OTL logfile created on: 2012-02-27 18:33:35 - Run 1 OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Tymek\Desktop\Pobrane 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,79 Gb Total Physical Memory | 5,61 Gb Available Physical Memory | 72,03% Memory free 15,59 Gb Paging File | 13,33 Gb Available in Paging File | 85,51% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 201,52 Gb Total Space | 79,37 Gb Free Space | 39,38% Space Free | Partition Type: NTFS Computer Name: TYMEK-KOMPUTER | User Name: Tymek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-02-25 06:47:22 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Tymek\Desktop\Pobrane\OTL.exe PRC - [2012-02-17 18:48:24 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012-01-19 12:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2011-11-29 19:17:50 | 000,138,248 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\6.0.0.145\ccSvcHst.exe PRC - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-06-19 11:58:42 | 001,496,528 | ---- | M] (TrueCrypt Foundation) -- C:\Program Files\TrueCrypt\TrueCrypt.exe PRC - [2011-01-23 19:47:42 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe PRC - [2010-08-11 19:46:34 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2009-10-26 19:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe PRC - [2009-10-26 09:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe PRC - [2009-09-30 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009-09-30 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009-08-19 19:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe PRC - [2009-06-19 09:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe PRC - [2009-06-19 09:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe PRC - [2009-06-15 16:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe PRC - [2008-12-22 16:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe PRC - [2007-08-07 23:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-02-17 18:48:24 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2011-01-23 19:47:42 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe MOD - [2010-08-11 19:46:34 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe MOD - [2010-04-01 12:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdrs.dll MOD - [2010-04-01 12:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll MOD - [2009-05-27 07:16:50 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll MOD - [2009-04-28 02:56:40 | 000,024,576 | ---- | M] () -- C:\Windows\SysWOW64\LXECsmr.dll MOD - [2009-03-10 00:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll MOD - [2009-02-20 03:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXECsm.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011-11-21 15:10:10 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:[b]64bit:[/b] - [2010-11-29 15:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:[b]64bit:[/b] - [2010-04-14 16:08:23 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxecserv.exe -- (lxecCATSCustConnectService) SRV:[b]64bit:[/b] - [2010-04-14 15:08:30 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxeccoms.exe -- (lxec_device) SRV:[b]64bit:[/b] - [2009-08-02 15:54:14 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2007-08-07 23:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2012-01-19 12:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012-01-04 17:22:34 | 000,607,040 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2011-12-10 14:46:53 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-11-29 19:17:50 | 000,138,248 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360\Engine\6.0.0.145\ccSvcHst.exe -- (N360) SRV - [2011-11-21 15:12:56 | 001,403,200 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2011-11-21 15:10:04 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2010-04-14 15:08:12 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxeccoms.exe -- (lxec_device) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-09-30 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009-09-30 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009-06-15 16:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007-05-31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-02-27 15:09:21 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:[b]64bit:[/b] - [2011-11-23 19:23:48 | 001,092,728 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0600000.091\SymEFA64.sys -- (SymEFA) DRV:[b]64bit:[/b] - [2011-11-23 18:50:28 | 000,738,936 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0600000.091\srtsp64.sys -- (SRTSP) DRV:[b]64bit:[/b] - [2011-11-23 18:50:28 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0600000.091\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV:[b]64bit:[/b] - [2011-11-16 20:38:00 | 000,405,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0600000.091\symnets.sys -- (SymNetS) DRV:[b]64bit:[/b] - [2011-11-16 20:17:50 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0600000.091\Ironx64.sys -- (SymIRON) DRV:[b]64bit:[/b] - [2011-11-04 16:59:30 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0600000.091\ccSetx64.sys -- (ccSet_N360) DRV:[b]64bit:[/b] - [2011-10-27 14:12:31 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2011-10-15 09:53:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2011-08-15 23:51:40 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0600000.091\SymDS64.sys -- (SymDS) DRV:[b]64bit:[/b] - [2011-07-15 16:30:44 | 000,144,688 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:[b]64bit:[/b] - [2011-07-01 10:46:40 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:[b]64bit:[/b] - [2011-06-27 01:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2011-06-19 11:58:42 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt) DRV:[b]64bit:[/b] - [2011-04-10 17:51:08 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-01-12 10:42:12 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn) DRV:[b]64bit:[/b] - [2010-11-29 15:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:[b]64bit:[/b] - [2010-11-20 14:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm) DRV:[b]64bit:[/b] - [2010-11-20 14:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 12:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb) DRV:[b]64bit:[/b] - [2010-11-20 12:35:24 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd) DRV:[b]64bit:[/b] - [2010-11-20 12:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr) DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-10-15 00:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:[b]64bit:[/b] - [2010-07-08 06:32:23 | 000,257,120 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:[b]64bit:[/b] - [2010-03-25 09:08:46 | 000,120,704 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:[b]64bit:[/b] - [2010-03-24 12:58:36 | 000,249,856 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet) DRV:[b]64bit:[/b] - [2010-03-20 10:56:56 | 000,114,560 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev) DRV:[b]64bit:[/b] - [2010-02-26 15:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:[b]64bit:[/b] - [2010-01-07 02:20:22 | 000,448,512 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187.sys -- (RTL8187) DRV:[b]64bit:[/b] - [2010-01-05 02:23:20 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur) DRV:[b]64bit:[/b] - [2009-11-13 10:47:36 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:[b]64bit:[/b] - [2009-10-22 15:10:30 | 000,069,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:[b]64bit:[/b] - [2009-10-22 15:09:12 | 000,084,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K) DRV:[b]64bit:[/b] - [2009-09-17 11:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:[b]64bit:[/b] - [2009-08-21 07:48:18 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:[b]64bit:[/b] - [2009-08-06 22:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009-07-20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:[b]64bit:[/b] - [2009-07-14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2009-07-01 05:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:[b]64bit:[/b] - [2009-07-01 05:46:52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2009-07-01 05:46:48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2009-07-01 05:46:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2009-06-10 21:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-13 02:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2009-04-07 08:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2009-02-25 13:31:38 | 000,006,144 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Axtmvflt.sys -- (Axtmvflt) DRV:[b]64bit:[/b] - [2009-02-25 13:31:36 | 000,052,224 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Axtmvprt.sys -- (Axtmvprt) DRV:[b]64bit:[/b] - [2009-02-25 13:31:26 | 000,054,272 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Axtmvmdm.sys -- (Axtmvmdm) DRV:[b]64bit:[/b] - [2007-07-24 10:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) DRV:[b]64bit:[/b] - [2006-12-22 19:05:52 | 000,559,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrxusb.sys -- (athrusb) DRV - [2012-02-26 01:00:00 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120226.016\ex64.sys -- (NAVEX15) DRV - [2012-02-26 01:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120226.016\eng64.sys -- (NAVENG) DRV - [2012-02-24 16:26:06 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120224.002\IDSviA64.sys -- (IDSVia64) DRV - [2012-02-04 08:29:18 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2012-02-04 08:29:18 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2011-11-28 21:48:56 | 001,157,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120215.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2010-02-24 14:41:50 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-932920609-1573968339-3503488134-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-932920609-1573968339-3503488134-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-932920609-1573968339-3503488134-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://encrypted.google.com/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {e3f6c2cc-d8db-498c-af6c-499fb211db97}:1.10.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0 FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5 FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:5.0 FF - prefs.js..network.proxy.type: 0 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Tymek\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Tymek\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tymek\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tymek\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\ [2012-02-27 15:20:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\ [2012-02-27 18:13:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-02-17 18:48:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-02-16 13:29:55 | 000,000,000 | ---D | M] [2010-06-16 16:10:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tymek\AppData\Roaming\mozilla\Extensions [2012-02-12 15:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tymek\AppData\Roaming\mozilla\Firefox\Profiles\n4yv9wfc.default\extensions [2012-01-14 10:00:29 | 000,000,000 | ---D | M] (Page Speed) -- C:\Users\Tymek\AppData\Roaming\mozilla\Firefox\Profiles\n4yv9wfc.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97} [2012-01-24 09:32:31 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Tymek\AppData\Roaming\mozilla\Firefox\Profiles\n4yv9wfc.default\extensions\firefox@ghostery.com [2012-02-12 15:57:30 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Tymek\AppData\Roaming\mozilla\Firefox\Profiles\n4yv9wfc.default\extensions\foxyproxy@eric.h.jung [2012-02-05 11:41:42 | 000,000,000 | ---D | M] (KeeFox) -- C:\Users\Tymek\AppData\Roaming\mozilla\Firefox\Profiles\n4yv9wfc.default\extensions\keefox@chris.tomlinson [2012-02-03 16:51:34 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Tymek\AppData\Roaming\mozilla\Firefox\Profiles\n4yv9wfc.default\extensions\LogMeInClient@logmein.com [2012-02-25 06:43:17 | 000,004,873 | ---- | M] () -- C:\Users\Tymek\AppData\Roaming\Mozilla\Firefox\Profiles\n4yv9wfc.default\searchplugins\isohunt--bt-search.xml [2012-02-20 13:33:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-02-20 13:33:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} () (No name found) -- C:\USERS\TYMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4YV9WFC.DEFAULT\EXTENSIONS\{4C7097F7-08F2-4EF2-9B9F-F95FA4CBB064}.XPI () (No name found) -- C:\USERS\TYMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4YV9WFC.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\TYMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4YV9WFC.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI () (No name found) -- C:\USERS\TYMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4YV9WFC.DEFAULT\EXTENSIONS\USS-BUTTON@UPLOADSCREENSHOT.COM.XPI [2012-02-17 18:48:25 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-02-20 13:33:30 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [1999-12-31 16:00:00 | 000,170,080 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2012-02-17 18:48:21 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-17 18:48:21 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-17 18:48:21 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-17 18:48:21 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-17 18:48:21 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-17 18:48:21 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Tymek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Tymek\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Tymek\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Tymek\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Users\Tymek\AppData\Local\Google\Chrome\Application\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Users\Tymek\AppData\Local\Google\Chrome\Application\plugins\nprpjplug.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Tymek\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Tymek\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\Tymek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Users\Tymek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\ CHR - Extension: AdBlock = C:\Users\Tymek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.19_0\ CHR - Extension: ChromeIPass = C:\Users\Tymek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae\1.0.7_0\ CHR - Extension: Gmail = C:\Users\Tymek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ Hosts file not found O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.0.0.145\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.0.0.145\IPS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.0.0.145\CoIEPlg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-932920609-1573968339-3503488134-1001\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found. O3 - HKU\S-1-5-21-932920609-1573968339-3503488134-1004\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.0.0.145\CoIEPlg.dll (Symantec Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:[b]64bit:[/b] - HKLM..\Run: [lxecmon.exe] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe () O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe () O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-932920609-1573968339-3503488134-1001..\Run: [TrueCrypt] C:\Program Files\TrueCrypt\TrueCrypt.exe (TrueCrypt Foundation) O4 - HKU\S-1-5-21-932920609-1573968339-3503488134-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-932920609-1573968339-3503488134-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-932920609-1573968339-3503488134-1004..\RunOnce: [UniblueDriverScanner] C:\Program Files (x86)\Uniblue\DriverScanner\Launcher.exe delay File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-932920609-1573968339-3503488134-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-932920609-1573968339-3503488134-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O7 - HKU\S-1-5-21-932920609-1573968339-3503488134-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {108D3206-846A-4A93-BACB-F0572D043ED7} http://192.168.1.148/webrec.cab (SurveillanceCtrl Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab (SysInfo Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DE62826-2501-47D3-A7A4-8B115EEEBED7}: NameServer = 192.168.1.20 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35A56C32-E383-443D-853A-E543FB4C7BD4}: DhcpNameServer = 85.219.244.253 85.219.212.253 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{55AE3BB2-3253-436D-8178-2669DED66181}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{645FE216-7FA3-4E5E-BE29-A8B57773ED04}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F2CC2D3-93B6-49C5-9EF0-0B59EB72B0E8}: DhcpNameServer = 85.219.244.253 85.219.212.253 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1D0F3F0-61CB-4421-AD10-80FF4802519F}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E69F0F47-E016-42C0-81FF-07DD1A3CAFB7}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-02-25 13:52:23 | 000,493,374 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O33 - MountPoints2\{02ac51b1-1faf-11e0-8af4-20cf3026f56f}\Shell - "" = AutoRun O33 - MountPoints2\{02ac51b1-1faf-11e0-8af4-20cf3026f56f}\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\{05052467-bf26-11e0-97ae-1c4bd61a2cc6}\Shell - "" = AutoRun O33 - MountPoints2\{05052467-bf26-11e0-97ae-1c4bd61a2cc6}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{08baa027-1e5f-11e1-9d5c-1c4bd61a2cc6}\Shell - "" = AutoRun O33 - MountPoints2\{08baa027-1e5f-11e1-9d5c-1c4bd61a2cc6}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{08baa029-1e5f-11e1-9d5c-1c4bd61a2cc6}\Shell - "" = AutoRun O33 - MountPoints2\{08baa029-1e5f-11e1-9d5c-1c4bd61a2cc6}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{08baa02c-1e5f-11e1-9d5c-1c4bd61a2cc6}\Shell - "" = AutoRun O33 - MountPoints2\{08baa02c-1e5f-11e1-9d5c-1c4bd61a2cc6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{52dc8644-7940-11df-ab60-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{52dc8644-7940-11df-ab60-806e6f6e6963}\Shell\AutoRun\command - "" = D:\InstAll.exe O33 - MountPoints2\{6038e7d4-1328-11e0-9460-1c4bd61a2cc6}\Shell - "" = AutoRun O33 - MountPoints2\{6038e7d4-1328-11e0-9460-1c4bd61a2cc6}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true O33 - MountPoints2\{6d21dd6e-1aba-11e1-a38c-1c4bd61a2cc6}\Shell - "" = AutoRun O33 - MountPoints2\{6d21dd6e-1aba-11e1-a38c-1c4bd61a2cc6}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{6d21dd75-1aba-11e1-a38c-1c4bd61a2cc6}\Shell - "" = AutoRun O33 - MountPoints2\{6d21dd75-1aba-11e1-a38c-1c4bd61a2cc6}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{cb36a3cd-1286-11e0-a5ec-20cf3026f56f}\Shell - "" = AutoRun O33 - MountPoints2\{cb36a3cd-1286-11e0-a5ec-20cf3026f56f}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{cb36a3d3-1286-11e0-a5ec-20cf3026f56f}\Shell - "" = AutoRun O33 - MountPoints2\{cb36a3d3-1286-11e0-a5ec-20cf3026f56f}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{d33aed33-7ac5-11df-938f-1c4bd60fcb55}\Shell - "" = AutoRun O33 - MountPoints2\{d33aed33-7ac5-11df-938f-1c4bd60fcb55}\Shell\AutoRun\command - "" = F:\MicroLauncher.exe O33 - MountPoints2\{dcf90bc0-009d-11e1-ab09-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{dcf90bc0-009d-11e1-ab09-806e6f6e6963}\Shell\AutoRun\command - "" = J:\AUTORUN.EXE O33 - MountPoints2\{eb740946-b6e9-11e0-9134-1c4bd61a2cc6}\Shell - "" = AutoRun O33 - MountPoints2\{eb740946-b6e9-11e0-9134-1c4bd61a2cc6}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{f4d07610-1f12-11e1-b1da-1c4bd61a2cc6}\Shell - "" = AutoRun O33 - MountPoints2\{f4d07610-1f12-11e1-b1da-1c4bd61a2cc6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{f4d07614-1f12-11e1-b1da-1c4bd61a2cc6}\Shell - "" = AutoRun O33 - MountPoints2\{f4d07614-1f12-11e1-b1da-1c4bd61a2cc6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-02-27 15:10:04 | 000,126,312 | R--- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2012-02-27 15:10:04 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll [2012-02-27 14:54:01 | 000,000,000 | ---D | C] -- C:\Users\Tymek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton [2012-02-26 21:59:39 | 000,000,000 | ---D | C] -- C:\Users\Tymek\Desktop\cgi-bin [2012-02-26 21:35:05 | 000,000,000 | ---D | C] -- C:\Users\Tymek\Desktop\dekoracje1 [2012-02-26 14:00:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Płatnik 8.01.001A [2012-02-24 16:49:00 | 000,000,000 | ---D | C] -- C:\Users\Tymek\AppData\Local\FileTypeAssistant [2012-02-24 16:35:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Offers from Freeze.com [2012-02-23 20:23:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP [2012-02-23 09:47:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Manta GPS-410 Unlock v1.04 [2012-02-22 11:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CeRegEditor [2012-02-22 11:21:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CeRegEditor [2012-02-20 13:33:43 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012-02-20 13:33:43 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012-02-20 13:33:43 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012-02-20 13:33:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012-02-17 15:46:00 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012-02-17 15:45:59 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012-02-17 15:45:58 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012-02-17 15:45:58 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012-02-17 15:45:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012-02-17 15:45:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012-02-17 15:45:56 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012-02-17 15:45:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012-02-17 15:45:56 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012-02-17 15:45:55 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012-02-17 15:45:55 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012-02-16 10:52:56 | 000,000,000 | ---D | C] -- C:\Users\Tymek\AppData\Roaming\NetMeter [2012-02-16 09:46:38 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2012-02-16 09:46:32 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2012-02-16 09:46:32 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2012-02-16 09:46:22 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2012-02-04 10:13:00 | 000,000,000 | ---D | C] -- C:\Users\Tymek\Desktop\images [2012-02-01 19:00:56 | 000,000,000 | ---D | C] -- C:\Users\Tymek\Desktop\vikaro obrazy [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Users\Tymek\Desktop\*.tmp files -> C:\Users\Tymek\Desktop\*.tmp -> ] [2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-02-27 18:20:39 | 000,017,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-02-27 18:20:39 | 000,017,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-02-27 18:13:00 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-02-27 18:12:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-02-27 18:12:16 | 1981,132,799 | -HS- | M] () -- C:\hiberfil.sys [2012-02-27 17:16:33 | 001,558,616 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-02-27 17:16:33 | 000,703,060 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-02-27 17:16:33 | 000,619,704 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-02-27 17:16:33 | 000,137,116 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-02-27 17:16:33 | 000,108,024 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-02-27 16:47:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-932920609-1573968339-3503488134-1001UA.job [2012-02-27 16:47:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-02-27 16:30:56 | 000,146,748 | ---- | M] () -- C:\Users\Tymek\Desktop\2012-02-27 16;30;53.PDF [2012-02-27 15:22:22 | 000,004,782 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0600000.091\VT20111023.022 [2012-02-27 15:16:51 | 002,128,320 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0600000.091\Cat.DB [2012-02-27 15:09:21 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2012-02-27 15:09:21 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2012-02-27 15:09:21 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2012-02-27 12:46:51 | 000,001,476 | ---- | M] () -- C:\Windows\AmHL.ini [2012-02-27 09:47:00 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-932920609-1573968339-3503488134-1001Core.job [2012-02-26 19:34:26 | 000,345,808 | ---- | M] () -- C:\Users\Tymek\Desktop\dekoracje1.sql [2012-02-26 19:25:02 | 000,099,984 | ---- | M] () -- C:\Users\Tymek\Documents\Wydruk .pdf [2012-02-26 14:58:39 | 000,096,173 | ---- | M] () -- C:\Users\Tymek\Desktop\zua.pdf [2012-02-26 14:00:31 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\Płatnik 8.01.001A.lnk [2012-02-24 10:13:03 | 000,185,806 | ---- | M] () -- C:\Users\Tymek\Desktop\41x80 kopia.jpg [2012-02-22 22:29:04 | 000,002,639 | ---- | M] () -- C:\Windows\AMML.ini [2012-02-21 17:52:00 | 000,182,272 | ---- | M] () -- C:\Users\Tymek\Desktop\035302.JPG [2012-02-21 10:47:21 | 000,002,054 | -H-- | M] () -- C:\Users\Tymek\Documents\Default.rdp [2012-02-20 22:43:11 | 000,119,330 | ---- | M] () -- C:\Users\Tymek\Documents\Opłata skarbowa. - PO 4-M-8051-088_90.pdf [2012-02-20 22:27:47 | 000,152,905 | ---- | M] () -- C:\Users\Tymek\Documents\Weksel in blanco jako metoda zabezpieczenia roszczeń - Niedźwiedzka Małgorzata - ABC nr 72858.pdf [2012-02-20 13:33:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2012-02-20 13:33:30 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012-02-20 13:33:30 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012-02-20 13:33:30 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012-02-18 20:23:44 | 000,000,804 | ---- | M] () -- C:\Users\Tymek\Desktop\dekoracja — skrót.lnk [2012-02-17 18:45:23 | 000,493,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-02-15 23:03:02 | 000,083,042 | ---- | M] () -- C:\Users\Tymek\Desktop\logo.png [2012-02-05 13:12:53 | 000,083,804 | ---- | M] () -- C:\Users\Tymek\Desktop\logo2.png [2012-02-04 12:09:13 | 014,235,955 | ---- | M] () -- C:\Users\Tymek\Desktop\(00)MOV000.3gp [2012-02-01 19:08:42 | 000,001,228 | ---- | M] () -- C:\Users\Tymek\Desktop\peerblock.lnk [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Users\Tymek\Desktop\*.tmp files -> C:\Users\Tymek\Desktop\*.tmp -> ] [2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-02-27 16:30:56 | 000,146,748 | ---- | C] () -- C:\Users\Tymek\Desktop\2012-02-27 16;30;53.PDF [2012-02-27 11:29:31 | 000,345,808 | ---- | C] () -- C:\Users\Tymek\Desktop\dekoracje1.sql [2012-02-26 14:58:39 | 000,096,173 | ---- | C] () -- C:\Users\Tymek\Desktop\zua.pdf [2012-02-26 14:00:30 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\Płatnik 8.01.001A.lnk [2012-02-24 10:13:40 | 000,185,806 | ---- | C] () -- C:\Users\Tymek\Desktop\41x80 kopia.jpg [2012-02-23 20:23:47 | 000,001,859 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [2012-02-21 17:52:00 | 000,182,272 | ---- | C] () -- C:\Users\Tymek\Desktop\035302.JPG [2012-02-20 22:43:09 | 000,119,330 | ---- | C] () -- C:\Users\Tymek\Documents\Opłata skarbowa. - PO 4-M-8051-088_90.pdf [2012-02-20 22:27:41 | 000,152,905 | ---- | C] () -- C:\Users\Tymek\Documents\Weksel in blanco jako metoda zabezpieczenia roszczeń - Niedźwiedzka Małgorzata - ABC nr 72858.pdf [2012-02-18 20:23:44 | 000,000,804 | ---- | C] () -- C:\Users\Tymek\Desktop\dekoracja — skrót.lnk [2012-02-09 11:27:18 | 000,083,042 | ---- | C] () -- C:\Users\Tymek\Desktop\logo.png [2012-02-04 12:06:55 | 014,235,955 | ---- | C] () -- C:\Users\Tymek\Desktop\(00)MOV000.3gp [2012-02-04 10:13:16 | 000,083,804 | ---- | C] () -- C:\Users\Tymek\Desktop\logo2.png [2012-02-01 19:08:42 | 000,001,228 | ---- | C] () -- C:\Users\Tymek\Desktop\peerblock.lnk [2011-10-03 16:43:18 | 000,081,920 | ---- | C] () -- C:\Users\Tymek\AppData\Roaming\fontdb.mdb [2011-10-03 16:43:18 | 000,000,130 | ---- | C] () -- C:\Windows\ODBC.INI [2011-07-01 15:07:22 | 000,038,438 | ---- | C] () -- C:\Users\Tymek\AppData\Roaming\Wartości oddzielone przecinkami (Windows).ADR [2011-07-01 15:04:57 | 000,038,434 | ---- | C] () -- C:\Users\Tymek\AppData\Roaming\Wartości oddzielone przecinkami (DOS).ADR [2011-07-01 13:42:50 | 001,578,996 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-05-20 23:11:50 | 000,003,584 | ---- | C] () -- C:\Users\Tymek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-05-20 22:51:34 | 000,000,573 | ---- | C] () -- C:\Users\Tymek\AppData\Roaming\AutoGK.ini [2011-04-10 17:49:10 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2011-04-10 17:49:10 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2011-04-10 17:49:10 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2011-04-10 17:18:24 | 013,356,032 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011-04-09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011-02-22 13:39:48 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecpmui.dll [2011-02-22 13:39:48 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecinpa.dll [2011-02-22 13:39:48 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxeccomx.dll [2011-02-22 13:39:48 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeciesc.dll [2011-02-22 13:39:48 | 000,331,776 | ---- | C] () -- C:\Windows\SysWow64\LXECinst.dll [2011-02-22 13:39:48 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxecins.dll [2011-02-22 13:39:48 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxecinsb.dll [2011-02-22 13:39:48 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxeccu.dll [2011-02-22 13:39:48 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\lxecinsr.dll [2011-02-22 13:39:48 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxeccub.dll [2011-02-22 13:39:48 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxecjswr.dll [2011-02-22 13:39:48 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxeccur.dll [2011-02-22 13:39:47 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecserv.dll [2011-02-22 13:39:47 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecusb1.dll [2011-02-22 13:39:47 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomc.dll [2011-02-22 13:39:47 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxechbn3.dll [2011-02-22 13:39:47 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccoms.exe [2011-02-22 13:39:47 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeclmpm.dll [2011-02-22 13:39:47 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccfg.exe [2011-02-22 13:39:47 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomm.dll [2011-02-22 13:39:47 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecih.exe [2011-01-28 09:25:26 | 000,007,601 | ---- | C] () -- C:\Users\Tymek\AppData\Local\Resmon.ResmonCfg [2011-01-02 11:40:06 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL [2011-01-01 11:53:54 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll [2010-06-23 15:59:22 | 000,001,456 | ---- | C] () -- C:\Users\Tymek\AppData\Local\Adobe Save for Web 12.0 Prefs [2010-06-16 18:54:26 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXECsm.dll [2010-06-16 18:54:26 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\LXECsmr.dll [2010-06-16 18:05:43 | 000,001,476 | ---- | C] () -- C:\Windows\AmHL.ini [2010-06-16 18:03:38 | 000,000,106 | ---- | C] () -- C:\Windows\mxreader.INI [2010-06-16 18:03:20 | 000,002,639 | ---- | C] () -- C:\Windows\AMML.ini [2010-06-16 16:48:10 | 000,000,078 | ---- | C] () -- C:\Users\Tymek\AppData\Roaming\wklnhst.dat [2010-06-16 16:01:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [color=#E56717]========== LOP Check ==========[/color] [2010-07-08 06:39:09 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Acronis [2012-02-09 17:46:06 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\BatteryBar [2011-06-15 21:56:41 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\BESTplayer [2011-10-03 16:44:09 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\BorWare [2010-06-21 17:28:28 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Canneverbe Limited [2011-11-08 11:45:03 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\DAEMON Tools Lite [2011-03-21 11:17:32 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Dropbox [2011-02-22 13:52:19 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\EurekaLog [2012-02-27 15:14:28 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\FileZilla [2010-06-17 17:22:48 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\GHISLER [2011-01-16 22:19:00 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\GlarySoft [2010-08-31 07:35:09 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\GrabPro [2011-11-11 16:06:06 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Gzegzolka XP [2010-07-15 06:21:10 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\HD Tune Pro [2011-08-17 22:01:14 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\IrfanView [2012-02-27 17:21:22 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\KeePass [2011-12-06 13:17:13 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Might & Magic Heroes VI [2011-12-27 13:14:46 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\NapiProjekt [2012-02-16 10:54:28 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\NetMeter [2011-06-28 19:43:11 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Notepad++ [2010-09-01 13:18:43 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\OpenOffice.org [2010-06-22 07:09:50 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Opera [2011-06-10 15:08:56 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Orbit [2011-09-17 14:42:57 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\pdfforge [2010-08-31 07:35:15 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\ProgSense [2011-01-15 13:01:43 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\ProtectDISC [2010-06-16 18:03:31 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Sage [2010-12-23 08:45:07 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Softland [2010-09-06 20:54:29 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Sports Interactive [2011-01-19 18:09:25 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Subversion [2011-12-08 13:49:36 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\TeamViewer [2011-03-21 11:26:31 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\TeamViewer Manager [2010-08-31 18:46:54 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Template [2011-02-10 19:13:21 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Thinstall [2010-06-17 16:58:32 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Tific [2011-05-01 17:54:08 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\TightVNC [2011-05-17 17:34:54 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\TP [2011-07-01 14:28:26 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\TrueCrypt [2010-06-16 19:49:14 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\TuneUp Software [2010-07-09 06:51:08 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\Uniblue [2012-02-22 10:26:38 | 000,000,000 | ---D | M] -- C:\Users\Tymek\AppData\Roaming\uTorrent [2011-10-21 05:56:18 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >