sOTL logfile created on: 2011-10-19 18:01:49 - Run 2
OTL by OldTimer - Version 3.2.26.6     Folder = D:\antywirusowe
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
4,00 Gb Total Physical Memory | 2,66 Gb Available Physical Memory | 66,56% Memory free
15,99 Gb Paging File | 14,66 Gb Available in Paging File | 91,68% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 234,37 Gb Total Space | 179,17 Gb Free Space | 76,45% Space Free | Partition Type: NTFS
Drive D: | 231,29 Gb Total Space | 219,34 Gb Free Space | 94,84% Space Free | Partition Type: NTFS
 
Computer Name: FALUBAZ-1961 | User Name: FalubaZ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011-10-02 11:49:12 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011-09-19 23:32:26 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.87\ccSvcHst.exe
PRC - [2011-09-19 23:25:32 | 000,123,320 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.87\SymcPCCULaunchSvc.exe
PRC - [2011-09-02 13:21:49 | 000,947,056 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2011-08-29 03:04:49 | 000,580,096 | ---- | M] (OldTimer Tools) -- D:\antywirusowe\OTL.exe
PRC - [2011-08-10 14:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Management\Engine\1.1.1.3\ccSvcHst.exe
PRC - [2011-08-10 14:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe
PRC - [2011-08-03 03:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2011-08-08 12:37:10 | 000,168,864 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\WireHelpSvc.exe -- (WireHelpSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011-10-02 11:49:12 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011-09-19 23:32:26 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.87\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2011-09-19 23:25:32 | 000,123,320 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.87\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2011-08-10 14:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe -- (NIS)
SRV - [2011-08-10 14:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Management\Engine\1.1.1.3\ccSvcHst.exe -- (MCLIENT)
SRV - [2011-08-03 03:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010-06-08 11:24:22 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2011-10-01 01:58:05 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2011-08-08 17:38:06 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\ccSetx64.sys -- (ccSet_NIS)
DRV:[b]64bit:[/b] - [2011-08-08 17:38:06 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MCLIENTx64\0101010.003\ccSetx64.sys -- (ccSet_MCLIENT)
DRV:[b]64bit:[/b] - [2011-08-08 12:37:02 | 000,161,184 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:[b]64bit:[/b] - [2011-08-08 12:37:02 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1)
DRV:[b]64bit:[/b] - [2011-08-02 20:22:10 | 000,729,720 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2011-08-02 20:22:10 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:[b]64bit:[/b] - [2011-07-28 21:20:02 | 001,084,536 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\SymEFA64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2011-07-26 18:51:02 | 000,043,640 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:[b]64bit:[/b] - [2011-07-25 20:18:40 | 000,401,016 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2011-07-25 20:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\SymDS64.sys -- (SymDS)
DRV:[b]64bit:[/b] - [2011-07-25 20:15:52 | 000,189,560 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\Ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2009-08-23 05:08:10 | 000,056,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:[b]64bit:[/b] - [2009-07-16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-18 09:47:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2009-02-17 18:22:22 | 000,017,792 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asusgsb.sys -- (asusgsb)
DRV - [2011-10-19 17:12:22 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111018.033\ex64.sys -- (NAVEX15)
DRV - [2011-10-19 17:12:22 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111018.033\eng64.sys -- (NAVENG)
DRV - [2011-10-15 01:10:08 | 001,155,704 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111014.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011-10-03 11:01:16 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011-09-30 08:07:42 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20111018.030\IDSviA64.sys -- (IDSVia64)
DRV - [2011-07-28 09:18:58 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2088152846-3426050806-1135496210-1001\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2088152846-3426050806-1135496210-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\ [2011-10-01 02:06:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\ [2011-10-19 17:10:46 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\IPS\IPSBHO.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\coIEPlg.dll (Symantec Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin]  File not found
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) -  File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011-10-18 20:27:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reanimator
[2011-10-18 20:27:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Greatis
[2011-10-16 14:27:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NortonPCCheckupx64
[2011-10-16 14:27:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton PC Checkup
[2011-10-16 14:27:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton PC Checkup
[2011-10-16 14:27:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NortonPCCheckupx64\02000F0.057
[2011-10-16 10:17:55 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011-10-16 10:17:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011-10-16 10:17:43 | 000,125,872 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2011-10-16 10:17:43 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011-10-16 10:17:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NBRTWizardx64
[2011-10-16 10:17:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NBRTWizardx64\0401000.00F
[2011-10-16 10:17:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
[2011-10-16 10:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
[2011-10-16 10:00:44 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\MCLIENTx64\0101010.003\ccSetx64.sys
[2011-10-16 10:00:42 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Management
[2011-10-16 10:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Management
[2011-10-16 10:00:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\MCLIENTx64
[2011-10-16 10:00:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\MCLIENTx64\0101010.003
[2011-10-16 02:26:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
[2011-10-16 02:26:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2011-10-16 02:26:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Symantec
[2011-10-14 20:32:32 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011-10-06 06:47:17 | 000,000,000 | ---D | C] -- C:\Users\FalubaZ\DoctorWeb
[2011-10-06 06:17:34 | 000,000,000 | ---D | C] -- C:\Users\FalubaZ\AppData\Roaming\Macromedia
[2011-10-03 21:33:11 | 000,039,192 | ---- | C] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2011-10-03 21:23:21 | 000,000,000 | ---D | C] -- C:\Users\FalubaZ\Documents\RegRun2
[2011-10-03 21:23:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UnHackMe
[2011-10-01 23:03:01 | 000,000,000 | ---D | C] -- C:\ProgramData\RegCure
[2011-10-01 02:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011-10-01 01:57:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011-10-01 01:56:01 | 000,061,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2011-10-01 01:56:00 | 006,136,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2011-10-01 01:56:00 | 003,021,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2011-10-01 01:56:00 | 002,560,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2011-10-01 01:55:59 | 000,836,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll
[2011-10-01 01:55:59 | 000,117,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2011-10-01 01:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011-10-01 01:48:03 | 022,470,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011-10-01 01:48:03 | 016,595,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011-10-01 01:48:03 | 008,355,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2011-10-01 01:48:03 | 006,613,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2011-10-01 01:48:03 | 001,519,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2011-10-01 01:48:03 | 001,453,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2011-10-01 01:48:03 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011-10-01 01:48:03 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011-10-01 01:48:02 | 024,692,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011-10-01 01:48:02 | 017,193,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011-10-01 01:48:02 | 015,064,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011-10-01 01:48:02 | 012,636,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2011-10-01 01:48:02 | 007,254,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011-10-01 01:48:02 | 005,404,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011-10-01 01:48:02 | 002,758,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2011-10-01 01:48:02 | 002,532,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011-10-01 01:48:02 | 002,412,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2011-10-01 01:48:02 | 002,391,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011-10-01 01:48:02 | 002,222,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011-10-01 01:48:02 | 002,090,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011-09-29 21:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESL Wire
[2011-09-29 21:13:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESL Wire
[2011-09-29 20:55:33 | 000,000,000 | ---D | C] -- C:\Users\FalubaZ\Documents\ESL Match Media
[2011-09-25 09:27:18 | 000,000,000 | ---D | C] -- C:\Users\FalubaZ\Documents\ICQ
[2011-09-23 15:04:34 | 000,000,000 | ---D | C] -- C:\Program Files\EslWire
[2011-09-23 14:56:04 | 000,161,184 | ---- | C] (<Turtle Entertainment>) -- C:\Windows\SysNative\drivers\ESLWireACD.sys
[2011-09-23 14:56:00 | 000,025,528 | ---- | C] (Turtle Entertainment GmbH) -- C:\Windows\SysNative\drivers\ESLvnic.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011-10-19 18:03:19 | 001,310,720 | -HS- | M] () -- C:\Users\FalubaZ\ntuser.dat
[2011-10-19 17:17:53 | 000,007,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-10-19 17:17:53 | 000,007,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-10-19 17:10:38 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011-10-19 17:10:27 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2011-10-19 17:10:21 | 001,789,721 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1301010.003\Cat.DB
[2011-10-18 20:27:05 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2011-10-18 20:27:05 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\CONFIG.NT
[2011-10-18 20:27:05 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2011-10-17 13:48:48 | 000,002,032 | ---- | M] () -- C:\{77508C89-FC1D-4B0C-A216-7A30F9AE6477}
[2011-10-17 12:55:38 | 000,003,208 | ---- | M] () -- C:\{36522E15-0D4A-4264-B0FC-B7CB785FB4F8}
[2011-10-17 12:54:35 | 000,003,160 | ---- | M] () -- C:\{C4EB069D-85E2-49FC-9870-3F65133F1DDC}
[2011-10-17 12:50:01 | 000,003,248 | ---- | M] () -- C:\{F27AA73E-6242-4125-A623-16B328507430}
[2011-10-16 10:27:50 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-10-16 10:27:50 | 000,697,674 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2011-10-16 10:27:50 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-10-16 10:27:50 | 000,134,784 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2011-10-16 10:27:50 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-10-16 10:25:30 | 510,787,584 | ---- | M] () -- C:\NBRT.iso
[2011-10-14 13:02:40 | 000,274,840 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011-10-04 16:15:54 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011-10-04 16:15:54 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-10-03 21:33:11 | 000,039,192 | ---- | M] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2011-10-02 14:33:41 | 004,429,143 | ---- | M] () -- C:\Users\FalubaZ\Documents\Najnowsza historia.mcf
[2011-10-02 11:49:12 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-10-02 11:46:08 | 003,360,624 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2011-10-01 10:45:42 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011-10-01 02:04:17 | 000,004,349 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1301010.003\VT20110921.019
[2011-10-01 01:58:05 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011-10-01 01:58:05 | 000,007,530 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011-10-01 01:58:05 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011-09-21 17:35:33 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\MCLIENTx64\0101010.003\isolate.ini
[2011-09-19 23:34:46 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NortonPCCheckupx64\02000F0.057\isolate.ini
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011-10-17 13:48:46 | 000,002,032 | ---- | C] () -- C:\{77508C89-FC1D-4B0C-A216-7A30F9AE6477}
[2011-10-17 12:55:37 | 000,003,208 | ---- | C] () -- C:\{36522E15-0D4A-4264-B0FC-B7CB785FB4F8}
[2011-10-17 12:54:25 | 000,003,160 | ---- | C] () -- C:\{C4EB069D-85E2-49FC-9870-3F65133F1DDC}
[2011-10-17 12:50:00 | 000,003,248 | ---- | C] () -- C:\{F27AA73E-6242-4125-A623-16B328507430}
[2011-10-16 14:27:57 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NortonPCCheckupx64\02000F0.057\isolate.ini
[2011-10-16 10:25:23 | 510,787,584 | ---- | C] () -- C:\NBRT.iso
[2011-10-16 10:17:29 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NBRTWizardx64\0401000.00F\isolate.ini
[2011-10-16 10:00:42 | 000,007,510 | R--- | C] () -- C:\Windows\SysNative\drivers\MCLIENTx64\0101010.003\ccSetx64.cat
[2011-10-16 10:00:42 | 000,000,854 | R--- | C] () -- C:\Windows\SysNative\drivers\MCLIENTx64\0101010.003\ccSetx64.inf
[2011-10-16 10:00:42 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\MCLIENTx64\0101010.003\isolate.ini
[2011-10-03 21:23:24 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2011-10-03 21:23:24 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\CONFIG.NT
[2011-10-03 21:23:24 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2011-10-02 14:33:40 | 004,429,143 | ---- | C] () -- C:\Users\FalubaZ\Documents\Najnowsza historia.mcf
[2011-10-01 01:48:03 | 000,007,383 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011-09-23 14:56:08 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2011-08-12 17:43:03 | 000,007,664 | ---- | C] () -- C:\Users\FalubaZ\AppData\Local\Resmon.ResmonCfg
[2011-08-03 03:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-06-29 13:58:08 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-06-29 13:58:01 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011-06-29 13:58:01 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-06-23 16:02:26 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011-06-22 19:32:07 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011-06-22 19:32:07 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011-06-22 19:28:46 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011-06-22 19:28:40 | 000,020,970 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011-06-22 18:13:18 | 000,057,560 | ---- | C] () -- C:\Users\FalubaZ\AppData\Local\GDIPFONTCACHEV1.DAT
[2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 04:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2009-07-14 04:34:57 | 000,000,403 | ---- | C] () -- C:\Windows\win.ini
[2009-07-14 04:34:57 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-07-06 04:48:34 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-08-29 00:38:16 | 000,000,000 | ---D | M] -- C:\Users\FalubaZ\AppData\Roaming\enchant
[2011-10-19 18:02:09 | 000,000,000 | ---D | M] -- C:\Users\FalubaZ\AppData\Roaming\ICQ
[2011-08-13 01:04:55 | 000,000,000 | ---D | M] -- C:\Users\FalubaZ\AppData\Roaming\Opera
[2011-08-13 01:08:23 | 000,000,000 | ---D | M] -- C:\Users\FalubaZ\AppData\Roaming\TS3Client
[2011-06-23 19:49:16 | 000,000,000 | ---D | M] -- C:\Users\FalubaZ\AppData\Roaming\wargaming.net
[2011-09-16 13:18:37 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >