OTL logfile created on: 29-01-2012 18:10:24 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Robert\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd-MM-yyyy 3,48 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 36,33% Memory free 6,95 Gb Paging File | 4,58 Gb Available in Paging File | 65,86% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 203,23 Gb Total Space | 163,27 Gb Free Space | 80,34% Space Free | Partition Type: NTFS Drive D: | 392,94 Gb Total Space | 390,16 Gb Free Space | 99,29% Space Free | Partition Type: NTFS Drive E: | 172,67 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: RLAP | User Name: Robert | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-01-29 18:09:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Downloads\OTL.exe PRC - [2012-01-19 12:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012-01-03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-12-22 21:45:46 | 010,234,880 | ---- | M] (Creative Team S.A.) -- C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe PRC - [2011-12-22 16:31:42 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011-10-30 16:16:20 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2011-08-30 10:32:36 | 001,528,680 | ---- | M] (IVONA Software Sp. z o.o.) -- C:\Program Files (x86)\IVONA\IVONA Reader\IVONA Reader.exe PRC - [2011-08-05 12:26:16 | 001,672,056 | ---- | M] (IVONA Software Sp. z o.o.) -- C:\Program Files (x86)\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe PRC - [2011-05-20 11:01:06 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2011-03-13 10:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2010-09-17 11:14:50 | 000,098,304 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe PRC - [2010-09-17 11:14:42 | 003,735,552 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe PRC - [2010-08-17 14:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2010-05-20 15:26:28 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe PRC - [2010-03-10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2009-12-15 10:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2009-06-19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe PRC - [2009-06-15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2009-01-17 15:48:08 | 005,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- C:\Program Files (x86)\Tlen.pl\tlen.exe PRC - [2008-12-22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-12-22 16:31:42 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2011-12-09 19:25:48 | 001,182,720 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\GGNet.dll MOD - [2011-11-09 13:18:20 | 000,983,552 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\SMS.dll MOD - [2011-09-27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011-09-27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011-09-09 08:58:02 | 006,620,008 | ---- | M] () -- C:\Program Files (x86)\IVONA\IVONA 2 Voice\voices\voice_pl_jacek.dll MOD - [2011-08-30 10:32:40 | 000,029,032 | ---- | M] () -- C:\Program Files (x86)\IVONA\IVONA Reader\IvonaIntegration.dll MOD - [2010-10-08 10:11:52 | 007,979,008 | ---- | M] () -- C:\Program Files (x86)\IVONA\IVONA 2 Voice\Qt_4_6_3_0\x86\QtGui4.dll MOD - [2010-08-25 10:41:20 | 000,304,640 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\Contact.dll MOD - [2010-07-14 11:15:42 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\IVONA\IVONA 2 Voice\Qt_4_6_3_0\x86\QtSolutions_MFCMigrationFramework-2.8.dll MOD - [2010-06-17 14:07:06 | 002,203,648 | ---- | M] () -- C:\Program Files (x86)\IVONA\IVONA 2 Voice\Qt_4_6_3_0\x86\QtCore4.dll MOD - [2009-06-19 22:47:52 | 000,293,888 | ---- | M] () -- C:\Users\Robert\WapSter\AQQ Folder\Profiles\JKS\Plugins\SpellChecker.dll MOD - [2009-04-16 01:44:30 | 000,648,704 | ---- | M] () -- C:\Users\Robert\WapSter\AQQ Folder\Profiles\JKS\Plugins\detonator.dll MOD - [2009-02-07 14:04:23 | 000,012,800 | ---- | M] () -- C:\Program Files (x86)\Tlen.pl\Plugins\bk2.tpl MOD - [2009-01-17 15:47:38 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Tlen.pl\languages\polish.dll MOD - [2009-01-06 12:55:46 | 000,061,464 | ---- | M] () -- C:\Program Files (x86)\Tlen.pl\Plugins\TlenSMS.tpl MOD - [2008-12-23 15:11:32 | 000,195,096 | ---- | M] () -- C:\Program Files (x86)\Tlen.pl\Plugins\Video.tpl MOD - [2008-12-22 14:32:06 | 000,093,720 | ---- | M] () -- C:\Program Files (x86)\Tlen.pl\Plugins\Voice.tpl MOD - [2008-12-16 14:51:44 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Tlen.pl\LIBGADU.DLL MOD - [2008-11-29 16:18:54 | 000,250,880 | ---- | M] () -- C:\Users\Robert\WapSter\AQQ Folder\Profiles\JKS\Plugins\AQQRadio.dll MOD - [2008-07-22 08:49:48 | 000,075,800 | ---- | M] () -- C:\Program Files (x86)\Tlen.pl\Plugins\FileTM.tpl MOD - [2008-07-22 08:49:40 | 000,106,520 | ---- | M] () -- C:\Program Files (x86)\Tlen.pl\Plugins\File.tpl MOD - [2008-06-19 13:20:08 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Tlen.pl\hook.dll MOD - [2008-06-19 13:15:54 | 000,030,720 | ---- | M] () -- C:\Program Files (x86)\Tlen.pl\LIBUTIL2.DLL MOD - [2008-06-19 13:15:46 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\Tlen.pl\LIBEXPAT2.DLL MOD - [2008-01-15 15:57:06 | 000,349,720 | ---- | M] () -- C:\Program Files (x86)\Tlen.pl\Plugins\Tlenofon.tpl MOD - [2007-10-05 14:00:58 | 000,181,248 | ---- | M] () -- C:\Program Files (x86)\Tlen.pl\LIBUTIL.DLL MOD - [2005-11-18 10:33:58 | 000,054,784 | ---- | M] () -- C:\Program Files (x86)\Tlen.pl\libs\libexpat.dll MOD - [2003-01-30 05:04:00 | 000,618,496 | ---- | M] () -- C:\Program Files (x86)\Tlen.pl\STLPMT45.DLL [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2011-08-11 00:47:10 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2011-08-10 12:58:32 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:[b]64bit:[/b] - [2010-05-20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012-01-19 12:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012-01-03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-03-13 10:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent) SRV - [2011-03-13 10:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2010-09-17 11:14:50 | 000,098,304 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance) SRV - [2010-09-17 11:14:42 | 003,735,552 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-03-10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-12-15 10:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009-06-15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-08-11 01:39:32 | 009,981,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2011-08-11 00:10:06 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2011-08-09 14:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:[b]64bit:[/b] - [2011-08-04 09:20:38 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:[b]64bit:[/b] - [2011-08-04 09:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2011-08-04 09:20:38 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:[b]64bit:[/b] - [2011-08-04 09:20:38 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF) DRV:[b]64bit:[/b] - [2011-08-02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2011-06-27 01:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2011-06-10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011-06-07 06:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2011-03-18 08:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc) DRV:[b]64bit:[/b] - [2011-03-18 08:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30) DRV:[b]64bit:[/b] - [2011-03-13 10:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:[b]64bit:[/b] - [2011-03-13 10:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:[b]64bit:[/b] - [2011-03-13 10:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:[b]64bit:[/b] - [2011-03-13 10:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:[b]64bit:[/b] - [2011-03-13 10:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:[b]64bit:[/b] - [2011-03-13 10:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:[b]64bit:[/b] - [2011-03-13 10:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-02-25 17:42:18 | 000,016,768 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger) DRV:[b]64bit:[/b] - [2011-01-18 17:16:46 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:[b]64bit:[/b] - [2010-12-31 18:30:10 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2010-05-20 15:26:28 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VX1000.sys -- (VX1000) DRV:[b]64bit:[/b] - [2010-02-18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2007-02-07 16:51:18 | 000,169,496 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adiusbawx64.sys -- (adiusbaw) DRV - [2011-05-25 19:06:20 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009-07-02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Google " FF - prefs.js..browser.search.order.1: "Google " FF - prefs.js..browser.search.selectedEngine: "Google " FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-12-26 18:02:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011-11-04 19:12:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011-11-05 08:39:17 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Robert\AppData\Roaming\IDM\idmmzcc5 [2011-10-30 16:36:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\Extensions [2012-01-29 15:09:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\e8fyq4a7.default\extensions [2012-01-29 15:09:31 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\e8fyq4a7.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2011-12-27 12:39:29 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\e8fyq4a7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012-01-29 15:09:31 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\e8fyq4a7.default\extensions\IplextoALL@ALLPlayer.org [2012-01-29 15:09:31 | 000,000,000 | ---D | M] ("Ivona Firefox Toolbar") -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\e8fyq4a7.default\extensions\IvonaFirefoxToolbar@ivona.com [2012-01-29 15:09:31 | 000,000,000 | ---D | M] (Wappalyzer) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\e8fyq4a7.default\extensions\wappalyzer@crunchlabz.com [2011-10-30 23:02:58 | 000,001,936 | ---- | M] () -- C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\e8fyq4a7.default\searchplugins\bilety-lotnicze.xml [2012-01-27 13:41:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions () (No name found) -- C:\USERS\ROBERT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E8FYQ4A7.DEFAULT\EXTENSIONS\{097D3191-E6FA-4728-9826-B533D755359D}.XPI () (No name found) -- C:\USERS\ROBERT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E8FYQ4A7.DEFAULT\EXTENSIONS\{3E9BB2A7-62CA-4EFA-A4E6-F6F6168A652D}.XPI () (No name found) -- C:\USERS\ROBERT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E8FYQ4A7.DEFAULT\EXTENSIONS\{75CEEE46-9B64-46F8-94BF-54012DE155F0}.XPI () (No name found) -- C:\USERS\ROBERT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E8FYQ4A7.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\ROBERT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E8FYQ4A7.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI () (No name found) -- C:\USERS\ROBERT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E8FYQ4A7.DEFAULT\EXTENSIONS\FIREPICKER@THEDARKONE.XPI () (No name found) -- C:\USERS\ROBERT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E8FYQ4A7.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI [2011-12-22 16:31:43 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011-12-21 06:04:32 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2011-12-21 06:04:32 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2011-12-21 06:04:32 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011-12-21 06:04:32 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2011-12-21 06:04:32 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-12-21 06:04:32 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-12-22 21:47:40 | 000,001,798 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 adobe.activate.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 www.adobeereg.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 125.252.224.90 O1 - Hosts: 127.0.0.1 125.252.224.91 O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com O2:[b]64bit:[/b] - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVONA Software Sp. z o.o.) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found. O2 - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVONA Software Sp. z o.o.) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVONA Software Sp. z o.o.) O3 - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVONA Software Sp. z o.o.) O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000..\Run: [IVONA ControlCenter] C:\Program Files (x86)\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe (IVONA Software Sp. z o.o.) O4 - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000..\Run: [IVONA Reader] C:\Program Files (x86)\IVONA\IVONA Reader\IVONA Reader.exe (IVONA Software Sp. z o.o.) O4 - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000..\Run: [Odkurzacz-MCD] C:\Program Files (x86)\Odkurzacz\odk_mcd.exe (Franmo Software) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Robert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Robert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{64EB7665-A2E7-4B11-B310-D74C87366EB0}: DhcpNameServer = 62.179.1.63 62.179.1.62 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{713C7247-60C2-4709-8245-C4EEBC804B24}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-01-29 15:12:13 | 000,000,000 | R--D | C] -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices [2012-01-29 14:54:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager [2012-01-27 13:52:07 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2012-01-27 13:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-01-27 13:49:26 | 000,000,000 | ---D | C] -- C:\Users\Robert\jdk1.7.0_02_combo [2012-01-26 17:22:51 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\Artur logi [2012-01-26 14:39:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012-01-26 14:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012-01-26 14:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012-01-26 14:39:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012-01-21 16:12:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer [2012-01-21 16:11:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLPlayer [2012-01-17 17:16:16 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\nowy sam 4.9.2 [2012-01-17 00:28:12 | 000,548,864 | ---- | C] (Firebird Project) -- C:\Windows\SysWow64\GDS32.DLL [2012-01-17 00:28:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.5 (Win32) [2012-01-17 00:27:52 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAM Broadcaster [2012-01-17 00:27:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpacialAudio [2012-01-15 17:58:16 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2012-01-15 