OTL logfile created on: 2013-03-26 21:09:37 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = K:\ 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,98 Gb Total Physical Memory | 7,00 Gb Available Physical Memory | 87,73% Memory free 15,96 Gb Paging File | 14,99 Gb Available in Paging File | 93,91% Paging File free Paging file location(s): d:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 49,26 Gb Total Space | 8,83 Gb Free Space | 17,92% Space Free | Partition Type: NTFS Drive D: | 546,80 Gb Total Space | 5,99 Gb Free Space | 1,10% Space Free | Partition Type: NTFS Drive I: | 537,01 Gb Total Space | 13,89 Gb Free Space | 2,59% Space Free | Partition Type: NTFS Drive J: | 59,06 Gb Total Space | 29,22 Gb Free Space | 49,48% Space Free | Partition Type: NTFS Drive K: | 14,90 Gb Total Space | 14,80 Gb Free Space | 99,37% Space Free | Partition Type: NTFS Computer Name: I52550K | User Name: Arti | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-03-26 13:51:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- K:\OTL.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-09-28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2011-09-27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013-03-13 19:23:19 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-02-25 20:40:52 | 000,076,888 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2013-01-08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-04-26 10:47:27 | 000,114,688 | ---- | M] (Acresso) [Auto | Stopped] -- I:\Programy\Workshop\WorkshopDBServer.exe -- (WorkshopDBService) SRV - [2011-03-21 16:19:16 | 001,845,248 | ---- | M] (Locktime Software) [Disabled | Stopped] -- D:\Programy\Netlimiter\nlsvc.exe -- (nlsvc) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-01-25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc) SRV - [2009-07-16 16:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-02-26 17:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Programy\MS Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2008-09-29 14:09:20 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2007-05-31 09:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 09:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-11-09 12:30:02 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2012-11-09 12:30:02 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2012-09-28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2012-09-28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2012-09-28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2012-08-29 18:46:14 | 000,028,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dfx11_1x64.sys -- (DFX11_1) DRV:[b]64bit:[/b] - [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2012-04-27 21:19:26 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-03-31 13:59:08 | 000,041,232 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\flpydi2k.sys -- (flpydi2k) DRV:[b]64bit:[/b] - [2012-02-24 10:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:[b]64bit:[/b] - [2012-02-24 10:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:[b]64bit:[/b] - [2012-01-30 08:28:00 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2012-01-18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) DRV:[b]64bit:[/b] - [2012-01-18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:[b]64bit:[/b] - [2011-09-02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b]64bit:[/b] - [2011-09-02 07:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb) DRV:[b]64bit:[/b] - [2011-09-02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b]64bit:[/b] - [2011-09-02 07:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd) DRV:[b]64bit:[/b] - [2011-07-29 13:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv) DRV:[b]64bit:[/b] - [2011-07-29 13:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv) DRV:[b]64bit:[/b] - [2011-06-28 22:09:05 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:[b]64bit:[/b] - [2011-06-28 22:09:05 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:[b]64bit:[/b] - [2011-06-02 06:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:[b]64bit:[/b] - [2011-06-02 06:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) DRV:[b]64bit:[/b] - [2011-06-02 06:47:22 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) DRV:[b]64bit:[/b] - [2011-06-02 06:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) DRV:[b]64bit:[/b] - [2011-03-21 16:44:30 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisPT) DRV:[b]64bit:[/b] - [2011-03-21 16:44:30 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisMP) DRV:[b]64bit:[/b] - [2011-03-17 15:45:20 | 000,025,216 | ---- | M] (Dev47Apps) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\droidcam.sys -- (DroidCam) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-02-08 12:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI) DRV:[b]64bit:[/b] - [2011-02-08 12:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3) DRV:[b]64bit:[/b] - [2011-01-22 20:35:07 | 000,311,968 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:[b]64bit:[/b] - [2011-01-22 20:35:07 | 000,043,168 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:[b]64bit:[/b] - [2011-01-04 16:11:16 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:[b]64bit:[/b] - [2010-12-21 06:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-10-28 08:27:24 | 001,267,200 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmudaxp.sys -- (cmudaxp) DRV:[b]64bit:[/b] - [2010-10-19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2010-09-28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2010-07-26 14:18:58 | 000,020,568 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv) DRV:[b]64bit:[/b] - [2010-06-23 16:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010-05-07 17:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon) DRV:[b]64bit:[/b] - [2010-05-07 17:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64) DRV:[b]64bit:[/b] - [2010-05-06 10:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2010-04-27 15:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid) DRV:[b]64bit:[/b] - [2010-04-27 15:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo) DRV:[b]64bit:[/b] - [2010-04-27 13:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter) DRV:[b]64bit:[/b] - [2010-02-26 13:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt) DRV:[b]64bit:[/b] - [2010-02-26 13:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:[b]64bit:[/b] - [2010-02-26 13:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64) DRV:[b]64bit:[/b] - [2010-02-26 13:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64) DRV:[b]64bit:[/b] - [2010-02-26 13:21:22 | 000,173,056 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:[b]64bit:[/b] - [2010-02-26 13:21:20 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64) DRV:[b]64bit:[/b] - [2009-12-17 23:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:[b]64bit:[/b] - [2009-11-24 02:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid) DRV:[b]64bit:[/b] - [2009-11-24 02:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum) DRV:[b]64bit:[/b] - [2009-11-01 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:[b]64bit:[/b] - [2009-09-11 11:49:18 | 000,076,552 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore) DRV:[b]64bit:[/b] - [2009-09-11 11:48:36 | 000,026,248 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum) DRV:[b]64bit:[/b] - [2009-08-21 00:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2009-07-14 01:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda) DRV:[b]64bit:[/b] - [2009-07-14 01:08:58 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSIRCOMM.sys -- (MSIRCOMM) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-03-25 16:48:00 | 000,153,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm) DRV:[b]64bit:[/b] - [2009-03-25 16:48:00 | 000,146,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic) DRV:[b]64bit:[/b] - [2009-03-25 16:48:00 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt) DRV:[b]64bit:[/b] - [2009-03-25 16:48:00 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex) DRV:[b]64bit:[/b] - [2009-03-25 16:48:00 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus) DRV:[b]64bit:[/b] - [2009-03-25 16:48:00 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018nd5.sys -- (s1018nd5) DRV:[b]64bit:[/b] - [2009-03-25 16:48:00 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl) DRV:[b]64bit:[/b] - [2009-03-18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:[b]64bit:[/b] - [2008-10-21 09:22:44 | 000,145,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017unic.sys -- (s0017unic) DRV:[b]64bit:[/b] - [2008-10-21 09:22:44 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017obex.sys -- (s0017obex) DRV:[b]64bit:[/b] - [2008-10-21 09:22:44 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017nd5.sys -- (s0017nd5) DRV:[b]64bit:[/b] - [2008-10-21 09:22:42 | 000,152,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mdm.sys -- (s0017mdm) DRV:[b]64bit:[/b] - [2008-10-21 09:22:42 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mgmt.sys -- (s0017mgmt) DRV:[b]64bit:[/b] - [2008-10-21 09:22:42 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mdfl.sys -- (s0017mdfl) DRV:[b]64bit:[/b] - [2008-10-21 09:22:40 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017bus.sys -- (s0017bus) DRV:[b]64bit:[/b] - [2008-05-16 11:33:06 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdm.sys -- (s0016mdm) DRV:[b]64bit:[/b] - [2008-05-16 11:33:06 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016unic.sys -- (s0016unic) DRV:[b]64bit:[/b] - [2008-05-16 11:33:06 | 000,137,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mgmt.sys -- (s0016mgmt) DRV:[b]64bit:[/b] - [2008-05-16 11:33:06 | 000,136,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016obex.sys -- (s0016obex) DRV:[b]64bit:[/b] - [2008-05-16 11:33:06 | 000,034,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016nd5.sys -- (s0016nd5) DRV:[b]64bit:[/b] - [2008-05-16 11:33:04 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdfl.sys -- (s0016mdfl) DRV:[b]64bit:[/b] - [2008-05-16 11:32:56 | 000,115,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016bus.sys -- (s0016bus) DRV:[b]64bit:[/b] - [2008-04-22 08:53:36 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64) DRV:[b]64bit:[/b] - [2008-03-17 18:12:26 | 000,028,664 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\Ckldrv.sys -- (NetworkX) DRV:[b]64bit:[/b] - [2008-01-19 06:28:36 | 000,033,792 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irstusb.sys -- (STIrUsb) DRV:[b]64bit:[/b] - [2005-09-23 21:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus) DRV - [2011-07-29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv) DRV - [2011-07-29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008-07-26 21:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Stopped] -- D:\Programy\RealTemp_370_[www.programosy.pl]\WinRing0x64.sys -- (WinRing0_1_2_0) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2921804340-1641642727-1073400144-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-2921804340-1641642727-1073400144-1001\..\SearchScopes,DefaultScope = {86A904BC-F2FC-4348-B8CF-3AF9A7B5E3CB} IE - HKU\S-1-5-21-2921804340-1641642727-1073400144-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2921804340-1641642727-1073400144-1001\..\SearchScopes\{86A904BC-F2FC-4348-B8CF-3AF9A7B5E3CB}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE - HKU\S-1-5-21-2921804340-1641642727-1073400144-1001\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms} IE - HKU\S-1-5-21-2921804340-1641642727-1073400144-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.iracing.com" FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Arti\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Arti\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Arti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Users\Arti\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Arti\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Users\Arti\AppData\Local\Mozilla Firefox\components [2012-04-24 08:07:49 | 000,000,000 | ---D | M] [2012-07-22 23:53:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Arti\AppData\Roaming\mozilla\Extensions [2010-03-03 15:45:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Arti\AppData\Roaming\mozilla\Firefox\extensions [2010-03-03 15:45:49 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Arti\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2012-11-07 01:02:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Arti\AppData\Roaming\mozilla\Firefox\Profiles\66fbkk4r.default\extensions [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: DAEMON Search (Enabled) CHR - default_search_provider: search_url = http://www.daemon-search.com/search?q={searchTerms} CHR - default_search_provider: suggest_url = CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Arti\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Arti\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Arti\AppData\Local\Google\Chrome\Application\25.0.1364.172\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = D:\Programy\Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = D:\Programy\Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = D:\Programy\Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = D:\Programy\Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = D:\Programy\Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = D:\Programy\Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = D:\Programy\Firefox\plugins\npqtplugin7.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll CHR - plugin: Unity Player (Enabled) = C:\Users\Arti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Google Update (Enabled) = C:\Users\Arti\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Game Face Plugin (Enabled) = C:\Users\Arti\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll CHR - Extension: YouTube = C:\Users\Arti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Szukaj w Google = C:\Users\Arti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Gmail = C:\Users\Arti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2012-06-23 19:59:49 | 000,000,896 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 secure.tune-up.com O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\MS Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [HomeKeyLogger] I:\Programy\HomeKeylogger\KeyLogger.exe (SpyArsenal Software) O4 - HKLM..\Run: [StartCCC] D:\ATI\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [VirtualCloneDrive] D:\Programy\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) O4 - HKU\.DEFAULT..\Run: [CtxfiReg] CTXFIREG.exe /FAIL1 File not found O4 - HKU\.DEFAULT..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 File not found O4 - HKU\S-1-5-18..\Run: [CtxfiReg] CTXFIREG.exe /FAIL1 File not found O4 - HKU\S-1-5-18..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 File not found O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found O4 - HKU\S-1-5-21-2921804340-1641642727-1073400144-1001..\Run: [DAEMON Tools Lite] D:\Programy\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-2921804340-1641642727-1073400144-1001..\Run: [Facebook Update] C:\Users\Arti\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-2921804340-1641642727-1073400144-1001..\Run: [uTorrent] D:\Programy\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4:[b]64bit:[/b] - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\SysNative\WerFault.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0 O7 - HKU\S-1-5-21-2921804340-1641642727-1073400144-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Programy\MS Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Programy\MS Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MS Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MS Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\MS Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2921804340-1641642727-1073400144-1001\..Trusted Domains: mks.com.pl ([www] https in Zaufane witryny) O16:[b]64bit:[/b] - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://83.1.129.250:999/activex/AMC.cab (Reg Error: Key error.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.202.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{11DDBFA8-BA7F-4954-983E-018825A2F1F4}: DhcpNameServer = 10.20.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B83BF48-D98B-46CD-9A08-ABF2730425A0}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C9CE1AC-710B-4F70-8D41-002132A6A433}: DhcpNameServer = 192.168.202.1 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\MS Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-2921804340-1641642727-1073400144-1001 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-2921804340-1641642727-1073400144-1001 Winlogon: Shell - (C:\Users\Arti\AppData\Roaming\skype.dat) - C:\Users\Arti\AppData\Roaming\skype.dat () O20:[b]64bit:[/b] - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programy\MS Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O31 - SafeBoot: UseAlternatShell - 1 O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013-03-12 13:27:43 | 000,223,714 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O33 - MountPoints2\{1d073669-2577-11df-a811-0021851c8353}\Shell - "" = AutoRun O33 - MountPoints2\{a1d294d2-cb92-11df-ba99-0021851c8353}\Shell - "" = AutoRun O33 - MountPoints2\{c5e6926d-8853-11e0-ae60-ddf9c00b33ec}\Shell - "" = AutoRun O33 - MountPoints2\{c5e6926d-8853-11e0-ae60-ddf9c00b33ec}\Shell\AutoRun\command - "" = F:\I_am_Alive_Setup.exe O33 - MountPoints2\{c7a52d9f-63df-11df-a290-0021851c8353}\Shell - "" = AutoRun O33 - MountPoints2\{ecf6d725-c34a-11df-a55a-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\I_am_Alive_Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-03-26 21:04:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\OTL.exe [2013-03-25 21:46:53 | 000,000,000 | ---D | C] -- C:\Users\Arti\AppData\Roaming\TS3Client [2013-03-25 21:46:48 | 000,000,000 | ---D | C] -- C:\Users\Arti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2013-03-21 18:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O22y Inc [2013-03-11 22:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013-03-11 22:26:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013-03-10 12:04:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\New Super Mario Forever [2013-03-09 11:53:52 | 000,000,000 | ---D | C] -- C:\Users\Arti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook [2013-02-25 09:51:10 | 000,000,000 | ---D | C] -- C:\Users\Arti\AppData\Local\ESN [2013-02-25 09:51:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins [2013-02-25 08:18:18 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-03-26 21:08:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-03-26 21:08:27 | 2133,868,543 | -HS- | M] () -- C:\hiberfil.sys [2013-03-26 21:07:22 | 000,002,560 | ---- | M] () -- C:\Windows\SysNative\thunk.dll [2013-03-26 21:07:22 | 000,001,024 | ---- | M] () -- C:\Windows\SysWow64\thunk.dll [2013-03-26 18:19:30 | 000,000,004 | ---- | M] () -- C:\Users\Arti\AppData\Roaming\skype.ini [2013-03-26 18:18:56 | 243,931,843 | ---- | M] () -- C:\Windows\SysWow64\msscache.dll [2013-03-26 18:15:52 | 003,272,222 | ---- | M] () -- C:\Users\Arti\Desktop\AutoRuns.arn [2013-03-26 18:00:27 | 000,947,042 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-03-26 18:00:27 | 000,702,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-03-26 18:00:27 | 000,218,650 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-03-26 18:00:27 | 000,187,706 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-03-26 18:00:27 | 000,005,032 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-03-26 13:51:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.exe [2013-03-26 13:23:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-03-26 12:32:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2921804340-1641642727-1073400144-1001UA.job [2013-03-26 11:52:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2921804340-1641642727-1073400144-1001UA.job [2013-03-25 21:46:48 | 000,000,706 | ---- | M] () -- C:\Users\Arti\Desktop\TeamSpeak 3 Client.lnk [2013-03-25 20:52:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2921804340-1641642727-1073400144-1001Core.job [2013-03-25 17:32:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2921804340-1641642727-1073400144-1001Core.job [2013-03-21 18:58:40 | 000,000,477 | ---- | M] () -- C:\Users\Arti\Desktop\Tomb Raider.lnk [2013-03-21 10:42:14 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2013-03-21 10:42:14 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2013-03-21 10:42:04 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2013-03-20 03:21:57 | 000,031,488 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-03-20 03:21:57 | 000,031,488 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-03-19 17:11:06 | 000,044,966 | ---- | M] () -- C:\Users\Arti\8111ee3eac72cb63.jpg [2013-03-19 11:58:49 | 000,000,070 | ---- | M] () -- C:\Users\Arti\AppData\Local\Images.fl [2013-03-14 20:34:42 | 000,002,376 | ---- | M] () -- C:\Users\Arti\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013-03-13 19:23:19 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-03-13 19:23:19 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-03-10 12:04:22 | 000,000,815 | ---- | M] () -- C:\Users\Public\Desktop\New Super Mario Forever.lnk [2013-03-03 19:34:48 | 000,000,209 | ---- | M] () -- C:\Users\Arti\Desktop\Counter-Strike Global Offensive.url [2013-02-25 20:40:52 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2013-02-25 20:35:07 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-03-26 18:15:52 | 003,272,222 | ---- | C] () -- C:\Users\Arti\Desktop\AutoRuns.arn [2013-03-26 13:21:27 | 000,000,004 | ---- | C] () -- C:\Users\Arti\AppData\Roaming\skype.ini [2013-03-25 21:46:48 | 000,000,706 | ---- | C] () -- C:\Users\Arti\Desktop\TeamSpeak 3 Client.lnk [2013-03-21 18:58:40 | 000,000,477 | ---- | C] () -- C:\Users\Arti\Desktop\Tomb Raider.lnk [2013-03-19 17:11:05 | 000,044,966 | ---- | C] () -- C:\Users\Arti\8111ee3eac72cb63.jpg [2013-03-10 12:04:22 | 000,000,815 | ---- | C] () -- C:\Users\Public\Desktop\New Super Mario Forever.lnk [2013-03-03 19:34:48 | 000,000,209 | ---- | C] () -- C:\Users\Arti\Desktop\Counter-Strike Global Offensive.url [2013-02-24 22:35:28 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [2013-01-31 17:03:39 | 141,828,601 | ---- | C] () -- C:\Users\Arti\S5830XWKTQ_S5830ORSLP1_ORS.zip [2013-01-07 19:38:29 | 002,469,760 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe [2013-01-07 19:38:29 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe [2013-01-07 19:38:29 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll [2013-01-07 19:38:29 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys [2013-01-07 19:38:29 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys [2012-11-07 00:27:54 | 000,000,058 | ---- | C] () -- C:\Windows\SysWow64\DonationCoder_ScreenshotCaptor_InstallInfo.dat [2012-11-07 00:27:54 | 000,000,058 | ---- | C] () -- C:\Users\Arti\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat [2012-08-20 15:38:07 | 000,477,168 | ---- | C] () -- C:\Windows\SysWow64\npdeployJava1.dll [2012-08-20 15:38:07 | 000,157,680 | ---- | C] () -- C:\Windows\SysWow64\javaws.exe [2012-08-20 15:38:07 | 000,149,488 | ---- | C] () -- C:\Windows\SysWow64\javaw.exe [2012-08-20 15:38:07 | 000,149,488 | ---- | C] () -- C:\Windows\SysWow64\java.exe [2012-06-26 16:42:40 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012-06-26 16:42:40 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012-06-21 09:37:14 | 003,166,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2012-05-02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012-04-27 21:16:53 | 000,094,208 | ---- | C] () -- C:\Users\Arti\AppData\Roaming\skype.dat [2012-04-26 10:47:25 | 000,000,037 | ---- | C] () -- C:\Windows\Crypkey.ini [2012-04-26 10:47:21 | 000,027,648 | R--- | C] () -- C:\Windows\Setup_ck.exe [2012-04-26 10:47:21 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll [2012-04-26 10:47:21 | 000,011,776 | ---- | C] () -- C:\Windows\Ckrfresh.exe [2012-04-17 07:09:32 | 243,931,843 | ---- | C] () -- C:\Windows\SysWow64\msscache.dll [2012-04-17 07:09:16 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\thunk.dll [2012-04-16 07:59:19 | 000,000,032 | ---- | C] () -- C:\Windows\SysWow64\mfc10com.dat.dll [2012-04-03 16:40:04 | 003,502,080 | ---- | C] () -- C:\Windows\SysWow64\fltMCsvr.exe [2012-03-31 13:58:48 | 001,171,456 | ---- | C] () -- C:\Windows\SysWow64\wlanu32.dll [2012-03-31 13:58:12 | 001,530,880 | ---- | C] () -- C:\Windows\SysWow64\qdvx32.dll [2012-03-31 13:57:40 | 001,128,448 | ---- | C] () -- C:\Windows\SysWow64\RPCNDx86.dll [2012-03-28 21:56:40 | 000,000,362 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012-01-19 15:24:22 | 000,319,488 | R--- | C] () -- C:\Windows\SysWow64\cmdevice.dll [2012-01-18 14:58:07 | 000,000,830 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi [2012-01-18 14:58:05 | 000,005,801 | ---- | C] () -- C:\Windows\cmudaxp.ini [2012-01-18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012-01-18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012-01-18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2012-01-14 21:44:30 | 000,007,612 | ---- | C] () -- C:\Users\Arti\AppData\Local\Resmon.ResmonCfg [2012-01-04 15:36:11 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll [2011-12-22 15:53:08 | 000,004,096 | ---- | C] () -- C:\Users\Arti\AppData\Local\keyfile3.drm [2011-11-06 21:27:30 | 000,000,000 | ---- | C] () -- C:\Users\Arti\AppData\Roaming\downloads.m3u [2011-10-13 12:29:26 | 000,000,070 | ---- | C] () -- C:\Users\Arti\AppData\Local\Images.fl [2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011-07-29 22:16:35 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\winver.exe [2011-06-28 23:07:54 | 000,037,046 | ---- | C] () -- C:\Users\Arti\AppData\Roaming\Wartości oddzielone przecinkami (DOS).ADR [2011-04-23 20:35:01 | 000,008,192 | ---- | C] () -- C:\Users\Arti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-03-21 19:28:10 | 000,245,760 | ---- | C] () -- C:\Users\Arti\AppData\Roaming\chrtmp [2011-03-17 15:48:05 | 000,000,033 | ---- | C] () -- C:\ProgramData\droidcam-settings [2010-12-01 19:12:35 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe [2010-08-18 16:11:38 | 000,038,446 | ---- | C] () -- C:\Users\Arti\AppData\Roaming\Wartości oddzielone tabulatorami (Windows).ADR [2010-08-18 15:42:23 | 000,037,060 | ---- | C] () -- C:\Users\Arti\AppData\Roaming\Wartości oddzielone przecinkami (Windows).ADR [2010-03-14 23:20:14 | 000,000,181 | ---- | C] () -- C:\Users\Arti\AppData\Roaming\default.rss [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-10-08 14:16:15 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-10-08 14:16:15 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2011-07-29 22:30:59 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2010-12-02 21:38:17 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Opera [2010-11-15 16:07:30 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\2K Sports [2011-05-18 10:35:03 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\asocks2 [2012-01-19 17:38:45 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\ASUS [2011-01-22 20:40:37 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Atari [2012-12-21 21:07:36 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Audacity [2011-10-27 07:57:05 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\BeSpotted [2012-03-21 22:01:01 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\BESTplayer [2011-10-11 12:35:13 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\BlackBean [2010-03-19 21:57:29 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Bonetown [2010-08-18 15:31:50 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\CompanionLink [2012-01-27 15:47:21 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\ControlCenter4 [2012-12-20 00:29:28 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Crash Reports [2013-03-26 13:24:14 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\DAEMON Tools Lite [2010-09-18 18:35:58 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\DAEMON Tools Pro [2012-11-07 00:27:54 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\DonationCoder [2010-10-16 21:33:25 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\DroidExplorer [2012-06-28 06:57:32 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Dropbox [2012-01-01 12:58:16 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Electronic Arts [2010-03-03 15:45:45 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Foxit [2010-11-19 20:19:29 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Foxit Software [2012-08-21 07:48:42 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Gadu-Gadu 10 [2012-12-20 00:27:30 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\GG [2012-09-11 21:58:02 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\GHISLER [2013-02-19 16:03:47 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\GoPlayer [2012-08-14 10:22:17 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\ipla [2010-06-21 07:57:08 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Leadertech [2010-10-23 06:54:30 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Microgaming [2012-09-28 20:41:58 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Might & Magic Heroes VI [2012-10-15 13:40:56 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Milestone [2012-08-20 10:43:26 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Need for Speed World [2010-11-26 23:08:58 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Nokia [2010-11-19 20:31:49 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Nokia Ovi Suite [2013-03-19 11:58:55 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\ObviousIdea [2011-03-17 21:44:27 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\OpenFM [2011-01-28 09:58:28 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Opera [2012-12-02 15:57:52 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Origin [2010-10-16 20:29:20 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Outlook [2010-11-19 20:31:29 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\PC Suite [2012-07-17 14:53:55 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\pl.5fantastic.oneway.8566CE160176669D38AD6CA5DF2B8C8BE659144F.1 [2010-09-11 21:32:26 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\RigNRoll_pol [2011-01-09 09:44:33 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Rovio [2012-07-30 16:17:23 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Samsung [2010-12-19 20:44:08 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Sony [2012-06-04 15:38:43 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Tibia [2013-03-25 22:37:16 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\TS3Client [2012-06-22 11:58:41 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\TuneUp Software [2012-06-28 07:00:40 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Ubisoft [2012-02-10 14:03:36 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Unity [2013-03-26 18:19:32 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\uTorrent [2011-01-24 21:25:27 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\VDownloader [2010-05-30 07:51:04 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\VitySoft [2012-12-24 12:40:53 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\VSO [2010-03-07 18:53:36 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Win7codecs [2013-01-10 13:56:06 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\Windows Live Writer [2010-11-16 16:43:54 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\WinMount [2010-12-31 09:01:47 | 000,000,000 | ---D | M] -- C:\Users\Arti\AppData\Roaming\ZombieDriver [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] [2012-12-30 18:00:31 | 000,000,000 | ---D | M](C:\????? ?????) -- C:\Новая папка [2012-12-30 18:00:31 | 000,000,000 | ---D | C](C:\????? ?????) -- C:\Новая папка [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:82F50D1C < End of report >