OTL logfile created on: 24/10/2012 16:37:41 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = G:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3.86 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 62.50% Memory free
7.71 Gb Paging File | 5.90 Gb Available in Paging File | 76.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.42 Gb Total Space | 10.49 Gb Free Space | 2.32% Space Free | Partition Type: NTFS
Drive G: | 124.60 Mb Total Space | 123.51 Mb Free Space | 99.13% Space Free | Partition Type: FAT
 
Computer Name: OLIMPIA-VAIO | User Name: OLIMPIA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/10/24 16:32:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\OTL.exe
PRC - [2012/10/24 08:45:11 | 000,186,880 | ---- | M] () -- C:\Users\OLIMPIA\AppData\Roaming\322C4\0FB9C.exe
PRC - [2012/10/23 22:58:59 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\lsass.exe
PRC - [2012/09/12 08:32:17 | 000,322,048 | ---- | M] () -- C:\Users\OLIMPIA\AppData\Roaming\Microsoft\8433\BCB.exe
PRC - [2012/08/11 11:57:02 | 000,307,856 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/07/21 07:26:46 | 000,204,800 | ---- | M] () -- C:\Users\OLIMPIA\AppData\Roaming\C4932\lvvm.exe
PRC - [2012/01/29 21:10:04 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/11/18 00:34:54 | 000,144,896 | ---- | M] () -- C:\Users\OLIMPIA\AppData\Roaming\Here\tilia.exe
PRC - [2011/11/02 01:27:26 | 028,725,384 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2011/09/10 12:29:24 | 002,450,944 | ---- | M] () -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Policy Service\svchost.exe
PRC - [2011/09/10 12:29:24 | 002,450,944 | ---- | M] () -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Policy Service\svchost.exe
PRC - [2011/09/10 12:29:24 | 002,450,944 | ---- | M] () -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Policy Service\svchost.exe
PRC - [2011/09/10 12:29:24 | 002,450,944 | ---- | M] () -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Policy Service\svchost.exe
PRC - [2011/09/10 12:29:24 | 002,450,944 | ---- | M] () -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Policy Service\svchost.exe
PRC - [2011/09/10 12:29:24 | 002,450,944 | ---- | M] () -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Policy Service\svchost.exe
PRC - [2011/09/10 12:29:24 | 002,450,944 | ---- | M] () -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Policy Service\svchost.exe
PRC - [2011/09/10 12:29:24 | 002,450,944 | ---- | M] () -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Policy Service\svchost.exe
PRC - [2011/05/30 16:21:42 | 019,764,728 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ipla.exe
PRC - [2011/02/23 13:11:55 | 000,290,816 | R--- | M] (France Telecom SA) -- C:\Program Files (x86)\CardDetector\HUAWEI177\CardDetector.exe
PRC - [2011/02/23 11:11:54 | 000,131,072 | ---- | M] (France Telecom) -- C:\Program Files (x86)\OrangeBS\BEWInternet-PL-IEW\Phonetools\SmsNotify.exe
PRC - [2011/02/23 11:11:54 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2011/02/14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe
PRC - [2010/05/28 11:14:24 | 000,205,168 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
PRC - [2010/02/26 06:49:48 | 000,026,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
PRC - [2010/02/19 19:19:24 | 000,529,776 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2009/12/14 22:06:24 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/12/14 22:06:08 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/12/02 00:03:52 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
PRC - [2009/11/21 01:25:24 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/11/21 01:25:22 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/10/24 05:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/10/24 05:18:52 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
PRC - [2009/09/14 21:24:08 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009/09/14 20:53:48 | 000,642,416 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2009/08/26 21:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
PRC - [2008/09/18 12:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2008/09/10 12:24:21 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrmon.exe
PRC - [2007/03/09 11:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
PRC - [2006/12/01 21:28:06 | 000,095,800 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012/10/24 08:45:11 | 000,186,880 | ---- | M] () -- C:\Users\OLIMPIA\AppData\Roaming\322C4\0FB9C.exe
MOD - [2012/09/12 08:32:17 | 000,322,048 | ---- | M] () -- C:\Users\OLIMPIA\AppData\Roaming\Microsoft\8433\BCB.exe
MOD - [2012/07/21 07:26:46 | 000,204,800 | ---- | M] () -- C:\Users\OLIMPIA\AppData\Roaming\C4932\lvvm.exe
MOD - [2012/06/13 11:22:28 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
MOD - [2012/06/13 11:22:17 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/06/13 11:21:06 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/13 11:20:45 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/10 23:18:46 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/10 23:17:07 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/10 23:16:54 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/10 23:16:44 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/10 23:16:42 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/10 23:16:30 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011/11/18 00:34:54 | 000,144,896 | ---- | M] () -- C:\Users\OLIMPIA\AppData\Roaming\Here\tilia.exe
MOD - [2011/11/02 01:17:34 | 016,827,392 | R--- | M] () -- C:\Program Files (x86)\Origin\QtWebKit4.dll
MOD - [2011/11/02 01:15:00 | 000,312,320 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff4.dll
MOD - [2011/11/02 01:15:00 | 000,264,192 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng4.dll
MOD - [2011/11/02 01:15:00 | 000,211,456 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg4.dll
MOD - [2011/11/02 01:15:00 | 000,032,256 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico4.dll
MOD - [2011/11/02 01:15:00 | 000,028,672 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif4.dll
MOD - [2011/11/02 01:14:58 | 000,172,544 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qjpcodecs4.dll
MOD - [2011/11/02 01:14:58 | 000,158,208 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qtwcodecs4.dll
MOD - [2011/11/02 01:14:58 | 000,143,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qcncodecs4.dll
MOD - [2011/11/02 01:14:58 | 000,079,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qkrcodecs4.dll
MOD - [2011/11/02 01:14:04 | 000,327,680 | R--- | M] () -- C:\Program Files (x86)\Origin\phonon4.dll
MOD - [2011/11/02 01:14:02 | 000,413,184 | R--- | M] () -- C:\Program Files (x86)\Origin\QtXml4.dll
MOD - [2011/11/02 01:14:00 | 009,440,256 | R--- | M] () -- C:\Program Files (x86)\Origin\QtGui4.dll
MOD - [2011/11/02 01:14:00 | 001,152,512 | R--- | M] () -- C:\Program Files (x86)\Origin\QtNetwork4.dll
MOD - [2011/11/02 01:13:58 | 002,694,144 | R--- | M] () -- C:\Program Files (x86)\Origin\QtCore4.dll
MOD - [2011/05/30 16:21:46 | 000,067,992 | ---- | M] () -- C:\Program Files (x86)\ipla\ziplib.dll
MOD - [2011/05/30 16:21:44 | 000,392,088 | ---- | M] () -- C:\Program Files (x86)\ipla\jabberoo.dll
MOD - [2011/05/30 16:09:12 | 000,291,840 | ---- | M] () -- C:\Program Files (x86)\ipla\MediaFileScanner.dll
MOD - [2011/05/30 16:06:20 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\ipla\lua.dll
MOD - [2010/11/13 04:37:37 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/08/10 00:01:06 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/02/04 01:06:48 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pl_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2008/09/10 12:24:21 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrmon.exe
MOD - [2008/09/10 11:44:54 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrcaps.dll
MOD - [2008/09/10 11:44:46 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrscw.dll
MOD - [2008/09/10 11:44:44 | 001,036,288 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrDRS.dll
MOD - [2008/09/10 11:34:29 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrcnv4.dll
MOD - [2008/05/16 16:54:59 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrdatr.dll
MOD - [2008/05/16 16:54:50 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrcats.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012/01/13 10:55:10 | 001,256,040 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV:[b]64bit:[/b] - [2011/02/14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:[b]64bit:[/b] - [2011/01/29 06:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:[b]64bit:[/b] - [2010/02/19 19:19:28 | 000,115,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:[b]64bit:[/b] - [2010/02/19 19:19:24 | 000,529,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:[b]64bit:[/b] - [2010/01/27 22:10:56 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009/11/30 21:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:[b]64bit:[/b] - [2009/11/25 21:06:06 | 000,821,760 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:[b]64bit:[/b] - [2009/09/04 23:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:[b]64bit:[/b] - [2009/09/01 23:42:00 | 000,361,840 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:[b]64bit:[/b] - [2008/05/16 17:39:34 | 001,040,552 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdrcoms.exe -- (lxdr_device)
SRV:[b]64bit:[/b] - [2008/05/16 17:39:27 | 000,033,960 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdrserv.exe -- (lxdrCATSCustConnectService)
SRV - [2012/10/09 10:09:56 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/02/23 11:11:54 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2010/05/28 11:14:24 | 000,205,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/12/14 22:06:24 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/12/14 22:06:08 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/11/21 01:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/10/24 05:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/10/15 18:34:36 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009/10/15 18:34:36 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009/10/15 18:34:36 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/10/15 18:34:34 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009/10/15 18:34:34 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009/09/14 21:24:08 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009/09/14 21:24:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009/09/14 20:53:48 | 000,642,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009/08/31 03:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009/08/31 03:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/18 12:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008/05/16 17:39:27 | 000,033,960 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdrserv.exe -- (lxdrCATSCustConnectService)
SRV - [2008/05/16 17:39:15 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxdrcoms.exe -- (lxdr_device)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/10/07 11:24:12 | 000,152,064 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010/11/15 12:52:08 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:[b]64bit:[/b] - [2010/11/15 12:52:08 | 000,091,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:[b]64bit:[/b] - [2010/11/15 12:52:08 | 000,085,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:[b]64bit:[/b] - [2010/09/20 21:52:24 | 000,303,616 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2010/09/20 21:52:24 | 000,035,328 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2010/01/27 22:10:59 | 006,106,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2009/12/16 22:03:59 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2009/12/16 22:03:04 | 007,778,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2009/12/16 06:04:17 | 000,293,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2009/12/16 04:49:48 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:[b]64bit:[/b] - [2009/12/14 22:06:07 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:[b]64bit:[/b] - [2009/11/21 01:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009/11/18 06:30:44 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:[b]64bit:[/b] - [2009/11/18 06:30:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2009/11/18 06:30:32 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:[b]64bit:[/b] - [2009/11/18 06:30:21 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:[b]64bit:[/b] - [2009/11/18 06:23:46 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:[b]64bit:[/b] - [2009/11/13 22:08:21 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2009/11/12 22:16:19 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:[b]64bit:[/b] - [2009/11/12 22:06:44 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009/11/06 22:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:[b]64bit:[/b] - [2009/09/15 22:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:[b]64bit:[/b] - [2009/08/19 22:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:[b]64bit:[/b] - [2009/08/06 01:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2009/08/04 10:04:26 | 000,118,784 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:[b]64bit:[/b] - [2009/08/04 10:04:26 | 000,118,784 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmeaext.sys -- (ZTEusbnmeaext)
DRV:[b]64bit:[/b] - [2009/08/04 10:04:26 | 000,118,784 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:[b]64bit:[/b] - [2009/08/04 10:04:26 | 000,118,784 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/05/26 16:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:[b]64bit:[/b] - [2009/05/20 12:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2009/04/29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:[b]64bit:[/b] - [2007/06/25 10:42:30 | 000,130,088 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s117unic.sys -- (s117unic)
DRV:[b]64bit:[/b] - [2007/06/25 10:42:30 | 000,123,432 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s117obex.sys -- (s117obex)
DRV:[b]64bit:[/b] - [2007/06/25 10:42:30 | 000,031,272 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s117nd5.sys -- (s117nd5)
DRV:[b]64bit:[/b] - [2007/06/25 10:42:24 | 000,144,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s117mdm.sys -- (s117mdm)
DRV:[b]64bit:[/b] - [2007/06/25 10:42:24 | 000,125,992 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s117mgmt.sys -- (s117mgmt)
DRV:[b]64bit:[/b] - [2007/06/25 10:42:24 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s117mdfl.sys -- (s117mdfl)
DRV:[b]64bit:[/b] - [2007/06/25 10:42:22 | 000,108,072 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s117bus.sys -- (s117bus)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49313
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49313
 
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1910119851-4200616409-343687219-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1910119851-4200616409-343687219-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
IE - HKU\S-1-5-21-1910119851-4200616409-343687219-1000\..\SearchScopes,DefaultScope = {D3740AA1-312E-462D-B7D2-F89E703E1B91}
IE - HKU\S-1-5-21-1910119851-4200616409-343687219-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1910119851-4200616409-343687219-1000\..\SearchScopes\{569AAB49-443E-4D41-B75A-70E6171D666E}: "URL" = http://uk.shopping.com/?linkin_id=8056359
IE - HKU\S-1-5-21-1910119851-4200616409-343687219-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1910119851-4200616409-343687219-1000\..\SearchScopes\{C8DB551B-1F5F-491D-A244-38A2E0E9C4C4}: "URL" = http://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search
IE - HKU\S-1-5-21-1910119851-4200616409-343687219-1000\..\SearchScopes\{D10F664D-64BA-4451-A1FD-F83BCFD5EEFF}: "URL" = http://rover.ebay.com/rover/1/710-42480-16445-5/4?satitle={searchTerms}
IE - HKU\S-1-5-21-1910119851-4200616409-343687219-1000\..\SearchScopes\{D3740AA1-312E-462D-B7D2-F89E703E1B91}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC_plPL386
IE - HKU\S-1-5-21-1910119851-4200616409-343687219-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-1910119851-4200616409-343687219-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-1910119851-4200616409-343687219-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49313
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/01/29 21:10:43 | 000,000,000 | ---D | M]
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.google.com
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U16 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\OLIMPIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
 
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Lexmark Pasek narzedzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Pasek narzedzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3 - HKU\S-1-5-21-1910119851-4200616409-343687219-1000\..\Toolbar\WebBrowser: (Lexmark Pasek narzedzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3:[b]64bit:[/b] - HKU\S-1-5-21-1910119851-4200616409-343687219-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [lxdramon] C:\Program Files (x86)\Lexmark 4900 Series\lxdramon.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [lxdrmon.exe] C:\Program Files (x86)\Lexmark 4900 Series\lxdrmon.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [249.exe] C:\Program Files (x86)\LP\9CB3\249.exe ()
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BCB.exe] C:\Program Files (x86)\LP\8433\BCB.exe ()
O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] C:\Program Files (x86)\OrangeBS\BEWInternet-PL-IEW\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSMSNotify] C:\Program Files (x86)\OrangeBS\BEWInternet-PL-IEW\Phonetools\SMSNotify.exe (France Telecom)
O4 - HKLM..\Run: [CardDetectorHUAWEI177] C:\Program Files (x86)\CardDetector\HUAWEI177\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1910119851-4200616409-343687219-1000..\Run: [249.exe] C:\Users\OLIMPIA\AppData\Roaming\Microsoft\9CB3\249.exe ()
O4 - HKU\S-1-5-21-1910119851-4200616409-343687219-1000..\Run: [BCB.exe] C:\Users\OLIMPIA\AppData\Roaming\Microsoft\8433\BCB.exe ()
O4 - HKU\S-1-5-21-1910119851-4200616409-343687219-1000..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-1910119851-4200616409-343687219-1000..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.)
O4 - HKU\S-1-5-21-1910119851-4200616409-343687219-1000..\Run: [OM2_Monitor] C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKU\S-1-5-21-1910119851-4200616409-343687219-1000..\Run: [Opbilyru] C:\Users\OLIMPIA\AppData\Roaming\Here\tilia.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\OLIMPIA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk = C:\ProgramData\lsass.exe (Microsoft Corporation)
F3:[b]64bit:[/b] - HKU\S-1-5-21-1910119851-4200616409-343687219-1000 WinNT: Load - (C:\Users\OLIMPIA\AppData\Roaming\C4932\lvvm.exe) - C:\Users\OLIMPIA\AppData\Roaming\C4932\lvvm.exe ()
F3 - HKU\S-1-5-21-1910119851-4200616409-343687219-1000 WinNT: Load - (C:\Users\OLIMPIA\AppData\Roaming\C4932\lvvm.exe) - C:\Users\OLIMPIA\AppData\Roaming\C4932\lvvm.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33E16AA4-7666-4C96-A7FD-CC130D4C0D78}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA34CC92-2599-464B-B82F-FB9082705712}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1910119851-4200616409-343687219-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1910119851-4200616409-343687219-1000 Winlogon: Shell - (C:\Users\OLIMPIA\AppData\Roaming\322C4\0FB9C.exe) - C:\Users\OLIMPIA\AppData\Roaming\322C4\0FB9C.exe ()
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{14db1850-b125-11e0-90c6-c5d64098c60a}\Shell - "" = AutoRun
O33 - MountPoints2\{14db1850-b125-11e0-90c6-c5d64098c60a}\Shell\AutoRun\command - "" = G:\MicroLauncher.exe
O33 - MountPoints2\{1a5d08ff-2702-11e1-bc0e-f07bcbca9843}\Shell - "" = AutoRun
O33 - MountPoints2\{1a5d08ff-2702-11e1-bc0e-f07bcbca9843}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{25bcf7be-8815-11df-b280-5442490fb9cb}\Shell - "" = AutoRun
O33 - MountPoints2\{25bcf7be-8815-11df-b280-5442490fb9cb}\Shell\AutoRun\command - "" = G:\AutoRunCardDetector.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/10/23 22:58:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\lsass.exe
[2012/10/19 21:55:27 | 000,000,000 | ---D | C] -- C:\Users\OLIMPIA\Desktop\Kontrola - Control (2004)
[2012/10/16 21:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/10/16 21:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/10/10 10:26:38 | 000,000,000 | ---D | C] -- C:\Users\OLIMPIA\Desktop\zosia
[2012/10/10 08:12:09 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/10/10 08:12:08 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/10/10 08:12:08 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/10/10 08:12:02 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/10/10 08:12:02 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/10/10 08:12:01 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/10/10 08:12:01 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/10/10 08:11:59 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/10/10 08:11:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/10/10 08:11:58 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/10/10 08:11:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/10/10 08:11:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/10/10 08:11:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/10/10 08:11:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/10/10 08:11:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/10/10 08:11:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/10/10 08:11:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/10/10 08:11:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/10/10 08:11:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/10/10 08:11:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/10/10 08:11:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/10/10 08:11:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/10/10 08:11:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/10/10 08:11:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/10/10 08:11:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/10/10 08:11:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/10/10 08:11:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/10/10 08:11:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/10/10 08:11:56 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/10/10 08:11:56 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/10/10 08:11:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/10/10 08:11:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/10/10 08:11:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/10/10 08:11:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/10/10 08:11:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/10/10 08:11:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/10/10 08:11:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/10/10 08:11:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/10/10 08:11:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/10/10 08:11:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/10 08:11:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/10/10 08:11:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/10/10 08:11:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/10/10 08:11:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/10/10 08:11:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/10/10 08:11:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/10/10 08:11:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/10/10 08:11:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/10/10 08:11:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/10/10 08:11:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/10/10 08:11:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/10/10 08:11:31 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/10/10 08:10:41 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/10/10 08:10:40 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/09/26 08:17:51 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/10/24 16:40:53 | 009,744,548 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012/10/24 16:40:53 | 003,834,212 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/24 16:40:53 | 003,323,290 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012/10/24 16:40:53 | 003,187,888 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/24 16:40:53 | 000,005,214 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/24 16:28:08 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/24 16:28:08 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/24 16:19:49 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/24 16:19:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/24 16:19:24 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/24 08:56:03 | 083,023,306 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012/10/24 08:46:42 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/23 22:59:04 | 000,000,824 | ---- | M] () -- C:\Users\OLIMPIA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012/10/23 22:58:59 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\lsass.exe
[2012/10/23 22:01:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/23 11:17:43 | 000,054,694 | ---- | M] () -- C:\Users\OLIMPIA\Desktop\2699179454[1].jpg
[2012/10/23 08:59:29 | 000,062,715 | ---- | M] () -- C:\Users\OLIMPIA\Desktop\2686027228[1].jpg
[2012/10/22 14:09:17 | 000,100,801 | ---- | M] () -- C:\Users\OLIMPIA\Desktop\2730897169[1].jpg
[2012/10/22 12:53:00 | 000,047,505 | ---- | M] () -- C:\Users\OLIMPIA\Desktop\2732626140[1].jpg
[2012/10/22 09:25:24 | 000,054,477 | ---- | M] () -- C:\Users\OLIMPIA\Desktop\2718608541[3].jpg
[2012/10/16 22:28:50 | 000,000,678 | ---- | M] () -- C:\Windows\SysWow64\queries-03.cache
[2012/10/16 22:28:50 | 000,000,065 | ---- | M] () -- C:\Windows\SysWow64\cache.00
[2012/10/16 22:28:50 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\lock
[2012/10/14 08:58:25 | 000,000,296 | ---- | M] () -- C:\Windows\SysWow64\state
[2012/10/14 08:52:29 | 732,749,824 | ---- | M] () -- C:\Users\OLIMPIA\Desktop\Goon.2011.PL.BRRiP.XviD-B89.(P2PNet.pl).avi
[2012/10/11 18:11:09 | 001,447,595 | ---- | M] () -- C:\Users\OLIMPIA\Documents\2012-10-11 18;11;00.pdf
[2012/10/10 10:33:50 | 001,952,704 | ---- | M] () -- C:\Users\OLIMPIA\Documents\2012-10-10 10;33;39.pdf
[2012/10/10 10:30:15 | 001,898,419 | ---- | M] () -- C:\Users\OLIMPIA\Documents\2012-10-10 10;30;04.pdf
[2012/10/10 10:28:44 | 001,564,932 | ---- | M] () -- C:\Users\OLIMPIA\Documents\2012-10-10 10;28;32.pdf
[2012/10/10 10:27:31 | 000,915,680 | ---- | M] () -- C:\Users\OLIMPIA\Documents\2012-10-10 10;27;16.pdf
[2012/10/10 10:19:02 | 001,489,518 | ---- | M] () -- C:\Users\OLIMPIA\Documents\2012-10-10 10;18;53.pdf
[2012/10/10 10:13:00 | 000,193,214 | ---- | M] () -- C:\Users\OLIMPIA\Documents\2012-10-10 10;12;55.pdf
[2012/10/10 10:11:27 | 000,190,031 | ---- | M] () -- C:\Users\OLIMPIA\Documents\2012-10-10 10;11;17.pdf
[2012/10/09 10:09:55 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/10/09 10:09:55 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/10/05 15:39:27 | 000,016,477 | ---- | M] () -- C:\Users\OLIMPIA\Desktop\Zdj_cie003.jpg
[2012/09/29 18:43:46 | 000,137,385 | ---- | M] () -- C:\Users\OLIMPIA\Desktop\1[1].jpg
[2012/09/29 18:43:46 | 000,124,311 | ---- | M] () -- C:\Users\OLIMPIA\Desktop\2[1].jpg
[2012/09/29 18:43:46 | 000,119,104 | ---- | M] () -- C:\Users\OLIMPIA\Desktop\3[1].jpg
[2012/09/25 08:12:37 | 000,142,070 | ---- | M] () -- C:\Users\OLIMPIA\Desktop\2623704004_2[1].jpg
[2012/09/25 08:12:32 | 000,041,958 | ---- | M] () -- C:\Users\OLIMPIA\Desktop\2623704004_1[1].jpg
[2012/09/25 08:12:20 | 000,025,183 | ---- | M] () -- C:\Users\OLIMPIA\Desktop\2623704004[1].jpg
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/10/23 22:59:04 | 000,000,824 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012/10/23 22:59:00 | 083,023,306 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012/10/23 11:18:39 | 000,054,694 | ---- | C] () -- C:\Users\OLIMPIA\Desktop\2699179454[1].jpg
[2012/10/23 09:00:20 | 000,062,715 | ---- | C] () -- C:\Users\OLIMPIA\Desktop\2686027228[1].jpg
[2012/10/22 14:09:31 | 000,100,801 | ---- | C] () -- C:\Users\OLIMPIA\Desktop\2730897169[1].jpg
[2012/10/22 12:53:09 | 000,047,505 | ---- | C] () -- C:\Users\OLIMPIA\Desktop\2732626140[1].jpg
[2012/10/22 09:25:33 | 000,054,477 | ---- | C] () -- C:\Users\OLIMPIA\Desktop\2718608541[3].jpg
[2012/10/14 08:58:25 | 000,000,296 | ---- | C] () -- C:\Windows\SysWow64\state
[2012/10/14 08:58:25 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\lock
[2012/10/12 11:48:05 | 000,119,104 | ---- | C] () -- C:\Users\OLIMPIA\Desktop\3[1].jpg
[2012/10/12 11:47:53 | 000,124,311 | ---- | C] () -- C:\Users\OLIMPIA\Desktop\2[1].jpg
[2012/10/12 11:47:40 | 000,137,385 | ---- | C] () -- C:\Users\OLIMPIA\Desktop\1[1].jpg
[2012/10/11 18:11:07 | 001,447,595 | ---- | C] () -- C:\Users\OLIMPIA\Documents\2012-10-11 18;11;00.pdf
[2012/10/10 10:33:48 | 001,952,704 | ---- | C] () -- C:\Users\OLIMPIA\Documents\2012-10-10 10;33;39.pdf
[2012/10/10 10:30:13 | 001,898,419 | ---- | C] () -- C:\Users\OLIMPIA\Documents\2012-10-10 10;30;04.pdf
[2012/10/10 10:28:42 | 001,564,932 | ---- | C] () -- C:\Users\OLIMPIA\Documents\2012-10-10 10;28;32.pdf
[2012/10/10 10:27:29 | 000,915,680 | ---- | C] () -- C:\Users\OLIMPIA\Documents\2012-10-10 10;27;16.pdf
[2012/10/10 10:19:01 | 001,489,518 | ---- | C] () -- C:\Users\OLIMPIA\Documents\2012-10-10 10;18;53.pdf
[2012/10/10 10:13:00 | 000,193,214 | ---- | C] () -- C:\Users\OLIMPIA\Documents\2012-10-10 10;12;55.pdf
[2012/10/10 10:11:26 | 000,190,031 | ---- | C] () -- C:\Users\OLIMPIA\Documents\2012-10-10 10;11;17.pdf
[2012/10/05 15:39:46 | 000,016,477 | ---- | C] () -- C:\Users\OLIMPIA\Desktop\Zdj_cie003.jpg
[2012/09/25 08:13:05 | 000,142,070 | ---- | C] () -- C:\Users\OLIMPIA\Desktop\2623704004_2[1].jpg
[2012/09/25 08:12:41 | 000,041,958 | ---- | C] () -- C:\Users\OLIMPIA\Desktop\2623704004_1[1].jpg
[2012/09/25 08:12:28 | 000,025,183 | ---- | C] () -- C:\Users\OLIMPIA\Desktop\2623704004[1].jpg
[2012/09/13 21:22:13 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempue7204.html
[2012/09/13 21:22:12 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Temptx7204.html
[2012/09/12 23:08:10 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempXA8860.html
[2012/09/12 23:08:10 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempby8860.html
[2012/08/05 10:32:19 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempuZ5140.html
[2012/08/05 10:32:19 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Templd5140.html
[2012/07/27 00:06:36 | 000,321,024 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Roaming\wmplayer.exe
[2012/07/22 12:50:00 | 000,321,024 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Roaming\chrome.exe
[2012/07/13 22:27:02 | 000,356,352 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\ifoqilbl.exe
[2012/07/08 21:59:27 | 000,314,880 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\vencji.exe
[2012/07/08 12:05:11 | 000,000,048 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\OLIMPIA-VAIO.cfg
[2012/07/07 21:47:20 | 000,314,880 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\zfuphynk.exe
[2012/03/12 10:00:33 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempyX2512.html
[2012/03/12 10:00:33 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempNn2512.html
[2012/03/11 21:41:36 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TemplZ5616.html
[2012/03/11 21:41:36 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Temptl5616.html
[2012/02/21 09:28:25 | 000,322,048 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Roaming\iexplore.exe
[2012/02/16 19:17:59 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempnz6924.html
[2012/02/16 19:17:59 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempic6924.html
[2012/02/16 10:39:28 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempFD7428.html
[2012/02/16 10:39:28 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempMf7428.html
[2012/01/07 10:52:58 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempHJ3812.html
[2011/12/27 22:56:44 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempv13636.html
[2011/12/27 22:56:44 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempK13636.html
[2011/12/23 19:07:53 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempth7140.html
[2011/12/20 16:40:14 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Temppj8132.html
[2011/12/20 16:40:14 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TemplX8132.html
[2011/11/09 23:08:09 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempZX5836.html
[2011/11/09 23:08:09 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempLD5836.html
[2011/10/31 21:11:08 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempN11988.html
[2011/10/31 21:11:08 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempZ11988.html
[2011/10/28 20:20:56 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempbM7604.html
[2011/10/28 08:41:53 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TemppP3628.html
[2011/10/27 23:31:07 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempUN3436.html
[2011/10/27 23:31:07 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempsa3436.html
[2011/10/26 21:15:56 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Temppw4344.html
[2011/10/26 21:15:56 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempbl4344.html
[2011/10/26 12:04:47 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempgg7824.html
[2011/10/26 12:04:47 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TemppM7824.html
[2011/10/25 11:37:03 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempGs7488.html
[2011/10/25 11:37:03 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempoj7488.html
[2011/10/24 18:18:10 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TemptP7708.html
[2011/10/24 18:18:10 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempnW7708.html
[2011/10/24 16:36:48 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempBy9376.html
[2011/10/24 16:36:48 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempTM9376.html
[2011/10/12 01:21:32 | 000,322,048 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Roaming\java.exe
[2011/10/03 11:39:15 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempea8032.html
[2011/10/03 11:39:15 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempwh8032.html
[2011/09/30 11:38:15 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempGf5416.html
[2011/09/30 11:38:15 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempSB5416.html
[2011/09/10 20:28:17 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempeZ7620.html
[2011/09/10 12:28:26 | 000,111,267 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Roaming\002C.725
[2011/08/07 18:32:03 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempu14812.html
[2011/08/07 18:32:03 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempX14812.html
[2011/07/10 20:15:47 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempY11200.html
[2011/07/10 20:15:47 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempX11200.html
[2011/06/19 13:37:23 | 000,000,000 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\{60901C73-86CF-445B-BE09-C89A1B5AB754}
[2011/06/04 07:01:41 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempNi7660.html
[2011/06/04 07:01:41 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempfv7660.html
[2011/05/28 21:06:26 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempDO8028.html
[2011/05/19 13:22:52 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempJv2144.html
[2011/05/12 21:47:29 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Temppx3696.html
[2011/05/11 19:55:25 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TemppG8052.html
[2011/05/11 19:55:25 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempeE8052.html
[2011/04/11 21:00:31 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempSn3500.html
[2011/04/11 21:00:31 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempuf3500.html
[2011/04/08 20:53:52 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempwo7716.html
[2011/04/08 20:53:52 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempvy7716.html
[2011/02/27 16:27:46 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempCyL984.html
[2011/02/27 16:27:46 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Temphsc984.html
[2011/02/19 19:39:30 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempYv4048.html
[2011/02/19 19:15:52 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempLh6280.html
[2011/01/16 12:34:41 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempbi3400.html
[2011/01/16 12:34:41 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempOE3400.html
[2011/01/15 19:15:47 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempjx7732.html
[2011/01/15 19:15:47 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempGv7732.html
[2011/01/07 22:55:47 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempUc5232.html
[2011/01/06 13:32:48 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempCd2424.html
[2011/01/06 13:32:48 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempkd2424.html
[2011/01/05 20:47:45 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempyF7164.html
[2011/01/05 20:47:45 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempKo7164.html
[2011/01/04 22:23:30 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempsh4224.html
[2011/01/04 22:23:30 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempFw4224.html
[2011/01/03 21:08:20 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempqt5364.html
[2011/01/03 21:08:20 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempjA5364.html
[2011/01/02 13:30:38 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempZw1320.html
[2011/01/02 13:30:38 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempFX1320.html
[2010/10/21 22:09:01 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempgy6124.html
[2010/10/21 22:09:01 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempJe6124.html
[2010/10/17 22:26:30 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempvH7644.html
[2010/09/27 22:39:28 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Temprk5168.html
[2010/09/27 22:39:28 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempKC5168.html
[2010/09/07 11:17:40 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempFI5836.html
[2010/09/07 11:17:40 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempyx5836.html
[2010/08/27 21:21:07 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempaA1320.html
[2010/07/24 07:54:31 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempTy6784.html
[2010/07/24 07:54:31 | 000,002,089 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\TempJs6784.html
[2010/07/23 22:21:45 | 000,002,432 | ---- | C] () -- C:\Users\OLIMPIA\AppData\Local\Tempmz2104.html
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >