OTL logfile created on: 2012-07-01 09:39:36 - Run 2
OTL by OldTimer - Version 3.2.53.0     Folder = D:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,94 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 85,43% Memory free
5,87 Gb Paging File | 5,47 Gb Available in Paging File | 93,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 275,71 Gb Total Space | 204,71 Gb Free Space | 74,25% Space Free | Partition Type: NTFS
Drive D: | 1004,20 Mb Total Space | 373,94 Mb Free Space | 37,24% Space Free | Partition Type: FAT
Drive E: | 17,08 Gb Total Space | 2,58 Gb Free Space | 15,12% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 2,13 Gb Free Space | 42,69% Space Free | Partition Type: FAT32
 
Computer Name: KAROL-HP | User Name: Karol | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-07-01 09:29:44 | 000,596,992 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2011-02-12 05:07:16 | 000,820,048 | R--- | M] (DigitalPersona, Inc.) -- c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2011-02-12 05:07:16 | 000,481,104 | R--- | M] (DigitalPersona, Inc.) [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:[b]64bit:[/b] - [2011-02-09 20:28:12 | 001,318,912 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe -- (McAfee Endpoint Encryption Agent)
SRV:[b]64bit:[/b] - [2011-01-28 18:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe -- (HPDayStarterService)
SRV:[b]64bit:[/b] - [2011-01-27 03:11:48 | 000,131,128 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:[b]64bit:[/b] - [2011-01-27 01:01:00 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:[b]64bit:[/b] - [2011-01-22 04:36:02 | 003,154,224 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:[b]64bit:[/b] - [2010-08-04 11:51:34 | 006,075,816 | ---- | M] (CANON INC.) [Auto | Stopped] -- C:\Program Files\Canon\DIAS\CnxDIAS.exe -- (Canon Driver Information Assist Service)
SRV:[b]64bit:[/b] - [2010-04-07 15:04:24 | 000,127,800 | ---- | M] (HP) [Auto | Stopped] -- C:\Windows\SysNative\HPSIsvc.exe -- (HPSIService)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-06-05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-05-12 11:46:04 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-03-14 14:50:56 | 000,365,440 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2012-03-14 10:28:28 | 000,197,504 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-10-01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011-10-01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011-09-09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011-08-11 20:29:24 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Stopped] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011-04-17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS)
SRV - [2011-03-07 22:48:10 | 000,062,184 | ---- | M] (Xobni Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Xobni\XobniService.exe -- (XobniService)
SRV - [2011-02-07 20:41:26 | 000,320,000 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2011-02-04 00:09:18 | 000,464,480 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- c:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
SRV - [2011-01-26 19:00:00 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011-01-22 04:24:50 | 002,708,784 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2011-01-18 22:42:44 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2011-01-17 21:42:04 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011-01-17 21:42:02 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2011-01-12 20:12:06 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [On_Demand | Stopped] -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2011-01-07 05:08:38 | 000,138,400 | ---- | M] (Atheros) [Auto | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011-01-07 05:06:56 | 000,053,920 | ---- | M] (Atheros Commnucations) [Auto | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2010-11-11 09:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe -- (uArcCapture)
SRV - [2010-09-30 23:44:46 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010-03-18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-18 20:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012-03-13 01:43:58 | 000,392,752 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-12-04 10:48:13 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:[b]64bit:[/b] - [2011-10-01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011-10-01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011-10-01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011-10-01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011-09-26 07:34:41 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2011-04-21 03:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2011-03-31 05:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2011-03-31 05:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:[b]64bit:[/b] - [2011-03-26 06:17:50 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2011-03-15 04:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symefa64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-02-09 20:59:52 | 000,168,008 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\MfeEpePc.sys -- (MfeEpePc)
