OTL logfile created on: 2013-03-10 19:45:27 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Download\Chrome 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,91 Gb Total Physical Memory | 0,87 Gb Available Physical Memory | 22,20% Memory free 7,83 Gb Paging File | 2,81 Gb Available in Paging File | 35,96% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 150,00 Gb Total Space | 74,46 Gb Free Space | 49,64% Space Free | Partition Type: NTFS Drive D: | 423,71 Gb Total Space | 100,22 Gb Free Space | 23,65% Space Free | Partition Type: NTFS Computer Name: WEHIKUL_SASHY | User Name: Sasha | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-03-10 19:44:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Download\Chrome\OTL.exe PRC - [2013-03-10 17:36:34 | 000,377,856 | ---- | M] () -- D:\Download\Chrome\d4wvmnm5.exe PRC - [2013-03-10 00:18:13 | 000,255,992 | ---- | M] (Microsoft Corporation) -- C:\Users\Sasha\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe PRC - [2013-03-01 00:08:21 | 001,274,832 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2013-02-18 17:26:35 | 005,926,808 | ---- | M] (Spotify Ltd) -- C:\Users\Sasha\AppData\Roaming\Spotify\spotify.exe PRC - [2013-01-25 02:30:20 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2013-01-25 02:26:37 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2013-01-25 02:26:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2013-01-23 20:58:25 | 000,348,160 | ---- | M] () -- C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe PRC - [2013-01-20 20:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\Sasha\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-12-17 19:50:28 | 016,328,976 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe PRC - [2012-10-09 10:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Sasha\AppData\Local\Akamai\netsession_win.exe PRC - [2012-08-03 08:01:00 | 003,801,736 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE PRC - [2012-07-11 10:06:12 | 000,110,224 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe PRC - [2012-07-10 15:12:28 | 000,018,616 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\nipxism.exe PRC - [2012-06-07 22:42:14 | 000,680,624 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe PRC - [2012-06-05 23:56:56 | 000,169,192 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe PRC - [2012-06-05 14:09:58 | 000,370,328 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe PRC - [2012-06-05 14:07:08 | 000,060,568 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\lktsrv.exe PRC - [2012-06-05 13:58:56 | 000,050,328 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\lkads.exe PRC - [2012-05-31 16:51:58 | 000,258,776 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe PRC - [2012-05-29 18:07:20 | 000,659,648 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe PRC - [2012-05-22 23:50:12 | 000,051,360 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\MAX\nimxs.exe PRC - [2012-05-22 09:39:06 | 000,053,952 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe PRC - [2012-05-22 09:38:06 | 000,053,960 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe PRC - [2012-01-31 10:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe PRC - [2012-01-12 12:44:50 | 000,012,696 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\nipalsm.exe PRC - [2011-09-04 12:45:26 | 003,398,736 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe PRC - [2011-05-06 15:08:28 | 000,695,136 | ---- | M] (National Instruments, Inc.) -- C:\Windows\SysWOW64\lkcitdl.exe PRC - [2011-04-20 17:10:34 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Package\bin\TestDDCCI.exe PRC - [2011-04-17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe PRC - [2011-03-23 13:35:14 | 000,339,456 | ---- | M] (TODO: ) -- C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Package\bin\SmartHookTestApp.exe PRC - [2010-12-06 20:44:36 | 000,943,984 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2010-12-06 20:44:28 | 007,058,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe PRC - [2010-11-29 14:42:38 | 000,775,848 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe PRC - [2010-11-17 17:24:54 | 004,387,632 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe PRC - [2010-11-10 01:03:52 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe PRC - [2010-08-27 10:52:12 | 002,782,064 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe PRC - [2010-05-11 22:55:17 | 000,643,072 | ---- | M] () -- C:\Program Files (x86)\UGS\UGSLicensing\ugslmd.exe PRC - [2009-07-07 10:16:28 | 001,510,152 | ---- | M] (Acresso Software Inc.) -- C:\Program Files (x86)\UGS\UGSLicensing\lmgrd.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-03-10 17:36:34 | 000,377,856 | ---- | M] () -- D:\Download\Chrome\d4wvmnm5.exe MOD - [2013-03-10 17:35:31 | 001,169,408 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\wx._core_.pyd MOD - [2013-03-10 17:35:31 | 001,056,256 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\wx._controls_.pyd MOD - [2013-03-10 17:35:31 | 001,024,616 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\windows._cacheinvalidation.pyd MOD - [2013-03-10 17:35:31 | 000,807,424 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\wx._windows_.pyd MOD - [2013-03-10 17:35:31 | 000,792,576 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\wx._gdi_.pyd MOD - [2013-03-10 17:35:31 | 000,731,136 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\wx._misc_.pyd MOD - [2013-03-10 17:35:31 | 000,645,120 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\_ssl.pyd MOD - [2013-03-10 17:35:31 | 000,585,728 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\unicodedata.pyd MOD - [2013-03-10 17:35:31 | 000,571,392 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\pysqlite2._sqlite.pyd MOD - [2013-03-10 17:35:31 | 000,354,304 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\pythoncom26.dll MOD - [2013-03-10 17:35:31 | 000,311,808 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\_hashlib.pyd MOD - [2013-03-10 17:35:31 | 000,263,168 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\win32com.shell.shell.pyd MOD - [2013-03-10 17:35:31 | 000,153,088 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\pyexpat.pyd MOD - [2013-03-10 17:35:31 | 000,121,856 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\wx._wizard.pyd MOD - [2013-03-10 17:35:31 | 000,111,104 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\win32file.pyd MOD - [2013-03-10 17:35:31 | 000,110,592 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\win32security.pyd MOD - [2013-03-10 17:35:31 | 000,110,592 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\pywintypes26.dll MOD - [2013-03-10 17:35:31 | 000,096,256 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\win32api.pyd MOD - [2013-03-10 17:35:31 | 000,086,016 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\_elementtree.pyd MOD - [2013-03-10 17:35:31 | 000,073,728 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\_ctypes.pyd MOD - [2013-03-10 17:35:31 | 000,070,656 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\wx._html2.pyd MOD - [2013-03-10 17:35:31 | 000,040,448 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\_socket.pyd MOD - [2013-03-10 17:35:31 | 000,039,424 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\win32inet.pyd MOD - [2013-03-10 17:35:31 | 000,036,352 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\win32process.pyd MOD - [2013-03-10 17:35:31 | 000,023,040 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\win32ts.pyd MOD - [2013-03-10 17:35:31 | 000,022,528 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\win32pdh.pyd MOD - [2013-03-10 17:35:31 | 000,017,920 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\win32profile.pyd MOD - [2013-03-10 17:35:31 | 000,017,920 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\win32event.pyd MOD - [2013-03-10 17:35:31 | 000,011,776 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\win32crypt.pyd MOD - [2013-03-10 17:35:31 | 000,011,776 | ---- | M] () -- C:\Users\Sasha\AppData\Local\Temp\_MEI81562\select.pyd MOD - [2013-03-01 00:08:19 | 000,459,728 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll MOD - [2013-03-01 00:08:16 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\pdf.dll MOD - [2013-03-01 00:07:25 | 000,596,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\libglesv2.dll MOD - [2013-03-01 00:07:24 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\libegl.dll MOD - [2013-03-01 00:07:21 | 001,552,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\ffmpegsumo.dll MOD - [2013-02-18 17:26:35 | 020,220,824 | ---- | M] () -- C:\Users\Sasha\AppData\Roaming\Spotify\Data\libcef.dll MOD - [2013-01-24 12:25:02 | 001,044,480 | ---- | M] () -- c:\progra~2\websea~1\sprote~1.dll MOD - [2013-01-24 12:16:54 | 001,050,112 | ---- | M] () -- c:\progra~2\browse~1\sprote~1.dll MOD - [2012-05-29 18:07:20 | 001,958,560 | ---- | M] () -- C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\niwsrp.dll MOD - [2012-01-26 10:36:18 | 000,278,528 | R--- | M] () -- C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\xerces-depdom_2_6.dll MOD - [2011-04-20 17:10:34 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Package\bin\TestDDCCI.exe MOD - [2011-04-16 19:02:30 | 000,049,152 | ---- | M] () -- C:\Windows\SysWOW64\LGErrorHandler.dll MOD - [2011-03-23 13:35:04 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Package\bin\Proxy32dll.dll MOD - [2010-07-05 19:42:58 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll MOD - [2010-05-07 23:22:18 | 001,636,864 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll MOD - [2006-08-12 12:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2013-01-28 01:32:55 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2012-10-01 08:22:52 | 000,359,224 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV:[b]64bit:[/b] - [2012-05-22 09:38:20 | 000,076,488 | ---- | M] (National Instruments Corporation) [Disabled | Stopped] -- C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe -- (NIApplicationWebServer64) SRV:[b]64bit:[/b] - [2012-01-31 02:10:36 | 000,339,776 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe -- (mitsijm2013) SRV:[b]64bit:[/b] - [2010-10-22 18:58:34 | 000,953,632 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013-03-09 14:46:46 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-03-03 01:41:34 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-01-25 02:30:20 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2013-01-25 02:26:37 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2013-01-25 02:26:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-07-10 15:12:28 | 000,018,616 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\nipxism.exe -- (nipxirmu) SRV - [2012-06-07 22:42:14 | 000,680,624 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe -- (NITaggerService) SRV - [2012-06-05 23:56:56 | 000,169,192 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe -- (NINetworkDiscovery) SRV - [2012-06-05 14:09:58 | 000,370,328 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe -- (NIDomainService) SRV - [2012-06-05 14:07:08 | 000,060,568 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\lktsrv.exe -- (lkTimeSync) SRV - [2012-06-05 13:58:56 | 000,050,328 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\lkads.exe -- (lkClassAds) SRV - [2012-05-31 16:51:58 | 000,258,776 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe -- (nimDNSResponder) SRV - [2012-05-22 23:50:12 | 000,051,360 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\MAX\nimxs.exe -- (mxssvr) SRV - [2012-05-22 09:39:06 | 000,053,952 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe -- (niSvcLoc) SRV - [2012-05-22 09:38:06 | 000,053,960 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe -- (NIApplicationWebServer) SRV - [2012-05-18 13:25:58 | 000,139,488 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Opcenum.exe -- (OpcEnum) SRV - [2012-01-31 10:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service) SRV - [2012-01-12 12:44:50 | 000,012,696 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\nipalsm.exe -- (nidevldu) SRV - [2011-05-06 15:08:28 | 000,695,136 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\lkcitdl.exe -- (LkCitadelServer) SRV - [2011-04-17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS) SRV - [2010-08-02 10:00:00 | 001,427,688 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-07-07 10:16:28 | 001,510,152 | ---- | M] (Acresso Software Inc.) [Auto | Running] -- C:\Program Files (x86)\UGS\UGSLicensing\lmgrd.exe -- (UGS License Server (ugslmd) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2013-01-27 23:12:06 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2013-01-25 12:38:30 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:[b]64bit:[/b] - [2013-01-25 02:33:34 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:[b]64bit:[/b] - [2013-01-25 02:33:34 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:[b]64bit:[/b] - [2013-01-25 02:32:53 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2013-01-25 02:32:53 | 000,106,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2013-01-25 02:32:53 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2013-01-25 02:32:53 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2013-01-25 02:32:52 | 000,348,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL) DRV:[b]64bit:[/b] - [2013-01-25 02:31:20 | 000,425,064 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2012-10-08 11:42:36 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2012-09-18 10:32:32 | 000,078,648 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb) DRV:[b]64bit:[/b] - [2012-09-18 10:32:32 | 000,075,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b]64bit:[/b] - [2012-09-18 10:32:32 | 000,061,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b]64bit:[/b] - [2012-09-18 10:32:32 | 000,015,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd) DRV:[b]64bit:[/b] - [2012-09-13 07:13:42 | 000,131,416 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:[b]64bit:[/b] - [2012-07-16 13:10:04 | 000,013,008 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\niufurkl.sys -- (niufurk) DRV:[b]64bit:[/b] - [2012-07-16 13:09:26 | 000,012,984 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\niwfrkl.sys -- (niwfrk) DRV:[b]64bit:[/b] - [2012-07-16 13:09:26 | 000,012,976 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nissrkl.sys -- (nissrk) DRV:[b]64bit:[/b] - [2012-07-16 13:09:26 | 000,012,976 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\niesrkl.sys -- (niesrk) DRV:[b]64bit:[/b] - [2012-07-16 13:07:34 | 000,012,976 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nixsrkl.sys -- (nixsrk) DRV:[b]64bit:[/b] - [2012-07-16 13:07:34 | 000,012,976 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\niemrkl.sys -- (niemrk) DRV:[b]64bit:[/b] - [2012-07-16 13:04:18 | 000,013,008 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nicmrkl.sys -- (nicmrk) DRV:[b]64bit:[/b] - [2012-07-16 13:04:18 | 000,012,976 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\niraptrkl.sys -- (niraptrk) DRV:[b]64bit:[/b] - [2012-07-16 13:04:18 | 000,012,976 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nicsrkl.sys -- (nicsrk) DRV:[b]64bit:[/b] - [2012-07-16 13:04:18 | 000,012,976 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nicondrkl.sys -- (nicondrk) DRV:[b]64bit:[/b] - [2012-07-16 12:58:22 | 000,012,992 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nidsarkl.sys -- (nidsark) DRV:[b]64bit:[/b] - [2012-07-11 16:19:28 | 000,012,976 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\niswdkl.sys -- (niswdk) DRV:[b]64bit:[/b] - [2012-07-10 18:57:00 | 000,012,968 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nistc3rkl.sys -- (nistc3rk) DRV:[b]64bit:[/b] - [2012-07-10 18:29:46 | 000,013,000 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nitiorkl.sys -- (nitiork) DRV:[b]64bit:[/b] - [2012-07-10 18:23:26 | 000,012,992 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nicdcckl.sys -- (nicdcck) DRV:[b]64bit:[/b] - [2012-07-10 14:57:14 | 000,012,984 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\nipxirmkl.sys -- (nipxirmk) DRV:[b]64bit:[/b] - [2012-07-09 22:44:20 | 000,012,992 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nifslkl.sys -- (nifslk) DRV:[b]64bit:[/b] - [2012-07-09 22:41:40 | 000,013,032 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nimsdrkl.sys -- (nimsdrk) DRV:[b]64bit:[/b] - [2012-07-09 22:35:00 | 000,013,008 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nimxpkl.sys -- (nimxpk) DRV:[b]64bit:[/b] - [2012-07-09 22:34:58 | 000,013,008 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nimstskl.sys -- (nimstsk) DRV:[b]64bit:[/b] - [2012-07-09 22:34:46 | 000,012,976 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nidmxfkl.sys -- (nidmxfk) DRV:[b]64bit:[/b] - [2012-06-29 18:37:50 | 000,025,336 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvalarmk.sys -- (lvalarmk) DRV:[b]64bit:[/b] - [2012-06-28 19:17:38 | 000,013,008 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nimru2kl.sys -- (nimru2k) DRV:[b]64bit:[/b] - [2012-06-28 18:47:16 | 000,012,984 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nimxdfkl.sys -- (nimxdfk) DRV:[b]64bit:[/b] - [2012-06-28 17:44:32 | 000,013,000 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nidimkl.sys -- (nidimk) DRV:[b]64bit:[/b] - [2012-06-28 17:26:46 | 000,013,000 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nimdbgkl.sys -- (nimdbgk) DRV:[b]64bit:[/b] - [2012-06-28 16:23:58 | 000,012,992 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\niorbkl.sys -- (niorbk) DRV:[b]64bit:[/b] - [2012-06-27 16:23:32 | 000,012,520 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nipalfwedl.sys -- (nipalfwedl) DRV:[b]64bit:[/b] - [2012-06-27 16:22:12 | 000,012,520 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nipalusbedl.sys -- (nipalusbedl) DRV:[b]64bit:[/b] - [2012-06-27 16:13:00 | 000,915,136 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nipalk.sys -- (NIPALK) DRV:[b]64bit:[/b] - [2012-04-25 04:42:16 | 000,258,896 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:[b]64bit:[/b] - [2012-04-16 16:06:18 | 000,060,640 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nipxibrc.sys -- (nipxibrc) DRV:[b]64bit:[/b] - [2012-03-07 21:21:02 | 000,012,984 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nispdkl.sys -- (nispdk) DRV:[b]64bit:[/b] - [2012-03-07 21:07:52 | 000,012,984 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\niscdkl.sys -- (niscdk) DRV:[b]64bit:[/b] - [2012-03-06 15:55:50 | 000,027,288 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ni1065k.sys -- (ni1065k) DRV:[b]64bit:[/b] - [2012-03-06 15:55:48 | 000,012,952 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ni1045kl.sys -- (ni1045k) DRV:[b]64bit:[/b] - [2012-03-06 15:55:44 | 000,030,800 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ni1006k.sys -- (ni1006k) DRV:[b]64bit:[/b] - [2012-03-06 15:55:40 | 000,084,688 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nipxibaf.sys -- (nipxibaf) DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-06 00:37:18 | 000,012,960 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nisdigkl.sys -- (nisdigk) DRV:[b]64bit:[/b] - [2012-01-12 17:20:58 | 000,038,064 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\niede.sys -- (NIEthernetDeviceEnumerator) DRV:[b]64bit:[/b] - [2012-01-12 12:51:26 | 000,016,984 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nipbcfk.sys -- (nipbcfk) DRV:[b]64bit:[/b] - [2012-01-10 14:28:16 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2011-08-23 05:12:56 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2011-08-09 16:18:20 | 000,022,680 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nipxigpk.sys -- (nipxigpk) DRV:[b]64bit:[/b] - [2011-07-21 15:48:16 | 000,011,864 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nicdrkl.sys -- (nicdrk) DRV:[b]64bit:[/b] - [2011-07-18 20:33:10 | 000,012,968 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nistcrkl.sys -- (nistcrk) DRV:[b]64bit:[/b] - [2011-07-08 06:05:06 | 000,012,952 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nisftkl.sys -- (nisftk) DRV:[b]64bit:[/b] - [2011-07-05 12:55:30 | 004,745,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2011-05-17 06:04:26 | 000,012,968 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ninshsdkl.sys -- (ninshsdk) DRV:[b]64bit:[/b] - [2011-04-21 02:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symnets.sys -- (SymNetS) DRV:[b]64bit:[/b] - [2011-03-31 04:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtsp64.sys -- (SRTSP) DRV:[b]64bit:[/b] - [2011-03-31 04:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtspx64.sys -- (SRTSPX) DRV:[b]64bit:[/b] - [2011-03-15 03:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symefa64.sys -- (SymEFA) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-01-27 07:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symds64.sys -- (SymDS) DRV:[b]64bit:[/b] - [2011-01-27 06:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\ironx64.sys -- (SymIRON) DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2010-11-10 01:04:14 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:[b]64bit:[/b] - [2010-10-19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2010-09-13 18:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2010-07-01 10:46:08 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-01-05 10:19:30 | 000,011,824 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nistc2kl.sys -- (nistc2k) DRV - [2013-02-09 09:08:15 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130309.003\ex64.sys -- (NAVEX15) DRV - [2013-02-09 09:08:15 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2013-02-09 09:08:15 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130309.003\eng64.sys -- (NAVENG) DRV - [2013-01-25 03:34:09 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2013-01-24 16:31:08 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20130308.001\IDSviA64.sys -- (IDSVia64) DRV - [2013-01-16 03:22:36 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20130301.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2011-02-11 17:34:28 | 000,019,968 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\LGPII2CDriver.sys -- (LGII2CDevice) DRV - [2010-08-04 10:05:12 | 000,016,384 | ---- | M] (LG Soft India) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\LGI2CDriver.sys -- (LGDDCDevice) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-results.info/?pid=34&r=2013/03/09&hid=418035198&lg=EN&cc=PL IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.pu-results.info/?l=1&q={searchTerms}&pid=34&r=2013/03/09&hid=418035198&lg=EN&cc=PL IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-results.info/?pid=34&r=2013/03/09&hid=418035198&lg=EN&cc=PL IE - HKCU\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.pu-results.info/?l=1&q={searchTerms}&pid=34&r=2013/03/09&hid=418035198&lg=EN&cc=PL IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@3ds.com/3dxml: C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin\NP3DXMLPlugin.dll () FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@3ds.com/3dxml: C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin32\NP3DXMLPlugin.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Sasha\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2013-03-10 17:34:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2 [2013-03-10 17:34:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-01-25 14:08:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-03-09 14:46:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-03-09 14:46:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013-01-25 21:44:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013-01-25 03:22:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sasha\AppData\Roaming\mozilla\Extensions [2013-03-09 14:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013-03-09 14:46:46 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011-08-29 15:49:56 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv2010win32.dll [2012-03-23 10:50:32 | 000,026,112 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv2011win32.dll [2012-06-06 21:08:16 | 000,026,112 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll [2009-10-22 09:28:40 | 000,028,448 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\NPLV82Win32.dll [2011-05-12 10:00:46 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv90win32.dll [2012-06-28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2013-02-27 20:06:10 | 000,002,980 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2013-02-27 20:06:10 | 000,001,619 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2013-02-27 20:06:10 | 000,001,130 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2013-02-27 20:06:10 | 000,001,071 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2013-02-27 20:06:10 | 000,001,396 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2013-02-27 20:06:10 | 000,001,896 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.google.com/ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ambjmeohlajelahhhniggkkceagdlcgj\24_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\amilnocecnbakegnoecpifcogpibjmnc\0.9.7_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\amlmhkflbgjoeeophdjheadfljoielhi\1.1_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc\0.9.0.7_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.5.5_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.51.8_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehohhddamheegbbkabfgegbaeminghlb\3.2.2_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehohhddamheegbbkabfgegbaeminghlb\3.2.2_0\.bak CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjefgkhmchopegjeicnblodnidbammed\0.4.0_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmaeifpldhocofbmiijncpbiplmjnjbh\0.0.3_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\1.5.10_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\icncamkooinmbehmkeilcccmoljfkdhp\1.2.2_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn\1.0.0_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.3_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko\2_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljcgggmjhkegncpcaffddonfhpnfocdk\1.1_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpjmhibanjbicehodjphiofpdpllahpm\1.3.1_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe\3.0.16_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjocghlclkpgheifflemilcnblodjohg\1.16_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkdknbehfogkgogcennnagfokmnimpab\1.0.1.1_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmfklpmdfldnnjbkdmamhokiphfkfieg\1.9.2_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb\1.9.38_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\2_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhcbgokankfmjafalglpofmolfopek\1.2.2_0\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ CHR - Extension: No name found = C:\Users\Sasha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnfggphgdjblhfjaphkjhfpiiekbbej\0.5.5.1_0\ O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (BoraowSe2saave) - {71CF05FE-FF77-D468-D036-CC83A1F6072A} - C:\ProgramData\BoraowSe2saave\513bbe2bf052b.dll () O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) O4 - HKLM..\Run: [NI Update Service] C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe (National Instruments) O4 - HKLM..\Run: [niDevMon] C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe (National Instruments Corporation) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Sasha\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [Facebook Update] C:\Users\Sasha\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [GoogleChromeAutoLaunch_3B6A60E56BCE5F44532CD2A14A3F77CC] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) O4 - HKCU..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found O4 - HKCU..\Run: [KeePass Password Safe 2] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) O4 - HKCU..\Run: [NIRegistrationWizard] C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = O8:[b]64bit:[/b] - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.62 62.179.1.63 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6214FE4-B41A-4D49-86CA-9775E9A154A4}: DhcpNameServer = 62.179.1.62 62.179.1.63 O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (c:\progra~2\browse~1\sprote~1.dll) - c:\progra~2\browse~1\sprote~1.dll () O20 - AppInit_DLLs: (c:\progra~2\websea~1\sprote~1.dll) - c:\progra~2\websea~1\sprote~1.dll () O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013-01-28 01:47:47 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-03-10 17:28:14 | 000,000,000 | ---D | C] -- C:\Users\Sasha\Desktop\Stare dane programu Firefox [2013-03-10 16:58:11 | 000,000,000 | ---D | C] -- C:\Windows\pss [2013-03-10 01:18:02 | 000,000,000 | ---D | C] -- C:\Users\Sasha\AppData\Roaming\KeePass [2013-03-10 01:01:50 | 000,000,000 | ---D | C] -- C:\Users\Sasha\Desktop\Samsung [2013-03-10 00:55:30 | 000,000,000 | ---D | C] -- C:\Users\Sasha\Desktop\Uczelnia [2013-03-10 00:18:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive [2013-03-10 00:18:26 | 000,000,000 | R--D | C] -- C:\Users\Sasha\SkyDrive [2013-03-10 00:18:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive [2013-03-10 00:01:06 | 000,000,000 | ---D | C] -- C:\ProgramData\SoftSafe [2013-03-10 00:00:37 | 000,000,000 | ---D | C] -- C:\Users\Sasha\AppData\Roaming\SendSpace [2013-03-10 00:00:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebSearch [2013-03-09 23:59:29 | 000,000,000 | ---D | C] -- C:\ProgramData\BetterSoft [2013-03-09 23:58:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowseToSave [2013-03-09 23:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BoraowSe2saave [2013-03-09 23:58:36 | 000,000,000 | ---D | C] -- C:\ProgramData\BoraowSe2saave [2013-03-09 23:57:49 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate [2013-03-09 23:47:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeePass Password Safe 2 [2013-03-09 17:11:28 | 000,000,000 | ---D | C] -- C:\Users\Sasha\AppData\Local\National Instruments [2013-03-09 14:46:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013-03-09 03:46:05 | 000,000,000 | ---D | C] -- C:\Users\Sasha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook [2013-03-09 01:18:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\National Instruments [2013-03-09 01:11:09 | 000,000,000 | ---D | C] -- C:\National Instruments Downloads [2013-03-09 01:05:23 | 000,000,000 | ---D | C] -- C:\Users\Sasha\Documents\LabVIEW Data [2013-03-09 00:52:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\cvirte [2013-03-09 00:51:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\cvirte [2013-03-09 00:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules [2013-03-09 00:51:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments [2013-03-09 00:51:34 | 000,000,000 | ---D | C] -- C:\Program Files\National Instruments [2013-03-09 00:51:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013-03-09 00:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013-03-09 00:50:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013-03-09 00:49:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\National Instruments [2013-03-09 00:49:17 | 000,000,000 | ---D | C] -- C:\ProgramData\National Instruments [2013-03-02 01:47:21 | 000,000,000 | ---D | C] -- C:\Users\Sasha\AppData\Roaming\WinRAR [2013-03-02 01:46:42 | 000,000,000 | ---D | C] -- C:\Users\Sasha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013-03-02 01:46:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013-03-02 01:46:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2013-03-01 00:46:01 | 000,000,000 | ---D | C] -- C:\Users\Sasha\AppData\Roaming\xm1 [2013-03-01 00:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker [2013-03-01 00:41:58 | 000,000,000 | ---D | C] -- C:\Users\Sasha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker [2013-03-01 00:40:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Texmaker [2013-02-27 23:40:19 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013-02-27 23:40:19 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013-02-27 23:40:18 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013-02-27 23:40:18 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013-02-27 23:40:09 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013-02-27 23:40:09 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013-02-27 23:39:56 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013-02-27 23:39:56 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013-02-27 23:39:56 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013-02-27 23:39:56 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013-02-27 23:39:56 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013-02-27 23:39:56 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013-02-27 23:39:56 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013-02-27 23:39:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013-02-27 23:39:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013-02-27 23:39:56 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013-02-27 23:39:56 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013-02-27 23:39:55 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013-02-27 23:39:55 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013-02-27 23:39:55 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013-02-27 23:39:55 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013-02-27 23:39:55 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013-02-27 23:39:55 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013-02-27 23:39:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013-02-27 23:39:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013-02-27 23:39:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013-02-27 23:39:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013-02-27 23:39:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013-02-27 23:39:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013-02-27 23:39:54 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013-02-27 23:39:54 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013-02-27 23:39:54 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013-02-27 23:39:54 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013-02-27 23:39:54 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013-02-27 23:39:53 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013-02-27 23:39:53 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013-02-27 23:39:53 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013-02-27 23:39:53 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013-02-27 23:39:53 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013-02-27 23:39:53 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013-02-27 23:39:53 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013-02-27 23:20:41 | 000,000,000 | ---D | C] -- C:\Users\Sasha\VirtualBox VMs [2013-02-27 23:17:52 | 000,000,000 | ---D | C] -- C:\Users\Sasha\.VirtualBox [2013-02-27 23:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox [2013-02-27 23:15:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2013-02-27 23:15:06 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2013-02-26 22:17:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm [2013-02-26 22:17:21 | 000,000,000 | ---D | C] -- C:\Users\Sasha\AppData\Local\Last.fm [2013-02-26 22:17:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Last.fm [2013-02-20 14:30:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan [2013-02-19 20:13:06 | 000,000,000 | ---D | C] -- C:\Users\Sasha\AppData\Roaming\Canon [2013-02-19 20:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [2013-02-19 20:12:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon [2013-02-19 20:11:37 | 000,336,896 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLM9X.DLL [2013-02-19 20:11:13 | 000,328,192 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC270L.dll [2013-02-19 20:11:13 | 000,092,672 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC270I.dll [2013-02-19 20:11:12 | 001,321,984 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC270C.dll [2013-02-19 20:11:12 | 000,303,104 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNC270L.dll [2013-02-19 20:11:12 | 000,106,496 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNC270U.dll [2013-02-19 20:11:12 | 000,017,920 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNHMCA6.dll [2013-02-19 20:11:12 | 000,015,872 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNHMCA.dll [2013-02-19 20:07:35 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2013-02-19 20:07:29 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information [2013-02-19 20:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP270 series [2013-02-19 20:07:07 | 000,244,736 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMIU9X.DLL [2013-02-19 20:07:04 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ [2013-02-18 17:27:40 | 000,000,000 | ---D | C] -- C:\Users\Sasha\AppData\Local\Spotify [2013-02-18 17:25:27 | 000,000,000 | ---D | C] -- C:\Users\Sasha\AppData\Roaming\Spotify [2013-02-14 03:10:19 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013-02-14 03:10:18 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013-02-14 03:10:17 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013-02-14 03:10:05 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013-02-14 03:10:04 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013-02-14 03:10:04 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013-02-14 03:10:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013-02-14 03:10:04 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013-02-14 03:10:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013-02-14 03:09:47 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013-02-14 03:04:29 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013-02-14 03:04:29 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013-02-14 03:04:18 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013-02-14 03:04:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013-02-14 03:04:17 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013-02-14 03:04:17 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013-02-14 03:04:17 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013-02-14 03:04:17 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013-02-14 03:04:16 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013-02-14 03:04:15 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013-02-14 03:04:15 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013-02-14 03:04:15 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013-02-14 03:04:12 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013-02-14 03:04:12 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013-02-14 03:04:12 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013-02-13 20:08:05 | 000,000,000 | ---D | C] -- C:\Users\Sasha\.swt [2013-02-13 20:06:26 | 000,000,000 | ---D | C] -- C:\Users\Sasha\AppData\Roaming\Azureus [2013-02-13 20:06:14 | 000,000,000 | ---D | C] -- C:\Program Files\Vuze [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-03-10 19:41:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-03-10 18:58:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-03-10 18:45:19 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1674469838-1524086269-1217260370-1000UA.job [2013-03-10 17:40:45 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2013-03-10 17:39:04 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-03-10 17:39:04 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-03-10 17:31:39 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-03-10 17:31:27 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\schedule!3036567561.job [2013-03-10 17:31:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-03-10 17:30:59 | 4202,995,712 | -HS- | M] () -- C:\hiberfil.sys [2013-03-10 17:23:58 | 000,000,000 | ---- | M] () -- C:\Users\Sasha\defogger_reenable [2013-03-10 16:36:36 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat [2013-03-10 12:45:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1674469838-1524086269-1217260370-1000Core.job [2013-03-10 10:27:55 | 001,662,556 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-03-10 10:27:55 | 000,737,980 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-03-10 10:27:55 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-03-10 10:27:55 | 000,154,636 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-03-10 10:27:55 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-03-09 01:29:14 | 000,172,808 | ---- | M] () -- C:\Windows\SysWow64\niorbmap [2013-03-09 01:20:21 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\NI MAX.lnk [2013-03-09 01:00:26 | 000,001,223 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2013-03-06 17:27:05 | 000,471,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-03-06 06:59:28 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013-03-03 01:41:30 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-03-03 01:41:30 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-02-26 22:17:27 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk [2013-02-19 20:12:48 | 000,002,099 | ---- | M] () -- C:\Users\Public\Desktop\Canon MP Navigator EX 3.0.lnk [2013-02-18 17:26:42 | 000,001,810 | ---- | M] () -- C:\Users\Sasha\Desktop\Spotify.lnk [2013-02-13 20:06:37 | 000,001,798 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk [2013-02-13 20:04:56 | 000,000,000 | ---- | M] () -- C:\END [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-03-10 17:23:58 | 000,000,000 | ---- | C] () -- C:\Users\Sasha\defogger_reenable [2013-03-10 17:16:00 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-03-10 17:15:59 | 000,002,124 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dual Package.lnk [2013-03-10 17:15:59 | 000,001,223 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2013-03-10 16:36:36 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat [2013-03-10 00:18:22 | 000,002,209 | ---- | C] () -- C:\Users\Sasha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk [2013-03-09 23:59:38 | 000,000,416 | -H-- | C] () -- C:\Windows\tasks\schedule!3036567561.job [2013-03-09 23:47:18 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk [2013-03-09 01:16:30 | 000,172,808 | ---- | C] () -- C:\Windows\SysWow64\niorbmap [2013-03-09 01:00:44 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\NI MAX.lnk [2013-03-09 00:55:50 | 000,001,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments LabVIEW 2012 (32-bit).lnk [2013-03-03 01:34:26 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-02-26 22:17:27 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk [2013-02-19 20:12:48 | 000,002,099 | ---- | C] () -- C:\Users\Public\Desktop\Canon MP Navigator EX 3.0.lnk [2013-02-19 20:11:12 | 000,012,544 | ---- | C] () -- C:\Windows\SysWow64\CNC173BD.TBL [2013-02-19 20:11:12 | 000,012,544 | ---- | C] () -- C:\Windows\SysNative\CNC173BD.TBL [2013-02-18 17:26:42 | 000,001,796 | ---- | C] () -- C:\Users\Sasha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [2013-02-18 17:26:41 | 000,001,810 | ---- | C] () -- C:\Users\Sasha\Desktop\Spotify.lnk [2013-02-13 20:06:37 | 000,001,798 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk [2013-02-13 20:06:36 | 000,001,798 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk [2013-02-13 20:04:56 | 000,000,000 | ---- | C] () -- C:\END [2013-01-28 01:34:22 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2013-01-28 01:09:57 | 001,637,966 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013-01-27 23:45:26 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2013-01-25 22:00:30 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2013-01-25 03:20:39 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\LGErrorHandler.dll [2013-01-25 03:20:39 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\LGPII2CDriver.sys [2013-01-25 02:52:30 | 000,000,522 | ---- | C] () -- C:\Windows\HotFixList.ini [2013-01-25 02:28:01 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2013-01-25 02:26:47 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2012-05-23 14:50:42 | 000,000,244 | ---- | C] () -- C:\Windows\SysWow64\nirpc.ini [2012-03-07 21:22:40 | 000,051,296 | ---- | C] () -- C:\Windows\SysWow64\nispdu.dll [2012-03-07 21:09:48 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\niscdrau.dll [2012-01-10 14:27:24 | 000,963,884 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012-01-10 14:27:24 | 000,221,264 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012-01-10 14:16:52 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012-01-10 13:29:52 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [2012-11-09 23:09:20 | 000,000,596 | ---- | M] () -- C:\Users\Sasha\Desktop\Stare dane programu Firefox\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\icons\@.png [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2013-01-25 22:18:17 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\Ashampoo [2013-01-27 23:09:18 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\Auslogics [2013-01-28 15:42:51 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\Autodesk [2013-03-09 21:49:27 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\Azureus [2013-02-20 14:30:30 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\Canon [2013-03-10 00:55:29 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\DAEMON Tools Lite [2013-01-28 16:05:28 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\DassaultSystemes [2013-03-10 17:40:02 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\Dropbox [2013-01-27 22:02:48 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\EurekaLog [2013-03-09 17:06:08 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\foobar2000 [2013-01-28 15:34:12 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\Geek Uninstaller [2013-01-25 21:37:47 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\GHISLER [2013-01-28 20:20:54 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\GlarySoft [2013-03-10 17:33:59 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\KeePass [2013-01-25 14:10:22 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\Leadertech [2013-01-27 23:57:58 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\Mathsoft [2013-03-10 00:58:07 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\MusicBee [2013-01-26 14:16:46 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\NapiProjekt [2013-03-10 00:00:37 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\SendSpace [2013-03-10 18:48:56 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\Spotify [2013-01-25 21:46:19 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\Thunderbird [2013-02-01 20:52:10 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\WinEdt Team [2013-03-08 22:59:19 | 000,000,000 | ---D | M] -- C:\Users\Sasha\AppData\Roaming\xm1 [color=#E56717]========== Purity Check ==========[/color] < End of report >