witam
mam system win siedem
tydzień temu gdy włączyłem komputer po naciśnięciu na ikone google chrome
ikona się zaświeciła i zgasła po czym nic się nie włączyło pomyślałem ok pewnie się coś zbugowało więc
włączyłem jeszcze raz i gdy chciałem wpisać adres strony internetowej zauważyłem że piszę z duże litery choć mam
wyłączony caps lock
a gdy nacisnąłem caps lock pisałem z małej litery ale nadal nie mogłem pisać cyfr
podczas próby naciśnięcia na jakąś podstronę włączała mi się nowe okienko z tą podstroną zamiast nowej karty
gdy próbuje zaznaczyć jedną ikonę to po jednym kliknięciu zaznacza mi się rząd chyba że mam włączony caps lock to wtedy nie
w ustawieniach okazało się że wszystkie punkty przywracania zostały usunięte a opcja ich tworzenia wyłączona czego sam nie zrobiłem ponieważ już kilka razy ich używałem
całkowity format systemu do stanu fabrycznego też nie jest możliwy ponieważ za każdym razem gdy chcę wejść w opcję przywracania systemu do stanu początkowego po włączeniu komputera to włącza się tak jakbym nic nie włączał
ściągnąłem sobie antywirusa avast i jeszcze jakiś
całkowity skan nic nie dał a wykonywałem go kilkukrotnie usunąłem wszystkie programy które mogły być tego przyczyną ale nic się nie zmieniło>
nie mogę używać przecinków a pisanie dużych liter zajęło by mi zbyt dużo czasu więc z góry przepraszam i proszę o pomoc>
pozdrawiam piotr
komputer wariuje
-
Lena
- Posty: 4554
- Rejestracja: 10 lut 2009, 19:42
- Lokalizacja: Sz-n
komputer wariuje
Czy próbowałeś podłączyć inną klawiaturę?
Raczej to wygląda na infekcję wykonaj logi zgodnie z instrukcją: bezpieczenstwo/regulamin-bezpiecze-stwa-t19001.html
Raczej to wygląda na infekcję wykonaj logi zgodnie z instrukcją: bezpieczenstwo/regulamin-bezpiecze-stwa-t19001.html
-
kominekl
- Posty: 5855
- Rejestracja: 27 lis 2011, 14:25
- Kontaktowanie:
komputer wariuje
tydzień temu gdy włączyłem komputer po naciśnięciu na ikone google chrome
ikona się zaświeciła i zgasła po czym nic się nie włączyło pomyślałem ok pewnie się coś zbugowało więc
włączyłem jeszcze raz i gdy chciałem wpisać adres strony internetowej zauważyłem że piszę z duże litery choć mam
wyłączony caps lock
a gdy nacisnąłem caps lock pisałem z małej litery ale nadal nie mogłem pisać cyfr
podczas próby naciśnięcia na jakąś podstronę włączała mi się nowe okienko z tą podstroną zamiast nowej karty
Infekcja typu PUP. Ogólnie rzecz biorąc czekamy na logi. Użytkownika proszę wysłać do Mnie. Podaj logi z OTL i Dostępne tylko dla zarejestrowanych użytkowników, poprzez hosting tekstowy Dostępne tylko dla zarejestrowanych użytkowników.
Kiedy komputery staną się twoim jedynym życiem, jedynym totemem odstraszającym klątwę nudy, wtedy prędzej czy później granica między tymi dwoma wymiarami zniknie i postacie z Błękitnej Pustki zaczną pojawiać się w Realu. Czasem są twoimi przyjaciółmi. A czasem nie.
-
piotrasd
- Posty: 2
- Rejestracja: 24 cze 2013, 21:16
komputer wariuje
nie mogę wkleić na wklej bo wyskakuje błąd brak kodu>>>
-- 24 cze 2013, 23:35 --
OTL logfile created on: 2013-06-24 22:39:05 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\KaQs\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
2,87 Gb Total Physical Memory | 0,69 Gb Available Physical Memory | 23,92% Memory free
5,73 Gb Paging File | 3,21 Gb Available in Paging File | 56,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285,33 Gb Total Space | 67,21 Gb Free Space | 23,56% Space Free | Partition Type: NTFS
Drive D: | 12,46 Gb Total Space | 1,38 Gb Free Space | 11,05% Space Free | Partition Type: NTFS
Drive E: | 99,34 Mb Total Space | 95,17 Mb Free Space | 95,81% Space Free | Partition Type: FAT32
Computer Name: KAQS-KOMPUTER | User Name: KaQs | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 60 Days
========== Processes (SafeList) ==========
PRC - [2013-06-24 22:13:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KaQs\Desktop\OTL.exe
PRC - [2013-06-20 11:47:55 | 001,226,928 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
PRC - [2013-06-20 11:47:55 | 001,015,984 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
PRC - [2013-05-09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-03-24 15:52:35 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013-03-19 15:49:40 | 001,086,816 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2013-03-06 03:21:50 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012-12-19 10:49:34 | 000,732,648 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012-12-19 10:49:12 | 000,149,480 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012-10-02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-07-13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2012-04-26 14:08:24 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012-04-26 14:08:24 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2012-04-03 20:45:36 | 002,121,216 | ---- | M] () -- C:\Program Files (x86)\screenSHU\screenSHU.exe
PRC - [2011-08-04 06:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
PRC - [2009-10-01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009-10-01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
========== Modules (No Company Name) ==========
MOD - [2013-06-20 11:47:56 | 000,158,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\SiteSafety.dll
MOD - [2013-06-15 03:28:42 | 000,393,168 | ---- | M] () -- C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
MOD - [2013-06-15 03:28:41 | 013,140,432 | ---- | M] () -- C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
MOD - [2013-06-15 03:28:40 | 004,051,408 | ---- | M] () -- C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013-06-15 03:27:51 | 000,599,504 | ---- | M] () -- C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\libglesv2.dll
MOD - [2013-06-15 03:27:50 | 000,124,368 | ---- | M] () -- C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\libegl.dll
MOD - [2013-06-15 03:27:48 | 001,597,392 | ---- | M] () -- C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2012-09-08 13:16:30 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2012-09-08 13:16:20 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2012-04-03 20:45:36 | 002,121,216 | ---- | M] () -- C:\Program Files (x86)\screenSHU\screenSHU.exe
MOD - [2012-02-02 19:26:52 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\screenSHU\libgcc_s_dw2-1.dll
MOD - [2012-02-02 19:26:52 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\screenSHU\mingwm10.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010-06-24 15:24:12 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)
SRV:64bit: - [2009-11-18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013-06-20 11:47:55 | 001,015,984 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe -- (vToolbarUpdater15.2.0)
SRV - [2013-06-11 22:58:27 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-03-06 03:21:50 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013-01-08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-12-19 10:49:34 | 000,732,648 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012-10-02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-09-27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2012-07-13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012-04-26 14:08:24 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2011-08-04 06:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe -- (NIS)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-10-01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009-10-01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-06-06 02:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009-02-22 13:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013-06-20 11:47:56 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013-06-03 14:08:22 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013-06-03 14:05:23 | 001,390,640 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013-05-09 10:59:07 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013-05-09 10:59:07 | 000,378,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013-05-09 10:59:07 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013-05-09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013-05-09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013-05-09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013-05-09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013-05-09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012-11-09 16:33:30 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2012-11-09 16:33:30 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012-11-09 16:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012-11-09 16:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012-10-17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012-09-30 13:53:02 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-03-10 22:44:11 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011-08-22 04:53:36 | 000,451,704 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symtdiv.sys -- (SYMTDIv)
DRV:64bit: - [2011-08-22 04:53:35 | 000,221,304 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011-08-04 06:19:26 | 000,593,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\cchpx64.sys -- (ccHP)
DRV:64bit: - [2011-02-22 12:17:34 | 002,736,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010-11-20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010-04-29 07:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010-04-22 04:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010-04-22 04:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2009-11-22 02:31:18 | 007,778,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009-10-30 16:56:34 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009-10-13 12:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009-09-23 03:39:00 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009-09-17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009-08-30 02:17:18 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symds64.sys -- (SymDS)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009-06-10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009-06-10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009-06-10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009-06-10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009-06-10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-04-29 09:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2012-05-05 19:11:21 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012-05-01 18:00:28 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120509.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012-04-03 01:38:04 | 001,160,824 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120507.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010-11-01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009-09-23 03:39:00 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {CA822826-7741-4087-A9E6-6E810808C9E3}
IE:64bit: - HKLM\..\SearchScopes\{CA822826-7741-4087-A9E6-6E810808C9E3}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKLM\..\SearchScopes\{CA822826-7741-4087-A9E6-6E810808C9E3}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&barid={5027AA4C-D35F-11E1-A10B-C80AA95A7E6A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników{5027AA4C-D35F-11E1-A10B-C80AA95A7E6A}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&affID=109217&tt=3612_4&babsrc=SP_ss&mntrId=d4b07b2a00000000000078e40017349f
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{75F59910-24A6-40AE-AD42-C054A898ACB9}&mid=fdddd269dd8243d6841b18282a5107fb-dd10aa03118452a7b09ea9b7afe43fc25addae2a&lang=en&ds=co011&pr=sa&d=2013-06-20 11:48:34&v=15.2.0.5&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{C06155F3-D449-44BA-9A05-84718A1F514D}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=50907D3C-09FC-4D23-8AB2-8C6D9F1452A0&apn_sauid=99CD1484-F26D-467E-8AEA-F33345D4CE55
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{CA822826-7741-4087-A9E6-6E810808C9E3}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&loc=IB_DS&a=6R8MD8d6N4&i=26
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{D705CF4C-9277-4489-85C7-CB1009C3418B}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&SearchSource=4&cc=
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&barid={5027AA4C-D35F-11E1-A10B-C80AA95A7E6A}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{SearchTerms}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\KaQs\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\KaQs\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\KaQs\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\KaQs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2013-05-08 08:37:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6 [2013-05-08 08:37:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-03-24 15:53:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-03-24 15:53:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.2.0.5 [2013-06-20 11:49:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
[2013-06-20 11:48:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KaQs\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2012-09-03 21:41:48 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\KaQs\AppData\Roaming\mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com
[2012-11-28 17:44:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KaQs\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions
[2012-11-28 17:44:57 | 000,213,316 | ---- | M] () (No name found) -- C:\Users\KaQs\AppData\Roaming\mozilla\firefox\profiles\0\extensions\torntv@torntv.com.xpi
[2012-07-31 13:59:18 | 000,221,380 | ---- | M] () (No name found) -- C:\Users\KaQs\AppData\Roaming\mozilla\firefox\profiles\extensions\gophoto@gophoto.it.xpi
[2012-03-14 20:07:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
========== Chrome ==========
CHR - default_search_provider: google.pl (Enabled)
CHR - default_search_provider: search_url = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&btnG=&oq=&gs_l=
CHR - default_search_provider: suggest_url =
CHR - homepage: Dostępne tylko dla zarejestrowanych użytkowników
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\KaQs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\KaQs\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
CHR - Extension: Sprawdzanie poczty Google = C:\Users\KaQs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Sprawdzanie poczty Google = C:\Users\KaQs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll File not found
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (GagetBox) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll File not found
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O3 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe (AVG Secure Search)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [Facebook Update] C:\Users\KaQs\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW File not found
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [OscarX7Mouse5Mode] C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe File not found
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [screenSHU] C:\Program Files (x86)\screenSHU\screenSHU.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\KaQs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8:64bit: - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} Dostępne tylko dla zarejestrowanych użytkowników (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10AEF6B1-DB5D-4CC5-8686-D97371BF3EAD}: DhcpNameServer = 192.168.1.1 0.0.0.0
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll (AVG Secure Search)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\sprote~1\sprote~1.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~2\mocaflix\sprote~1.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\notepad.exe: Debugger - C:\Users\KaQs\Desktop\Nowy folder (2)\Notepad2.exe /z File not found
O27 - HKLM IFEO\notepad.exe: Debugger - C:\Users\KaQs\Desktop\Nowy folder (2)\Notepad2.exe /z File not found
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 60 Days ==========
[2013-06-24 22:13:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\KaQs\Desktop\OTL.exe
[2013-06-24 20:03:53 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013-06-24 20:03:37 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-06-24 20:03:37 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-06-24 20:03:37 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-06-20 11:57:34 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Roaming\0D1F1S1C1P0P1C1F1N1C1T1H2UtF1E1I
[2013-06-20 11:51:02 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Local\AVG SafeGuard toolbar
[2013-06-20 11:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013-06-20 11:48:29 | 000,045,856 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013-06-20 11:48:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013-06-20 11:48:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013-06-18 18:14:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013-06-18 18:12:25 | 000,378,432 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013-06-18 18:12:25 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013-06-18 18:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013-06-18 18:12:20 | 000,072,016 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013-06-18 18:12:20 | 000,064,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013-06-18 18:12:19 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013-06-18 18:12:19 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013-06-18 18:11:57 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013-06-17 22:54:43 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Hans.Zimmer-Inception.2010.Soundtrack
[2013-06-17 22:53:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload
[2013-06-16 14:29:28 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Nowy folder (2)
[2013-06-15 10:39:41 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Roaming\ESET
[2013-06-15 10:10:34 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013-06-15 10:10:33 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013-06-12 18:40:10 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013-06-12 18:40:10 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013-06-12 18:40:09 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013-06-12 18:40:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013-06-12 18:40:09 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013-06-12 18:40:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013-06-12 18:40:09 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013-06-12 18:40:09 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013-06-12 18:40:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013-06-12 18:40:08 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013-06-12 18:40:08 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013-06-12 18:40:08 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013-06-12 18:40:07 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013-06-12 15:57:14 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013-06-12 15:57:13 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013-06-12 15:57:05 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013-06-12 15:57:05 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013-06-12 15:57:05 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013-06-12 15:57:05 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013-06-12 15:57:04 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013-06-12 15:57:04 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013-06-10 19:34:04 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Documents\Donnie Darko-720p MP4 AAC x264 DC BRRip 2001-CC
[2013-06-10 19:09:55 | 002,048,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013-06-10 19:09:55 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013-06-10 19:09:55 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2013-06-10 19:09:54 | 002,625,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013-06-10 19:09:54 | 001,215,592 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2013-06-10 19:09:54 | 000,569,960 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013-06-10 19:09:54 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2013-06-10 19:09:54 | 000,080,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2013-06-10 19:09:53 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2013-06-10 18:49:37 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Documents\Donnie Darko (2001) BRRIP lektor PL
[2013-06-09 20:20:46 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Local\Xpom
[2013-06-09 20:17:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mail.Ru
[2013-06-09 20:17:16 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Local\Mail.Ru
[2013-06-07 10:42:23 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Documents\Linkin Park - Hybrid Theory (2000)
[2013-06-04 16:56:33 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Nickelback-Silver Side Up - 2001 (320 kbps)[NWRG]Music by Cweb
[2013-06-03 16:23:03 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Tropic Thunder 2008 720p Bluray Uncut Ac3 SilverTorrentHD
[2013-06-03 14:09:44 | 000,347,680 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013-06-03 14:05:30 | 001,390,640 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys
[2013-06-03 14:05:30 | 000,400,168 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCOM.dll
[2013-06-03 14:05:30 | 000,271,144 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCtrl.dll
[2013-06-03 14:05:30 | 000,215,336 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPAPI.dll
[2013-06-03 14:05:30 | 000,214,312 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll
[2013-06-03 14:05:30 | 000,173,352 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll
[2013-06-03 14:05:30 | 000,147,752 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPCo4.dll
[2013-06-03 14:05:30 | 000,107,816 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll
[2013-06-03 13:35:37 | 000,443,040 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2013-06-03 13:35:37 | 000,429,312 | ---- | C] (Atheros) -- C:\Windows\SysWow64\wgapi.dll
[2013-06-03 13:35:37 | 000,417,000 | ---- | C] (Atheros) -- C:\Windows\SysWow64\wcapi.dll
[2013-06-03 13:35:37 | 000,339,200 | ---- | C] (Atheros) -- C:\Windows\SysWow64\wcapiU.dll
[2013-06-03 13:35:37 | 000,097,440 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysWow64\athcfg11resloc.dll
[2013-06-03 13:35:37 | 000,089,248 | ---- | C] (Atheros) -- C:\Windows\SysWow64\wgapiloc.dll
[2013-06-03 13:35:37 | 000,063,648 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvui.dll
[2013-06-03 13:35:37 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2013-06-03 13:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nn-NO
[2013-06-03 13:35:36 | 000,314,624 | ---- | C] (Atheros) -- C:\Windows\SysWow64\athcfg20U.dll
[2013-06-03 13:35:36 | 000,302,312 | ---- | C] (Atheros) -- C:\Windows\SysWow64\athcfg20.dll
[2013-06-03 13:35:36 | 000,130,312 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysWow64\athcfg20resU.dll
[2013-06-03 13:35:36 | 000,130,288 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysWow64\athcfg20res.dll
[2013-05-29 19:35:01 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Gladiator Soundtrack (Soundtrack Album 2000)
[2013-05-29 18:49:40 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Tyler Bates - 300 Original Motion Picture Soundtrack
[2013-05-29 17:50:07 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\A Fine Frenzy - One Cell In The Sea [2007]
[2013-05-28 19:11:05 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\M.O.P - Sparta [2011]
[2013-05-28 19:09:00 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\M.O.P - Sparta [2011 Album @320][TJ]
[2013-05-28 18:41:58 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Local\Spotify
[2013-05-28 18:41:21 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Roaming\Spotify
[2013-05-26 09:30:53 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Gorillaz discography from Gorillaz (2001) to The Fall (2010) MP3
[2013-05-25 16:55:33 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\vurtual
[2013-05-21 22:20:54 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Gorillaz - Plastic Beach (Deluxe Version) - 2010 320kbps mp3
[2013-05-17 23:58:03 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iMetin
[2013-05-17 23:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMetin
[2013-05-16 23:12:02 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Alex Hepburn - Together Alone 2013 Pop 320kbps CBR MP3 [VX]
[2013-05-16 21:41:22 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Casey Abrams-Casey Abrams 2012 320kbps mp3 (sizzler)
[2013-05-15 16:05:14 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013-05-15 16:05:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013-05-15 16:05:13 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013-05-15 16:05:13 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013-05-15 16:05:08 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013-05-15 16:05:08 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013-05-14 00:39:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Last.fm
[2013-05-12 15:11:27 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Kavinsky - Outrun (2013) iTunes Version
[2013-05-11 14:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013-05-11 12:05:23 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Eminem-Curtain_Call-The_Hits-2005-RNS
[2013-05-10 19:41:43 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Volbeat - Guitar Gangsters & Cadillac Blood
[2013-05-09 15:16:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Testy na prawo jazdy 2013 kat. B
[2013-05-09 15:16:12 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Roaming\KTW
[2013-05-09 15:15:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Testy na prawo jazdy 2013 kat. B
[2013-05-08 09:51:26 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Ed Sheeran - Give Me Love - Single
[2013-05-07 19:28:14 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Local\ESET
[2013-05-07 19:12:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013-05-07 19:12:51 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013-05-07 09:49:11 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\R.E.M. - Greatest Hits 2CDRip 1982 - 2003 [Bubanee]
[2013-05-07 09:37:50 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Ed Sheeran - + (Plus) [iTunes Deluxe Edition @320kbps] [PR!M3]
[2013-05-07 01:23:56 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013-05-07 01:23:56 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013-05-07 01:23:56 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013-05-07 01:23:56 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013-05-07 01:23:56 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013-05-07 01:23:56 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013-05-07 01:23:56 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013-05-07 01:23:56 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013-05-07 01:23:56 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013-05-07 01:23:56 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013-05-07 01:23:56 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013-05-07 01:23:56 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013-05-07 01:23:56 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013-05-07 01:23:56 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013-05-07 01:23:56 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013-05-07 01:23:55 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013-05-07 01:23:55 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013-05-07 01:23:55 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013-05-07 01:23:55 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013-05-07 01:23:55 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013-05-07 01:23:55 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013-05-07 01:23:55 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013-05-07 01:23:55 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013-05-07 01:23:55 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013-05-07 01:23:55 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013-05-07 01:23:55 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013-05-07 01:23:55 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013-05-07 01:23:55 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013-05-07 01:23:55 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013-05-07 01:23:55 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013-05-07 01:23:55 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013-05-07 01:23:55 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013-05-07 01:23:55 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013-05-07 01:23:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013-05-07 01:23:55 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013-05-07 01:23:55 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013-05-07 01:23:55 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013-05-07 01:23:55 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013-05-07 01:23:55 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013-05-07 01:23:55 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013-05-07 01:23:55 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013-05-07 01:23:55 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013-05-07 01:23:55 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013-05-07 01:23:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013-05-07 01:23:55 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013-05-07 01:23:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013-05-07 01:23:55 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013-05-07 01:23:55 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013-05-07 01:23:55 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013-05-07 01:23:55 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013-05-07 01:23:55 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013-05-07 01:23:55 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013-05-07 01:23:55 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013-05-07 01:22:31 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013-05-07 01:22:31 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013-05-07 01:22:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013-05-07 01:22:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013-05-07 01:22:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013-05-07 01:22:30 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013-05-07 01:22:30 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013-05-07 01:22:30 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013-05-07 01:22:30 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013-05-07 01:22:30 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013-05-07 01:22:30 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013-05-07 01:22:30 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013-05-07 01:22:30 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013-05-07 01:22:30 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013-05-07 01:22:30 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013-05-07 01:22:30 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013-05-07 01:22:30 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013-05-07 01:22:30 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013-05-07 01:22:30 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013-05-07 01:22:30 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013-05-07 01:22:30 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013-05-07 01:22:30 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013-05-07 01:22:30 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013-05-07 01:22:30 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013-05-07 01:22:30 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013-05-07 01:22:30 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013-05-07 01:22:30 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013-05-07 01:22:30 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013-05-07 01:22:30 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013-05-07 01:22:30 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013-05-07 01:22:30 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013-05-07 01:22:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013-05-07 01:22:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013-05-07 01:22:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013-05-07 01:22:30 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013-05-05 19:41:28 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Nowy folder
[2013-05-02 10:37:56 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\obrazzz
[2013-05-02 10:36:06 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Michael Buble - To Be Loved (2013)(Mp3@320Kbps)-TBS
[2013-05-01 14:00:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iMetin
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 60 Days ==========
[2013-06-24 22:39:19 | 005,767,168 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat
[2013-06-24 22:13:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KaQs\Desktop\OTL.exe
[2013-06-24 22:13:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-06-24 22:11:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4006521317-3179385241-4113696803-1000UA.job
[2013-06-24 21:58:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-06-24 21:09:04 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-06-24 21:09:04 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-06-24 21:05:32 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_KaQs.job
[2013-06-24 21:02:56 | 000,000,362 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_KaQs.job
[2013-06-24 21:02:44 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_KaQs.job
[2013-06-24 21:00:11 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-06-24 21:00:11 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
[2013-06-24 20:59:46 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2013-06-24 20:59:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-06-24 20:59:26 | 2307,280,896 | -HS- | M] () -- C:\hiberfil.sys
[2013-06-24 20:10:46 | 001,978,161 | -H-- | M] () -- C:\Users\KaQs\AppData\Local\IconCache.db
[2013-06-24 20:03:30 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-06-24 20:03:27 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013-06-24 20:03:27 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-06-24 20:03:26 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-06-24 20:03:25 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013-06-24 20:03:25 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013-06-24 20:00:57 | 002,555,928 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\Cat.DB
[2013-06-22 00:29:58 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{84bb6719-dab2-11e2-a4ea-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-06-22 00:29:58 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{84bb6719-dab2-11e2-a4ea-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-06-22 00:29:58 | 000,065,536 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{84bb6719-dab2-11e2-a4ea-c80aa95a7e6a}.TM.blf
[2013-06-21 23:43:04 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4006521317-3179385241-4113696803-1000UA.job
[2013-06-21 22:51:50 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-06-21 22:51:46 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013-06-21 19:38:56 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{8454a926-da7d-11e2-b365-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-06-21 19:38:56 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{8454a926-da7d-11e2-b365-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-06-21 19:38:56 | 000,065,536 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{8454a926-da7d-11e2-b365-c80aa95a7e6a}.TM.blf
[2013-06-20 11:47:56 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013-06-20 11:44:26 | 000,274,057 | ---- | M] () -- C:\Users\KaQs\Desktop\bookmarks_20.06.2013.html
[2013-06-18 19:00:00 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2013-06-17 22:54:43 | 000,000,119 | ---- | M] () -- C:\Users\KaQs\Documents\1Click.cfg
[2013-06-17 10:11:02 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4006521317-3179385241-4113696803-1000Core.job
[2013-06-16 20:43:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4006521317-3179385241-4113696803-1000Core.job
[2013-06-15 16:26:12 | 005,692,191 | ---- | M] () -- C:\Users\KaQs\Desktop\Wideo134.mp4
[2013-06-11 22:58:26 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-06-11 22:58:26 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013-06-11 13:05:05 | 007,230,644 | ---- | M] () -- C:\Users\KaQs\Desktop\March.mp3
[2013-06-10 23:04:41 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForKaQs.job
[2013-06-10 19:26:59 | 000,117,158 | ---- | M] () -- C:\Users\KaQs\Desktop\IMG20130607_018.jpg
[2013-06-10 19:08:55 | 002,048,104 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013-06-10 19:08:55 | 001,146,984 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013-06-10 19:08:54 | 000,332,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2013-06-10 19:08:54 | 000,149,608 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2013-06-10 19:08:53 | 002,625,640 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013-06-10 19:08:53 | 001,215,592 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2013-06-10 19:08:53 | 000,569,960 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013-06-10 19:08:53 | 000,080,488 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2013-06-10 19:08:50 | 000,200,800 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2013-06-10 19:08:48 | 001,251,944 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013-06-10 19:08:48 | 000,000,712 | ---- | M] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat
[2013-06-10 19:08:48 | 000,000,176 | ---- | M] () -- C:\Windows\SysNative\drivers\RTHDAEQ0.dat
[2013-06-10 19:07:03 | 000,151,298 | ---- | M] () -- C:\Users\KaQs\Desktop\IMG20130607_011.jpg
[2013-06-10 00:15:54 | 009,230,659 | ---- | M] () -- C:\Users\KaQs\Documents\Jessica Sutta - Show Me.mp3
[2013-06-09 17:42:03 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-06-09 17:42:03 | 000,697,912 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013-06-09 17:42:03 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-06-09 17:42:03 | 000,134,990 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013-06-09 17:42:03 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-06-08 16:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013-06-08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013-06-03 14:08:22 | 000,347,680 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013-06-03 14:08:22 | 000,107,552 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2013-06-03 14:08:22 | 000,074,272 | ---- | M] () -- C:\Windows\SysNative\RtNicProp64.dll
[2013-06-03 14:05:23 | 001,390,640 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys
[2013-06-03 14:05:23 | 000,400,168 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCOM.dll
[2013-06-03 14:05:23 | 000,271,144 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCtrl.dll
[2013-06-03 14:05:23 | 000,215,336 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPAPI.dll
[2013-06-03 14:05:23 | 000,214,312 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll
[2013-06-03 14:05:23 | 000,173,352 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll
[2013-06-03 14:05:23 | 000,147,752 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPCo4.dll
[2013-06-03 14:05:23 | 000,107,816 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll
[2013-05-28 18:41:57 | 000,001,805 | ---- | M] () -- C:\Users\KaQs\Desktop\Spotify.lnk
[2013-05-25 01:46:19 | 000,065,536 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{df381a7f-c45b-11e2-b0e5-c80aa95a7e6a}.TM.blf
[2013-05-25 01:46:18 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{df381a7f-c45b-11e2-b0e5-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-05-25 01:46:18 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{df381a7f-c45b-11e2-b0e5-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-05-24 15:34:08 | 002,529,502 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\Cat(15).DB
[2013-05-17 23:58:03 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\iMetin.lnk
[2013-05-17 23:55:17 | 000,000,562 | ---- | M] () -- C:\Users\KaQs\AppData\Roaming\wklnhst.dat
[2013-05-17 03:25:27 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013-05-17 03:25:26 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013-05-17 03:25:26 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013-05-17 03:25:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013-05-17 02:59:12 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013-05-17 02:58:20 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013-05-17 02:58:10 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013-05-17 02:58:10 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013-05-17 02:58:08 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013-05-17 02:58:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013-05-17 02:58:08 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013-05-16 13:05:31 | 000,358,080 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-05-14 14:23:25 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013-05-14 10:40:13 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013-05-13 07:51:00 | 001,464,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013-05-13 07:51:00 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013-05-13 07:50:40 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013-05-13 05:43:55 | 001,192,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013-05-13 05:08:10 | 000,903,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013-05-13 05:08:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013-05-12 15:42:40 | 007,159,415 | ---- | M] () -- C:\Users\KaQs\Desktop\akon_-_sorry_blame_it_on_me_(zaycev.net).mp3
[2013-05-11 14:44:20 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013-05-09 15:16:12 | 000,001,191 | ---- | M] () -- C:\Users\Public\Desktop\Testy na prawo jazdy 2013 kat. B.lnk
[2013-05-09 10:59:07 | 001,025,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013-05-09 10:59:07 | 000,378,432 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013-05-09 10:59:07 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013-05-09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013-05-09 10:59:07 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013-05-09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013-05-09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013-05-09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013-05-09 10:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013-05-09 10:58:11 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013-05-08 12:32:03 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{8820ba1a-b7b2-11e2-bc95-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-05-08 12:32:03 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{8820ba1a-b7b2-11e2-bc95-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-05-08 12:32:03 | 000,065,536 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{8820ba1a-b7b2-11e2-bc95-c80aa95a7e6a}.TM.blf
[2013-05-07 01:23:56 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013-05-07 01:23:56 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013-05-07 01:23:56 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013-05-07 01:23:56 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013-05-07 01:23:56 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013-05-07 01:23:56 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013-05-07 01:23:56 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013-05-07 01:23:56 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013-05-07 01:23:56 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013-05-07 01:23:56 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013-05-07 01:23:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013-05-07 01:23:56 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013-05-07 01:23:56 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013-05-07 01:23:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013-05-07 01:23:56 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013-05-07 01:23:55 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013-05-07 01:23:55 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013-05-07 01:23:55 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013-05-07 01:23:55 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013-05-07 01:23:55 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013-05-07 01:23:55 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013-05-07 01:23:55 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013-05-07 01:23:55 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013-05-07 01:23:55 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013-05-07 01:23:55 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013-05-07 01:23:55 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013-05-07 01:23:55 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013-05-07 01:23:55 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013-05-07 01:23:55 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013-05-07 01:23:55 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013-05-07 01:23:55 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013-05-07 01:23:55 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013-05-07 01:23:55 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013-05-07 01:23:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013-05-07 01:23:55 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013-05-07 01:23:55 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013-05-07 01:23:55 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013-05-07 01:23:55 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013-05-07 01:23:55 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013-05-07 01:23:55 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013-05-07 01:23:55 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013-05-07 01:23:55 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013-05-07 01:23:55 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013-05-07 01:23:55 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013-05-07 01:23:55 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013-05-07 01:23:55 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013-05-07 01:23:55 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013-05-07 01:23:55 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013-05-07 01:23:55 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013-05-07 01:23:55 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013-05-07 01:23:55 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013-05-07 01:23:55 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013-05-07 01:23:55 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013-05-07 01:23:55 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013-05-07 01:23:55 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013-05-07 01:22:31 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013-05-07 01:22:31 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013-05-07 01:22:31 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013-05-07 01:22:31 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013-05-07 01:22:31 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013-05-07 01:22:31 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013-05-07 01:22:30 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013-05-07 01:22:30 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013-05-07 01:22:30 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013-05-07 01:22:30 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013-05-07 01:22:30 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013-05-07 01:22:30 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013-05-07 01:22:30 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013-05-07 01:22:30 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013-05-07 01:22:30 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013-05-07 01:22:30 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013-05-07 01:22:30 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013-05-07 01:22:30 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013-05-07 01:22:30 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013-05-07 01:22:30 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013-05-07 01:22:30 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013-05-07 01:22:30 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013-05-07 01:22:30 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013-05-07 01:22:30 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013-05-07 01:22:30 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013-05-07 01:22:30 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013-05-07 01:22:30 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013-05-07 01:22:30 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013-05-07 01:22:30 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013-05-07 01:22:30 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013-05-07 01:22:30 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013-05-07 01:22:30 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013-05-07 01:22:30 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013-05-07 01:22:30 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013-05-07 01:22:30 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013-05-07 01:22:30 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013-04-26 07:51:36 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013-04-26 06:55:21 | 000,492,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013-06-24 21:02:37 | 000,000,372 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_KaQs.job
[2013-06-24 21:02:22 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_KaQs.job
[2013-06-24 21:00:23 | 000,000,362 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_KaQs.job
[2013-06-21 23:02:07 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{84bb6719-dab2-11e2-a4ea-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-06-21 23:02:07 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{84bb6719-dab2-11e2-a4ea-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-06-21 23:02:07 | 000,065,536 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{84bb6719-dab2-11e2-a4ea-c80aa95a7e6a}.TM.blf
[2013-06-21 16:32:15 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{8454a926-da7d-11e2-b365-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-06-21 16:32:15 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{8454a926-da7d-11e2-b365-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-06-21 16:32:15 | 000,065,536 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{8454a926-da7d-11e2-b365-c80aa95a7e6a}.TM.blf
[2013-06-20 11:44:26 | 000,274,057 | ---- | C] () -- C:\Users\KaQs\Desktop\bookmarks_20.06.2013.html
[2013-06-18 18:12:25 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-06-18 18:12:19 | 000,189,936 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013-06-18 18:12:19 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013-06-15 23:20:14 | 005,692,191 | ---- | C] () -- C:\Users\KaQs\Desktop\Wideo134.mp4
[2013-06-11 13:04:50 | 007,230,644 | ---- | C] () -- C:\Users\KaQs\Desktop\March.mp3
[2013-06-10 19:26:59 | 000,117,158 | ---- | C] () -- C:\Users\KaQs\Desktop\IMG20130607_018.jpg
[2013-06-10 19:10:02 | 000,000,176 | ---- | C] () -- C:\Windows\SysNative\drivers\RTHDAEQ0.dat
[2013-06-10 19:07:03 | 000,151,298 | ---- | C] () -- C:\Users\KaQs\Desktop\IMG20130607_011.jpg
[2013-06-09 20:22:47 | 009,230,659 | ---- | C] () -- C:\Users\KaQs\Documents\Jessica Sutta - Show Me.mp3
[2013-06-09 20:15:47 | 011,618,423 | ---- | C] () -- C:\Users\KaQs\Desktop\movetown_-_girl_you_know_it_s_true_zaycev_net.mp3
[2013-06-03 14:09:44 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2013-05-28 18:41:57 | 000,001,805 | ---- | C] () -- C:\Users\KaQs\Desktop\Spotify.lnk
[2013-05-28 18:41:57 | 000,001,791 | ---- | C] () -- C:\Users\KaQs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2013-05-24 15:47:06 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{df381a7f-c45b-11e2-b0e5-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-05-24 15:47:06 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{df381a7f-c45b-11e2-b0e5-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-05-24 15:47:06 | 000,065,536 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{df381a7f-c45b-11e2-b0e5-c80aa95a7e6a}.TM.blf
[2013-05-17 23:58:03 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\iMetin.lnk
[2013-05-12 15:41:43 | 007,159,415 | ---- | C] () -- C:\Users\KaQs\Desktop\akon_-_sorry_blame_it_on_me_(zaycev.net).mp3
[2013-05-11 14:44:20 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013-05-09 15:16:12 | 000,001,191 | ---- | C] () -- C:\Users\Public\Desktop\Testy na prawo jazdy 2013 kat. B.lnk
[2013-05-08 09:40:47 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{8820ba1a-b7b2-11e2-bc95-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-05-08 09:40:47 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{8820ba1a-b7b2-11e2-bc95-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-05-08 09:40:47 | 000,065,536 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{8820ba1a-b7b2-11e2-bc95-c80aa95a7e6a}.TM.blf
[2013-05-07 01:23:55 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013-05-07 01:23:55 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013-04-27 16:54:41 | 001,978,161 | -H-- | C] () -- C:\Users\KaQs\AppData\Local\IconCache.db
[2013-02-15 23:52:46 | 000,000,268 | RH-- | C] () -- C:\ProgramData\ColorSync
[2013-02-15 23:52:46 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Cocoa
[2013-02-15 23:52:46 | 000,000,268 | RH-- | C] () -- C:\Users\KaQs\AppData\Roaming\Classical
[2013-02-15 23:52:46 | 000,000,268 | RH-- | C] () -- C:\Users\KaQs\AppData\Roaming\Classic Thick
[2013-02-15 23:52:46 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2013-02-15 23:52:46 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2013-02-15 23:52:45 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Clips
[2013-02-15 23:52:45 | 000,000,268 | RH-- | C] () -- C:\Users\KaQs\AppData\Roaming\Chorus
[2013-02-15 23:52:45 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2013-01-30 21:51:51 | 000,000,218 | ---- | C] () -- C:\Users\KaQs\.recently-used.xbel
[2012-12-16 17:40:03 | 000,000,562 | ---- | C] () -- C:\Users\KaQs\AppData\Roaming\wklnhst.dat
[2012-05-28 18:54:40 | 000,000,293 | ---- | C] () -- C:\Windows\game.ini
[2012-05-05 12:12:54 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{c9a98ebb-969a-11e1-9c4d-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2012-05-05 12:12:54 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{c9a98ebb-969a-11e1-9c4d-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2012-05-05 12:12:54 | 000,065,536 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{c9a98ebb-969a-11e1-9c4d-c80aa95a7e6a}.TM.blf
[2012-04-07 14:07:44 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{21513f39-8090-11e1-9518-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2012-04-07 14:07:44 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{21513f39-8090-11e1-9518-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2012-04-07 14:07:44 | 000,065,536 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{21513f39-8090-11e1-9518-c80aa95a7e6a}.TM.blf
[2012-04-07 13:46:56 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2012-03-10 22:30:49 | 000,085,280 | ---- | C] () -- C:\Users\KaQs\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-03-10 22:28:09 | 000,000,020 | -HS- | C] () -- C:\Users\KaQs\ntuser.ini
[2012-03-10 22:28:08 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012-03-10 22:28:08 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012-03-10 22:28:07 | 005,767,168 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat
[2012-03-10 22:28:07 | 000,065,536 | -HS- | C] () -- C:\Users\KaQs\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
========== ZeroAccess Check ==========
[2012-04-07 19:20:45 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-02-27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013-06-20 11:57:34 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\0D1F1S1C1P0P1C1F1N1C1T1H2UtF1E1I
[2013-06-05 00:36:52 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\AIMP3
[2012-09-03 21:41:51 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Babylon
[2012-09-30 14:00:36 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\DAEMON Tools Lite
[2013-01-30 21:44:40 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\DT
[2013-06-15 10:39:41 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\ESET
[2012-12-03 11:15:02 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\ExpressFiles
[2012-03-11 17:54:42 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Gadu-Gadu 10
[2013-05-09 15:16:12 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\KTW
[2012-08-05 12:06:23 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Mumble
[2012-03-11 22:56:37 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\OpenFM
[2012-08-12 15:21:44 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\PC Suite
[2012-07-14 19:01:02 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Registry Mechanic
[2012-12-27 20:14:50 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\RoboForm
[2013-06-18 16:20:08 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Spotify
[2012-12-16 17:40:05 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Template
[2012-04-07 14:07:52 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Tific
[2013-05-15 16:45:14 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\TS3Client
[2012-04-23 18:12:01 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Unity
[2012-03-10 22:49:45 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\WildTangent
[2013-04-14 21:23:58 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\WinBatch
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:D1B5B4F1
< End of report >
-- 24 cze 2013, 23:35 --
OTL logfile created on: 2013-06-24 22:39:05 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\KaQs\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
2,87 Gb Total Physical Memory | 0,69 Gb Available Physical Memory | 23,92% Memory free
5,73 Gb Paging File | 3,21 Gb Available in Paging File | 56,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285,33 Gb Total Space | 67,21 Gb Free Space | 23,56% Space Free | Partition Type: NTFS
Drive D: | 12,46 Gb Total Space | 1,38 Gb Free Space | 11,05% Space Free | Partition Type: NTFS
Drive E: | 99,34 Mb Total Space | 95,17 Mb Free Space | 95,81% Space Free | Partition Type: FAT32
Computer Name: KAQS-KOMPUTER | User Name: KaQs | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 60 Days
========== Processes (SafeList) ==========
PRC - [2013-06-24 22:13:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KaQs\Desktop\OTL.exe
PRC - [2013-06-20 11:47:55 | 001,226,928 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
PRC - [2013-06-20 11:47:55 | 001,015,984 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
PRC - [2013-05-09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-03-24 15:52:35 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013-03-19 15:49:40 | 001,086,816 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2013-03-06 03:21:50 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012-12-19 10:49:34 | 000,732,648 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012-12-19 10:49:12 | 000,149,480 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012-10-02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-07-13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2012-04-26 14:08:24 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012-04-26 14:08:24 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2012-04-03 20:45:36 | 002,121,216 | ---- | M] () -- C:\Program Files (x86)\screenSHU\screenSHU.exe
PRC - [2011-08-04 06:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
PRC - [2009-10-01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009-10-01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
========== Modules (No Company Name) ==========
MOD - [2013-06-20 11:47:56 | 000,158,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\SiteSafety.dll
MOD - [2013-06-15 03:28:42 | 000,393,168 | ---- | M] () -- C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
MOD - [2013-06-15 03:28:41 | 013,140,432 | ---- | M] () -- C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
MOD - [2013-06-15 03:28:40 | 004,051,408 | ---- | M] () -- C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013-06-15 03:27:51 | 000,599,504 | ---- | M] () -- C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\libglesv2.dll
MOD - [2013-06-15 03:27:50 | 000,124,368 | ---- | M] () -- C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\libegl.dll
MOD - [2013-06-15 03:27:48 | 001,597,392 | ---- | M] () -- C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2012-09-08 13:16:30 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2012-09-08 13:16:20 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2012-04-03 20:45:36 | 002,121,216 | ---- | M] () -- C:\Program Files (x86)\screenSHU\screenSHU.exe
MOD - [2012-02-02 19:26:52 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\screenSHU\libgcc_s_dw2-1.dll
MOD - [2012-02-02 19:26:52 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\screenSHU\mingwm10.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010-06-24 15:24:12 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)
SRV:64bit: - [2009-11-18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013-06-20 11:47:55 | 001,015,984 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe -- (vToolbarUpdater15.2.0)
SRV - [2013-06-11 22:58:27 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-03-06 03:21:50 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013-01-08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-12-19 10:49:34 | 000,732,648 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012-10-02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-09-27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2012-07-13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012-04-26 14:08:24 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2011-08-04 06:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe -- (NIS)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-10-01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009-10-01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-06-06 02:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009-02-22 13:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013-06-20 11:47:56 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013-06-03 14:08:22 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013-06-03 14:05:23 | 001,390,640 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013-05-09 10:59:07 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013-05-09 10:59:07 | 000,378,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013-05-09 10:59:07 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013-05-09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013-05-09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013-05-09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013-05-09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013-05-09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012-11-09 16:33:30 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2012-11-09 16:33:30 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012-11-09 16:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012-11-09 16:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012-10-17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012-09-30 13:53:02 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-03-10 22:44:11 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011-08-22 04:53:36 | 000,451,704 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symtdiv.sys -- (SYMTDIv)
DRV:64bit: - [2011-08-22 04:53:35 | 000,221,304 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011-08-04 06:19:26 | 000,593,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\cchpx64.sys -- (ccHP)
DRV:64bit: - [2011-02-22 12:17:34 | 002,736,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010-11-20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010-04-29 07:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010-04-22 04:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010-04-22 04:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2009-11-22 02:31:18 | 007,778,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009-10-30 16:56:34 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009-10-13 12:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009-09-23 03:39:00 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009-09-17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009-08-30 02:17:18 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symds64.sys -- (SymDS)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009-06-10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009-06-10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009-06-10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009-06-10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009-06-10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-04-29 09:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2012-05-05 19:11:21 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012-05-01 18:00:28 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120509.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012-04-03 01:38:04 | 001,160,824 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120507.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010-11-01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009-09-23 03:39:00 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {CA822826-7741-4087-A9E6-6E810808C9E3}
IE:64bit: - HKLM\..\SearchScopes\{CA822826-7741-4087-A9E6-6E810808C9E3}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKLM\..\SearchScopes\{CA822826-7741-4087-A9E6-6E810808C9E3}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&barid={5027AA4C-D35F-11E1-A10B-C80AA95A7E6A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników{5027AA4C-D35F-11E1-A10B-C80AA95A7E6A}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&affID=109217&tt=3612_4&babsrc=SP_ss&mntrId=d4b07b2a00000000000078e40017349f
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{75F59910-24A6-40AE-AD42-C054A898ACB9}&mid=fdddd269dd8243d6841b18282a5107fb-dd10aa03118452a7b09ea9b7afe43fc25addae2a&lang=en&ds=co011&pr=sa&d=2013-06-20 11:48:34&v=15.2.0.5&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{C06155F3-D449-44BA-9A05-84718A1F514D}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=50907D3C-09FC-4D23-8AB2-8C6D9F1452A0&apn_sauid=99CD1484-F26D-467E-8AEA-F33345D4CE55
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{CA822826-7741-4087-A9E6-6E810808C9E3}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&loc=IB_DS&a=6R8MD8d6N4&i=26
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{D705CF4C-9277-4489-85C7-CB1009C3418B}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&SearchSource=4&cc=
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&barid={5027AA4C-D35F-11E1-A10B-C80AA95A7E6A}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{SearchTerms}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\KaQs\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\KaQs\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\KaQs\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\KaQs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2013-05-08 08:37:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6 [2013-05-08 08:37:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-03-24 15:53:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-03-24 15:53:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.2.0.5 [2013-06-20 11:49:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
[2013-06-20 11:48:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KaQs\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2012-09-03 21:41:48 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\KaQs\AppData\Roaming\mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com
[2012-11-28 17:44:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KaQs\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions
[2012-11-28 17:44:57 | 000,213,316 | ---- | M] () (No name found) -- C:\Users\KaQs\AppData\Roaming\mozilla\firefox\profiles\0\extensions\torntv@torntv.com.xpi
[2012-07-31 13:59:18 | 000,221,380 | ---- | M] () (No name found) -- C:\Users\KaQs\AppData\Roaming\mozilla\firefox\profiles\extensions\gophoto@gophoto.it.xpi
[2012-03-14 20:07:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
========== Chrome ==========
CHR - default_search_provider: google.pl (Enabled)
CHR - default_search_provider: search_url = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&btnG=&oq=&gs_l=
CHR - default_search_provider: suggest_url =
CHR - homepage: Dostępne tylko dla zarejestrowanych użytkowników
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\KaQs\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\KaQs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\KaQs\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
CHR - Extension: Sprawdzanie poczty Google = C:\Users\KaQs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Sprawdzanie poczty Google = C:\Users\KaQs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll File not found
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (GagetBox) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll File not found
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O3 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe (AVG Secure Search)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [Facebook Update] C:\Users\KaQs\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW File not found
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [OscarX7Mouse5Mode] C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe File not found
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [screenSHU] C:\Program Files (x86)\screenSHU\screenSHU.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\KaQs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8:64bit: - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} Dostępne tylko dla zarejestrowanych użytkowników (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10AEF6B1-DB5D-4CC5-8686-D97371BF3EAD}: DhcpNameServer = 192.168.1.1 0.0.0.0
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll (AVG Secure Search)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\sprote~1\sprote~1.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~2\mocaflix\sprote~1.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\notepad.exe: Debugger - C:\Users\KaQs\Desktop\Nowy folder (2)\Notepad2.exe /z File not found
O27 - HKLM IFEO\notepad.exe: Debugger - C:\Users\KaQs\Desktop\Nowy folder (2)\Notepad2.exe /z File not found
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 60 Days ==========
[2013-06-24 22:13:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\KaQs\Desktop\OTL.exe
[2013-06-24 20:03:53 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013-06-24 20:03:37 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-06-24 20:03:37 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-06-24 20:03:37 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-06-20 11:57:34 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Roaming\0D1F1S1C1P0P1C1F1N1C1T1H2UtF1E1I
[2013-06-20 11:51:02 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Local\AVG SafeGuard toolbar
[2013-06-20 11:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013-06-20 11:48:29 | 000,045,856 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013-06-20 11:48:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013-06-20 11:48:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013-06-18 18:14:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013-06-18 18:12:25 | 000,378,432 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013-06-18 18:12:25 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013-06-18 18:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013-06-18 18:12:20 | 000,072,016 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013-06-18 18:12:20 | 000,064,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013-06-18 18:12:19 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013-06-18 18:12:19 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013-06-18 18:11:57 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013-06-17 22:54:43 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Hans.Zimmer-Inception.2010.Soundtrack
[2013-06-17 22:53:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload
[2013-06-16 14:29:28 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Nowy folder (2)
[2013-06-15 10:39:41 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Roaming\ESET
[2013-06-15 10:10:34 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013-06-15 10:10:33 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013-06-12 18:40:10 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013-06-12 18:40:10 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013-06-12 18:40:09 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013-06-12 18:40:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013-06-12 18:40:09 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013-06-12 18:40:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013-06-12 18:40:09 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013-06-12 18:40:09 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013-06-12 18:40:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013-06-12 18:40:08 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013-06-12 18:40:08 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013-06-12 18:40:08 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013-06-12 18:40:07 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013-06-12 15:57:14 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013-06-12 15:57:13 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013-06-12 15:57:05 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013-06-12 15:57:05 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013-06-12 15:57:05 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013-06-12 15:57:05 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013-06-12 15:57:04 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013-06-12 15:57:04 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013-06-10 19:34:04 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Documents\Donnie Darko-720p MP4 AAC x264 DC BRRip 2001-CC
[2013-06-10 19:09:55 | 002,048,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013-06-10 19:09:55 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013-06-10 19:09:55 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2013-06-10 19:09:54 | 002,625,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013-06-10 19:09:54 | 001,215,592 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2013-06-10 19:09:54 | 000,569,960 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013-06-10 19:09:54 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2013-06-10 19:09:54 | 000,080,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2013-06-10 19:09:53 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2013-06-10 18:49:37 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Documents\Donnie Darko (2001) BRRIP lektor PL
[2013-06-09 20:20:46 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Local\Xpom
[2013-06-09 20:17:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mail.Ru
[2013-06-09 20:17:16 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Local\Mail.Ru
[2013-06-07 10:42:23 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Documents\Linkin Park - Hybrid Theory (2000)
[2013-06-04 16:56:33 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Nickelback-Silver Side Up - 2001 (320 kbps)[NWRG]Music by Cweb
[2013-06-03 16:23:03 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Tropic Thunder 2008 720p Bluray Uncut Ac3 SilverTorrentHD
[2013-06-03 14:09:44 | 000,347,680 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013-06-03 14:05:30 | 001,390,640 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys
[2013-06-03 14:05:30 | 000,400,168 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCOM.dll
[2013-06-03 14:05:30 | 000,271,144 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCtrl.dll
[2013-06-03 14:05:30 | 000,215,336 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPAPI.dll
[2013-06-03 14:05:30 | 000,214,312 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll
[2013-06-03 14:05:30 | 000,173,352 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll
[2013-06-03 14:05:30 | 000,147,752 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPCo4.dll
[2013-06-03 14:05:30 | 000,107,816 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll
[2013-06-03 13:35:37 | 000,443,040 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2013-06-03 13:35:37 | 000,429,312 | ---- | C] (Atheros) -- C:\Windows\SysWow64\wgapi.dll
[2013-06-03 13:35:37 | 000,417,000 | ---- | C] (Atheros) -- C:\Windows\SysWow64\wcapi.dll
[2013-06-03 13:35:37 | 000,339,200 | ---- | C] (Atheros) -- C:\Windows\SysWow64\wcapiU.dll
[2013-06-03 13:35:37 | 000,097,440 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysWow64\athcfg11resloc.dll
[2013-06-03 13:35:37 | 000,089,248 | ---- | C] (Atheros) -- C:\Windows\SysWow64\wgapiloc.dll
[2013-06-03 13:35:37 | 000,063,648 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvui.dll
[2013-06-03 13:35:37 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2013-06-03 13:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nn-NO
[2013-06-03 13:35:36 | 000,314,624 | ---- | C] (Atheros) -- C:\Windows\SysWow64\athcfg20U.dll
[2013-06-03 13:35:36 | 000,302,312 | ---- | C] (Atheros) -- C:\Windows\SysWow64\athcfg20.dll
[2013-06-03 13:35:36 | 000,130,312 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysWow64\athcfg20resU.dll
[2013-06-03 13:35:36 | 000,130,288 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysWow64\athcfg20res.dll
[2013-05-29 19:35:01 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Gladiator Soundtrack (Soundtrack Album 2000)
[2013-05-29 18:49:40 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Tyler Bates - 300 Original Motion Picture Soundtrack
[2013-05-29 17:50:07 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\A Fine Frenzy - One Cell In The Sea [2007]
[2013-05-28 19:11:05 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\M.O.P - Sparta [2011]
[2013-05-28 19:09:00 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\M.O.P - Sparta [2011 Album @320][TJ]
[2013-05-28 18:41:58 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Local\Spotify
[2013-05-28 18:41:21 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Roaming\Spotify
[2013-05-26 09:30:53 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Gorillaz discography from Gorillaz (2001) to The Fall (2010) MP3
[2013-05-25 16:55:33 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\vurtual
[2013-05-21 22:20:54 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Gorillaz - Plastic Beach (Deluxe Version) - 2010 320kbps mp3
[2013-05-17 23:58:03 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iMetin
[2013-05-17 23:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMetin
[2013-05-16 23:12:02 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Alex Hepburn - Together Alone 2013 Pop 320kbps CBR MP3 [VX]
[2013-05-16 21:41:22 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Casey Abrams-Casey Abrams 2012 320kbps mp3 (sizzler)
[2013-05-15 16:05:14 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013-05-15 16:05:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013-05-15 16:05:13 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013-05-15 16:05:13 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013-05-15 16:05:08 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013-05-15 16:05:08 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013-05-14 00:39:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Last.fm
[2013-05-12 15:11:27 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Kavinsky - Outrun (2013) iTunes Version
[2013-05-11 14:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013-05-11 12:05:23 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Eminem-Curtain_Call-The_Hits-2005-RNS
[2013-05-10 19:41:43 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Volbeat - Guitar Gangsters & Cadillac Blood
[2013-05-09 15:16:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Testy na prawo jazdy 2013 kat. B
[2013-05-09 15:16:12 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Roaming\KTW
[2013-05-09 15:15:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Testy na prawo jazdy 2013 kat. B
[2013-05-08 09:51:26 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Ed Sheeran - Give Me Love - Single
[2013-05-07 19:28:14 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Local\ESET
[2013-05-07 19:12:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013-05-07 19:12:51 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013-05-07 09:49:11 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\R.E.M. - Greatest Hits 2CDRip 1982 - 2003 [Bubanee]
[2013-05-07 09:37:50 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Ed Sheeran - + (Plus) [iTunes Deluxe Edition @320kbps] [PR!M3]
[2013-05-07 01:23:56 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013-05-07 01:23:56 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013-05-07 01:23:56 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013-05-07 01:23:56 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013-05-07 01:23:56 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013-05-07 01:23:56 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013-05-07 01:23:56 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013-05-07 01:23:56 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013-05-07 01:23:56 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013-05-07 01:23:56 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013-05-07 01:23:56 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013-05-07 01:23:56 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013-05-07 01:23:56 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013-05-07 01:23:56 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013-05-07 01:23:56 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013-05-07 01:23:55 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013-05-07 01:23:55 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013-05-07 01:23:55 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013-05-07 01:23:55 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013-05-07 01:23:55 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013-05-07 01:23:55 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013-05-07 01:23:55 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013-05-07 01:23:55 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013-05-07 01:23:55 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013-05-07 01:23:55 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013-05-07 01:23:55 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013-05-07 01:23:55 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013-05-07 01:23:55 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013-05-07 01:23:55 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013-05-07 01:23:55 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013-05-07 01:23:55 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013-05-07 01:23:55 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013-05-07 01:23:55 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013-05-07 01:23:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013-05-07 01:23:55 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013-05-07 01:23:55 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013-05-07 01:23:55 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013-05-07 01:23:55 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013-05-07 01:23:55 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013-05-07 01:23:55 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013-05-07 01:23:55 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013-05-07 01:23:55 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013-05-07 01:23:55 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013-05-07 01:23:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013-05-07 01:23:55 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013-05-07 01:23:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013-05-07 01:23:55 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013-05-07 01:23:55 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013-05-07 01:23:55 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013-05-07 01:23:55 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013-05-07 01:23:55 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013-05-07 01:23:55 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013-05-07 01:23:55 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013-05-07 01:22:31 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013-05-07 01:22:31 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013-05-07 01:22:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013-05-07 01:22:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013-05-07 01:22:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013-05-07 01:22:30 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013-05-07 01:22:30 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013-05-07 01:22:30 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013-05-07 01:22:30 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013-05-07 01:22:30 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013-05-07 01:22:30 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013-05-07 01:22:30 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013-05-07 01:22:30 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013-05-07 01:22:30 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013-05-07 01:22:30 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013-05-07 01:22:30 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013-05-07 01:22:30 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013-05-07 01:22:30 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013-05-07 01:22:30 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013-05-07 01:22:30 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013-05-07 01:22:30 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013-05-07 01:22:30 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013-05-07 01:22:30 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013-05-07 01:22:30 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013-05-07 01:22:30 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013-05-07 01:22:30 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013-05-07 01:22:30 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013-05-07 01:22:30 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013-05-07 01:22:30 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013-05-07 01:22:30 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013-05-07 01:22:30 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013-05-07 01:22:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013-05-07 01:22:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013-05-07 01:22:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013-05-07 01:22:30 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013-05-05 19:41:28 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Nowy folder
[2013-05-02 10:37:56 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\obrazzz
[2013-05-02 10:36:06 | 000,000,000 | ---D | C] -- C:\Users\KaQs\Desktop\Michael Buble - To Be Loved (2013)(Mp3@320Kbps)-TBS
[2013-05-01 14:00:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iMetin
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 60 Days ==========
[2013-06-24 22:39:19 | 005,767,168 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat
[2013-06-24 22:13:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KaQs\Desktop\OTL.exe
[2013-06-24 22:13:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-06-24 22:11:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4006521317-3179385241-4113696803-1000UA.job
[2013-06-24 21:58:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-06-24 21:09:04 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-06-24 21:09:04 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-06-24 21:05:32 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_KaQs.job
[2013-06-24 21:02:56 | 000,000,362 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_KaQs.job
[2013-06-24 21:02:44 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_KaQs.job
[2013-06-24 21:00:11 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-06-24 21:00:11 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
[2013-06-24 20:59:46 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2013-06-24 20:59:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-06-24 20:59:26 | 2307,280,896 | -HS- | M] () -- C:\hiberfil.sys
[2013-06-24 20:10:46 | 001,978,161 | -H-- | M] () -- C:\Users\KaQs\AppData\Local\IconCache.db
[2013-06-24 20:03:30 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-06-24 20:03:27 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013-06-24 20:03:27 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-06-24 20:03:26 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-06-24 20:03:25 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013-06-24 20:03:25 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013-06-24 20:00:57 | 002,555,928 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\Cat.DB
[2013-06-22 00:29:58 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{84bb6719-dab2-11e2-a4ea-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-06-22 00:29:58 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{84bb6719-dab2-11e2-a4ea-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-06-22 00:29:58 | 000,065,536 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{84bb6719-dab2-11e2-a4ea-c80aa95a7e6a}.TM.blf
[2013-06-21 23:43:04 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4006521317-3179385241-4113696803-1000UA.job
[2013-06-21 22:51:50 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-06-21 22:51:46 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013-06-21 19:38:56 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{8454a926-da7d-11e2-b365-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-06-21 19:38:56 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{8454a926-da7d-11e2-b365-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-06-21 19:38:56 | 000,065,536 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{8454a926-da7d-11e2-b365-c80aa95a7e6a}.TM.blf
[2013-06-20 11:47:56 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013-06-20 11:44:26 | 000,274,057 | ---- | M] () -- C:\Users\KaQs\Desktop\bookmarks_20.06.2013.html
[2013-06-18 19:00:00 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2013-06-17 22:54:43 | 000,000,119 | ---- | M] () -- C:\Users\KaQs\Documents\1Click.cfg
[2013-06-17 10:11:02 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4006521317-3179385241-4113696803-1000Core.job
[2013-06-16 20:43:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4006521317-3179385241-4113696803-1000Core.job
[2013-06-15 16:26:12 | 005,692,191 | ---- | M] () -- C:\Users\KaQs\Desktop\Wideo134.mp4
[2013-06-11 22:58:26 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-06-11 22:58:26 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013-06-11 13:05:05 | 007,230,644 | ---- | M] () -- C:\Users\KaQs\Desktop\March.mp3
[2013-06-10 23:04:41 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForKaQs.job
[2013-06-10 19:26:59 | 000,117,158 | ---- | M] () -- C:\Users\KaQs\Desktop\IMG20130607_018.jpg
[2013-06-10 19:08:55 | 002,048,104 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013-06-10 19:08:55 | 001,146,984 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013-06-10 19:08:54 | 000,332,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2013-06-10 19:08:54 | 000,149,608 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2013-06-10 19:08:53 | 002,625,640 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013-06-10 19:08:53 | 001,215,592 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2013-06-10 19:08:53 | 000,569,960 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013-06-10 19:08:53 | 000,080,488 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2013-06-10 19:08:50 | 000,200,800 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2013-06-10 19:08:48 | 001,251,944 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013-06-10 19:08:48 | 000,000,712 | ---- | M] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat
[2013-06-10 19:08:48 | 000,000,176 | ---- | M] () -- C:\Windows\SysNative\drivers\RTHDAEQ0.dat
[2013-06-10 19:07:03 | 000,151,298 | ---- | M] () -- C:\Users\KaQs\Desktop\IMG20130607_011.jpg
[2013-06-10 00:15:54 | 009,230,659 | ---- | M] () -- C:\Users\KaQs\Documents\Jessica Sutta - Show Me.mp3
[2013-06-09 17:42:03 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-06-09 17:42:03 | 000,697,912 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013-06-09 17:42:03 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-06-09 17:42:03 | 000,134,990 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013-06-09 17:42:03 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-06-08 16:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013-06-08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013-06-03 14:08:22 | 000,347,680 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013-06-03 14:08:22 | 000,107,552 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2013-06-03 14:08:22 | 000,074,272 | ---- | M] () -- C:\Windows\SysNative\RtNicProp64.dll
[2013-06-03 14:05:23 | 001,390,640 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys
[2013-06-03 14:05:23 | 000,400,168 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCOM.dll
[2013-06-03 14:05:23 | 000,271,144 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCtrl.dll
[2013-06-03 14:05:23 | 000,215,336 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPAPI.dll
[2013-06-03 14:05:23 | 000,214,312 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll
[2013-06-03 14:05:23 | 000,173,352 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll
[2013-06-03 14:05:23 | 000,147,752 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPCo4.dll
[2013-06-03 14:05:23 | 000,107,816 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll
[2013-05-28 18:41:57 | 000,001,805 | ---- | M] () -- C:\Users\KaQs\Desktop\Spotify.lnk
[2013-05-25 01:46:19 | 000,065,536 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{df381a7f-c45b-11e2-b0e5-c80aa95a7e6a}.TM.blf
[2013-05-25 01:46:18 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{df381a7f-c45b-11e2-b0e5-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-05-25 01:46:18 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{df381a7f-c45b-11e2-b0e5-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-05-24 15:34:08 | 002,529,502 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\Cat(15).DB
[2013-05-17 23:58:03 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\iMetin.lnk
[2013-05-17 23:55:17 | 000,000,562 | ---- | M] () -- C:\Users\KaQs\AppData\Roaming\wklnhst.dat
[2013-05-17 03:25:27 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013-05-17 03:25:26 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013-05-17 03:25:26 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013-05-17 03:25:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013-05-17 02:59:12 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013-05-17 02:58:20 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013-05-17 02:58:10 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013-05-17 02:58:10 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013-05-17 02:58:08 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013-05-17 02:58:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013-05-17 02:58:08 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013-05-16 13:05:31 | 000,358,080 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-05-14 14:23:25 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013-05-14 10:40:13 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013-05-13 07:51:00 | 001,464,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013-05-13 07:51:00 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013-05-13 07:50:40 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013-05-13 05:43:55 | 001,192,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013-05-13 05:08:10 | 000,903,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013-05-13 05:08:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013-05-12 15:42:40 | 007,159,415 | ---- | M] () -- C:\Users\KaQs\Desktop\akon_-_sorry_blame_it_on_me_(zaycev.net).mp3
[2013-05-11 14:44:20 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013-05-09 15:16:12 | 000,001,191 | ---- | M] () -- C:\Users\Public\Desktop\Testy na prawo jazdy 2013 kat. B.lnk
[2013-05-09 10:59:07 | 001,025,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013-05-09 10:59:07 | 000,378,432 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013-05-09 10:59:07 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013-05-09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013-05-09 10:59:07 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013-05-09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013-05-09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013-05-09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013-05-09 10:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013-05-09 10:58:11 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013-05-08 12:32:03 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{8820ba1a-b7b2-11e2-bc95-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-05-08 12:32:03 | 000,524,288 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{8820ba1a-b7b2-11e2-bc95-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-05-08 12:32:03 | 000,065,536 | -HS- | M] () -- C:\Users\KaQs\ntuser.dat{8820ba1a-b7b2-11e2-bc95-c80aa95a7e6a}.TM.blf
[2013-05-07 01:23:56 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013-05-07 01:23:56 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013-05-07 01:23:56 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013-05-07 01:23:56 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013-05-07 01:23:56 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013-05-07 01:23:56 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013-05-07 01:23:56 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013-05-07 01:23:56 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013-05-07 01:23:56 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013-05-07 01:23:56 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013-05-07 01:23:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013-05-07 01:23:56 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013-05-07 01:23:56 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013-05-07 01:23:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013-05-07 01:23:56 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013-05-07 01:23:55 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013-05-07 01:23:55 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013-05-07 01:23:55 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013-05-07 01:23:55 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013-05-07 01:23:55 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013-05-07 01:23:55 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013-05-07 01:23:55 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013-05-07 01:23:55 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013-05-07 01:23:55 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013-05-07 01:23:55 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013-05-07 01:23:55 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013-05-07 01:23:55 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013-05-07 01:23:55 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013-05-07 01:23:55 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013-05-07 01:23:55 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013-05-07 01:23:55 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013-05-07 01:23:55 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013-05-07 01:23:55 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013-05-07 01:23:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013-05-07 01:23:55 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013-05-07 01:23:55 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013-05-07 01:23:55 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013-05-07 01:23:55 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013-05-07 01:23:55 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013-05-07 01:23:55 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013-05-07 01:23:55 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013-05-07 01:23:55 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013-05-07 01:23:55 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013-05-07 01:23:55 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013-05-07 01:23:55 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013-05-07 01:23:55 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013-05-07 01:23:55 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013-05-07 01:23:55 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013-05-07 01:23:55 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013-05-07 01:23:55 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013-05-07 01:23:55 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013-05-07 01:23:55 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013-05-07 01:23:55 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013-05-07 01:23:55 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013-05-07 01:23:55 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013-05-07 01:22:31 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013-05-07 01:22:31 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013-05-07 01:22:31 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013-05-07 01:22:31 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013-05-07 01:22:31 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013-05-07 01:22:31 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013-05-07 01:22:30 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013-05-07 01:22:30 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013-05-07 01:22:30 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013-05-07 01:22:30 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013-05-07 01:22:30 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013-05-07 01:22:30 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013-05-07 01:22:30 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013-05-07 01:22:30 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013-05-07 01:22:30 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013-05-07 01:22:30 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013-05-07 01:22:30 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013-05-07 01:22:30 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013-05-07 01:22:30 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013-05-07 01:22:30 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013-05-07 01:22:30 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013-05-07 01:22:30 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013-05-07 01:22:30 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013-05-07 01:22:30 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013-05-07 01:22:30 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013-05-07 01:22:30 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013-05-07 01:22:30 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013-05-07 01:22:30 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013-05-07 01:22:30 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013-05-07 01:22:30 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013-05-07 01:22:30 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013-05-07 01:22:30 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013-05-07 01:22:30 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013-05-07 01:22:30 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013-05-07 01:22:30 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013-05-07 01:22:30 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013-05-07 01:22:30 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013-04-26 07:51:36 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013-04-26 06:55:21 | 000,492,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013-06-24 21:02:37 | 000,000,372 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_KaQs.job
[2013-06-24 21:02:22 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_KaQs.job
[2013-06-24 21:00:23 | 000,000,362 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_KaQs.job
[2013-06-21 23:02:07 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{84bb6719-dab2-11e2-a4ea-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-06-21 23:02:07 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{84bb6719-dab2-11e2-a4ea-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-06-21 23:02:07 | 000,065,536 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{84bb6719-dab2-11e2-a4ea-c80aa95a7e6a}.TM.blf
[2013-06-21 16:32:15 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{8454a926-da7d-11e2-b365-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-06-21 16:32:15 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{8454a926-da7d-11e2-b365-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-06-21 16:32:15 | 000,065,536 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{8454a926-da7d-11e2-b365-c80aa95a7e6a}.TM.blf
[2013-06-20 11:44:26 | 000,274,057 | ---- | C] () -- C:\Users\KaQs\Desktop\bookmarks_20.06.2013.html
[2013-06-18 18:12:25 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-06-18 18:12:19 | 000,189,936 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013-06-18 18:12:19 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013-06-15 23:20:14 | 005,692,191 | ---- | C] () -- C:\Users\KaQs\Desktop\Wideo134.mp4
[2013-06-11 13:04:50 | 007,230,644 | ---- | C] () -- C:\Users\KaQs\Desktop\March.mp3
[2013-06-10 19:26:59 | 000,117,158 | ---- | C] () -- C:\Users\KaQs\Desktop\IMG20130607_018.jpg
[2013-06-10 19:10:02 | 000,000,176 | ---- | C] () -- C:\Windows\SysNative\drivers\RTHDAEQ0.dat
[2013-06-10 19:07:03 | 000,151,298 | ---- | C] () -- C:\Users\KaQs\Desktop\IMG20130607_011.jpg
[2013-06-09 20:22:47 | 009,230,659 | ---- | C] () -- C:\Users\KaQs\Documents\Jessica Sutta - Show Me.mp3
[2013-06-09 20:15:47 | 011,618,423 | ---- | C] () -- C:\Users\KaQs\Desktop\movetown_-_girl_you_know_it_s_true_zaycev_net.mp3
[2013-06-03 14:09:44 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2013-05-28 18:41:57 | 000,001,805 | ---- | C] () -- C:\Users\KaQs\Desktop\Spotify.lnk
[2013-05-28 18:41:57 | 000,001,791 | ---- | C] () -- C:\Users\KaQs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2013-05-24 15:47:06 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{df381a7f-c45b-11e2-b0e5-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-05-24 15:47:06 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{df381a7f-c45b-11e2-b0e5-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-05-24 15:47:06 | 000,065,536 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{df381a7f-c45b-11e2-b0e5-c80aa95a7e6a}.TM.blf
[2013-05-17 23:58:03 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\iMetin.lnk
[2013-05-12 15:41:43 | 007,159,415 | ---- | C] () -- C:\Users\KaQs\Desktop\akon_-_sorry_blame_it_on_me_(zaycev.net).mp3
[2013-05-11 14:44:20 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013-05-09 15:16:12 | 000,001,191 | ---- | C] () -- C:\Users\Public\Desktop\Testy na prawo jazdy 2013 kat. B.lnk
[2013-05-08 09:40:47 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{8820ba1a-b7b2-11e2-bc95-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2013-05-08 09:40:47 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{8820ba1a-b7b2-11e2-bc95-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2013-05-08 09:40:47 | 000,065,536 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{8820ba1a-b7b2-11e2-bc95-c80aa95a7e6a}.TM.blf
[2013-05-07 01:23:55 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013-05-07 01:23:55 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013-04-27 16:54:41 | 001,978,161 | -H-- | C] () -- C:\Users\KaQs\AppData\Local\IconCache.db
[2013-02-15 23:52:46 | 000,000,268 | RH-- | C] () -- C:\ProgramData\ColorSync
[2013-02-15 23:52:46 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Cocoa
[2013-02-15 23:52:46 | 000,000,268 | RH-- | C] () -- C:\Users\KaQs\AppData\Roaming\Classical
[2013-02-15 23:52:46 | 000,000,268 | RH-- | C] () -- C:\Users\KaQs\AppData\Roaming\Classic Thick
[2013-02-15 23:52:46 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2013-02-15 23:52:46 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2013-02-15 23:52:45 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Clips
[2013-02-15 23:52:45 | 000,000,268 | RH-- | C] () -- C:\Users\KaQs\AppData\Roaming\Chorus
[2013-02-15 23:52:45 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2013-01-30 21:51:51 | 000,000,218 | ---- | C] () -- C:\Users\KaQs\.recently-used.xbel
[2012-12-16 17:40:03 | 000,000,562 | ---- | C] () -- C:\Users\KaQs\AppData\Roaming\wklnhst.dat
[2012-05-28 18:54:40 | 000,000,293 | ---- | C] () -- C:\Windows\game.ini
[2012-05-05 12:12:54 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{c9a98ebb-969a-11e1-9c4d-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2012-05-05 12:12:54 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{c9a98ebb-969a-11e1-9c4d-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2012-05-05 12:12:54 | 000,065,536 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{c9a98ebb-969a-11e1-9c4d-c80aa95a7e6a}.TM.blf
[2012-04-07 14:07:44 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{21513f39-8090-11e1-9518-c80aa95a7e6a}.TMContainer00000000000000000002.regtrans-ms
[2012-04-07 14:07:44 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{21513f39-8090-11e1-9518-c80aa95a7e6a}.TMContainer00000000000000000001.regtrans-ms
[2012-04-07 14:07:44 | 000,065,536 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat{21513f39-8090-11e1-9518-c80aa95a7e6a}.TM.blf
[2012-04-07 13:46:56 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2012-03-10 22:30:49 | 000,085,280 | ---- | C] () -- C:\Users\KaQs\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-03-10 22:28:09 | 000,000,020 | -HS- | C] () -- C:\Users\KaQs\ntuser.ini
[2012-03-10 22:28:08 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012-03-10 22:28:08 | 000,524,288 | -HS- | C] () -- C:\Users\KaQs\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012-03-10 22:28:07 | 005,767,168 | -HS- | C] () -- C:\Users\KaQs\ntuser.dat
[2012-03-10 22:28:07 | 000,065,536 | -HS- | C] () -- C:\Users\KaQs\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
========== ZeroAccess Check ==========
[2012-04-07 19:20:45 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-02-27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013-06-20 11:57:34 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\0D1F1S1C1P0P1C1F1N1C1T1H2UtF1E1I
[2013-06-05 00:36:52 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\AIMP3
[2012-09-03 21:41:51 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Babylon
[2012-09-30 14:00:36 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\DAEMON Tools Lite
[2013-01-30 21:44:40 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\DT
[2013-06-15 10:39:41 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\ESET
[2012-12-03 11:15:02 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\ExpressFiles
[2012-03-11 17:54:42 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Gadu-Gadu 10
[2013-05-09 15:16:12 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\KTW
[2012-08-05 12:06:23 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Mumble
[2012-03-11 22:56:37 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\OpenFM
[2012-08-12 15:21:44 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\PC Suite
[2012-07-14 19:01:02 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Registry Mechanic
[2012-12-27 20:14:50 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\RoboForm
[2013-06-18 16:20:08 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Spotify
[2012-12-16 17:40:05 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Template
[2012-04-07 14:07:52 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Tific
[2013-05-15 16:45:14 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\TS3Client
[2012-04-23 18:12:01 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Unity
[2012-03-10 22:49:45 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\WildTangent
[2013-04-14 21:23:58 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\WinBatch
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:D1B5B4F1
< End of report >
-
kominekl
- Posty: 5855
- Rejestracja: 27 lis 2011, 14:25
- Kontaktowanie:
komputer wariuje
nie mogę wkleić na wklej bo wyskakuje błąd brak kodu>>>
Bo pole KOD jest na pewno puste. Przy podawaniu nowych logów, przeczytaj instrukcję dokładnie (brak drugiego loga z OTL i logu z TDSSKiller). Poza tym, użyj tego i Dostępne tylko dla zarejestrowanych użytkowników.
Logi.
Uruchom OTL -> w oknie Własne opcje skanowania/skrypt wklej:
:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {CA822826-7741-4087-A9E6-6E810808C9E3}
IE:64bit: - HKLM\..\SearchScopes\{CA822826-7741-4087-A9E6-6E810808C9E3}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKLM\..\SearchScopes\{CA822826-7741-4087-A9E6-6E810808C9E3}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników ... 0&st=18&q={searchTerms}&barid={5027AA4C-D35F-11E1-A10B-C80AA95A7E6A}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników{5027AA4C-D35F-11E1-A10B-C80AA95A7E6A}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&affID=109217&tt=3612_4&babsrc=SP_ss&mntrId=d4b07b2a00000000000078e40017349f
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{75F59910-24A6-40AE-AD42-C054A898ACB9}&mid=fdddd269dd8243d6841b18282a5107fb-dd10aa03118452a7b09ea9b7afe43fc25addae2a&lang=en&ds=co011&pr=sa&d=2013-06-20 11:48:34&v=15.2.0.5&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{C06155F3-D449-44BA-9A05-84718A1F514D}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=50907D3C-09FC-4D23-8AB2-8C6D9F1452A0&apn_sauid=99CD1484-F26D-467E-8AEA-F33345D4CE55
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{CA822826-7741-4087-A9E6-6E810808C9E3}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&loc=IB_DS&a=6R8MD8d6N4&i=26
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{D705CF4C-9277-4489-85C7-CB1009C3418B}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&SearchSource=4&cc=
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników ... 0&st=18&q={searchTerms}&barid={5027AA4C-D35F-11E1-A10B-C80AA95A7E6A}
IE - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{SearchTerms}
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\KaQs\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\KaQs\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\KaQs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2013-05-08 08:37:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6 [2013-05-08 08:37:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.2.0.5 [2013-06-20 11:49:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
[2012-09-03 21:41:48 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\KaQs\AppData\Roaming\mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com
[2012-11-28 17:44:57 | 000,213,316 | ---- | M] () (No name found) -- C:\Users\KaQs\AppData\Roaming\mozilla\firefox\profiles\0\extensions\torntv@torntv.com.xpi
[2012-07-31 13:59:18 | 000,221,380 | ---- | M] () (No name found) -- C:\Users\KaQs\AppData\Roaming\mozilla\firefox\profiles\extensions\gophoto@gophoto.it.xpi
CHR - Extension: Sprawdzanie poczty Google = C:\Users\KaQs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll File not found
O2 - BHO: (no name) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (GagetBox) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll File not found
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O3 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [Facebook Update] C:\Users\KaQs\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW File not found
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKU\S-1-5-21-4006521317-3179385241-4113696803-1000..\Run: [OscarX7Mouse5Mode] C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8:64bit: - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll (AVG Secure Search)
O20 - AppInit_DLLs: (c:\progra~2\sprote~1\sprote~1.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~2\mocaflix\sprote~1.dll) - File not found
O27:64bit: - HKLM IFEO\notepad.exe: Debugger - C:\Users\KaQs\Desktop\Nowy folder (2)\Notepad2.exe /z File not found
O27 - HKLM IFEO\notepad.exe: Debugger - C:\Users\KaQs\Desktop\Nowy folder (2)\Notepad2.exe /z File not found
[2013-06-20 11:57:34 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Roaming\0D1F1S1C1P0P1C1F1N1C1T1H2UtF1E1I
[2013-06-20 11:51:02 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Local\AVG SafeGuard toolbar
[2013-06-20 11:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013-06-20 11:48:29 | 000,045,856 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013-06-20 11:48:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013-06-20 11:48:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013-06-15 10:39:41 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Roaming\ESET
[2013-06-09 20:17:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mail.Ru
[2013-06-09 20:17:16 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Local\Mail.Ru
[2013-05-07 19:28:14 | 000,000,000 | ---D | C] -- C:\Users\KaQs\AppData\Local\ESET
[2013-05-07 19:12:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013-05-07 19:12:51 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013-06-20 11:57:34 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\0D1F1S1C1P0P1C1F1N1C1T1H2UtF1E1I
[2012-09-03 21:41:51 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Babylon
[2012-09-30 14:00:36 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\DAEMON Tools Lite
[2013-06-15 10:39:41 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\ESET
[2012-12-03 11:15:02 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\ExpressFiles
[2012-08-05 12:06:23 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Mumble
[2012-03-11 22:56:37 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\OpenFM
[2012-08-12 15:21:44 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\PC Suite
[2012-07-14 19:01:02 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Registry Mechanic
[2012-12-27 20:14:50 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\RoboForm
[2013-06-18 16:20:08 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Spotify
[2012-12-16 17:40:05 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Template
[2012-04-07 14:07:52 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Tific
[2012-04-23 18:12:01 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\Unity
[2012-03-10 22:49:45 | 000,000,000 | ---D | M] -- C:\Users\KaQs\AppData\Roaming\WildTangent
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:D1B5B4F1
:Services
gupdate
gupdatem
:Files
C:\Program Files (x86)\Google\Update
C:\Users\KaQs\AppData\Local\Google\Update
C:\Program Files (x86)\Pando Networks
C:\Users\KaQs\AppData\Local\Facebook
C:\Windows\tasks\*.*
C:\Windows\SysNative\drivers\NISx64
:Commands
[clearallrestorepoints]
[emptytemp]
Klikasz Wykonaj skrypt. Dajesz log z usuwania. Następnie podaj log z Dostępne tylko dla zarejestrowanych użytkowników (z opcji Delete) + log z TDSSKiller + nowe logi z OTL (oba!).
Kiedy komputery staną się twoim jedynym życiem, jedynym totemem odstraszającym klątwę nudy, wtedy prędzej czy później granica między tymi dwoma wymiarami zniknie i postacie z Błękitnej Pustki zaczną pojawiać się w Realu. Czasem są twoimi przyjaciółmi. A czasem nie.
-
- Reklama
Kto jest online
Użytkownicy przeglądający to forum: Obecnie na forum nie ma żadnego zarejestrowanego użytkownika i 2 gości