DRV:[b]64bit:[/b] - [2011-02-07 16:50:26 | 000,063,336 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
DRV:[b]64bit:[/b] - [2011-01-31 12:04:42 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:[b]64bit:[/b] - [2011-01-27 08:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symds64.sys -- (SymDS)
DRV:[b]64bit:[/b] - [2011-01-27 07:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2011-01-27 01:01:00 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:[b]64bit:[/b] - [2011-01-27 01:01:00 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:[b]64bit:[/b] - [2011-01-13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011-01-08 17:16:24 | 002,698,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2011-01-07 05:07:32 | 000,279,200 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2011-01-07 05:07:30 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:[b]64bit:[/b] - [2011-01-07 05:07:30 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:[b]64bit:[/b] - [2011-01-07 05:07:30 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:[b]64bit:[/b] - [2011-01-07 05:07:28 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:[b]64bit:[/b] - [2011-01-07 05:07:26 | 000,298,144 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:[b]64bit:[/b] - [2011-01-07 05:07:26 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2010-12-21 19:21:16 | 001,826,048 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:[b]64bit:[/b] - [2010-12-10 23:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:[b]64bit:[/b] - [2010-12-10 23:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:[b]64bit:[/b] - [2010-12-03 02:02:58 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:[b]64bit:[/b] - [2010-11-30 18:32:38 | 000,406,632 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010-11-25 23:42:46 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:[b]64bit:[/b] - [2010-11-25 23:42:44 | 000,256,000 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:[b]64bit:[/b] - [2010-11-25 23:42:44 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:[b]64bit:[/b] - [2010-11-25 23:42:44 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010-11-11 09:46:00 | 000,032,192 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:[b]64bit:[/b] - [2010-10-20 03:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:[b]64bit:[/b] - [2010-10-15 13:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:[b]64bit:[/b] - [2010-03-06 01:41:05 | 000,020,480 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvusbews.sys -- (mvusbews)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2009-06-10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011-11-14 21:28:01 | 001,156,216 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20111114.002\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011-11-09 09:49:23 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011-09-26 07:34:25 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111119.016\EX64.SYS -- (NAVEX15)
DRV - [2011-09-26 07:34:25 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111119.016\ENG64.SYS -- (NAVENG)
DRV - [2011-09-23 09:11:20 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111118.030\IDSviA64.sys -- (IDSVia64)
DRV - [2011-08-04 11:59:20 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS -- (MREMP50)
DRV - [2011-08-04 11:59:16 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS -- (MRESP50)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1330432088_666004
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/idg/idg_1330432088_666004
IE - HKLM\..\URLSearchHook: {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:\Program Files (x86)\Ashampoo_PO\prxtbAsh0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1376851607-1711935086-953919115-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1330432088_666004
IE - HKU\S-1-5-21-1376851607-1711935086-953919115-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-1376851607-1711935086-953919115-1001\..\URLSearchHook: {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:\Program Files (x86)\Ashampoo_PO\prxtbAsh0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1376851607-1711935086-953919115-1001\..\SearchScopes,DefaultScope = {FB714758-9168-4551-B9F5-145E493D9312}
IE - HKU\S-1-5-21-1376851607-1711935086-953919115-1001\..\SearchScopes\{FB714758-9168-4551-B9F5-145E493D9312}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms}
IE - HKU\S-1-5-21-1376851607-1711935086-953919115-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2011-05-10 22:06:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2011-10-04 21:17:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_9_4 [2012-07-01 09:05:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-05 23:03:14 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll (Google Inc.)
O2 - BHO: (Ashampoo PO Toolbar) - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:\Program Files (x86)\Ashampoo_PO\prxtbAsh0.dll (Conduit Ltd.)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Ashampoo PO Toolbar) - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:\Program Files (x86)\Ashampoo_PO\prxtbAsh0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll (Google Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Ashampoo PO Toolbar) - {D43723AE-1AE1-4A25-A6A4-BF0929273CAB} - C:\Program Files (x86)\Ashampoo_PO\prxtbAsh0.dll (Conduit Ltd.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Ashampoo PO Toolbar) - {D43723AE-1AE1-4A25-A6A4-BF0929273CAB} - C:\Program Files (x86)\Ashampoo_PO\prxtbAsh0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-1376851607-1711935086-953919115-1001\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-1376851607-1711935086-953919115-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-1376851607-1711935086-953919115-1001\..\Toolbar\WebBrowser: (Ashampoo PO Toolbar) - {D43723AE-1AE1-4A25-A6A4-BF0929273CAB} - C:\Program Files (x86)\Ashampoo_PO\prxtbAsh0.dll (Conduit Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MfeEpePcMonitor] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [TPSA_McciTrayApp] C:\Program Files\TPSA\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [iPlusManager] C:\Program Files (x86)\iPlus\iPlusChecker.exe ()
O4 - HKLM..\Run: [NUSB3MON] c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vbgqqfepewtcnsw] C:\ProgramData\vbgqqfep.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1376851607-1711935086-953919115-1001..\Run: [vbgqqfepewtcnsw] C:\ProgramData\vbgqqfep.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\ELMOT.Karol-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1376851607-1711935086-953919115-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04BB6264-1BFB-4086-9C14-70A72901FA94}: NameServer = 212.2.96.51 212.2.96.52
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08674247-CFA7-4B46-97A2-6FD5FE4772A1}: NameServer = 212.2.96.54 212.2.96.52
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{260CEA90-4C99-4AF1-A551-6CC9B5A0932F}: NameServer = 212.2.96.51 212.2.96.52
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2EBA30B6-FCFA-4C8F-819D-4865B0A9C4DB}: NameServer = 212.2.96.54 212.2.96.52
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{37A8EF06-4627-40CE-B14E-8B12695DF21F}: NameServer = 212.2.96.54 212.2.96.52
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53C51918-E938-4C55-AA8E-168DC1834156}: NameServer = 212.2.96.54 212.2.96.52
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{76007A88-8B61-41D0-953A-787854D0925F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C727727B-CAA6-4E4B-8112-D9073A7E90AD}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2ECA2CD-93DD-4A00-B9F9-DCEDCA7FFEDF}: NameServer = 212.2.96.53 212.2.96.54
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDFA5601-C30F-4033-9424-21DF98053B6F}: NameServer = 212.2.96.54 212.2.96.52
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\SysWow64\DeviceNP.dll (Hewlett-Packard Company)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{038818fd-27aa-11e1-9d80-68a3c4f080ea}\Shell - "" = AutoRun
O33 - MountPoints2\{038818fd-27aa-11e1-9d80-68a3c4f080ea}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{13e9ad7c-3133-11e1-9b71-6431509f9e74}\Shell - "" = AutoRun
O33 - MountPoints2\{13e9ad7c-3133-11e1-9b71-6431509f9e74}\Shell\AutoRun\command - "" = D:\SISetup.exe
O33 - MountPoints2\{2e533688-984b-11e1-9ce6-68a3c4f080ea}\Shell - "" = AutoRun
O33 - MountPoints2\{2e533688-984b-11e1-9ce6-68a3c4f080ea}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{2e5336a8-984b-11e1-9ce6-68a3c4f080ea}\Shell - "" = AutoRun
O33 - MountPoints2\{2e5336a8-984b-11e1-9ce6-68a3c4f080ea}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{2e533738-984b-11e1-9ce6-68a3c4f080ea}\Shell - "" = AutoRun
O33 - MountPoints2\{2e533738-984b-11e1-9ce6-68a3c4f080ea}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{3ccb9e82-094b-11e1-9ef8-68a3c4f080ea}\Shell - "" = AutoRun
O33 - MountPoints2\{3ccb9e82-094b-11e1-9ef8-68a3c4f080ea}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{8367742a-e603-11e0-9ae4-68a3c4f080ea}\Shell - "" = AutoRun
O33 - MountPoints2\{8367742a-e603-11e0-9ae4-68a3c4f080ea}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{8367743b-e603-11e0-9ae4-68a3c4f080ea}\Shell - "" = AutoRun
O33 - MountPoints2\{8367743b-e603-11e0-9ae4-68a3c4f080ea}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{f32b6c04-f32a-11e0-9e53-68a3c4f080ea}\Shell - "" = AutoRun
O33 - MountPoints2\{f32b6c04-f32a-11e0-9e53-68a3c4f080ea}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-07-01 09:03:24 | 000,000,000 | -HSD | C] -- C:\found.000
[2012-06-30 07:18:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ciccajnudrmntxw
[2012-06-29 20:14:07 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\%appdata%
[2012-06-29 19:39:30 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{FFAB21D9-DF6C-4B94-97E2-5B02EF34FC95}
[2012-06-29 19:39:19 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{AA0E4EFD-55A5-4F27-8C77-E5EC45819087}
[2012-06-29 07:26:19 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{1CED30D4-E4FD-4E0D-812C-BA207B5F88D7}
[2012-06-29 07:26:08 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{EA1EFF03-B0F5-483A-AEC6-6D3A3B85FD9D}
[2012-06-28 16:48:34 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{0998A328-D03D-42A1-BA60-E23A1C37B2AF}
[2012-06-28 16:48:22 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{A9C5BF2C-D952-4A7F-83A3-DE19080DAB50}
[2012-06-27 20:23:15 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{C1624216-360D-4B71-AD16-3710E9DBF1EE}
[2012-06-27 20:23:04 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{10B0E39F-AA67-4A21-B624-09C8788C4E8F}
[2012-06-27 14:36:03 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{004864EB-CF2F-4E06-A9D1-41E4546DF915}
[2012-06-27 14:35:51 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{7B3C5E82-2D31-4703-9D9F-378660C2E0AC}
[2012-06-26 20:11:01 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{6FD89660-1914-4228-B32C-5E105B110371}
[2012-06-26 20:10:50 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{E6B353E7-AA77-466A-88CF-44C7A612E863}
[2012-06-25 20:20:43 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{8569012E-06DF-4092-B456-CDD93F1526D9}
[2012-06-25 20:20:32 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{63841276-6029-4D6E-98C8-6CF88EA9C122}
[2012-06-25 14:09:14 | 000,000,000 | ---D | C] -- C:\Users\Karol\Documents\Druki GOFIN
[2012-06-25 14:08:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GOFIN
[2012-06-25 14:08:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOFIN
[2012-06-24 20:51:18 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{00B233A1-9E1D-4262-8CDF-23DA98AA4DB2}
[2012-06-24 20:51:07 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{3124B8B5-659D-41C1-B92C-1098EE2F0F52}
[2012-06-23 20:22:09 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{AE072AC7-AD19-4C2B-B30C-989BC60D9F2A}
[2012-06-23 20:21:58 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{553590B0-2DEE-4FD4-AE85-314D3E2DF31D}
[2012-06-23 07:20:18 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{555E520F-1ADA-4EC4-A60B-C565E4B74756}
[2012-06-23 07:20:06 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{CA9D5EE6-891E-4BB9-8FE1-1D59D04E1463}
[2012-06-22 19:02:59 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{B80A7DA0-8319-41CB-AB87-91E9520D7B66}
[2012-06-22 19:02:47 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{B6EC2CA3-B4AF-4DB1-A5A1-D8028EF08526}
[2012-06-22 07:11:08 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2012-06-22 07:11:08 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2012-06-22 07:11:07 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2012-06-22 07:10:55 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2012-06-22 07:10:55 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2012-06-22 07:10:55 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2012-06-22 07:10:37 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2012-06-22 07:10:37 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2012-06-22 07:00:31 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{5E208F88-3429-48BF-9299-85BB0418B1DE}
[2012-06-22 07:00:19 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{C17B550B-C45E-44CD-80CC-C402F630594C}
[2012-06-21 07:04:21 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{5D086C4B-1749-4681-AA1F-2F1BB4008E04}
[2012-06-21 07:04:06 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{F8082E50-8BBD-4583-962A-6842EB9988E6}
[2012-06-20 17:26:15 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{D6B9CFB7-F2F7-4859-B757-7DEFB45AB5AF}
[2012-06-20 17:26:05 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{B1112D3A-5132-4DB5-AFFB-749421383349}
[2012-06-20 17:25:38 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{875567A0-3AE2-4F89-AA7D-8EAE80341B3A}
[2012-06-19 19:58:43 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{879CB1C4-8CEF-4E5F-8AC5-E433C44DE20C}
[2012-06-19 19:58:27 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{28F5D571-E80F-489F-A6E6-5398ED175ABD}
[2012-06-19 07:03:30 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{9BEB41EE-4FE0-4CDE-B200-8F429ABCC284}
[2012-06-19 07:03:19 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{33B6370E-7228-4D56-8C7C-382C3FC077E2}
[2012-06-18 10:12:20 | 000,000,000 | ---D | C] -- C:\Users\Karol\Documents\STAJNIA
[2012-06-18 07:22:46 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{41D63CFD-8174-4BD4-9CD9-7D769FD05DEF}
[2012-06-17 07:53:06 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{8BB80F33-5DA0-4617-9994-5668DDAFF81B}
[2012-06-16 19:47:39 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{B81168F6-D849-44E1-A59C-F3E765232056}
[2012-06-15 19:59:59 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{9E75E295-0EE8-41CB-AA26-B8AA87682E80}
[2012-06-14 19:58:27 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{508995EA-F374-43FE-8242-B6655B4C5D79}
[2012-06-14 19:58:11 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{25053484-80B8-4D9D-8FD9-EBFB5D46D155}
[2012-06-14 06:48:15 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{8F70E9D7-25A9-4F08-8329-CB1F7A939ED3}
[2012-06-14 06:48:05 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{755A707E-35FD-43FC-BC13-73A3974387AE}
[2012-06-14 06:28:24 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012-06-14 06:28:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012-06-14 06:28:24 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012-06-14 06:28:24 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012-06-14 06:28:22 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012-06-14 06:28:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012-06-14 06:28:22 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012-06-14 06:28:22 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012-06-14 06:28:20 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012-06-14 06:28:20 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012-06-14 06:28:20 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012-06-14 06:28:20 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012-06-14 06:28:20 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012-06-13 13:22:19 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{FAB80382-DB51-4121-8BD6-AE05F7BE3B24}
[2012-06-13 13:22:04 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{4DC051D4-2130-4282-BD5E-B3B9355F27FF}
[2012-06-13 07:06:32 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2012-06-13 07:06:32 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2012-06-13 07:06:32 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe
[2012-06-13 07:06:22 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2012-06-13 07:06:21 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2012-06-13 07:06:21 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2012-06-13 07:06:10 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2012-06-13 07:06:06 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2012-06-13 07:06:05 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll
[2012-06-12 17:44:55 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{2586C08D-19C6-4548-81D1-46B8D8E22F80}
[2012-06-12 17:44:38 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{6F679190-4B9D-44D9-9968-488D3601F1E8}
[2012-06-11 21:00:19 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{A2794A92-C873-4CE6-A9E9-C320B703205D}
[2012-06-11 21:00:09 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{1F7402AC-EC85-4B49-88DB-377DBECE96EA}
[2012-06-11 07:30:07 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{09BFC888-1492-4816-8ABE-D449D39E52A1}
[2012-06-11 07:29:55 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{493EF72A-DA3A-403E-A23C-0E72277C7B9E}
[2012-06-10 13:33:42 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{1389E371-DD33-4A6A-A95C-64C7EEB6A788}
[2012-06-10 13:33:24 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{FCAADB5C-7923-401D-ADD8-BC9731ADF2D7}
[2012-06-09 23:40:55 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{EC07CB57-BC85-402F-891A-447A3555170F}
[2012-06-09 23:40:44 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{1BDE405F-361B-46F5-BB36-D1F8404335D4}
[2012-06-08 20:45:00 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{38B89DC4-B04F-4197-A1FA-7BAA78E54079}
[2012-06-08 20:44:49 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{97C93DCF-979B-40C6-B110-5D3A3C19C5B8}
[2012-06-08 07:14:08 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{51365A00-E66C-4845-9500-29AB98ABA5E1}
[2012-06-08 07:13:56 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{5BAD9DC0-9BEA-401E-B9B0-7B823479F810}
[2012-06-07 07:07:37 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{1A261F79-EDE6-4C00-BFA3-764B4F942EDE}
[2012-06-07 07:07:27 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{52F5A99E-248B-491F-A7D4-0845EE06A8F5}
[2012-06-06 13:07:49 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{67DE24B9-7E2F-4761-9276-6D02D68F565E}
[2012-06-06 13:07:34 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{A45C49EA-304E-4812-ABD2-5D30565B2D10}
[2012-06-05 20:10:53 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{1828EAF9-75B5-44D3-8ACE-7443F04DC218}
[2012-06-05 20:10:41 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{872C1E3E-8017-4AE2-B0AF-09C7C295F1F5}
[2012-06-04 20:31:34 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{DA717ACE-9AD5-4E8D-8394-51FF983ADF47}
[2012-06-04 20:31:24 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{8ED1C81E-1084-4F85-8AA6-CEB6EC3F1AC3}
[2012-06-04 08:30:57 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{3F1613F1-1F13-430F-B858-4040A17805BA}
[2012-06-04 08:30:45 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{A244A479-506F-47A7-8C99-6DF07FA249D2}
[2012-06-03 10:12:58 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{39ADD709-77FC-414A-AB9E-3F81A5C78A33}
[2012-06-03 10:12:47 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{B599A128-1B75-47DD-B794-BC8FF5E4952C}
[2012-06-02 14:09:50 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{2180AF5B-EFAE-42AA-9436-B9666199903C}
[2012-06-02 14:09:40 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{F9C1C8AC-3511-4E18-B7AB-E05FCCB42AA0}
[2012-06-01 18:53:17 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{0A126B33-60B9-4ADA-BC3D-77DC2BA765AF}
[2012-06-01 18:53:06 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\{D104B471-EB81-4CDA-A791-306540129215}
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-07-01 09:32:42 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012-07-01 09:32:36 | 3152,404,480 | -HS- | M] () -- C:\hiberfil.sys
[2012-07-01 09:05:54 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2012-07-01 09:05:53 | 000,001,042 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-07-01 09:05:21 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\Ikeext.etl
[2012-07-01 09:05:18 | 000,000,332 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForKarol.job
[2012-07-01 09:05:18 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2012-07-01 09:04:29 | 000,003,416 | ---- | M] () -- C:\bootsqm.dat
[2012-06-30 22:12:40 | 005,242,880 | -HS- | M] () -- C:\Users\Karol\NTUSER.DAT
[2012-06-30 21:49:05 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-30 21:49:05 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-30 21:47:02 | 000,001,046 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-30 21:45:54 | 001,718,004 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012-06-30 21:45:54 | 000,763,940 | ---- | M] () -- C:\windows\SysNative\perfh015.dat
[2012-06-30 21:45:54 | 000,661,736 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012-06-30 21:45:54 | 000,163,882 | ---- | M] () -- C:\windows\SysNative\perfc015.dat
[2012-06-30 21:45:54 | 000,130,026 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012-06-30 21:43:00 | 000,000,930 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012-06-30 07:18:19 | 000,000,052 | ---- | M] () -- C:\ProgramData\iycjbjgllbysfhk
[2012-06-30 07:18:12 | 000,072,192 | ---- | M] () -- C:\ProgramData\vbgqqfep.exe
[2012-06-30 07:18:12 | 000,072,192 | ---- | M] () -- C:\ProgramData\dzrbcrlf.exe
[2012-06-26 20:23:03 | 000,000,342 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForKAROL-HP$.job
[2012-06-25 14:08:53 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\Druki GOFIN.lnk
[2012-06-23 19:34:11 | 000,000,017 | ---- | M] () -- C:\windows\SysWow64\shortcut_ex.dat
[2012-06-22 07:11:35 | 002,059,234 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1207020.003\Cat.DB
[2012-06-16 22:54:59 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-06-16 19:47:27 | 000,063,696 | ---- | M] () -- C:\Users\Karol\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-06-14 07:20:16 | 000,002,480 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012-06-14 07:19:52 | 000,302,024 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012-06-12 18:25:06 | 000,000,332 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForELMOT.job
[2012-06-08 04:08:38 | 000,000,172 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1207020.003\isolate.ini
[2012-06-03 00:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2012-06-03 00:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2012-06-03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2012-06-03 00:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2012-06-03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2012-06-03 00:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2012-06-02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2012-06-02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-07-01 09:04:29 | 000,003,416 | ---- | C] () -- C:\bootsqm.dat
[2012-06-30 07:18:19 | 000,072,192 | ---- | C] () -- C:\ProgramData\vbgqqfep.exe
[2012-06-30 07:18:19 | 000,072,192 | ---- | C] () -- C:\ProgramData\dzrbcrlf.exe
[2012-06-30 07:18:12 | 000,000,052 | ---- | C] () -- C:\ProgramData\iycjbjgllbysfhk
[2012-06-25 14:08:53 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\Druki GOFIN.lnk
[2012-06-23 19:34:11 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat
[2012-06-16 22:54:59 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-04-25 11:20:53 | 000,001,115 | ---- | C] () -- C:\windows\SysWow64\SwiftShader.ini
[2012-03-06 22:37:47 | 000,015,872 | ---- | C] () -- C:\Users\Karol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-01-10 22:44:55 | 000,524,288 | -HS- | C] () -- C:\Users\Karol\NTUSER.DAT{c7d747f0-3bcb-11e1-9719-68a3c4f080ea}.TMContainer00000000000000000002.regtrans-ms
[2012-01-10 22:44:55 | 000,524,288 | -HS- | C] () -- C:\Users\Karol\NTUSER.DAT{c7d747f0-3bcb-11e1-9719-68a3c4f080ea}.TMContainer00000000000000000001.regtrans-ms
[2012-01-10 22:44:55 | 000,065,536 | -HS- | C] () -- C:\Users\Karol\NTUSER.DAT{c7d747f0-3bcb-11e1-9719-68a3c4f080ea}.TM.blf
[2011-12-02 15:05:31 | 000,000,159 | ---- | C] () -- C:\windows\SST.INI
[2011-09-23 18:54:13 | 000,063,696 | ---- | C] () -- C:\Users\Karol\AppData\Local\GDIPFONTCACHEV1.DAT
[2011-09-23 18:47:45 | 005,242,880 | -HS- | C] () -- C:\Users\Karol\NTUSER.DAT
[2011-09-23 18:47:45 | 000,524,288 | -HS- | C] () -- C:\Users\Karol\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2011-09-23 18:47:45 | 000,524,288 | -HS- | C] () -- C:\Users\Karol\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2011-09-23 18:47:45 | 000,065,536 | -HS- | C] () -- C:\Users\Karol\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2011-09-23 18:47:45 | 000,000,020 | -HS- | C] () -- C:\Users\Karol\ntuser.ini
[2011-06-14 09:27:52 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdbdggg.sys
[2011-06-14 09:14:00 | 000,025,984 | ---- | C] () -- C:\windows\snuvcdsm.exe
[2011-06-14 09:13:59 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2011-05-10 22:28:58 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdbeaec.sys
[2011-05-10 22:12:42 | 000,000,178 | ---- | C] () -- C:\windows\SysWow64\HPPA.ini
[2011-05-10 22:07:05 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdbeabi.sys
[2011-05-10 21:40:34 | 001,641,102 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011-03-26 06:16:12 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2011-03-26 06:16:10 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2011-03-26 06:16:10 | 000,216,876 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2011-02-26 00:32:12 | 000,012,144 | ---- | C] () -- C:\windows\HPun2430Version.dll
[2011-02-12 05:07:16 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPSCEL.dll.hpsign
[2011-02-12 05:07:16 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApi.dll.hpsign
[2011-02-12 05:07:16 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPClback.dll.hpsign
[2011-02-12 05:04:36 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPLic.dll.hpsign
[2011-02-04 00:09:24 | 000,366,176 | ---- | C] () -- C:\windows\SysWow64\flcdlmsg.dll
[2011-02-03 05:49:02 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApiUI.dll.hpsign
[2011-02-03 05:47:42 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPPassFilter.dll.hpsign
[2011-02-03 05:47:42 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPCrProv.dll.hpsign
[2011-01-30 01:49:32 | 000,017,232 | ---- | C] () -- C:\windows\SysWow64\CoHpCasl.exe
[2011-01-22 21:40:54 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\vcsAPIShared.dll.hpsign
[2011-01-11 05:03:08 | 086,271,980 | ---- | C] () -- C:\windows\SysWow64\BioTrustFace.dat
[2010-12-07 07:16:34 | 000,181,072 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll
[2010-12-07 07:16:34 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll.hpsign
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-03-08 09:57:53 | 000,000,000 | ---D | M] -- C:\Users\ELMOT.Karol-HP\AppData\Roaming\Ashampoo
[2011-12-11 18:10:29 | 000,000,000 | ---D | M] -- C:\Users\ELMOT.Karol-HP\AppData\Roaming\DigitalPersona
[2011-12-30 10:19:13 | 000,000,000 | ---D | M] -- C:\Users\ELMOT.Karol-HP\AppData\Roaming\IGC
[2011-12-20 15:29:28 | 000,000,000 | ---D | M] -- C:\Users\ELMOT.Karol-HP\AppData\Roaming\iPlus
[2012-01-25 11:42:45 | 000,000,000 | ---D | M] -- C:\Users\ELMOT.Karol-HP\AppData\Roaming\OpenOffice.org
[2012-06-23 19:32:52 | 000,000,000 | ---D | M] -- C:\Users\ELMOT.Karol-HP\AppData\Roaming\SoftGrid Client
[2011-12-11 18:10:48 | 000,000,000 | ---D | M] -- C:\Users\ELMOT.Karol-HP\AppData\Roaming\Synaptics
[2012-05-22 09:24:49 | 000,000,000 | ---D | M] -- C:\Users\ELMOT.Karol-HP\AppData\Roaming\Windows Live Writer
[2011-09-28 08:58:14 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\DigitalPersona
[2011-10-10 12:32:54 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\iPlus
[2011-09-28 08:58:30 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Synaptics
[2012-03-06 22:31:35 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\Ashampoo
[2011-09-23 18:48:01 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\DigitalPersona
[2012-01-18 20:52:17 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\gtk-2.0
[2011-11-29 14:04:59 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\IGC
[2011-09-26 07:12:34 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\iPlus
[2011-09-26 10:49:04 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\OpenOffice.org
[2012-01-18 20:37:23 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\PhotoFiltre
[2012-06-26 23:07:10 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\SoftGrid Client
[2011-09-23 18:57:37 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\Synaptics
[2011-09-26 11:05:45 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\TP
[2011-09-24 10:46:06 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\WildTangent
[2011-11-06 22:30:52 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\Windows Live Writer
[2012-06-29 20:11:43 | 000,032,608 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >