-06-10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011-04-08 08:01:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2011-03-15 18:09:16 | 000,311,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-12-10 07:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:[b]64bit:[/b] - [2010-12-10 07:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-10-19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2010-07-27 09:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:[b]64bit:[/b] - [2010-04-03 10:30:40 | 000,313,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0150.sys -- (RsFx0150) DRV:[b]64bit:[/b] - [2010-03-20 12:06:58 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV:[b]64bit:[/b] - [2009-10-05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2008-05-16 13:33:06 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdm.sys -- (s0016mdm) DRV:[b]64bit:[/b] - [2008-05-16 13:33:06 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016unic.sys -- (s0016unic) DRV:[b]64bit:[/b] - [2008-05-16 13:33:06 | 000,137,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mgmt.sys -- (s0016mgmt) DRV:[b]64bit:[/b] - [2008-05-16 13:33:06 | 000,136,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016obex.sys -- (s0016obex) DRV:[b]64bit:[/b] - [2008-05-16 13:33:06 | 000,034,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016nd5.sys -- (s0016nd5) DRV:[b]64bit:[/b] - [2008-05-16 13:33:04 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdfl.sys -- (s0016mdfl) DRV:[b]64bit:[/b] - [2008-05-16 13:32:56 | 000,115,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016bus.sys -- (s0016bus) DRV - [2013-10-30 05:16:30 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2012-06-21 14:58:20 | 000,020,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys -- (mdf16) DRV - [2012-06-21 14:58:10 | 000,099,248 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys -- (mvd23) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{776D17D3-1DA0-4981-AE90-A01FDEF5D2A3}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2527288125-292897534-329591378-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKU\S-1-5-21-2527288125-292897534-329591378-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2527288125-292897534-329591378-1000\..\SearchScopes\{776D17D3-1DA0-4981-AE90-A01FDEF5D2A3}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2527288125-292897534-329591378-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2527288125-292897534-329591378-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2527288125-292897534-329591378-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2527288125-292897534-329591378-1001\..\SearchScopes\{776D17D3-1DA0-4981-AE90-A01FDEF5D2A3}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2527288125-292897534-329591378-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2527288125-292897534-329591378-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.popkiller.pl/" FF - prefs.js..extensions.enabledAddons: pagerank%40any-tech.ws:1.1.1 FF - prefs.js..extensions.enabledAddons: yslow%40yahoo-inc.com:3.1.8 FF - prefs.js..extensions.enabledAddons: %7B7C9AE782-DB21-4e40-81FB-AD8A53A6233A%7D:1.83 FF - prefs.js..extensions.enabledAddons: %7Bc2b1f3ae-5cd5-49b7-8a0c-2c3bcbbbb294%7D:1.1 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.2 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: J:\Programy\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\alex\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014-09-19 08:09:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-09-19 08:09:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-05-12 15:29:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-09-14 12:27:09 | 000,000,000 | ---D | M] [2011-07-13 01:42:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\Extensions [2014-09-06 23:21:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\Firefox\Profiles\y61ym9mu.default\extensions [2013-06-09 12:50:15 | 000,000,000 | ---D | M] (Screenshot Pimp) -- C:\Users\alex\AppData\Roaming\mozilla\Firefox\Profiles\y61ym9mu.default\extensions\{056d0610-e44d-11df-bccf-0800200c9a66} [2014-09-03 18:14:39 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\alex\AppData\Roaming\mozilla\Firefox\Profiles\y61ym9mu.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [2014-05-13 22:21:35 | 000,000,000 | ---D | M] (Lightshot (screenshot tool)) -- C:\Users\alex\AppData\Roaming\mozilla\Firefox\Profiles\y61ym9mu.default\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} [2014-09-06 10:29:03 | 000,068,119 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\dnscache@dominik.jungowski.xpi [2014-09-06 23:21:47 | 004,222,513 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\firebug@software.joehewitt.com.xpi [2014-08-30 10:30:28 | 000,447,398 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\jid0-jJRRRBMgoShUhb07IvnxTBAl29w@jetpack.xpi [2013-10-20 13:21:37 | 000,203,788 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\jid0-SAMLlzwG5OuSfGwYx8EVjBUykLw@jetpack.xpi [2014-05-11 21:17:26 | 000,037,933 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\jid0-Z0Vu9hJlqV0fhIAPqPfmUCNubYQ@jetpack.xpi [2012-07-31 00:36:34 | 000,022,179 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\pagerank@any-tech.ws.xpi [2012-10-27 01:08:57 | 000,039,447 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\seotoolbar@seo-sem.com.xpi [2013-12-14 01:41:20 | 000,201,121 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\yslow@yahoo-inc.com.xpi [2012-09-24 11:32:43 | 000,164,858 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2012-10-27 00:43:11 | 000,015,459 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\{7C9AE782-DB21-4e40-81FB-AD8A53A6233A}.xpi [2012-09-29 13:00:01 | 000,003,170 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\{c2b1f3ae-5cd5-49b7-8a0c-2c3bcbbbb294}.xpi [2014-08-22 22:31:48 | 000,434,656 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-07-23 18:06:43 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-06 22:54:42 | 000,558,500 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi [2013-06-23 23:42:31 | 000,002,281 | ---- | M] () -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\searchplugins\s-amazon.xml [2012-10-27 00:56:25 | 000,005,306 | ---- | M] () -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\searchplugins\whois-ip-address.xml [2014-09-19 08:09:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2014-09-19 08:09:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-19 08:09:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-19 08:09:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-09-19 08:09:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2014-09-19 08:10:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin5.dll CHR - plugin: MicrosoftÂ® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: Wolfram Mathematica (Enabled) = C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\alex\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Picasa (Enabled) = J:\Programy\Picasa3\npPicasa3.dll CHR - default_search_provider: 5ACB26E9BBD335614508F8963803897EF9F266B61E70180147088601743664F7 (Enabled) CHR - default_search_provider: search_url = AF7723C04CBF7980B17062E2ED86CBCA9DAF168C0F78A230EAD8BE28206AD4DA CHR - default_search_provider: suggest_url = CHR - homepage: DF2F37A9770B9DD888819153338BB658C424BA1CEC9A89E50AE504817985DE42 CHR - Extension: 22find = C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijblflkdjdopkpdgllkmlbgcffjbnfda\2.0.1_0\ CHR - Extension: Skype Click to Call = C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\ CHR - Extension: Google Wallet = C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [CancelAutoPlay_df] C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe () O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2527288125-292897534-329591378-1001..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKU\S-1-5-21-2527288125-292897534-329591378-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2527288125-292897534-329591378-1001..\Run: [Software Informer] "C:\Program Files (x86)\Software Informer\softinfo.exe" -autorun File not found O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - Startup: C:\Users\alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\alex\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16:[b]64bit:[/b] - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.67.2) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.67.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B4002A4-6818-4AB8-B1C2-9FA4C614123A}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98C0B992-44A2-49DD-A2FB-CD9ECD636C42}: NameServer = 193.41.112.14 193.41.112.18 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CB2ECE6-DE04-456F-B69E-DE0F91B4339A}: NameServer = 193.41.112.18 193.41.112.14 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB53E2F3-24CB-4394-A9EC-09C5C45AEA4C}: NameServer = 193.41.112.18 193.41.112.14 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC652FC8-E38F-4AA5-9EAA-C7A4C18A32FF}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB73BF0E-46B4-49BE-A855-09411E59F287}: DhcpNameServer = 192.168.0.1 O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2014-08-04 22:04:49 | 000,253,749 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color] [2014-09-19 08:09:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2014-09-18 19:50:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2014-09-18 19:50:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2014-09-15 12:03:25 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Local\gtk-2.0 [2014-09-14 12:29:48 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Roaming\ESET [2014-09-14 12:29:48 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Local\ESET [2014-09-14 12:26:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [2014-09-14 12:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2014-09-14 12:26:56 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2014-08-23 12:04:50 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Local\Adobe [2014-08-07 22:39:42 | 000,000,000 | ---D | C] -- C:\Users\alex\Documents\Arduino [2014-08-07 22:39:42 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Roaming\Arduino [2014-08-07 22:37:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Arduino [2014-08-05 18:21:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2014-08-05 18:21:20 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2014-08-05 18:21:10 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2014-07-31 17:18:20 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2014-07-31 17:17:38 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ScanXL-ELM [2014-07-31 17:17:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScanXLELM [2014-07-31 17:17:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2014-07-24 19:59:24 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Roaming\Testy.2014.PWPW [2014-07-24 19:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ekierowca [2014-07-24 19:50:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ekierowca [2014-07-23 18:10:43 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2014-07-23 18:10:43 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2014-07-01 22:04:34 | 000,000,000 | ---D | C] -- C:\Users\alex\Documents\Lightshot [2014-06-23 11:54:30 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2014-06-23 11:54:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2014-06-23 11:40:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2014-06-23 11:40:04 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2014-06-23 11:40:04 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2014-06-23 11:40:04 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2014-06-23 11:40:04 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2014-06-23 11:40:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2014-06-23 11:40:04 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2014-06-23 11:40:04 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2014-06-23 11:40:04 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2014-06-23 11:40:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2014-06-23 11:40:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2014-06-23 11:40:04 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2014-06-23 11:40:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2014-06-23 11:40:04 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2014-06-23 11:40:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2014-06-23 11:40:04 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2014-06-23 11:40:04 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2014-06-23 11:40:04 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2014-06-23 11:40:04 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2014-06-23 11:40:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2014-06-23 11:40:04 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2014-06-23 11:40:04 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2014-06-23 11:40:04 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2014-06-23 11:40:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2014-06-23 11:40:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2014-06-23 11:40:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2014-06-23 11:40:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2014-06-23 11:40:04 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2014-06-23 11:40:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2014-06-23 11:40:04 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2014-06-23 11:40:04 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2014-06-23 11:40:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2014-06-23 11:40:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2014-06-23 11:40:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2014-06-23 11:40:04 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2014-06-23 11:40:03 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2014-06-23 11:40:03 | 002,338,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014-06-23 11:40:03 | 001,494,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2014-06-23 11:40:03 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2014-06-23 11:40:03 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2014-06-23 11:40:03 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2014-06-23 11:40:03 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014-06-23 11:40:03 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2014-06-23 11:40:03 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2014-06-23 11:40:03 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2014-06-23 11:40:03 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2014-06-23 11:40:03 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2014-06-23 11:40:03 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2014-06-23 11:40:03 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2014-06-23 11:40:03 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2014-06-23 11:40:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2014-06-23 11:40:03 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2014-06-23 11:40:03 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2014-06-23 11:40:03 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2014-06-23 11:40:03 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2014-06-23 11:40:03 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2014-06-23 11:40:03 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2014-06-23 11:40:03 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2014-06-23 11:40:03 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2014-06-23 11:40:03 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2014-06-23 11:40:03 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2014-06-23 11:40:03 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2014-06-23 11:40:03 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2014-06-23 11:40:03 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2014-06-23 11:40:03 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2014-06-23 11:40:03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2014-06-23 11:40:03 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2014-06-23 11:40:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2014-06-23 11:40:03 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014-06-23 11:40:03 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2014-06-23 11:40:03 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2014-06-23 11:40:03 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2014-06-23 11:19:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2014-06-23 11:18:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2014-06-23 11:09:01 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2014-06-23 11:09:01 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2014-06-23 11:09:01 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2014-06-23 11:09:01 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2014-06-23 11:07:59 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2014-06-23 11:07:59 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2014-06-23 11:07:59 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2014-06-23 11:07:59 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2014-06-23 10:50:13 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2014-06-23 10:50:13 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2014-06-22 21:42:56 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2014-06-22 21:42:55 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2014-06-22 21:42:51 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2014-06-22 21:42:50 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2014-06-22 21:42:50 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2014-06-22 21:42:48 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2014-06-22 21:42:48 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2014-06-22 21:42:48 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2014-06-22 21:42:48 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2014-06-22 21:42:48 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2014-06-22 21:42:48 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2014-06-22 21:42:48 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2014-06-22 21:42:48 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2014-06-22 21:42:48 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2014-06-22 21:42:46 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2014-06-22 21:42:36 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2014-06-22 21:42:36 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2014-06-22 21:42:34 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2014-06-22 21:42:34 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2014-06-22 21:42:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2014-06-22 21:42:34 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2014-06-22 21:41:45 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2014-06-22 21:41:45 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2014-06-22 21:41:44 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2014-06-22 21:41:44 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2014-06-22 21:41:38 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2014-06-22 21:41:29 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2014-06-22 21:41:29 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2014-06-22 21:41:04 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2014-06-22 21:41:04 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2014-06-22 21:40:45 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rndismpx.sys [2014-06-22 21:40:45 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023x.sys [2014-06-22 21:40:45 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2014-06-22 21:40:44 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2014-06-22 21:40:44 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2014-06-22 21:40:44 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2014-06-22 21:40:43 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2014-06-22 21:40:42 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2014-06-22 21:40:42 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2014-06-22 21:40:42 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2014-06-22 21:40:39 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\profprov.dll [2014-06-22 21:40:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2014-06-22 21:40:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2014-06-22 21:39:48 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2014-06-22 21:39:48 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2014-06-22 21:39:48 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnaddr.dll [2014-06-22 21:39:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnaddr.dll [2014-06-22 21:39:46 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2014-06-22 21:39:44 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2014-06-22 21:39:42 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2014-06-22 21:39:41 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2014-06-22 21:39:41 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2014-06-22 21:39:41 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2014-06-22 21:39:41 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2014-06-22 21:39:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2014-06-22 21:39:32 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2014-06-22 21:39:28 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2014-06-22 21:39:28 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2014-06-22 21:39:25 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2014-06-22 21:39:25 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2014-06-22 21:39:25 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2014-06-22 21:39:25 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2014-06-22 21:39:25 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2014-06-22 21:39:25 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2014-06-22 21:39:25 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2014-06-22 21:39:25 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2014-06-22 21:39:25 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2014-06-22 21:39:25 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2014-06-22 21:39:25 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2014-06-22 21:39:25 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2014-06-22 21:39:25 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2014-06-22 21:39:25 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2014-06-22 21:39:25 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2014-06-22 21:39:25 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2014-06-22 21:39:25 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2014-06-22 21:39:25 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2014-06-22 21:39:25 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2014-06-22 21:39:25 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2014-06-22 21:39:25 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2014-06-22 21:39:25 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2014-06-22 21:39:25 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2014-06-22 21:39:25 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2014-06-22 21:39:24 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2014-06-22 21:39:24 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2014-06-22 21:39:24 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2014-06-22 21:39:24 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2014-06-22 21:39:24 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2014-06-22 21:39:24 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2014-06-22 21:39:24 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2014-06-22 21:39:24 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2014-06-22 21:39:12 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2014-06-22 21:39:12 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2014-06-22 21:39:12 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax [2014-06-22 21:39:12 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax [2014-06-22 21:39:11 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax [2014-06-22 21:39:11 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax [2014-06-22 21:39:11 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax [2014-06-22 21:39:11 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax [2014-06-22 21:39:11 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax [2014-06-22 21:39:11 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax [2014-06-22 21:38:48 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2014-06-22 21:38:40 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2014-06-22 21:38:40 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2014-06-22 21:38:40 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2014-06-22 21:38:39 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2014-06-22 21:38:39 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2014-06-22 21:38:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2014-06-22 21:38:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2014-06-22 21:38:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2014-06-22 21:38:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2014-06-22 21:38:39 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2014-06-22 21:38:39 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2014-06-22 21:38:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2014-06-22 21:38:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2014-06-22 21:38:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2014-06-22 21:37:43 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2014-06-22 21:37:43 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2014-06-22 21:36:14 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2014-06-22 21:36:14 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2014-06-22 21:36:14 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2014-06-22 21:36:10 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2014-06-22 21:36:10 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe [2014-06-22 21:36:08 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2014-06-22 21:36:03 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2014-06-22 21:36:02 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll [2014-06-22 21:36:01 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2014-06-22 21:36:00 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2014-06-22 21:36:00 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2014-06-22 21:35:54 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2014-06-22 21:35:51 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2014-06-22 21:35:50 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2014-06-22 21:35:49 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2014-06-22 21:35:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2014-06-22 21:35:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2014-06-22 21:35:44 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2014-06-22 21:35:28 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2014-06-22 21:35:27 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2014-06-22 21:23:46 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2014-06-22 21:23:46 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2014-06-22 21:15:09 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2014-06-22 21:15:09 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2014-06-22 20:51:25 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2014-06-22 20:51:25 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2014-06-22 20:51:25 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2014-06-22 20:51:10 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2014-06-22 20:51:10 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2014-06-22 20:51:10 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2014-06-22 20:50:59 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2014-06-22 20:50:59 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [1 C:\Users\alex\AppData\Local\*.tmp files -> C:\Users\alex\AppData\Local\*.tmp -> ] [color=#E56717]========== Files - Modified Within 90 Days ==========[/color] [2014-09-20 17:43:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-09-20 17:21:03 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-09-20 17:12:54 | 000,007,605 | ---- | M] () -- C:\Users\alex\AppData\Local\Resmon.ResmonCfg [2014-09-20 16:55:30 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-09-20 16:55:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-09-19 18:03:08 | 000,018,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-09-19 18:03:08 | 000,018,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-09-19 17:58:23 | 001,863,116 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014-09-19 17:58:23 | 000,808,858 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2014-09-19 17:58:23 | 000,722,674 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014-09-19 17:58:23 | 000,182,460 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2014-09-19 17:58:23 | 000,148,338 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014-09-19 17:52:33 | 3148,419,072 | -HS- | M] () -- C:\hiberfil.sys [2014-09-19 16:47:51 | 000,008,040 | ---- | M] () -- C:\Users\alex\AppData\Local\recently-used.xbel [2014-09-19 16:36:18 | 000,001,053 | ---- | M] () -- C:\Users\alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-09-12 22:42:18 | 000,017,010 | ---- | M] () -- C:\Users\alex\Desktop\meiun.odt [2014-09-11 00:21:15 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2014-09-11 00:21:15 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2014-08-08 16:59:29 | 000,000,000 | ---- | M] () -- C:\Users\alex\AppData\Local\{A98F6B1C-7EFA-4E54-945D-A009A43FAFB6} [2014-08-07 22:38:52 | 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\Arduino.lnk [2014-08-07 22:33:25 | 000,001,601 | ---- | M] () -- C:\Users\alex\scanxlelm.cfg [2014-08-05 18:21:02 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2014-08-05 18:21:00 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2014-08-05 18:21:00 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2014-08-05 18:21:00 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2014-08-03 23:16:16 | 000,393,929 | ---- | M] () -- C:\Users\alex\Desktop\Untitled-1.psd [2014-08-01 20:23:14 | 001,840,363 | ---- | M] () -- C:\Users\alex\Desktop\logotyp2.psd [2014-08-01 20:22:50 | 000,303,414 | ---- | M] () -- C:\Users\alex\Desktop\logotyp.psd [2014-08-01 14:09:30 | 000,015,048 | ---- | M] () -- C:\Users\alex\Desktop\bizonpromo.odt [2014-08-01 10:17:28 | 005,883,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014-07-31 17:19:24 | 000,007,168 | ---- | M] () -- C:\ProgramData\ppe_fleetdb.vdb [2014-07-24 19:55:38 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\OFICJALNE TESTY EGZAMINACYJNE PWPW.lnk [2014-06-23 21:48:20 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll [2014-06-23 21:48:19 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll [2014-06-23 21:31:14 | 001,839,254 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2014-06-23 11:40:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2014-06-23 11:40:04 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2014-06-23 11:40:04 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2014-06-23 11:40:04 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2014-06-23 11:40:04 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2014-06-23 11:40:04 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2014-06-23 11:40:04 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2014-06-23 11:40:04 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2014-06-23 11:40:04 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2014-06-23 11:40:04 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2014-06-23 11:40:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2014-06-23 11:40:04 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2014-06-23 11:40:04 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2014-06-23 11:40:04 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2014-06-23 11:40:04 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2014-06-23 11:40:04 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2014-06-23 11:40:04 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2014-06-23 11:40:04 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2014-06-23 11:40:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2014-06-23 11:40:04 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2014-06-23 11:40:04 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2014-06-23 11:40:04 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2014-06-23 11:40:04 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2014-06-23 11:40:04 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2014-06-23 11:40:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2014-06-23 11:40:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2014-06-23 11:40:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2014-06-23 11:40:04 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2014-06-23 11:40:04 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2014-06-23 11:40:04 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2014-06-23 11:40:04 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2014-06-23 11:40:04 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2014-06-23 11:40:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2014-06-23 11:40:04 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2014-06-23 11:40:04 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2014-06-23 11:40:04 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2014-06-23 11:40:03 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2014-06-23 11:40:03 | 002,338,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014-06-23 11:40:03 | 001,494,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2014-06-23 11:40:03 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2014-06-23 11:40:03 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2014-06-23 11:40:03 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2014-06-23 11:40:03 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014-06-23 11:40:03 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2014-06-23 11:40:03 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2014-06-23 11:40:03 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2014-06-23 11:40:03 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2014-06-23 11:40:03 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2014-06-23 11:40:03 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2014-06-23 11:40:03 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2014-06-23 11:40:03 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2014-06-23 11:40:03 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2014-06-23 11:40:03 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2014-06-23 11:40:03 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2014-06-23 11:40:03 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2014-06-23 11:40:03 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2014-06-23 11:40:03 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2014-06-23 11:40:03 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2014-06-23 11:40:03 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2014-06-23 11:40:03 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2014-06-23 11:40:03 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2014-06-23 11:40:03 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2014-06-23 11:40:03 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2014-06-23 11:40:03 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2014-06-23 11:40:03 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2014-06-23 11:40:03 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2014-06-23 11:40:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2014-06-23 11:40:03 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2014-06-23 11:40:03 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2014-06-23 11:40:03 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2014-06-23 11:40:03 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014-06-23 11:40:03 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2014-06-23 11:40:03 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2014-06-23 11:40:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [1 C:\Users\alex\AppData\Local\*.tmp files -> C:\Users\alex\AppData\Local\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-09-19 16:47:51 | 000,008,040 | ---- | C] () -- C:\Users\alex\AppData\Local\recently-used.xbel [2014-09-12 22:42:16 | 000,017,010 | ---- | C] () -- C:\Users\alex\Desktop\meiun.odt [2014-08-08 16:59:09 | 000,000,000 | ---- | C] () -- C:\Users\alex\AppData\Local\{A98F6B1C-7EFA-4E54-945D-A009A43FAFB6} [2014-08-07 22:38:52 | 000,000,963 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arduino.lnk [2014-08-07 22:38:52 | 000,000,951 | ---- | C] () -- C:\Users\Public\Desktop\Arduino.lnk [2014-08-03 23:16:15 | 000,393,929 | ---- | C] () -- C:\Users\alex\Desktop\Untitled-1.psd [2014-08-01 20:23:12 | 001,840,363 | ---- | C] () -- C:\Users\alex\Desktop\logotyp2.psd [2014-08-01 10:40:47 | 000,015,048 | ---- | C] () -- C:\Users\alex\Desktop\bizonpromo.odt [2014-07-31 20:11:38 | 000,303,414 | ---- | C] () -- C:\Users\alex\Desktop\logotyp.psd [2014-07-31 17:18:57 | 000,007,168 | ---- | C] () -- C:\ProgramData\ppe_fleetdb.vdb [2014-07-31 17:18:25 | 000,001,601 | ---- | C] () -- C:\Users\alex\scanxlelm.cfg [2014-07-24 19:55:38 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\OFICJALNE TESTY EGZAMINACYJNE PWPW.lnk [2014-07-08 21:39:06 | 000,077,781 | ---- | C] () -- C:\Users\alex\Desktop\Katalogi i blogi - linki.odt [2014-06-23 11:54:31 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2014-06-23 11:40:04 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2014-06-23 11:40:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2014-06-23 11:07:59 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2014-03-26 16:19:23 | 000,290,904 | ---- | C] () -- C:\Windows\SysWow64\vc6-re200l.dll [2014-01-04 03:53:51 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll [2014-01-04 03:53:51 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys [2013-03-15 00:28:53 | 000,065,592 | ---- | C] () -- C:\Users\alex\AppData\Roaming\Camdata.ini [2013-03-15 00:28:53 | 000,000,408 | ---- | C] () -- C:\Users\alex\AppData\Roaming\CamShapes.ini [2013-03-15 00:28:53 | 000,000,408 | ---- | C] () -- C:\Users\alex\AppData\Roaming\CamLayout.ini [2013-03-15 00:10:58 | 000,004,522 | ---- | C] () -- C:\Users\alex\AppData\Roaming\CamStudio.cfg [2012-05-29 16:36:53 | 000,007,605 | ---- | C] () -- C:\Users\alex\AppData\Local\Resmon.ResmonCfg [2012-05-26 18:33:44 | 000,000,600 | ---- | C] () -- C:\Users\alex\AppData\Roaming\winscp.rnd [2012-05-12 20:39:15 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2012-01-28 23:44:48 | 000,005,632 | ---- | C] () -- C:\Users\alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-10-19 12:53:09 | 000,083,229 | ---- | C] () -- C:\Users\alex\neostrada_990696156611.pdf [2011-10-19 10:19:00 | 000,001,131 | ---- | C] () -- C:\Users\alex\umk.cer [2011-10-19 10:18:38 | 000,024,706 | ---- | C] () -- C:\Users\alex\vista.htm [2011-09-03 22:32:20 | 003,097,252 | ---- | C] () -- C:\Users\alex\GE620_Polish.pdf [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2011-07-13 10:49:38 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\.wtw [2014-08-07 22:39:42 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Arduino [2011-09-03 21:34:00 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Ashampoo [2012-07-18 13:11:54 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Autodesk [2012-05-15 13:47:55 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\BESTplayer [2012-06-18 18:31:48 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\CAD-KAS [2012-11-17 00:15:46 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\com.adobe.ExMan [2014-02-01 19:43:40 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\DAEMON Tools Lite [2012-07-06 11:05:30 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Downloaded Installations [2014-09-19 17:53:42 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Dropbox [2014-03-30 01:08:10 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\e-academy Inc [2013-03-12 13:35:22 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\eDownload [2014-09-14 12:29:48 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\ESET [2014-09-12 21:41:40 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\foobar2000 [2013-12-23 02:54:17 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\fp [2012-11-01 22:05:29 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Free Monitor for Google [2014-01-13 04:06:04 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\GG [2012-06-29 14:58:26 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\GHISLER [2012-11-01 19:17:26 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\InsERT GT [2013-04-05 20:35:01 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\ipla [2013-12-10 23:32:50 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\IrfanView [2013-03-29 18:47:42 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\LibreOffice [2012-08-18 18:59:14 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\MAGIX [2012-06-18 18:17:54 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Nitro PDF [2012-02-18 00:04:19 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Notepad++ [2011-07-13 17:38:15 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\OpenOffice.org [2012-07-30 19:51:01 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Opera [2012-08-19 00:06:31 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Publish Providers [2012-04-28 11:31:42 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Samsung [2012-10-25 00:39:56 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\ScrapeBox Link Checker Free Edition [2012-08-19 13:07:06 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Sony [2013-12-09 14:15:42 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\TeamViewer [2012-09-02 22:40:28 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Temp [2014-07-24 19:59:24 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Testy.2014.PWPW [2012-05-12 15:32:22 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Thunderbird [2014-08-31 21:55:56 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\uTorrent [2014-09-14 20:54:48 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\XnView [2012-11-14 14:19:57 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\ipla [2012-08-15 14:05:02 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Opera [2012-11-14 14:24:54 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Software Informer [color=#E56717]========== Purity Check ==========[/color] < End of report >

Kod: Zaznacz wszystko: OTL logfile created on: 2014-09-20 18:04:12 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = J:\Pobierane 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,91 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 31,07% Memory free 7,82 Gb Paging File | 4,58 Gb Available in Paging File | 58,64% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 58,57 Gb Total Space | 10,10 Gb Free Space | 17,25% Space Free | Partition Type: NTFS Drive E: | 50,00 Gb Total Space | 14,97 Gb Free Space | 29,93% Space Free | Partition Type: NTFS Drive J: | 100,00 Gb Total Space | 46,63 Gb Free Space | 46,63% Space Free | Partition Type: NTFS Drive K: | 100,00 Gb Total Space | 67,19 Gb Free Space | 67,19% Space Free | Partition Type: NTFS Drive L: | 157,19 Gb Total Space | 32,87 Gb Free Space | 20,91% Space Free | Partition Type: NTFS Computer Name: ALEX-KOMPUTER | User Name: alex | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-09-20 17:16:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- J:\Pobierane\OTL.exe PRC - [2014-09-20 17:15:48 | 000,380,416 | ---- | M] () -- J:\Pobierane\20fb4p7l.exe PRC - [2014-09-19 08:10:10 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2014-09-13 02:52:04 | 036,414,624 | ---- | M] (Dropbox, Inc.) -- C:\Users\alex\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2013-07-26 12:21:17 | 000,446,208 | ---- | M] () -- C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe PRC - [2013-05-27 18:51:34 | 000,246,112 | ---- | M] () -- C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe PRC - [2013-03-21 15:19:46 | 001,341,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2012-08-17 17:48:44 | 000,019,456 | ---- | M] (Clarus, Inc.) -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe PRC - [2012-08-17 17:48:16 | 000,135,168 | ---- | M] (Clarus, Inc.) -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe PRC - [2012-07-25 03:51:06 | 000,655,712 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe PRC - [2012-07-05 19:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-04-12 05:27:08 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE PRC - [2011-06-24 13:52:26 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\S-Bar\MSIService.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-04-08 08:01:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-03-14 17:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2010-11-17 03:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-09-20 17:15:48 | 000,380,416 | ---- | M] () -- J:\Pobierane\20fb4p7l.exe MOD - [2014-09-19 17:53:27 | 000,043,008 | ---- | M] () -- c:\users\alex\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpofne7r.dll MOD - [2014-09-19 08:10:07 | 003,734,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2014-09-13 02:20:58 | 003,610,624 | ---- | M] () -- C:\Users\alex\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll MOD - [2013-08-23 21:01:44 | 025,100,288 | ---- | M] () -- C:\Users\alex\AppData\Roaming\Dropbox\bin\libcef.dll MOD - [2013-07-26 12:21:17 | 000,446,208 | ---- | M] () -- C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2013-10-23 14:26:28 | 002,572,072 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent) SRV:[b]64bit:[/b] - [2013-03-21 15:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2012-05-12 20:38:40 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2010-11-30 13:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2014-09-19 08:10:07 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-09-11 00:21:15 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-05-27 18:51:34 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc) SRV - [2012-08-17 17:48:44 | 000,019,456 | ---- | M] (Clarus, Inc.) [Auto | Running] -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe -- (SZDrvSvc) SRV - [2012-07-25 03:51:06 | 000,655,712 | ---- | M] () [Auto | Stopped] -- L:\Programy\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc) SRV - [2012-07-05 19:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-04-12 05:27:08 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc) SRV - [2011-07-13 17:27:56 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-06-24 13:52:26 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\S-Bar\MSIService.exe -- (Micro Star SCM) SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-04-08 08:01:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-03-14 17:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008-08-07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2007-05-31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2014-02-01 20:21:35 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2013-05-12 15:04:02 | 000,267,776 | ---- | M] (Jungo Connectivity) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\windrvr6.sys -- (WinDriver6) DRV:[b]64bit:[/b] - [2013-02-14 12:21:06 | 000,058,416 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:[b]64bit:[/b] - [2013-02-14 12:21:04 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:[b]64bit:[/b] - [2013-02-12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2013-01-10 09:25:22 | 000,190,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:[b]64bit:[/b] - [2013-01-10 09:25:22 | 000,059,440 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF) DRV:[b]64bit:[/b] - [2013-01-10 09:25:20 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2012-09-20 06:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:[b]64bit:[/b] - [2012-09-20 06:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:[b]64bit:[/b] - [2012-07-04 01:11:52 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2012-06-27 10:37:56 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm) DRV:[b]64bit:[/b] - [2012-06-27 10:37:56 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdm.sys -- (ss_mdm) DRV:[b]64bit:[/b] - [2012-06-27 10:37:56 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd) DRV:[b]64bit:[/b] - [2012-06-27 10:37:56 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) DRV:[b]64bit:[/b] - [2012-06-27 10:37:56 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bus.sys -- (ss_bus) DRV:[b]64bit:[/b] - [2012-06-27 10:37:56 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl) DRV:[b]64bit:[/b] - [2012-06-27 10:37:56 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdfl.sys -- (ss_mdfl) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-17 23:24:47 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri) DRV:[b]64bit:[/b] - [2012-02-17 23:24:19 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:[b]64bit:[/b] - [2012-02-17 23:24:19 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:[b]64bit:[/b] - [2011-12-02 14:23:22 | 000,223,744 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm) DRV:[b]64bit:[/b] - [2011-09-09 11:51:02 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:[b]64bit:[/b] - [2011-09-09 11:51:02 | 000,072,192 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys -- (huawei_cdcecm) DRV:[b]64bit:[/b] - [2011-09-09 11:51:02 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV:[b]64bit:[/b] - [2011-09-09 11:51:00 | 000,098,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV:[b]64bit:[/b] - [2011-08-16 17:17:46 | 000,223,232 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:[b]64bit:[/b] - [2011-07-13 01:34:18 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt) DRV:[b]64bit:[/b] - [2011-07-13 01:27:49 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2011-07-13 01:27:27 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2011-06-10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011-04-08 08:01:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2011-03-15 18:09:16 | 000,311,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-12-10 07:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:[b]64bit:[/b] - [2010-12-10 07:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-10-19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2010-07-27 09:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:[b]64bit:[/b] - [2010-04-03 10:30:40 | 000,313,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0150.sys -- (RsFx0150) DRV:[b]64bit:[/b] - [2010-03-20 12:06:58 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV:[b]64bit:[/b] - [2009-10-05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2008-05-16 13:33:06 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdm.sys -- (s0016mdm) DRV:[b]64bit:[/b] - [2008-05-16 13:33:06 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016unic.sys -- (s0016unic) DRV:[b]64bit:[/b] - [2008-05-16 13:33:06 | 000,137,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mgmt.sys -- (s0016mgmt) DRV:[b]64bit:[/b] - [2008-05-16 13:33:06 | 000,136,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016obex.sys -- (s0016obex) DRV:[b]64bit:[/b] - [2008-05-16 13:33:06 | 000,034,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016nd5.sys -- (s0016nd5) DRV:[b]64bit:[/b] - [2008-05-16 13:33:04 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdfl.sys -- (s0016mdfl) DRV:[b]64bit:[/b] - [2008-05-16 13:32:56 | 000,115,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016bus.sys -- (s0016bus) DRV - [2013-10-30 05:16:30 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2012-06-21 14:58:20 | 000,020,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys -- (mdf16) DRV - [2012-06-21 14:58:10 | 000,099,248 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys -- (mvd23) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{776D17D3-1DA0-4981-AE90-A01FDEF5D2A3}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2527288125-292897534-329591378-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKU\S-1-5-21-2527288125-292897534-329591378-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2527288125-292897534-329591378-1000\..\SearchScopes\{776D17D3-1DA0-4981-AE90-A01FDEF5D2A3}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2527288125-292897534-329591378-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2527288125-292897534-329591378-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2527288125-292897534-329591378-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2527288125-292897534-329591378-1001\..\SearchScopes\{776D17D3-1DA0-4981-AE90-A01FDEF5D2A3}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2527288125-292897534-329591378-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2527288125-292897534-329591378-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.popkiller.pl/" FF - prefs.js..extensions.enabledAddons: pagerank%40any-tech.ws:1.1.1 FF - prefs.js..extensions.enabledAddons: yslow%40yahoo-inc.com:3.1.8 FF - prefs.js..extensions.enabledAddons: %7B7C9AE782-DB21-4e40-81FB-AD8A53A6233A%7D:1.83 FF - prefs.js..extensions.enabledAddons: %7Bc2b1f3ae-5cd5-49b7-8a0c-2c3bcbbbb294%7D:1.1 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.2 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: J:\Programy\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\alex\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014-09-19 08:09:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-09-19 08:09:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-05-12 15:29:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-09-14 12:27:09 | 000,000,000 | ---D | M] [2011-07-13 01:42:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\Extensions [2014-09-06 23:21:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\Firefox\Profiles\y61ym9mu.default\extensions [2013-06-09 12:50:15 | 000,000,000 | ---D | M] (Screenshot Pimp) -- C:\Users\alex\AppData\Roaming\mozilla\Firefox\Profiles\y61ym9mu.default\extensions\{056d0610-e44d-11df-bccf-0800200c9a66} [2014-09-03 18:14:39 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\alex\AppData\Roaming\mozilla\Firefox\Profiles\y61ym9mu.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [2014-05-13 22:21:35 | 000,000,000 | ---D | M] (Lightshot (screenshot tool)) -- C:\Users\alex\AppData\Roaming\mozilla\Firefox\Profiles\y61ym9mu.default\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} [2014-09-06 10:29:03 | 000,068,119 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\dnscache@dominik.jungowski.xpi [2014-09-06 23:21:47 | 004,222,513 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\firebug@software.joehewitt.com.xpi [2014-08-30 10:30:28 | 000,447,398 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\jid0-jJRRRBMgoShUhb07IvnxTBAl29w@jetpack.xpi [2013-10-20 13:21:37 | 000,203,788 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\jid0-SAMLlzwG5OuSfGwYx8EVjBUykLw@jetpack.xpi [2014-05-11 21:17:26 | 000,037,933 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\jid0-Z0Vu9hJlqV0fhIAPqPfmUCNubYQ@jetpack.xpi [2012-07-31 00:36:34 | 000,022,179 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\pagerank@any-tech.ws.xpi [2012-10-27 01:08:57 | 000,039,447 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\seotoolbar@seo-sem.com.xpi [2013-12-14 01:41:20 | 000,201,121 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\yslow@yahoo-inc.com.xpi [2012-09-24 11:32:43 | 000,164,858 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2012-10-27 00:43:11 | 000,015,459 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\{7C9AE782-DB21-4e40-81FB-AD8A53A6233A}.xpi [2012-09-29 13:00:01 | 000,003,170 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\{c2b1f3ae-5cd5-49b7-8a0c-2c3bcbbbb294}.xpi [2014-08-22 22:31:48 | 000,434,656 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-07-23 18:06:43 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-06 22:54:42 | 000,558,500 | ---- | M] () (No name found) -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi [2013-06-23 23:42:31 | 000,002,281 | ---- | M] () -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\searchplugins\s-amazon.xml [2012-10-27 00:56:25 | 000,005,306 | ---- | M] () -- C:\Users\alex\AppData\Roaming\mozilla\firefox\profiles\y61ym9mu.default\searchplugins\whois-ip-address.xml [2014-09-19 08:09:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2014-09-19 08:09:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-19 08:09:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-19 08:09:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-09-19 08:09:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2014-09-19 08:10:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin5.dll CHR - plugin: MicrosoftÂ® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: Wolfram Mathematica (Enabled) = C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\alex\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Picasa (Enabled) = J:\Programy\Picasa3\npPicasa3.dll CHR - default_search_provider: 5ACB26E9BBD335614508F8963803897EF9F266B61E70180147088601743664F7 (Enabled) CHR - default_search_provider: search_url = AF7723C04CBF7980B17062E2ED86CBCA9DAF168C0F78A230EAD8BE28206AD4DA CHR - default_search_provider: suggest_url = CHR - homepage: DF2F37A9770B9DD888819153338BB658C424BA1CEC9A89E50AE504817985DE42 CHR - Extension: 22find = C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijblflkdjdopkpdgllkmlbgcffjbnfda\2.0.1_0\ CHR - Extension: Skype Click to Call = C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\ CHR - Extension: Google Wallet = C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [CancelAutoPlay_df] C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe () O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2527288125-292897534-329591378-1001..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKU\S-1-5-21-2527288125-292897534-329591378-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2527288125-292897534-329591378-1001..\Run: [Software Informer] "C:\Program Files (x86)\Software Informer\softinfo.exe" -autorun File not found O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - Startup: C:\Users\alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\alex\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16:[b]64bit:[/b] - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.67.2) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.67.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B4002A4-6818-4AB8-B1C2-9FA4C614123A}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98C0B992-44A2-49DD-A2FB-CD9ECD636C42}: NameServer = 193.41.112.14 193.41.112.18 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CB2ECE6-DE04-456F-B69E-DE0F91B4339A}: NameServer = 193.41.112.18 193.41.112.14 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB53E2F3-24CB-4394-A9EC-09C5C45AEA4C}: NameServer = 193.41.112.18 193.41.112.14 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC652FC8-E38F-4AA5-9EAA-C7A4C18A32FF}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB73BF0E-46B4-49BE-A855-09411E59F287}: DhcpNameServer = 192.168.0.1 O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2014-08-04 22:04:49 | 000,253,749 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color] [2014-09-19 08:09:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2014-09-18 19:50:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2014-09-18 19:50:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2014-09-15 12:03:25 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Local\gtk-2.0 [2014-09-14 12:29:48 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Roaming\ESET [2014-09-14 12:29:48 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Local\ESET [2014-09-14 12:26:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [2014-09-14 12:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2014-09-14 12:26:56 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2014-08-23 12:04:50 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Local\Adobe [2014-08-07 22:39:42 | 000,000,000 | ---D | C] -- C:\Users\alex\Documents\Arduino [2014-08-07 22:39:42 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Roaming\Arduino [2014-08-07 22:37:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Arduino [2014-08-05 18:21:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2014-08-05 18:21:20 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2014-08-05 18:21:10 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2014-07-31 17:18:20 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2014-07-31 17:17:38 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ScanXL-ELM [2014-07-31 17:17:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScanXLELM [2014-07-31 17:17:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2014-07-24 19:59:24 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Roaming\Testy.2014.PWPW [2014-07-24 19:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ekierowca [2014-07-24 19:50:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ekierowca [2014-07-23 18:10:43 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2014-07-23 18:10:43 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2014-07-01 22:04:34 | 000,000,000 | ---D | C] -- C:\Users\alex\Documents\Lightshot [2014-06-23 11:54:30 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2014-06-23 11:54:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2014-06-23 11:40:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2014-06-23 11:40:04 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2014-06-23 11:40:04 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2014-06-23 11:40:04 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2014-06-23 11:40:04 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2014-06-23 11:40:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2014-06-23 11:40:04 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2014-06-23 11:40:04 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2014-06-23 11:40:04 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2014-06-23 11:40:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2014-06-23 11:40:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2014-06-23 11:40:04 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2014-06-23 11:40:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2014-06-23 11:40:04 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2014-06-23 11:40:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2014-06-23 11:40:04 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2014-06-23 11:40:04 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2014-06-23 11:40:04 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2014-06-23 11:40:04 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2014-06-23 11:40:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2014-06-23 11:40:04 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2014-06-23 11:40:04 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2014-06-23 11:40:04 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2014-06-23 11:40:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2014-06-23 11:40:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2014-06-23 11:40:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2014-06-23 11:40:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2014-06-23 11:40:04 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2014-06-23 11:40:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2014-06-23 11:40:04 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2014-06-23 11:40:04 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2014-06-23 11:40:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2014-06-23 11:40:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2014-06-23 11:40:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2014-06-23 11:40:04 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2014-06-23 11:40:03 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2014-06-23 11:40:03 | 002,338,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014-06-23 11:40:03 | 001,494,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2014-06-23 11:40:03 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2014-06-23 11:40:03 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2014-06-23 11:40:03 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2014-06-23 11:40:03 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014-06-23 11:40:03 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2014-06-23 11:40:03 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2014-06-23 11:40:03 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2014-06-23 11:40:03 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2014-06-23 11:40:03 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2014-06-23 11:40:03 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2014-06-23 11:40:03 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2014-06-23 11:40:03 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2014-06-23 11:40:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2014-06-23 11:40:03 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2014-06-23 11:40:03 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2014-06-23 11:40:03 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2014-06-23 11:40:03 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2014-06-23 11:40:03 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2014-06-23 11:40:03 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2014-06-23 11:40:03 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2014-06-23 11:40:03 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2014-06-23 11:40:03 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2014-06-23 11:40:03 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2014-06-23 11:40:03 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2014-06-23 11:40:03 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2014-06-23 11:40:03 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2014-06-23 11:40:03 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2014-06-23 11:40:03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2014-06-23 11:40:03 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2014-06-23 11:40:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2014-06-23 11:40:03 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014-06-23 11:40:03 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2014-06-23 11:40:03 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2014-06-23 11:40:03 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2014-06-23 11:19:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2014-06-23 11:18:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2014-06-23 11:09:01 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2014-06-23 11:09:01 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2014-06-23 11:09:01 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2014-06-23 11:09:01 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2014-06-23 11:07:59 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2014-06-23 11:07:59 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2014-06-23 11:07:59 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2014-06-23 11:07:59 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2014-06-23 10:50:13 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2014-06-23 10:50:13 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2014-06-22 21:42:56 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2014-06-22 21:42:55 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2014-06-22 21:42:51 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2014-06-22 21:42:50 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2014-06-22 21:42:50 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2014-06-22 21:42:48 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2014-06-22 21:42:48 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2014-06-22 21:42:48 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2014-06-22 21:42:48 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2014-06-22 21:42:48 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2014-06-22 21:42:48 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2014-06-22 21:42:48 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2014-06-22 21:42:48 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2014-06-22 21:42:48 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2014-06-22 21:42:46 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2014-06-22 21:42:36 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2014-06-22 21:42:36 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2014-06-22 21:42:34 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2014-06-22 21:42:34 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2014-06-22 21:42:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2014-06-22 21:42:34 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2014-06-22 21:41:45 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2014-06-22 21:41:45 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2014-06-22 21:41:44 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2014-06-22 21:41:44 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2014-06-22 21:41:38 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2014-06-22 21:41:29 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2014-06-22 21:41:29 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2014-06-22 21:41:04 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2014-06-22 21:41:04 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2014-06-22 21:40:45 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rndismpx.sys [2014-06-22 21:40:45 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023x.sys [2014-06-22 21:40:45 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2014-06-22 21:40:44 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2014-06-22 21:40:44 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2014-06-22 21:40:44 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2014-06-22 21:40:43 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2014-06-22 21:40:42 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2014-06-22 21:40:42 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2014-06-22 21:40:42 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2014-06-22 21:40:39 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\profprov.dll [2014-06-22 21:40:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2014-06-22 21:40:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2014-06-22 21:39:48 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2014-06-22 21:39:48 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2014-06-22 21:39:48 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnaddr.dll [2014-06-22 21:39:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnaddr.dll [2014-06-22 21:39:46 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2014-06-22 21:39:44 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2014-06-22 21:39:42 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2014-06-22 21:39:41 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2014-06-22 21:39:41 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2014-06-22 21:39:41 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2014-06-22 21:39:41 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2014-06-22 21:39:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2014-06-22 21:39:32 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2014-06-22 21:39:28 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2014-06-22 21:39:28 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2014-06-22 21:39:25 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2014-06-22 21:39:25 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2014-06-22 21:39:25 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2014-06-22 21:39:25 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2014-06-22 21:39:25 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2014-06-22 21:39:25 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2014-06-22 21:39:25 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2014-06-22 21:39:25 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2014-06-22 21:39:25 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2014-06-22 21:39:25 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2014-06-22 21:39:25 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2014-06-22 21:39:25 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2014-06-22 21:39:25 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2014-06-22 21:39:25 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2014-06-22 21:39:25 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2014-06-22 21:39:25 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2014-06-22 21:39:25 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2014-06-22 21:39:25 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2014-06-22 21:39:25 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2014-06-22 21:39:25 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2014-06-22 21:39:25 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2014-06-22 21:39:25 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2014-06-22 21:39:25 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2014-06-22 21:39:25 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2014-06-22 21:39:24 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2014-06-22 21:39:24 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2014-06-22 21:39:24 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2014-06-22 21:39:24 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2014-06-22 21:39:24 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2014-06-22 21:39:24 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2014-06-22 21:39:24 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2014-06-22 21:39:24 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2014-06-22 21:39:12 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2014-06-22 21:39:12 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2014-06-22 21:39:12 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax [2014-06-22 21:39:12 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax [2014-06-22 21:39:11 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax [2014-06-22 21:39:11 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax [2014-06-22 21:39:11 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax [2014-06-22 21:39:11 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax [2014-06-22 21:39:11 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax [2014-06-22 21:39:11 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax [2014-06-22 21:38:48 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2014-06-22 21:38:40 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2014-06-22 21:38:40 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2014-06-22 21:38:40 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2014-06-22 21:38:39 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2014-06-22 21:38:39 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2014-06-22 21:38:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2014-06-22 21:38:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2014-06-22 21:38:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2014-06-22 21:38:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2014-06-22 21:38:39 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2014-06-22 21:38:39 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2014-06-22 21:38:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2014-06-22 21:38:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2014-06-22 21:38:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2014-06-22 21:38:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2014-06-22 21:38:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2014-06-22 21:38:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2014-06-22 21:37:43 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2014-06-22 21:37:43 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2014-06-22 21:36:14 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2014-06-22 21:36:14 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2014-06-22 21:36:14 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2014-06-22 21:36:10 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2014-06-22 21:36:10 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe [2014-06-22 21:36:08 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2014-06-22 21:36:03 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2014-06-22 21:36:02 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll [2014-06-22 21:36:01 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2014-06-22 21:36:00 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2014-06-22 21:36:00 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2014-06-22 21:35:54 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2014-06-22 21:35:51 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2014-06-22 21:35:50 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2014-06-22 21:35:49 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2014-06-22 21:35:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2014-06-22 21:35:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2014-06-22 21:35:44 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2014-06-22 21:35:28 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2014-06-22 21:35:27 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2014-06-22 21:23:46 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2014-06-22 21:23:46 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2014-06-22 21:15:09 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2014-06-22 21:15:09 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2014-06-22 20:51:25 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2014-06-22 20:51:25 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2014-06-22 20:51:25 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2014-06-22 20:51:10 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2014-06-22 20:51:10 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2014-06-22 20:51:10 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2014-06-22 20:50:59 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2014-06-22 20:50:59 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [1 C:\Users\alex\AppData\Local\*.tmp files -> C:\Users\alex\AppData\Local\*.tmp -> ] [color=#E56717]========== Files - Modified Within 90 Days ==========[/color] [2014-09-20 17:43:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-09-20 17:21:03 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-09-20 17:12:54 | 000,007,605 | ---- | M] () -- C:\Users\alex\AppData\Local\Resmon.ResmonCfg [2014-09-20 16:55:30 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-09-20 16:55:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-09-19 18:03:08 | 000,018,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-09-19 18:03:08 | 000,018,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-09-19 17:58:23 | 001,863,116 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014-09-19 17:58:23 | 000,808,858 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2014-09-19 17:58:23 | 000,722,674 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014-09-19 17:58:23 | 000,182,460 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2014-09-19 17:58:23 | 000,148,338 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014-09-19 17:52:33 | 3148,419,072 | -HS- | M] () -- C:\hiberfil.sys [2014-09-19 16:47:51 | 000,008,040 | ---- | M] () -- C:\Users\alex\AppData\Local\recently-used.xbel [2014-09-19 16:36:18 | 000,001,053 | ---- | M] () -- C:\Users\alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-09-12 22:42:18 | 000,017,010 | ---- | M] () -- C:\Users\alex\Desktop\meiun.odt [2014-09-11 00:21:15 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2014-09-11 00:21:15 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2014-08-08 16:59:29 | 000,000,000 | ---- | M] () -- C:\Users\alex\AppData\Local\{A98F6B1C-7EFA-4E54-945D-A009A43FAFB6} [2014-08-07 22:38:52 | 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\Arduino.lnk [2014-08-07 22:33:25 | 000,001,601 | ---- | M] () -- C:\Users\alex\scanxlelm.cfg [2014-08-05 18:21:02 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2014-08-05 18:21:00 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2014-08-05 18:21:00 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2014-08-05 18:21:00 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2014-08-03 23:16:16 | 000,393,929 | ---- | M] () -- C:\Users\alex\Desktop\Untitled-1.psd [2014-08-01 20:23:14 | 001,840,363 | ---- | M] () -- C:\Users\alex\Desktop\logotyp2.psd [2014-08-01 20:22:50 | 000,303,414 | ---- | M] () -- C:\Users\alex\Desktop\logotyp.psd [2014-08-01 14:09:30 | 000,015,048 | ---- | M] () -- C:\Users\alex\Desktop\bizonpromo.odt [2014-08-01 10:17:28 | 005,883,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014-07-31 17:19:24 | 000,007,168 | ---- | M] () -- C:\ProgramData\ppe_fleetdb.vdb [2014-07-24 19:55:38 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\OFICJALNE TESTY EGZAMINACYJNE PWPW.lnk [2014-06-23 21:48:20 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll [2014-06-23 21:48:19 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll [2014-06-23 21:31:14 | 001,839,254 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2014-06-23 11:40:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2014-06-23 11:40:04 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2014-06-23 11:40:04 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2014-06-23 11:40:04 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2014-06-23 11:40:04 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2014-06-23 11:40:04 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2014-06-23 11:40:04 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2014-06-23 11:40:04 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2014-06-23 11:40:04 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2014-06-23 11:40:04 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2014-06-23 11:40:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2014-06-23 11:40:04 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2014-06-23 11:40:04 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2014-06-23 11:40:04 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2014-06-23 11:40:04 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2014-06-23 11:40:04 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2014-06-23 11:40:04 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2014-06-23 11:40:04 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2014-06-23 11:40:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2014-06-23 11:40:04 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2014-06-23 11:40:04 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2014-06-23 11:40:04 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2014-06-23 11:40:04 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2014-06-23 11:40:04 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2014-06-23 11:40:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2014-06-23 11:40:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2014-06-23 11:40:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2014-06-23 11:40:04 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2014-06-23 11:40:04 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2014-06-23 11:40:04 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2014-06-23 11:40:04 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2014-06-23 11:40:04 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2014-06-23 11:40:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2014-06-23 11:40:04 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2014-06-23 11:40:04 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2014-06-23 11:40:04 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2014-06-23 11:40:03 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2014-06-23 11:40:03 | 002,338,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014-06-23 11:40:03 | 001,494,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2014-06-23 11:40:03 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2014-06-23 11:40:03 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2014-06-23 11:40:03 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2014-06-23 11:40:03 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014-06-23 11:40:03 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2014-06-23 11:40:03 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2014-06-23 11:40:03 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2014-06-23 11:40:03 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2014-06-23 11:40:03 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2014-06-23 11:40:03 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2014-06-23 11:40:03 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2014-06-23 11:40:03 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2014-06-23 11:40:03 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2014-06-23 11:40:03 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2014-06-23 11:40:03 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2014-06-23 11:40:03 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2014-06-23 11:40:03 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2014-06-23 11:40:03 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2014-06-23 11:40:03 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2014-06-23 11:40:03 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2014-06-23 11:40:03 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2014-06-23 11:40:03 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2014-06-23 11:40:03 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2014-06-23 11:40:03 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2014-06-23 11:40:03 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2014-06-23 11:40:03 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2014-06-23 11:40:03 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2014-06-23 11:40:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2014-06-23 11:40:03 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2014-06-23 11:40:03 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2014-06-23 11:40:03 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2014-06-23 11:40:03 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014-06-23 11:40:03 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2014-06-23 11:40:03 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2014-06-23 11:40:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [1 C:\Users\alex\AppData\Local\*.tmp files -> C:\Users\alex\AppData\Local\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-09-19 16:47:51 | 000,008,040 | ---- | C] () -- C:\Users\alex\AppData\Local\recently-used.xbel [2014-09-12 22:42:16 | 000,017,010 | ---- | C] () -- C:\Users\alex\Desktop\meiun.odt [2014-08-08 16:59:09 | 000,000,000 | ---- | C] () -- C:\Users\alex\AppData\Local\{A98F6B1C-7EFA-4E54-945D-A009A43FAFB6} [2014-08-07 22:38:52 | 000,000,963 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arduino.lnk [2014-08-07 22:38:52 | 000,000,951 | ---- | C] () -- C:\Users\Public\Desktop\Arduino.lnk [2014-08-03 23:16:15 | 000,393,929 | ---- | C] () -- C:\Users\alex\Desktop\Untitled-1.psd [2014-08-01 20:23:12 | 001,840,363 | ---- | C] () -- C:\Users\alex\Desktop\logotyp2.psd [2014-08-01 10:40:47 | 000,015,048 | ---- | C] () -- C:\Users\alex\Desktop\bizonpromo.odt [2014-07-31 20:11:38 | 000,303,414 | ---- | C] () -- C:\Users\alex\Desktop\logotyp.psd [2014-07-31 17:18:57 | 000,007,168 | ---- | C] () -- C:\ProgramData\ppe_fleetdb.vdb [2014-07-31 17:18:25 | 000,001,601 | ---- | C] () -- C:\Users\alex\scanxlelm.cfg [2014-07-24 19:55:38 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\OFICJALNE TESTY EGZAMINACYJNE PWPW.lnk [2014-07-08 21:39:06 | 000,077,781 | ---- | C] () -- C:\Users\alex\Desktop\Katalogi i blogi - linki.odt [2014-06-23 11:54:31 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2014-06-23 11:40:04 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2014-06-23 11:40:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2014-06-23 11:07:59 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2014-03-26 16:19:23 | 000,290,904 | ---- | C] () -- C:\Windows\SysWow64\vc6-re200l.dll [2014-01-04 03:53:51 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll [2014-01-04 03:53:51 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys [2013-03-15 00:28:53 | 000,065,592 | ---- | C] () -- C:\Users\alex\AppData\Roaming\Camdata.ini [2013-03-15 00:28:53 | 000,000,408 | ---- | C] () -- C:\Users\alex\AppData\Roaming\CamShapes.ini [2013-03-15 00:28:53 | 000,000,408 | ---- | C] () -- C:\Users\alex\AppData\Roaming\CamLayout.ini [2013-03-15 00:10:58 | 000,004,522 | ---- | C] () -- C:\Users\alex\AppData\Roaming\CamStudio.cfg [2012-05-29 16:36:53 | 000,007,605 | ---- | C] () -- C:\Users\alex\AppData\Local\Resmon.ResmonCfg [2012-05-26 18:33:44 | 000,000,600 | ---- | C] () -- C:\Users\alex\AppData\Roaming\winscp.rnd [2012-05-12 20:39:15 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2012-01-28 23:44:48 | 000,005,632 | ---- | C] () -- C:\Users\alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-10-19 12:53:09 | 000,083,229 | ---- | C] () -- C:\Users\alex\neostrada_990696156611.pdf [2011-10-19 10:19:00 | 000,001,131 | ---- | C] () -- C:\Users\alex\umk.cer [2011-10-19 10:18:38 | 000,024,706 | ---- | C] () -- C:\Users\alex\vista.htm [2011-09-03 22:32:20 | 003,097,252 | ---- | C] () -- C:\Users\alex\GE620_Polish.pdf [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2011-07-13 10:49:38 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\.wtw [2014-08-07 22:39:42 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Arduino [2011-09-03 21:34:00 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Ashampoo [2012-07-18 13:11:54 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Autodesk [2012-05-15 13:47:55 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\BESTplayer [2012-06-18 18:31:48 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\CAD-KAS [2012-11-17 00:15:46 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\com.adobe.ExMan [2014-02-01 19:43:40 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\DAEMON Tools Lite [2012-07-06 11:05:30 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Downloaded Installations [2014-09-19 17:53:42 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Dropbox [2014-03-30 01:08:10 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\e-academy Inc [2013-03-12 13:35:22 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\eDownload [2014-09-14 12:29:48 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\ESET [2014-09-12 21:41:40 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\foobar2000 [2013-12-23 02:54:17 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\fp [2012-11-01 22:05:29 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Free Monitor for Google [2014-01-13 04:06:04 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\GG [2012-06-29 14:58:26 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\GHISLER [2012-11-01 19:17:26 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\InsERT GT [2013-04-05 20:35:01 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\ipla [2013-12-10 23:32:50 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\IrfanView [2013-03-29 18:47:42 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\LibreOffice [2012-08-18 18:59:14 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\MAGIX [2012-06-18 18:17:54 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Nitro PDF [2012-02-18 00:04:19 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Notepad++ [2011-07-13 17:38:15 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\OpenOffice.org [2012-07-30 19:51:01 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Opera [2012-08-19 00:06:31 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Publish Providers [2012-04-28 11:31:42 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Samsung [2012-10-25 00:39:56 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\ScrapeBox Link Checker Free Edition [2012-08-19 13:07:06 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Sony [2013-12-09 14:15:42 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\TeamViewer [2012-09-02 22:40:28 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Temp [2014-07-24 19:59:24 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Testy.2014.PWPW [2012-05-12 15:32:22 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Thunderbird [2014-08-31 21:55:56 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\uTorrent [2014-09-14 20:54:48 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\XnView [2012-11-14 14:19:57 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\ipla [2012-08-15 14:05:02 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Opera [2012-11-14 14:24:54 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Software Informer [color=#E56717]========== Purity Check ==========[/color] < End of report >

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2014-09-20 18:04:12 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = J:\Pobierane 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,91 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 31,07% Memory free 7,82 Gb Paging File | 4,58 Gb Available in Paging File | 58,64% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 58,57 Gb Total Space | 10,10 Gb Free Space | 17,25% Space Free | Partition Type: NTFS Drive E: | 50,00 Gb Total Space | 14,97 Gb Free Space | 29,93% Space Free | Partition Type: NTFS Drive J: | 100,00 Gb Total Space | 46,63 Gb Free Space | 46,63% Space Free | Partition Type: NTFS Drive K: | 100,00 Gb Total Space | 67,19 Gb Free Space | 67,19% Space Free | Partition Type: NTFS Drive L: | 157,19 Gb Total Space | 32,87 Gb Free Space | 20,91% Space Free | Partition Type: NTFS Computer Name: ALEX-KOMPUTER | User Name: alex | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-2527288125-292897534-329591378-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_USERS\S-1-5-21-2527288125-292897534-329591378-1001\SOFTWARE\Classes\<extension>] .scr [@ = Icad.load.scr] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{18447638-0E3D-4899-BD98-F61D346A594C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1D39E9FC-E6A8-4029-A463-74FE3B46D699}" = lport=445 | protocol=6 | dir=in | app=system | "{1DC17250-BA86-43EC-9961-97E1CD2B62BD}" = rport=10243 | protocol=6 | dir=out | app=system | "{22092A45-E9C7-4258-B9FD-2BB198C682EE}" = lport=2869 | protocol=6 | dir=in | app=system | "{3BAADB60-8F39-47A5-9075-D089747C5A87}" = lport=2869 | protocol=6 | dir=in | app=system | "{3E355E40-4EEE-4592-A18E-158908FAA8AC}" = rport=139 | protocol=6 | dir=out | app=system | "{411DE8E0-CC47-44CA-B272-899E8F9CB79A}" = lport=138 | protocol=17 | dir=in | app=system | "{464C090B-319E-4517-A6EE-1769C21CD372}" = rport=138 | protocol=17 | dir=out | app=system | "{4AD92867-37B6-49CE-9A88-E9DABC12AAC2}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{52F77CD5-CDE0-447B-95CD-2A70CA8CBD5E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{53F655A3-B994-46A2-B8AB-8A7573829B2A}" = lport=139 | protocol=6 | dir=in | app=system | "{5B8AD0F5-131B-4204-A056-E51A571D9A64}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{70714675-0094-47FB-A789-6ECBA6F39629}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{72936876-E313-4004-99C7-00CF51FC3582}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{735DA0B4-7095-4F01-98E3-AFF2710EB475}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{7CD115CA-881E-472D-8459-9DBF03FEB948}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7D2FA67E-C77D-4BC4-B54C-725736D533A1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8CB1203B-1BF7-47FB-8A3E-B1487F79BE7C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{A20AA907-9832-470C-8564-6D888E50FEEC}" = lport=137 | protocol=17 | dir=in | app=system | "{A81CA867-903C-40E9-9739-F2FDE81D72EF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CAFF83A9-8F0B-4423-8533-37299C9FB5FD}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{D1EDD1A4-4B04-45AE-8BA4-14E5DB57B1D1}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | "{DA5BD08E-3188-4581-8558-2A8C613F3FB8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E39CED68-E4F5-4DC8-8BA2-59E935C40370}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E3AD8EE7-4CE8-49A4-8666-473188CA5294}" = rport=137 | protocol=17 | dir=out | app=system | "{E52925FB-5D72-4813-A28D-FF43586A48BC}" = lport=10243 | protocol=6 | dir=in | app=system | "{E56A85C0-42DE-4174-B02D-2F66BE649AFF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{E686922E-5224-4FA5-AA9F-34C22E82EDCC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E89AC616-AE1B-4274-BE1C-E3D8AF3A5AB1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{EEECE5EA-7E01-4065-A8FA-BAE6EDACD249}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{F18CDD6F-E99D-4503-9BAC-369CFBD65A65}" = rport=2869 | protocol=6 | dir=out | app=system | "{F31C1EA6-8255-4CAF-8255-00FEC677816C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{F7400614-BAB6-47A2-B72F-69D6A28F2102}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FA0B0928-25AD-4188-AB0E-57911A53593A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{FC17D517-36E9-423B-B923-65F06520C606}" = rport=445 | protocol=6 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0562311E-1920-4854-9D1C-95D166E05655}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{0A977926-4FC1-487E-81C5-D531DC7C5A84}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{0B5F1A60-D02F-497A-95E6-FE5B0215A806}" = dir=in | app=c:\users\alex\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{10EDB909-A45B-4CEC-9FDF-E58D35DBE4A7}" = protocol=17 | dir=in | app=c:\program files\k2t\wtw\wtw.exe | "{13D6C86F-7BFA-44D8-8EFF-EAA777C454F3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{14460FE0-418D-4C24-AEEE-A114B1E6C68D}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{16923DCA-C10F-4841-8B7B-BC83DAA83C5F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1D4C6670-78CF-4458-8304-14F784373C6D}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{1EDC15B3-3B1D-4A77-A7A3-30C34D1C6C3A}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{1F4F3DFA-ED40-48BC-A1E0-D88D9505B72F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{238DCDE5-58DB-4715-A9BD-1D2ECC63E2F4}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{2CA7BFF2-4938-4961-B6B4-12E31B6E4EB5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{37B68061-3777-4BA0-98DB-B7FF9E7614A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{497B26D6-E7C0-4AA8-9E5F-E36519A8A0CE}" = protocol=6 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe | "{514E8318-619B-4DC8-AE9B-2685252D39E0}" = protocol=6 | dir=in | app=c:\program files\k2t\wtw\wtw.exe | "{541BBFE8-6C89-4014-84B8-69D7943CA522}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{54C51B0D-7E9D-42FC-8A17-F3AE8A633DC3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{58425DB2-DCD1-4BF6-91F9-2ADFC4ECB180}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{5DB998DF-8F44-453F-BAB4-64890A4F1F9D}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{630F37F8-CC4F-41CD-BDF5-3754B181CB78}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{638890B4-37A1-44D7-9DE5-BAC4AD3BDDF2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{63959602-FE76-4C7E-8AAD-7FCAADFBC215}" = protocol=6 | dir=out | app=system | "{74512627-8F4A-4807-9A25-685AF437880E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{785B26BF-176C-4B93-9782-785BD15CB0AA}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{84859118-8DFB-45B7-A6E0-5F54341B71CE}" = protocol=6 | dir=in | app=c:\program files\k2t\wtw\wtw.exe | "{848B76BD-E9F0-45E1-BEEC-B6273A507F64}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{86D51A14-8786-46F3-93F4-F5A9CF931A49}" = protocol=17 | dir=in | app=c:\program files\k2t\wtw\wtw.exe | "{8CA12692-B29D-4147-82A1-D82448C597FB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{8E679E8F-CA3B-41A9-86DA-2143C3598FF3}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | "{A20685F7-8FCD-47A1-9C92-57841599710F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{B46EFD67-D14C-4D99-BB6A-F96D0C47DFB5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{C1161CD5-14B6-44E3-A42A-885DA3ACAD99}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{C6753764-8A8D-4332-A279-4BE69C71F049}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{D4D789F1-62A1-4A6C-A585-8FED7045E112}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{DB87BD77-EAD3-48AA-9DA7-C66774108BED}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{DC624FA7-D850-44F9-BAAC-51747BA546B4}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe | "{DECF1D6C-4B4A-4FD7-BEC9-EE308563E230}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{E0A7F9A3-0CE9-487E-85F5-025F46DDE882}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{EA90CF80-3BDB-4B4F-991A-CC74F1B5987B}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{EDF719BA-1BC9-4EC9-B6E5-63F5340D53FD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{F2EEBAAF-812C-4658-936D-0D5D5916779A}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe | "{F41CDBE2-E5F3-4642-BB63-B4C9B4F663BD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F6A1F420-32AF-43F7-8912-B448782C8314}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{FA532F69-49F2-4E03-8941-AF52F72A921E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{FB98AF32-C58D-4995-BCFF-A1B4553EF039}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FD8F7BA0-48F5-49A1-9144-1588895F21E9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{FE5ABB99-5DA3-49F5-A248-2F05A2DE4E15}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "TCP Query User{05937EE1-C4FA-4CA5-B1FE-4462B8ACB8F1}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "TCP Query User{2DDF905A-0C9D-42D3-8AB6-3F874EF14585}C:\program files\foxit software\pdf editor\pdfedit.exe" = protocol=6 | dir=in | app=c:\program files\foxit software\pdf editor\pdfedit.exe | "TCP Query User{360D938E-D757-4709-BAEB-8B639EC71F2E}E:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=e:\totalcmd\totalcmd.exe | "TCP Query User{72BF44FF-D425-4260-BED9-2A9D2894E031}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "TCP Query User{9EE60719-6250-4F8B-A116-549BD0A1952D}C:\program files (x86)\shoutcast\sc_serv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\shoutcast\sc_serv.exe | "TCP Query User{B08ADD57-7F52-40ED-B67F-698036D37F2B}C:\users\alex\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\alex\appdata\roaming\dropbox\bin\dropbox.exe | "TCP Query User{D1965123-0A85-4FE2-B1E9-894DA9DCB2F0}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "TCP Query User{E6691124-BF44-4144-909F-529AA86E3538}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | "UDP Query User{04E62CD3-2E49-4B59-9FF2-47A43B161545}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | "UDP Query User{565E42BC-2B5C-417C-B6D8-7186F753DF87}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | "UDP Query User{64AE82FA-8A19-419D-B82D-BAAFBAF91D2F}C:\program files\foxit software\pdf editor\pdfedit.exe" = protocol=17 | dir=in | app=c:\program files\foxit software\pdf editor\pdfedit.exe | "UDP Query User{A019A4EE-9C31-47DE-8599-8C0007AA08B5}C:\users\alex\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\alex\appdata\roaming\dropbox\bin\dropbox.exe | "UDP Query User{A198BB79-A3A6-4FCC-B174-4306FFC481C6}C:\program files (x86)\shoutcast\sc_serv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\shoutcast\sc_serv.exe | "UDP Query User{B9F165E7-4B78-44E0-9CE6-EEE570E04AD2}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "UDP Query User{BD3183D4-E947-45FD-8FC3-95F528F4D0C8}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "UDP Query User{DFF76ED4-0757-442B-95C3-B7AA70BC5ACA}E:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=e:\totalcmd\totalcmd.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}" = Corel Graphics - Windows Shell Extension "_{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 (64-Bit) "{012016C8-FD5C-4C14-801D-98A5F0363098}" = ESET Smart Security "{0CEA94E0-E6F4-4F2D-AA98-D0EFD6833754}" = Corel Graphics - Windows Shell Extension 32 Bit "{10762393-1B90-4AC2-AF1A-4C0C04AE303F}" = CorelDRAW Graphics Suite X6 - VBA (x64) "{1967EF95-E00B-4669-8B1C-A589BE8BF24F}" = CorelDRAW Graphics Suite X6 - Capture (x64) "{1DF5019A-68B5-4ba1-8E59-E185C7B7FF11}" = Komunikator WTW 0.9.10.3377 "{1E3A578C-0A7D-4820-990F-B7545C0B2303}" = CorelDRAW Graphics Suite X6 - VSTA (x64) "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{2078180F-0C60-11E0-8A9C-0013D3D69929}" = MSVCRT Redists "{2180B33F-3225-423E-BBC1-7798CFD3CD1F}" = Microsoft SQL Server 2008 R2 Native Client "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}" = SQL Server 2008 R2 Common Files "{27AE72A4-B217-4CDC-B82B-3311E9D7460E}" = CorelDRAW Graphics Suite X6 - Draw (x64) "{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}" = Microsoft SQL Server VSS Writer "{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.2.3456 x64 "{2C72B5E4-AA34-4F1A-8C7E-468530F9F6A3}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) "{35869A6C-BA31-4F23-B52D-BC1B1E41EC1B}" = CorelDRAW Graphics Suite X6 - Common (x64) "{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}" = SQL Server 2008 R2 Common Files "{3933C06C-8239-432B-87FC-F2BDC5B49A10}" = CorelDRAW Graphics Suite X6 - FontNav (x64) "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{4F5C2F9B-9FE1-4C4D-8B2D-B74CAD82BAEB}" = CorelDRAW Graphics Suite X6 - PL (x64) "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6099F026-0A98-4D40-9B3D-ED2123A8CBD0}" = CorelDRAW Graphics Suite X6 - Redist (x64) "{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum obsługi urządzeń z systemem Windows Mobile "{66C10F29-31F0-4A9B-B2CF-465F488AE086}" = CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit "{6D10FB2C-82A9-40F2-91D0-7BE64CF0DAF2}" = Microsoft SQL Server 2008 R2 Setup (English) "{7386B5FA-8715-481D-821F-7785110506DF}" = CorelDRAW Graphics Suite X6 - Custom Data (x64) "{7B79AE44-9B76-4815-84E5-ACAC3F0F0278}" = CorelDRAW Graphics Suite X6 - VideoBrowser (x64) "{85153CE3-6356-407F-A672-C1FA085FB031}" = JLink OB CDC Driver Package "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{8909B8A7-CEAB-4772-BF29-1892C4E6603B}" = Microsoft SQL Server 2005 Backward compatibility "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64) "{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{96AAAB95-AEBE-437A-B7CA-37C7BE13FFE9}" = CorelDRAW Graphics Suite X6 - Connect (x64) "{981509D0-F8BF-4810-A75A-8FC90FA0581C}" = O&O Defrag Professional "{A2122A9C-A699-4365-ADF8-68FEAC125D61}" = SQL Server 2008 R2 Database Engine Shared "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}" = Corel Graphics - Windows Shell Extension "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 268.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 268.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files "{B6DF7031-2843-44FD-9CAB-DECAB4257456}" = CorelDRAW Graphics Suite X6 - IPM "{BB57A765-FFFE-498B-8C1E-6C9CE2AB92BA}" = Microsoft SQL Server 2008 R2 RsFx Driver "{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 - Setup Files (x64) "{C616FD4F-11F5-11E0-A38F-0013D3D69929}" = Vegas Pro 10.0 (64-bit) "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{C942A025-A840-4BF2-8987-849C0DD44574}" = SQL Server 2008 R2 Database Engine Shared "{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists "{CCE7423E-1D84-4CD3-9E32-220EC9358D97}" = CorelDRAW Graphics Suite X6 (x64) "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D7C2687D-924E-4485-B367-C7D95CBF8DDD}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}" = CorelDRAW Graphics Suite X6 - Writing Tools (x64) "{E699230D-4B5E-411E-9F45-FF50789B18DD}" = CorelDRAW Graphics Suite X6 - Filters (x64) "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}" = Sql Server Customer Experience Improvement Program "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = SQL Server 2008 R2 Database Engine Services "{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = SQL Server 2008 R2 Database Engine Services "{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0 "419546AE8E4244C647A348987F769803F43B9C4F" = Pakiet sterowników systemu Windows - Segger (jlink) USB (04/11/2012 2.6.8.2) "BD6BF8BBF7BE0D0091163F649A1A423B7EB9D4F1" = Pakiet sterowników systemu Windows - SEGGER (usbser) Ports (01/25/2012 6.0.2600.4) "CCleaner" = CCleaner "GIMP-2_is1" = GIMP 2.8.10 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 "Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 (64-bit) "Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 (64-bit) "Recuva" = Recuva "WinRAR archiver" = WinRAR 4.01 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3 "{00ED627E-F3DC-455E-ACA6-E6B6D917DFC1}" = S-Bar "{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{04B83666-3A62-452B-85D3-70F8117F2329}_is1" = CamStudio version 2.7 "{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20 "{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67 "{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 37 "{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types "{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition "{3EEF6B1E-38AA-4F22-BA70-30A73BB06AAE}" = Photo Common "{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth "{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects "{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{604B2A5C-B1CE-45B2-ADCC-6B7C721AC3AC}" = LibreOffice 4.0.1.2 "{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer "{662CFD19-EA80-4EFE-A0D8-EE10EFEB3C83}" = Livestream Procaster "{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1" = Poedit "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{77655DF6-A143-4A25-A5F8-127C8CE63EDA}" = Galeria fotografii "{77D28FF5-242F-488A-8215-937D6A4D69E0}" = Adobe AIR "{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159 "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{82A886F1-5816-4A23-B062-60F795D5709A}" = Crocodile Technology 610 "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}" = Podstawowe programy Windows Live "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{94DE7548-E449-4F7D-804F-0C5CDC3A1E6A}" = EasyFace2 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings "{995414B4-F332-469F-BD9F-011DDB0003BD}" = ScanXL-ELM "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}" = Samsung Drive Manager "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{AC57543E-EC54-4AB7-A18C-4B04BB1CF09A}" = Windows Live UX Platform Language Pack "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0) "{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}" = PLAY ONLINE "{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser "{C1AC4F7A-4B50-4903-882A-D61D3D13782D}" = AVR Studio 4.19 "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup "{D2437C5C-2D8C-40D2-8059-689AD7239FA3}" = Intel(R) C++ Redistributables for Windows* on Intel(R) 64 "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}" = AVR Studio 4.19 "{D64B6984-242F-32BC-B008-752806E5FC44}" = Microsoft Visual Studio 2010 Shell (Isolated) - ENU "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}" = Movie Maker "{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{E040B65B-8683-4228-8C33-D44A141E40EA}" = Secure Download Manager "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{e7394a0f-3f80-45b1-87fc-abcd51893246}" = Python 2.6.4 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin "Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3 "Arduino" = Arduino "Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.9 "ASIO4ALL" = ASIO4ALL "Astroburn Lite" = Astroburn Lite "Audacity_is1" = Audacity 1.2.6 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50 "foobar2000" = foobar2000 v1.1.7 "Foxit PDF Editor" = Foxit PDF Editor "Free Monitor for Google_is1" = Free Monitor for Google 2.5 "Google Chrome" = Google Chrome "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "INTERsoft IntelliCAD Standard Edition v.3.3" = INTERsoft IntelliCAD Standard Edition v.3.3 "ipla" = ipla 2.3.5 "IrfanView" = IrfanView (remove only) "LastFM_is1" = Last.fm Scrobbler 2.1.30 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.70.0.1100 "Mobile Partner" = Mobile Partner "Mozilla Firefox 32.0.2 (x86 pl)" = Mozilla Firefox 32.0.2 (x86 pl) "Mozilla Thunderbird 12.0.1 (x86 pl)" = Mozilla Thunderbird 12.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Notepad++" = Notepad++ "OFICJALNE TESTY EGZAMINACYJNE PWPW" = OFICJALNE TESTY EGZAMINACYJNE PWPW "Omnius for SE" = Omnius for SE v0.33 "Opera 12.17.1863" = Opera 12.17 "Picasa 3" = Picasa 3 "PLAY ONLINE" = PLAY ONLINE "PLAY Web partner" = PLAY Web partner "qt7lite_is1" = QT Lite 2.8.0 "SCDNAS" = SHOUTcast DNAS (remove only) "SciDAVis" = SciDAVis 0.2.4 "Screaming Frog SEO Spider" = Screaming Frog SEO Spider "SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.3 for Windows "The KMPlayer" = The KMPlayer (remove only) "Totalcmd" = Total Commander (Remove or Repair) "Update Engine" = Sony Ericsson Update Engine "uTorrent" = µTorrent "Veetle TV" = Veetle TV "WinLiveSuite" = Podstawowe programy Windows Live "winscp3_is1" = WinSCP 4.2.1 beta "Xenu's Link Sleuth" = Xenu's Link Sleuth "XnView_is1" = XnView 1.99.6 "Yenka" = Yenka [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2527288125-292897534-329591378-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "CodeBlocks" = CodeBlocks "Dropbox" = Dropbox "MyFreeCodec" = MyFreeCodec "pdfsam" = pdfsam [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2527288125-292897534-329591378-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-09-11 12:19:03 | Computer Name = alex-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\Last.fm\ext_skypenotify.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-09-13 16:57:52 | Computer Name = alex-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Python26\Lib\distutils\command\wininst-8_d.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-09-13 16:59:59 | Computer Name = alex-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\Last.fm\ext_messengernotify.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-09-13 16:59:59 | Computer Name = alex-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\Last.fm\ext_skypenotify.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-09-14 16:11:35 | Computer Name = alex-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Python26\Lib\distutils\command\wininst-8_d.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-09-14 16:18:06 | Computer Name = alex-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\Last.fm\ext_messengernotify.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-09-14 16:18:06 | Computer Name = alex-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\Last.fm\ext_skypenotify.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-09-17 13:03:25 | Computer Name = alex-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Python26\Lib\distutils\command\wininst-8_d.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-09-17 13:10:43 | Computer Name = alex-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\Last.fm\ext_messengernotify.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-09-17 13:10:43 | Computer Name = alex-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\Last.fm\ext_skypenotify.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. [ System Events ] Error - 2014-09-20 11:11:16 | Computer Name = alex-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.21. Komputer o adresie IP 192.168.1.1 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2014-09-20 11:16:26 | Computer Name = alex-Komputer | Source = BROWSER | ID = 8020 Description = Error - 2014-09-20 11:16:26 | Computer Name = alex-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.21. Komputer o adresie IP 192.168.1.1 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2014-09-20 11:21:36 | Computer Name = alex-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.21. Komputer o adresie IP 192.168.1.1 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2014-09-20 11:26:46 | Computer Name = alex-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.21. Komputer o adresie IP 192.168.1.1 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2014-09-20 11:31:56 | Computer Name = alex-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.21. Komputer o adresie IP 192.168.1.1 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2014-09-20 11:37:06 | Computer Name = alex-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.21. Komputer o adresie IP 192.168.1.1 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2014-09-20 11:42:16 | Computer Name = alex-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.21. Komputer o adresie IP 192.168.1.1 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2014-09-20 11:47:26 | Computer Name = alex-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.21. Komputer o adresie IP 192.168.1.1 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2014-09-20 11:52:36 | Computer Name = alex-Komputer | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.21. Komputer o adresie IP 192.168.1.1 nie zezwolił na przejęcie tej nazwy przez ten komputer. < End of report >

**Posty:** 4765 · przez **ordynat** 20 Wrz 2014, 22:03

Nie widzę tu niczego podejrzanego.

Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:Files
C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijblflkdjdopkpdgllkmlbgcffjbnfda

:Reg
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes]
[-HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes]
[-HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes]

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt.
.

Nieznane wykorzystanie procesora

Nieznane wykorzystanie procesora

Nieznane wykorzystanie procesora

Kto jest na forum