Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- OTL logfile created on: 9/16/2012 8:34:32 PM - Run 2
- OTL by OldTimer - Version 3.2.61.3 Folder = D:\
- 64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
- Internet Explorer (Version = 9.0.8112.16421)
- Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
- 3.80 Gb Total Physical Memory | 3.08 Gb Available Physical Memory | 81.15% Memory free
- 7.59 Gb Paging File | 7.04 Gb Available in Paging File | 92.69% Paging File free
- Paging file location(s): ?:\pagefile.sys [binary data]
- %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
- Drive C: | 448.47 Gb Total Space | 249.75 Gb Free Space | 55.69% Space Free | Partition Type: NTFS
- Drive D: | 7.70 Gb Total Space | 7.70 Gb Free Space | 99.97% Space Free | Partition Type: FAT32
- Drive F: | 1.99 Gb Total Space | 1.39 Gb Free Space | 70.02% Space Free | Partition Type: FAT32
- Computer Name: USER-HP | User Name: user | Logged in as Administrator.
- Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
- Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
- [color=#E56717]========== Processes (SafeList) ==========[/color]
- PRC - [2012/09/09 18:22:04 | 000,600,064 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
- PRC - [2010/03/31 01:04:46 | 000,629,000 | ---- | M] (DigitalPersona, Inc.) -- c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
- [color=#E56717]========== Modules (No Company Name) ==========[/color]
- [color=#E56717]========== Services (SafeList) ==========[/color]
- SRV:[b]64bit:[/b] - [2012/04/05 11:33:57 | 000,271,360 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
- SRV:[b]64bit:[/b] - [2012/04/05 11:33:57 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
- SRV:[b]64bit:[/b] - [2011/09/12 17:08:46 | 000,142,904 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
- SRV:[b]64bit:[/b] - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
- SRV:[b]64bit:[/b] - [2010/06/14 14:39:06 | 000,090,112 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe -- (HPDayStarterService)
- SRV:[b]64bit:[/b] - [2010/04/05 20:12:00 | 000,103,992 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
- SRV:[b]64bit:[/b] - [2010/03/31 01:04:50 | 000,462,088 | ---- | M] (DigitalPersona, Inc.) [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
- SRV:[b]64bit:[/b] - [2010/02/19 00:52:30 | 002,045,232 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
- SRV:[b]64bit:[/b] - [2010/02/02 02:09:48 | 000,281,192 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
- SRV:[b]64bit:[/b] - [2010/02/02 02:05:52 | 000,704,512 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe -- (DEBridge)
- SRV:[b]64bit:[/b] - [2010/01/21 19:42:44 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Stopped] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
- SRV:[b]64bit:[/b] - [2009/12/30 00:19:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
- SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
- SRV:[b]64bit:[/b] - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
- SRV:[b]64bit:[/b] - [2009/06/04 01:38:36 | 000,277,032 | ---- | M] (ActivIdentity) [Auto | Stopped] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore)
- SRV - [2012/08/30 20:17:44 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
- SRV - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
- SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
- SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
- SRV - [2012/06/13 03:48:50 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe -- (avgfws)
- SRV - [2012/03/14 10:28:28 | 000,197,504 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
- SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
- SRV - [2012/01/18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
- SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
- SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
- SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
- SRV - [2011/08/11 19:29:24 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Stopped] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
- SRV - [2011/03/16 11:26:40 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
- SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
- SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
- SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
- SRV - [2010/03/17 02:37:08 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Stopped] -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
- SRV - [2010/03/04 01:46:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
- SRV - [2010/03/04 01:46:54 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
- SRV - [2010/02/19 00:26:46 | 001,664,304 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
- SRV - [2010/01/19 20:17:10 | 000,297,984 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
- SRV - [2010/01/08 23:55:54 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
- SRV - [2009/12/07 20:36:10 | 000,362,040 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- c:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
- SRV - [2009/11/23 20:08:10 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
- SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
- [color=#E56717]========== Driver Services (SafeList) ==========[/color]
- DRV:[b]64bit:[/b] - [2012/08/24 15:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
- DRV:[b]64bit:[/b] - [2012/07/26 03:21:28 | 000,291,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
- DRV:[b]64bit:[/b] - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
- DRV:[b]64bit:[/b] - [2012/04/05 11:33:57 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
- DRV:[b]64bit:[/b] - [2012/03/01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
- DRV:[b]64bit:[/b] - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
- DRV:[b]64bit:[/b] - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
- DRV:[b]64bit:[/b] - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
- DRV:[b]64bit:[/b] - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
- DRV:[b]64bit:[/b] - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
- DRV:[b]64bit:[/b] - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
- DRV:[b]64bit:[/b] - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
- DRV:[b]64bit:[/b] - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
- DRV:[b]64bit:[/b] - [2011/05/23 01:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
- DRV:[b]64bit:[/b] - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
- DRV:[b]64bit:[/b] - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
- DRV:[b]64bit:[/b] - [2011/04/02 20:00:04 | 000,310,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
- DRV:[b]64bit:[/b] - [2011/04/02 17:57:52 | 000,042,696 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
- DRV:[b]64bit:[/b] - [2011/03/11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
- DRV:[b]64bit:[/b] - [2011/03/11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
- DRV:[b]64bit:[/b] - [2011/03/03 02:00:11 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
- DRV:[b]64bit:[/b] - [2011/03/03 01:45:32 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
- DRV:[b]64bit:[/b] - [2011/03/03 01:45:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
- DRV:[b]64bit:[/b] - [2011/03/03 01:45:32 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
- DRV:[b]64bit:[/b] - [2010/09/14 03:25:01 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
- DRV:[b]64bit:[/b] - [2010/06/04 02:18:56 | 001,379,376 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
- DRV:[b]64bit:[/b] - [2010/04/21 21:18:44 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
- DRV:[b]64bit:[/b] - [2010/02/27 02:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
- DRV:[b]64bit:[/b] - [2010/02/16 21:24:20 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
- DRV:[b]64bit:[/b] - [2010/02/03 16:38:30 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
- DRV:[b]64bit:[/b] - [2010/02/02 02:11:36 | 000,015,688 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\SysNative\drivers\SbFsLock.sys -- (SbFsLock)
- DRV:[b]64bit:[/b] - [2010/02/02 02:11:34 | 000,058,184 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\windows\SysNative\drivers\RsvLock.sys -- (RsvLock)
- DRV:[b]64bit:[/b] - [2010/02/02 02:11:32 | 000,056,648 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\SafeBoot.sys -- (SafeBoot)
- DRV:[b]64bit:[/b] - [2010/02/01 21:12:14 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
- DRV:[b]64bit:[/b] - [2010/01/30 07:46:04 | 000,089,344 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
- DRV:[b]64bit:[/b] - [2010/01/21 19:42:48 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
- DRV:[b]64bit:[/b] - [2010/01/08 23:45:26 | 000,409,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
- DRV:[b]64bit:[/b] - [2010/01/07 20:22:44 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
- DRV:[b]64bit:[/b] - [2010/01/07 20:22:40 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
- DRV:[b]64bit:[/b] - [2010/01/07 20:22:36 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
- DRV:[b]64bit:[/b] - [2010/01/07 20:22:34 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
- DRV:[b]64bit:[/b] - [2010/01/07 19:37:40 | 000,295,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
- DRV:[b]64bit:[/b] - [2009/12/12 00:32:06 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
- DRV:[b]64bit:[/b] - [2009/12/01 19:55:31 | 000,359,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
- DRV:[b]64bit:[/b] - [2009/10/29 03:54:00 | 000,079,360 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
- DRV:[b]64bit:[/b] - [2009/10/27 00:52:00 | 000,061,952 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
- DRV:[b]64bit:[/b] - [2009/10/21 22:37:52 | 000,040,760 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
- DRV:[b]64bit:[/b] - [2009/09/17 23:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
- DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
- DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
- DRV:[b]64bit:[/b] - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
- DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
- DRV:[b]64bit:[/b] - [2009/07/14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
- DRV:[b]64bit:[/b] - [2009/07/09 12:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
- DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
- DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
- DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
- DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
- DRV:[b]64bit:[/b] - [2009/06/04 20:32:52 | 000,060,160 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\SbAlg.sys -- (SbAlg)
- DRV - [2010/02/02 02:11:46 | 000,051,800 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysWow64\drivers\SbAlg.sys -- (SbAlg)
- DRV - [2010/02/02 02:11:28 | 000,013,256 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\SysWow64\drivers\SbFsLock.sys -- (SbFsLock)
- DRV - [2010/02/02 02:11:24 | 000,040,088 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\windows\SysWow64\drivers\rsvlock.sys -- (RsvLock)
- DRV - [2010/02/02 02:11:22 | 000,110,520 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysWow64\drivers\SafeBoot.sys -- (SafeBoot)
- DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
- [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
- [color=#E56717]========== Internet Explorer ==========[/color]
- IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
- IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
- IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
- IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0D5D2DD1-D324-4580-8DD4-E2509D769537}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
- IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
- IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
- IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
- IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
- IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
- IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
- IE - HKLM\..\SearchScopes\{0D5D2DD1-D324-4580-8DD4-E2509D769537}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
- IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
- IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
- IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
- IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
- IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
- IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
- IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
- IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
- IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\SearchScopes,DefaultScope = {0D5D2DD1-D324-4580-8DD4-E2509D769537}
- IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\SearchScopes\{0D5D2DD1-D324-4580-8DD4-E2509D769537}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
- IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
- IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_pl
- IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\SearchScopes\{824289E7-C086-4BB3-82E0-60676B1725CD}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=E9B797CF-EFB6-490A-81B0-357D3FC04A70&apn_sauid=12876BFC-61BF-46AF-97B4-721FC5D3EFA6&
- IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={B48EE48A-19DB-4F81-8153-63D8323C8365}&mid=&lang=pl&ds=AVG&pr=pr&d=&v=8.0.0.34&sap=dsp&q={searchTerms}
- IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\SearchScopes\{AF64A1F2-2644-4971-B54F-43CF95709972}: "URL" = http://search.avg.com/route/?d=4dfdca93&v=7.5.30.4&i=26&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
- IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
- [color=#E56717]========== FireFox ==========[/color]
- FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
- FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
- FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
- FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
- FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
- FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
- FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
- FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
- FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
- FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
- FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
- FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
- FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2010/09/14 02:58:37 | 000,000,000 | ---D | M]
- FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/09/11 09:56:27 | 000,000,000 | ---D | M]
- FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/08/31 09:58:50 | 000,000,000 | ---D | M]
- [2011/04/08 00:51:04 | 000,002,049 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
- [color=#E56717]========== Chrome ==========[/color]
- CHR - homepage: http://www.google.com
- CHR - default_search_provider: Google (Enabled)
- CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
- CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
- CHR - homepage: http://www.google.com
- CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
- CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
- CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
- CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
- CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\pdf.dll
- CHR - plugin: AVG Internet Security (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
- CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
- CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
- CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
- CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
- CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
- CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
- CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
- CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
- CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
- CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
- CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
- CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
- CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
- CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
- CHR - Extension: AVG Safe Search = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
- CHR - Extension: AVG Do Not Track = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
- O1 HOSTS File: ([2012/07/18 09:01:32 | 000,000,848 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
- O1 - Hosts: 192.168.5.99 sekretariat
- O2:[b]64bit:[/b] - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
- O2:[b]64bit:[/b] - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
- O2:[b]64bit:[/b] - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
- O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
- O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
- O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
- O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
- O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
- O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
- O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
- O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
- O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
- O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
- O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
- O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
- O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
- O3:[b]64bit:[/b] - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
- O4:[b]64bit:[/b] - HKLM..\Run: [] File not found
- O4:[b]64bit:[/b] - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
- O4:[b]64bit:[/b] - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
- O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
- O4:[b]64bit:[/b] - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe (Hewlett-Packard Company, L.P.)
- O4:[b]64bit:[/b] - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
- O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
- O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
- O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
- O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
- O4 - HKLM..\Run: [] File not found
- O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
- O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
- O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
- O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe ()
- O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe (Symantec Corporation)
- O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
- O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
- O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
- O4 - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background File not found
- O4 - HKLM..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/pl.special-uninstallation-feedback-app?lic=SU1PVFctNDlZUDMtV1c2WlotUVk0VUstQVQzNFctUw"&"inst=NzYtOTQ4OTcxNTE1LUZMMTArMS1MSUMrOC1TUDErMS1TUDFUQisxLVNQMVMzKzEtU1VEKzEtUzFJKzEtU1UzKzEtVFVHKzMtU1UzVCsxLUREVCswLVNUMTJPSSsxLUVVTEErMS1TVDEyQVBQKzE"&"prod=94"&"ver=2012.0.1831"&"mid=61978ecc475347d690c73163c42be5e8-0a8b5e41ff6d58dfa833a3999d4b0dae62bc0c92 File not found
- O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
- O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
- O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe (Sonic Solutions)
- O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
- O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
- O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
- O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
- O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
- O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
- O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
- O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
- O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
- O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
- O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
- O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
- O9:[b]64bit:[/b] - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
- O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
- O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
- O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
- O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
- O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
- O13[b]64bit:[/b] - gopher Prefix: missing
- O13 - gopher Prefix: missing
- O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
- O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
- O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
- O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
- O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
- O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
- O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
- O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
- O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
- O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
- O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
- O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
- O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
- O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
- O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
- O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
- O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
- O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
- O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
- O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
- O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
- O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
- O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
- O15 - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..Trusted Domains: hp.com ([]http in Trusted sites)
- O15 - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..Trusted Domains: oirpwarszawa.pl ([www] http in Trusted sites)
- O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
- O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
- O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
- O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
- O16 - DPF: {96816368-C1E3-414D-A193-63C3CC921990} http://hotelforumrome.remotemanager.co.uk/common/activex/MJPEGRender.ocx (MJPEGRender Control)
- O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
- O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
- O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
- O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
- O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab (SysInfo Class)
- O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
- O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0767B55-54D4-4503-8794-E2CECE15AEA1}: DhcpNameServer = 62.179.1.63 62.179.1.62
- O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E26AD895-8A6A-4985-8C2D-31A3C2120680}: DhcpNameServer = 194.204.152.34 194.204.159.1
- O18:[b]64bit:[/b] - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
- O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
- O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
- O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
- O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
- O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
- O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
- O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
- O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
- O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
- O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
- O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - File not found
- O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
- O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
- O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
- O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
- O20 - HKLM Winlogon: UserInit - (userinit.exe) - File not found
- O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
- O20 - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002 Winlogon: Shell - (explorer.exe) - File not found
- O20 - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002 Winlogon: Shell - (C:\Users\user\AppData\Roaming\msconfig.dat) - C:\Users\user\AppData\Roaming\msconfig.dat ()
- O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
- O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - File not found
- O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
- O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
- O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - File not found
- O29 - HKLM SecurityProviders - (credssp.dll) - File not found
- O31 - SafeBoot: UseAlternatShell - 1
- O32 - HKLM CDRom: AutoRun - 1
- O32 - AutoRun File - [2011/11/05 13:52:32 | 000,049,648 | ---- | M] () - D:\autoruns.chm -- [ FAT32 ]
- O32 - AutoRun File - [2012/09/10 09:16:28 | 000,649,864 | ---- | M] (Sysinternals - www.sysinternals.com) - D:\autoruns.exe -- [ FAT32 ]
- O32 - AutoRun File - [2012/09/10 09:16:28 | 000,567,944 | ---- | M] (Sysinternals - www.sysinternals.com) - D:\autorunsc.exe -- [ FAT32 ]
- O33 - MountPoints2\{4838e458-8479-11e0-b3c4-e02a82cf0c1b}\Shell - "" = AutoRun
- O33 - MountPoints2\{4838e458-8479-11e0-b3c4-e02a82cf0c1b}\Shell\AutoRun\command - "" = D:\Startme.exe
- O33 - MountPoints2\{61ace44a-53c8-11e0-b16b-e02a82cf0c1b}\Shell - "" = AutoRun
- O33 - MountPoints2\{61ace44a-53c8-11e0-b16b-e02a82cf0c1b}\Shell\AutoRun\command - "" = D:\HPLauncher.exe
- O34 - HKLM BootExecute: (autocheck autochk *)
- O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
- O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
- O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
- O35 - HKLM\..comfile [open] -- "%1" %*
- O35 - HKLM\..exefile [open] -- "%1" %*
- O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
- O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
- O37 - HKLM\...com [@ = comfile] -- "%1" %*
- O37 - HKLM\...exe [@ = exefile] -- "%1" %*
- O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
- O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
- O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
- [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
- [2012/09/16 18:24:14 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
- [2012/09/14 11:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
- [2012/09/14 11:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson
- [2012/09/14 11:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
- [2012/09/14 11:33:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
- [2012/09/14 11:33:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
- [2012/09/13 18:35:06 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Zefyvi
- [2012/09/13 18:35:06 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Udut
- [2012/09/13 18:35:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Giet
- [2012/09/12 13:02:15 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
- [2012/09/12 10:07:25 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LexPolonica
- [2012/09/12 10:07:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LexPolonica
- [2012/09/11 09:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
- [2012/09/05 16:31:06 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
- [2012/09/05 16:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
- [2012/09/05 16:31:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
- [2012/08/30 16:02:14 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\restore
- [2012/08/30 15:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\tmp
- [2012/08/30 15:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\hps
- [2012/08/30 15:44:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FOTOJOKER Fotoswiat
- [2012/08/30 15:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fotojoker
- [2012/08/24 15:43:16 | 000,384,352 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgtdia.sys
- [1 C:\windows\Fonts\*.tmp files -> C:\windows\Fonts\*.tmp -> ]
- [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
- [2012/09/16 20:33:27 | 007,077,888 | -HS- | M] () -- C:\Users\user\NTUSER.DAT
- [2012/09/16 20:10:33 | 001,560,168 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
- [2012/09/16 20:10:33 | 000,701,696 | ---- | M] () -- C:\windows\SysNative\perfh015.dat
- [2012/09/16 20:10:33 | 000,619,388 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
- [2012/09/16 20:10:33 | 000,136,456 | ---- | M] () -- C:\windows\SysNative\perfc015.dat
- [2012/09/16 20:10:33 | 000,107,450 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
- [2012/09/16 20:05:24 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
- [2012/09/16 20:05:17 | 4076,265,472 | -HS- | M] () -- C:\hiberfil.sys
- [2012/09/16 19:58:50 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- [2012/09/16 19:58:50 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- [2012/09/16 19:58:38 | 000,000,045 | ---- | M] () -- C:\Users\user\AppData\Roaming\msconfig.ini
- [2012/09/16 19:56:53 | 000,001,040 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
- [2012/09/16 19:56:29 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
- [2012/09/16 15:55:00 | 000,001,044 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
- [2012/09/16 15:19:20 | 001,167,781 | -H-- | M] () -- C:\Users\user\AppData\Local\IconCache.db
- [2012/09/16 15:19:00 | 000,000,930 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
- [2012/09/16 10:58:12 | 094,923,394 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\incavi.avm
- [2012/09/14 17:54:43 | 000,004,265 | ---- | M] () -- C:\windows\polonica.ini
- [2012/09/14 11:33:56 | 000,002,100 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
- [2012/09/13 18:12:42 | 000,357,220 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\iavichjg.avm
- [2012/09/13 15:37:15 | 000,000,328 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForuser.job
- [2012/09/12 10:07:25 | 000,000,705 | ---- | M] () -- C:\Users\user\Desktop\LexPolonica.lnk
- [2012/09/11 09:56:27 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
- [2012/09/04 20:57:35 | 000,112,815 | ---- | M] () -- C:\Users\user\Desktop\04.09.2012.gpx
- [2012/09/04 19:56:14 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
- [2012/09/03 09:00:42 | 000,145,416 | ---- | M] () -- C:\Users\user\Desktop\potwierdzenie.pdf
- [2012/08/31 21:33:41 | 000,627,150 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\iavifw.avm
- [2012/08/30 20:29:48 | 000,092,367 | ---- | M] () -- C:\Users\user\Desktop\no name.gpx
- [2012/08/30 20:17:43 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
- [2012/08/30 20:17:43 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
- [2012/08/30 15:44:51 | 000,001,281 | ---- | M] () -- C:\Users\Public\Desktop\FOTOJOKER Fotoswiat.lnk
- [2012/08/30 15:44:51 | 000,001,276 | ---- | M] () -- C:\Users\Public\Desktop\CEWE-Podglad Zdjec.lnk
- [2012/08/24 15:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgtdia.sys
- [color=#E56717]========== Files Created - No Company Name ==========[/color]
- [2012/09/16 15:19:20 | 001,167,781 | -H-- | C] () -- C:\Users\user\AppData\Local\IconCache.db
- [2012/09/16 14:20:47 | 000,000,045 | ---- | C] () -- C:\Users\user\AppData\Roaming\msconfig.ini
- [2012/09/14 11:33:56 | 000,002,100 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
- [2012/09/04 20:57:35 | 000,112,815 | ---- | C] () -- C:\Users\user\Desktop\04.09.2012.gpx
- [2012/08/30 20:29:48 | 000,092,367 | ---- | C] () -- C:\Users\user\Desktop\no name.gpx
- [2012/08/30 15:44:51 | 000,001,281 | ---- | C] () -- C:\Users\Public\Desktop\FOTOJOKER Fotoswiat.lnk
- [2012/08/30 15:44:51 | 000,001,276 | ---- | C] () -- C:\Users\Public\Desktop\CEWE-Podglad Zdjec.lnk
- [2012/01/11 14:02:51 | 000,076,288 | ---- | C] () -- C:\Users\user\AppData\Roaming\msconfig.dat
- [2011/10/20 11:06:28 | 001,588,724 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
- [2011/09/16 23:58:32 | 000,003,584 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
- [2011/08/17 15:05:01 | 000,004,265 | ---- | C] () -- C:\windows\polonica.ini
- [2011/05/10 14:23:31 | 000,023,148 | ---- | C] () -- C:\windows\aku.ini
- [2011/04/28 19:12:21 | 000,001,854 | ---- | C] () -- C:\Users\user\AppData\Roaming\GhostObjGAFix.xml
- [2011/03/18 11:52:12 | 000,124,288 | ---- | C] () -- C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
- [2011/03/18 11:40:41 | 007,077,888 | -HS- | C] () -- C:\Users\user\NTUSER.DAT
- [2011/03/18 11:40:41 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
- [2011/03/18 11:40:41 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
- [2011/03/18 11:40:41 | 000,065,536 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
- [2011/03/18 11:40:41 | 000,000,020 | -HS- | C] () -- C:\Users\user\ntuser.ini
- [color=#E56717]========== LOP Check ==========[/color]
- [2011/10/18 15:57:52 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG
- [2011/10/18 09:41:38 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG2012
- [2011/03/18 11:40:56 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DigitalPersona
- [2011/04/26 16:25:34 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1
- [2011/03/21 16:47:34 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GHISLER
- [2012/09/13 21:00:28 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Giet
- [2011/08/17 22:57:34 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Imaging Sciences International
- [2011/05/18 18:13:08 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\My Games
- [2011/10/20 13:04:30 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SoftGrid Client
- [2011/10/20 12:28:24 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TP
- [2012/09/13 18:35:45 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Udut
- [2012/09/13 18:35:06 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Zefyvi
- [2012/09/09 11:27:32 | 000,032,604 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
- [color=#E56717]========== Purity Check ==========[/color]
- [color=#E56717]========== Alternate Data Streams ==========[/color]
- @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0B4227B4
- < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement