OTL logfile created on: 2011-10-18 22:36:28 - Run 3
OTL by OldTimer - Version 3.2.31.0     Folder = F:\Moje dokumenty\Rozne\!czyszenie system\OTL
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,86 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 58,43% Memory free
7,77 Gb Paging File | 5,94 Gb Available in Paging File | 76,42% Paging File free
Paging file location(s): c:\pagefile.sys 4000 4000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,59 Gb Total Space | 24,98 Gb Free Space | 42,64% Space Free | Partition Type: NTFS
Drive E: | 29,30 Gb Total Space | 10,17 Gb Free Space | 34,72% Space Free | Partition Type: NTFS
Drive F: | 292,97 Gb Total Space | 42,34 Gb Free Space | 14,45% Space Free | Partition Type: NTFS
Drive H: | 202,51 Gb Total Space | 0,77 Gb Free Space | 0,38% Space Free | Partition Type: NTFS
 
Computer Name: BISZKOPT7 | User Name: biszkopt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011-10-17 20:30:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- F:\Moje dokumenty\Rozne\!czyszenie system\OTL\OTL.exe
PRC - [2011-09-29 09:30:13 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011-09-27 18:05:03 | 012,597,912 | ---- | M] (Mozilla Messaging) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2010-12-17 08:56:10 | 003,707,808 | ---- | M] (Ghisler Software GmbH) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2010-08-25 21:04:16 | 000,189,696 | ---- | M] (Solid Documents, LLC) -- C:\Windows\Installer\MSIDB9A.tmp
PRC - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2009-11-02 01:39:48 | 001,094,736 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009-10-01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009-10-01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009-07-04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009-06-05 05:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009-06-05 05:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011-09-29 09:30:13 | 001,833,944 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011-09-27 18:05:02 | 000,849,048 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\js3250.dll
MOD - [2011-09-27 18:05:02 | 000,161,944 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
MOD - [2011-09-27 18:05:02 | 000,021,656 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2011-05-20 15:28:14 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:[b]64bit:[/b] - [2011-03-09 06:53:04 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2010-04-07 21:10:42 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:[b]64bit:[/b] - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:[b]64bit:[/b] - [2009-12-03 15:27:24 | 000,028,672 | ---- | M] (LSI Corporation) [Disabled | Stopped] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:[b]64bit:[/b] - [2009-11-02 21:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:[b]64bit:[/b] - [2009-09-30 23:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2011-08-31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-05-20 15:33:58 | 002,026,304 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011-05-20 15:28:08 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011-03-04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010-08-25 21:04:16 | 000,189,696 | ---- | M] (Solid Documents, LLC) [Auto | Running] -- C:\Windows\Installer\MSIDB9A.tmp -- (SCPDFReadSpool)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-10-01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009-10-01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009-09-25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009-09-20 12:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009-08-28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-06-05 05:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2007-05-31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2011-08-31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2011-05-22 22:51:28 | 000,028,032 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Program Files\HWiNFO64\HWiNFO64A.SYS -- (HWiNFO32)
DRV:[b]64bit:[/b] - [2011-04-18 16:25:46 | 000,021,200 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TVicHW32.sys -- (TVICHW32)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-03-09 11:22:42 | 009,258,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2011-03-09 11:22:42 | 009,258,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2011-03-09 06:17:42 | 000,300,544 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2011-03-04 12:51:50 | 000,306,536 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-08 23:04:26 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:[b]64bit:[/b] - [2010-05-28 20:26:12 | 002,307,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2010-05-06 05:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:[b]64bit:[/b] - [2010-04-07 21:08:30 | 000,050,600 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:[b]64bit:[/b] - [2010-04-07 21:08:28 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:[b]64bit:[/b] - [2010-04-07 21:08:26 | 000,169,592 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:[b]64bit:[/b] - [2010-04-07 21:07:10 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2010-04-07 21:03:52 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2010-03-15 14:35:24 | 000,384,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:[b]64bit:[/b] - [2010-03-03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010-02-26 16:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2010-02-08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:[b]64bit:[/b] - [2009-12-03 16:07:04 | 001,224,192 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:[b]64bit:[/b] - [2009-11-02 21:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:[b]64bit:[/b] - [2009-09-18 06:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2009-09-17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:[b]64bit:[/b] - [2009-07-23 00:06:26 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2009-06-25 04:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:[b]64bit:[/b] - [2009-06-20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:[b]64bit:[/b] - [2009-06-10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:[b]64bit:[/b] - [2009-05-06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:[b]64bit:[/b] - [2008-11-16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV - [2011-04-26 15:30:20 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2011-04-18 16:25:46 | 000,029,536 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TVicHW32.sys -- (TVICHW32)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0415&m=aspire_5740&r=27360510h216l04c8z175t65i1d149
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0415&m=aspire_5740&r=27360510h216l04c8z175t65i1d149
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2481976726-2230703887-1066373140-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-2481976726-2230703887-1066373140-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-09 18:20:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-10-17 19:28:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.15\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011-09-27 18:05:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-05-30 21:11:45 | 000,000,000 | ---D | M]
 
[2011-10-17 12:38:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\biszkopt\AppData\Roaming\mozilla\Extensions
[2010-05-31 09:13:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\biszkopt\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011-10-18 22:28:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\biszkopt\AppData\Roaming\mozilla\Firefox\Profiles\224ihyao.default\extensions
[2011-10-18 22:28:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\biszkopt\AppData\Roaming\mozilla\Firefox\Profiles\224ihyao.default\extensions\firefox@ghostery.com
[2011-10-18 22:28:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\biszkopt\AppData\Roaming\mozilla\Firefox\Profiles\224ihyao.default\extensions\staged
[2011-10-18 22:27:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011-10-18 22:27:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\BISZKOPT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\224IHYAO.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BISZKOPT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\224IHYAO.DEFAULT\EXTENSIONS\ADBAN@AD-BAN.APPSPOT.COM.XPI
() (No name found) -- C:\USERS\BISZKOPT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\224IHYAO.DEFAULT\EXTENSIONS\GMAILNOADS@MYWEBBER.COM.XPI
() (No name found) -- C:\USERS\BISZKOPT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\224IHYAO.DEFAULT\EXTENSIONS\INFO@SKYMEISSNER.COM.XPI
[2011-09-29 09:30:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-09-29 02:52:42 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2011-09-29 02:52:42 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2011-09-29 02:52:42 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2011-09-29 02:52:42 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2011-09-29 02:52:42 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-09-29 02:52:42 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2011-10-17 21:45:08 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2481976726-2230703887-1066373140-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - Startup: C:\Users\biszkopt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PingGraph.exe — skrót.lnk = C:\Program Files (x86)\PingGraph\PingGraph.exe (Infix Technologies)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2481976726-2230703887-1066373140-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2481976726-2230703887-1066373140-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:[b]64bit:[/b] - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\System32\winrnr.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.4.1 213.241.79.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{015C93EA-0C91-48E2-9B59-D70AEF5270E7}: DhcpNameServer = 192.168.4.1 213.241.79.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{079E895E-A34A-44CA-AB30-B5385D4D0B79}: NameServer = 8.8.8.8,8.8.4.4
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O27:[b]64bit:[/b] - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\ipsecdialer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\pinggraph.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\setmtu.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\unins000.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ipsecdialer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pinggraph.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\setmtu.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\unins000.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-09-06 22:35:06 | 000,063,801 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011-10-18 22:28:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011-10-18 22:27:52 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011-10-18 22:27:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011-10-18 22:27:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011-10-18 22:25:07 | 000,000,000 | ---D | C] -- C:\Users\biszkopt\AppData\Roaming\PowerCinema
[2011-10-17 22:29:54 | 000,000,000 | ---D | C] -- C:\Users\biszkopt\AppData\Roaming\Ashampoo
[2011-10-17 22:29:35 | 000,000,000 | ---D | C] -- C:\Users\biszkopt\AppData\Local\ashampoo
[2011-10-17 22:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2011-10-17 22:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2011-10-17 22:29:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2011-10-17 22:20:59 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011-10-17 21:49:35 | 000,000,000 | ---D | C] -- C:\Users\biszkopt\AppData\Local\temp
[2011-10-17 21:45:11 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011-10-17 21:38:04 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011-10-17 21:38:04 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011-10-17 21:38:04 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011-10-17 21:38:00 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011-10-17 21:37:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011-10-17 20:24:58 | 000,000,000 | ---D | C] -- C:\Users\biszkopt\Desktop\GooredFix Backups
[2011-10-17 19:28:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011-10-17 19:14:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Sidebar
[2011-10-17 19:14:53 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011-10-17 19:14:52 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2011-10-17 19:14:52 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2011-10-17 19:14:52 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011-10-17 19:14:52 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011-10-17 19:14:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011
[2011-10-17 19:14:26 | 000,000,000 | ---D | C] -- C:\Users\biszkopt\AppData\Roaming\TuneUp Software
[2011-10-17 19:14:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011
[2011-10-17 19:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011-10-17 19:13:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011-10-03 18:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 5.0
[2011-09-29 20:41:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011-09-25 11:57:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grupa IMAGE
[2011-09-25 11:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Grupa IMAGE
[2009-11-05 05:33:04 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011-10-18 22:28:02 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-10-18 22:28:01 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-10-18 22:27:16 | 000,675,688 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2011-10-18 22:27:16 | 000,594,964 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-10-18 22:27:16 | 000,126,042 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2011-10-18 22:27:16 | 000,099,334 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-10-18 22:27:15 | 001,488,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-10-18 22:20:18 | 000,376,992 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011-10-18 22:20:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-10-18 22:19:58 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys
[2011-10-17 22:29:35 | 000,001,379 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio Elements.lnk
[2011-10-17 21:45:08 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011-10-17 19:28:07 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011-10-17 12:14:09 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011-10-12 15:42:01 | 000,000,612 | ---- | M] () -- f:\Moje dokumenty\0342_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | M] () -- f:\Moje dokumenty\0341_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | M] () -- f:\Moje dokumenty\0339_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | M] () -- f:\Moje dokumenty\0338_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | M] () -- f:\Moje dokumenty\0337_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | M] () -- f:\Moje dokumenty\0336_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | M] () -- f:\Moje dokumenty\0335_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | M] () -- f:\Moje dokumenty\0334_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | M] () -- f:\Moje dokumenty\0333_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | M] () -- f:\Moje dokumenty\0332_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | M] () -- f:\Moje dokumenty\0331_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,542 | ---- | M] () -- f:\Moje dokumenty\rzecznik konsumenta.lnk
[2011-10-12 15:42:01 | 000,000,535 | ---- | M] () -- f:\Moje dokumenty\zdjęcia susiec 035.lnk
[2011-10-12 15:42:01 | 000,000,465 | ---- | M] () -- f:\Moje dokumenty\DSC00171.lnk
[2011-10-12 15:42:01 | 000,000,465 | ---- | M] () -- f:\Moje dokumenty\DSC00170.lnk
[2011-10-12 15:42:01 | 000,000,465 | ---- | M] () -- f:\Moje dokumenty\DSC00169.lnk
[2011-10-12 15:42:01 | 000,000,465 | ---- | M] () -- f:\Moje dokumenty\DSC00168.lnk
[2011-10-12 15:42:01 | 000,000,465 | ---- | M] () -- f:\Moje dokumenty\DSC00167.lnk
[2011-10-12 15:42:01 | 000,000,465 | ---- | M] () -- f:\Moje dokumenty\DSC00070.lnk
[2011-10-12 15:42:01 | 000,000,449 | ---- | M] () -- f:\Moje dokumenty\TPLINK.lnk
[2011-10-12 15:42:01 | 000,000,449 | ---- | M] () -- f:\Moje dokumenty\karta9.lnk
[2011-10-03 05:06:16 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011-10-03 05:06:15 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011-10-03 05:06:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011-10-03 05:06:03 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011-09-29 20:41:40 | 000,002,023 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011-09-25 11:58:37 | 000,001,215 | ---- | M] () -- C:\Users\biszkopt\Desktop\Skrzyżowania.lnk
[2011-09-25 11:57:53 | 000,001,210 | ---- | M] () -- C:\Users\biszkopt\Desktop\Testy B 2011.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011-10-17 22:29:35 | 000,001,379 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio Elements.lnk
[2011-10-17 21:38:04 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011-10-17 21:38:04 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011-10-17 21:38:04 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011-10-17 21:38:04 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011-10-17 21:38:04 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011-10-17 19:28:07 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011-10-17 19:28:07 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011-10-17 19:14:35 | 000,002,249 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | C] () -- f:\Moje dokumenty\0342_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | C] () -- f:\Moje dokumenty\0341_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | C] () -- f:\Moje dokumenty\0339_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | C] () -- f:\Moje dokumenty\0338_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | C] () -- f:\Moje dokumenty\0337_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | C] () -- f:\Moje dokumenty\0336_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | C] () -- f:\Moje dokumenty\0335_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | C] () -- f:\Moje dokumenty\0334_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | C] () -- f:\Moje dokumenty\0333_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | C] () -- f:\Moje dokumenty\0332_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,612 | ---- | C] () -- f:\Moje dokumenty\0331_Image-Date-time original.lnk
[2011-10-12 15:42:01 | 000,000,542 | ---- | C] () -- f:\Moje dokumenty\rzecznik konsumenta.lnk
[2011-10-12 15:42:01 | 000,000,535 | ---- | C] () -- f:\Moje dokumenty\zdjęcia susiec 035.lnk
[2011-10-12 15:42:01 | 000,000,465 | ---- | C] () -- f:\Moje dokumenty\DSC00171.lnk
[2011-10-12 15:42:01 | 000,000,465 | ---- | C] () -- f:\Moje dokumenty\DSC00170.lnk
[2011-10-12 15:42:01 | 000,000,465 | ---- | C] () -- f:\Moje dokumenty\DSC00169.lnk
[2011-10-12 15:42:01 | 000,000,465 | ---- | C] () -- f:\Moje dokumenty\DSC00168.lnk
[2011-10-12 15:42:01 | 000,000,465 | ---- | C] () -- f:\Moje dokumenty\DSC00167.lnk
[2011-10-12 15:42:01 | 000,000,465 | ---- | C] () -- f:\Moje dokumenty\DSC00070.lnk
[2011-10-12 15:42:01 | 000,000,449 | ---- | C] () -- f:\Moje dokumenty\TPLINK.lnk
[2011-10-12 15:42:01 | 000,000,449 | ---- | C] () -- f:\Moje dokumenty\karta9.lnk
[2011-10-12 15:40:06 | 002,384,755 | ---- | C] () -- f:\Moje dokumenty\0337_Image-Date-time original.JPG
[2011-10-12 15:40:06 | 002,380,447 | ---- | C] () -- f:\Moje dokumenty\0338_Image-Date-time original.JPG
[2011-10-12 15:40:06 | 002,363,174 | ---- | C] () -- f:\Moje dokumenty\0336_Image-Date-time original.JPG
[2011-10-12 15:40:06 | 002,346,654 | ---- | C] () -- f:\Moje dokumenty\0342_Image-Date-time original.JPG
[2011-10-12 15:40:06 | 002,309,486 | ---- | C] () -- f:\Moje dokumenty\0339_Image-Date-time original.JPG
[2011-10-12 15:40:06 | 002,222,513 | ---- | C] () -- f:\Moje dokumenty\0341_Image-Date-time original.JPG
[2011-10-12 15:40:06 | 002,094,056 | ---- | C] () -- f:\Moje dokumenty\0335_Image-Date-time original.JPG
[2011-10-12 15:40:05 | 002,367,983 | ---- | C] () -- f:\Moje dokumenty\0331_Image-Date-time original.JPG
[2011-10-12 15:40:05 | 002,235,611 | ---- | C] () -- f:\Moje dokumenty\0334_Image-Date-time original.JPG
[2011-10-12 15:40:05 | 002,180,914 | ---- | C] () -- f:\Moje dokumenty\0332_Image-Date-time original.JPG
[2011-10-12 15:40:05 | 002,094,439 | ---- | C] () -- f:\Moje dokumenty\0333_Image-Date-time original.JPG
[2011-09-29 20:41:40 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011-09-29 20:41:40 | 000,002,023 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011-09-25 11:58:37 | 000,001,215 | ---- | C] () -- C:\Users\biszkopt\Desktop\Skrzyżowania.lnk
[2011-09-25 11:57:53 | 000,001,210 | ---- | C] () -- C:\Users\biszkopt\Desktop\Testy B 2011.lnk
[2011-03-21 19:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011-02-07 22:09:32 | 000,000,600 | ---- | C] () -- C:\Users\biszkopt\AppData\Roaming\winscp.rnd
[2011-01-13 05:03:18 | 000,003,155 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-01-01 15:41:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-12-09 18:17:24 | 000,211,061 | ---- | C] () -- C:\Windows\hpoins18.dat
[2010-12-09 18:17:24 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2010-10-18 21:41:00 | 000,140,367 | ---- | C] () -- C:\Windows\hpoins18.dat.temp
[2010-10-18 21:41:00 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat.temp
[2010-08-25 21:14:08 | 000,000,116 | ---- | C] () -- C:\Windows\ConverterCore.INI
[2010-08-25 21:04:16 | 000,021,248 | ---- | C] () -- C:\Windows\SysWow64\solidlocalmon.dll
[2010-08-25 21:04:16 | 000,013,568 | ---- | C] () -- C:\Windows\SysWow64\solidlocalui.dll
[2010-08-17 20:28:19 | 000,010,240 | ---- | C] () -- C:\Users\biszkopt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-11 19:26:21 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010-06-04 00:59:15 | 000,007,607 | ---- | C] () -- C:\Users\biszkopt\AppData\Local\Resmon.ResmonCfg
[2010-05-31 11:46:15 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-05-31 10:59:12 | 000,004,667 | ---- | C] () -- C:\Windows\WINCMD.INI
[2010-05-31 10:18:25 | 000,000,000 | ---- | C] () -- C:\Users\biszkopt\AppData\Roaming\wklnhst.dat
[2010-05-30 12:19:47 | 000,013,576 | ---- | C] () -- C:\Windows\SysWow64\wnaspi32.dll
[2010-05-27 23:22:50 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010-03-28 06:40:29 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010-03-28 06:40:29 | 000,106,496 | ---- | C] () -- C:\Windows\FixUVC.exe
[2010-03-28 06:40:29 | 000,000,188 | ---- | C] () -- C:\Windows\PidList.ini
[2010-03-28 06:16:34 | 000,001,282 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2009-11-05 02:21:23 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2009-11-05 02:21:23 | 000,000,169 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2009-11-05 02:21:23 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009-07-13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009-07-13 23:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009-07-13 23:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-08-08 18:09:19 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\ACD Systems
[2011-10-17 22:29:56 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\Ashampoo
[2011-04-12 00:14:51 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\BESTplayer
[2011-09-03 15:58:43 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\DAEMON Tools Lite
[2010-05-30 21:15:30 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\ESET
[2011-09-23 21:57:13 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\foobar2000
[2011-10-17 12:20:07 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\Foxit Software
[2010-05-31 10:59:53 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\Gadu-Gadu
[2010-05-27 23:20:17 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\GHISLER
[2011-09-30 11:29:27 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\ipla
[2011-03-02 20:19:53 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\LibreOffice
[2010-11-29 21:43:15 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\Mp3tag
[2011-09-03 14:48:11 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\NapiProjekt
[2011-02-10 19:05:37 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\OpenOffice.org
[2011-01-13 19:14:14 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\Opera
[2011-10-18 22:25:33 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\PowerCinema
[2010-08-05 20:20:27 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\ProgSense
[2010-12-27 13:54:47 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\RDRM
[2010-08-25 21:17:53 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\SolidDocuments
[2010-05-31 10:18:26 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\Template
[2010-05-31 09:16:02 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\Thunderbird
[2011-08-23 19:50:02 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\TightVNC
[2011-07-20 17:05:37 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\Tlen.pl
[2011-10-17 19:14:26 | 000,000,000 | ---D | M] -- C:\Users\biszkopt\AppData\Roaming\TuneUp Software
[2011-06-16 17:53:18 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:444C53BA
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54

< End of report >