16:25:56 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\aga [2012-01-14 18:35:14 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\NapiProjekt [2012-01-14 15:28:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NapiProjekt [2012-01-11 16:30:54 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012-01-11 16:30:54 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012-01-11 16:30:53 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012-01-11 16:30:53 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012-01-11 16:30:49 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012-01-11 16:30:47 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012-01-11 16:30:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2012-01-11 16:24:58 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012-01-11 16:24:58 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012-01-11 16:24:58 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012-01-11 16:24:58 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012-01-11 16:24:58 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012-01-11 16:24:58 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012-01-11 13:20:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz [2012-01-11 13:19:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Odkurzacz [2012-01-06 00:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge [2012-01-06 00:46:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinMerge [2012-01-06 00:44:36 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\album [2012-01-06 00:06:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jAlbum [2012-01-06 00:06:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\jAlbum [2012-01-04 00:45:49 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\Nowy Archiwum WinRARa [2012-01-01 00:09:45 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012-01-01 00:09:45 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Adobe Mini Bridge CS5 [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-01-29 16:58:43 | 000,023,314 | ---- | M] () -- C:\Users\Robert\Desktop\blutit.jpg [2012-01-29 15:19:02 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-01-29 15:19:02 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-01-29 15:11:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-01-29 15:11:12 | 2800,357,376 | -HS- | M] () -- C:\hiberfil.sys [2012-01-29 01:02:52 | 000,000,600 | ---- | M] () -- C:\Users\Robert\winscp.RND [2012-01-26 15:11:25 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-01-26 15:11:25 | 000,697,912 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-01-26 15:11:25 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-01-26 15:11:25 | 000,134,990 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-01-26 15:11:25 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-01-26 14:42:35 | 000,033,018 | ---- | M] () -- C:\Users\Robert\Desktop\aggtytułu.jpg [2012-01-26 14:39:54 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012-01-23 23:49:21 | 003,404,727 | ---- | M] () -- C:\Users\Robert\Desktop\Ich und ich - Du Erinnerst Mich an Liebe pobrano z ulub_pl.mp3 [2012-01-23 22:51:56 | 003,749,511 | ---- | M] () -- C:\Users\Robert\Desktop\Bonnie Bianco _ Pierre Cosso - Stay pobrano z ulub_pl.mp3 [2012-01-23 22:22:30 | 004,265,305 | ---- | M] () -- C:\Users\Robert\Desktop\Lady Antebellum - Need You Now inna wersja.mp3 [2012-01-23 15:51:34 | 000,010,386 | ---- | M] () -- C:\Users\Robert\Desktop\jas.jpg [2012-01-21 16:12:15 | 000,001,023 | ---- | M] () -- C:\Users\Robert\Desktop\ALLPlayer V5.0.lnk [2012-01-21 00:39:59 | 000,075,976 | ---- | M] () -- C:\Users\Robert\Desktop\szczeniaki.jpg [2012-01-18 02:01:51 | 000,046,858 | ---- | M] () -- C:\Users\Robert\Desktop\Obraz.jpeg [2012-01-17 17:17:31 | 023,347,231 | ---- | M] () -- C:\Users\Robert\Desktop\nowy sam 4.9.2.rar [2012-01-17 00:27:52 | 000,002,032 | ---- | M] () -- C:\Users\Robert\Desktop\SAM Broadcaster.lnk [2012-01-16 22:49:37 | 000,000,046 | ---- | M] () -- C:\Windows\adiras.ini [2012-01-15 22:57:26 | 002,583,105 | ---- | M] () -- C:\Users\Robert\Desktop\P1130165.JPG [2012-01-15 17:56:54 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2012-01-15 15:50:16 | 002,608,786 | ---- | M] () -- C:\Users\Robert\Desktop\P1130162.JPG [2012-01-14 15:56:33 | 000,004,438 | ---- | M] () -- C:\Users\Robert\AppData\Local\setup.exe [2012-01-14 15:56:26 | 000,004,427 | ---- | M] () -- C:\Users\Robert\AppData\Local\promo.exe [2012-01-10 13:39:23 | 000,045,169 | ---- | M] () -- C:\Users\Robert\Desktop\cd4beb51eb.jpeg [2012-01-10 01:25:49 | 000,060,485 | ---- | M] () -- C:\Users\Robert\Desktop\4142617_500_s.jpg [2012-01-06 01:17:25 | 000,001,853 | ---- | M] () -- C:\Users\Robert\Desktop\WinSCP.lnk [2012-01-06 01:09:55 | 000,000,600 | ---- | M] () -- C:\Users\Robert\AppData\Local\PUTTY.RND [2012-01-04 00:45:15 | 009,568,996 | ---- | M] () -- C:\Users\Robert\Desktop\Nowy Archiwum WinRARa.rar [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-01-29 16:48:54 | 000,023,314 | ---- | C] () -- C:\Users\Robert\Desktop\blutit.jpg [2012-01-26 14:39:54 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012-01-26 14:37:08 | 000,033,018 | ---- | C] () -- C:\Users\Robert\Desktop\aggtytułu.jpg [2012-01-23 23:48:49 | 003,404,727 | ---- | C] () -- C:\Users\Robert\Desktop\Ich und ich - Du Erinnerst Mich an Liebe pobrano z ulub_pl.mp3 [2012-01-23 22:51:23 | 003,749,511 | ---- | C] () -- C:\Users\Robert\Desktop\Bonnie Bianco _ Pierre Cosso - Stay pobrano z ulub_pl.mp3 [2012-01-23 22:21:54 | 004,265,305 | ---- | C] () -- C:\Users\Robert\Desktop\Lady Antebellum - Need You Now inna wersja.mp3 [2012-01-21 16:12:15 | 000,001,023 | ---- | C] () -- C:\Users\Robert\Desktop\ALLPlayer V5.0.lnk [2012-01-21 16:12:11 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012-01-21 16:12:11 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll [2012-01-21 00:31:17 | 000,075,976 | ---- | C] () -- C:\Users\Robert\Desktop\szczeniaki.jpg [2012-01-20 12:04:27 | 000,289,280 | ---- | C] () -- C:\Users\Robert\Desktop\SnDk&p.exe [2012-01-18 01:55:50 | 000,046,858 | ---- | C] () -- C:\Users\Robert\Desktop\Obraz.jpeg [2012-01-17 17:17:18 | 023,347,231 | ---- | C] () -- C:\Users\Robert\Desktop\nowy sam 4.9.2.rar [2012-01-17 00:27:52 | 000,002,032 | ---- | C] () -- C:\Users\Robert\Desktop\SAM Broadcaster.lnk [2012-01-15 22:55:50 | 002,583,105 | ---- | C] () -- C:\Users\Robert\Desktop\P1130165.JPG [2012-01-15 15:50:11 | 002,608,786 | ---- | C] () -- C:\Users\Robert\Desktop\P1130162.JPG [2012-01-14 15:27:41 | 000,797,184 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.ax [2012-01-10 13:39:21 | 000,045,169 | ---- | C] () -- C:\Users\Robert\Desktop\cd4beb51eb.jpeg [2012-01-09 15:46:52 | 000,060,485 | ---- | C] () -- C:\Users\Robert\Desktop\4142617_500_s.jpg [2012-01-08 20:40:50 | 000,010,386 | ---- | C] () -- C:\Users\Robert\Desktop\jas.jpg [2012-01-06 00:44:24 | 009,007,765 | ---- | C] () -- C:\Users\Robert\Desktop\album.zip [2012-01-04 00:42:28 | 009,568,996 | ---- | C] () -- C:\Users\Robert\Desktop\Nowy Archiwum WinRARa.rar [2011-12-19 15:24:32 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-12-15 14:29:05 | 000,004,438 | ---- | C] () -- C:\Users\Robert\AppData\Local\setup.exe [2011-12-11 16:16:26 | 000,000,046 | ---- | C] () -- C:\Windows\adiras.ini [2011-12-10 13:55:24 | 000,004,427 | ---- | C] () -- C:\Users\Robert\AppData\Local\promo.exe [2011-11-12 20:12:46 | 000,000,600 | ---- | C] () -- C:\Users\Robert\AppData\Local\PUTTY.RND [2011-10-30 15:04:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-10-30 13:51:04 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011-08-10 13:01:46 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2010-05-20 15:26:28 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini [2009-07-14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009-07-14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009-07-14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2012-01-29 15:39:49 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\AIMP [2011-10-31 23:58:49 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\AIMP3 [2011-12-19 15:43:22 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\BESTplayer [2012-01-29 15:19:37 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\DMCache [2012-01-01 19:22:38 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\DVDVideoSoft [2011-12-27 12:38:31 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\DVDVideoSoftIEHelpers [2011-10-30 16:48:27 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\ESET [2011-12-18 18:58:27 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\EurekaLog [2012-01-06 14:31:23 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\GHISLER [2011-11-26 19:27:14 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\ImgBurn [2011-12-26 18:02:43 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\IrfanView [2011-11-15 19:16:10 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\IVONA ControlCenter [2011-11-15 21:46:43 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\IVONA Reader [2011-11-17 14:22:07 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\jAlbum [2012-01-21 16:10:44 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\NapiProjekt [2011-10-31 14:55:09 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Nokia [2012-01-06 01:05:11 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Notepad++ [2011-10-31 14:44:28 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\PC Suite [2012-01-01 00:09:45 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012-01-29 15:09:31 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\TeamViewer [2011-11-04 19:12:59 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Thunderbird [2012-01-29 15:09:31 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Tlen.pl [2011-12-19 15:52:33 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\XBMC [2011-12-12 21:07:39 | 000,032,520 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >