API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 16th, 2012
17
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 54.95 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 9/16/2012 8:34:32 PM - Run 2
  2. OTL by OldTimer - Version 3.2.61.3 Folder = D:\
  3. 64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.0.8112.16421)
  5. Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
  6.  
  7. 3.80 Gb Total Physical Memory | 3.08 Gb Available Physical Memory | 81.15% Memory free
  8. 7.59 Gb Paging File | 7.04 Gb Available in Paging File | 92.69% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 448.47 Gb Total Space | 249.75 Gb Free Space | 55.69% Space Free | Partition Type: NTFS
  13. Drive D: | 7.70 Gb Total Space | 7.70 Gb Free Space | 99.97% Space Free | Partition Type: FAT32
  14. Drive F: | 1.99 Gb Total Space | 1.39 Gb Free Space | 70.02% Space Free | Partition Type: FAT32
  15.  
  16. Computer Name: USER-HP | User Name: user | Logged in as Administrator.
  17. Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
  18. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
  19.  
  20. [color=#E56717]========== Processes (SafeList) ==========[/color]
  21.  
  22. PRC - [2012/09/09 18:22:04 | 000,600,064 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
  23. PRC - [2010/03/31 01:04:46 | 000,629,000 | ---- | M] (DigitalPersona, Inc.) -- c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
  24.  
  25.  
  26. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  27.  
  28.  
  29. [color=#E56717]========== Services (SafeList) ==========[/color]
  30.  
  31. SRV:[b]64bit:[/b] - [2012/04/05 11:33:57 | 000,271,360 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
  32. SRV:[b]64bit:[/b] - [2012/04/05 11:33:57 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
  33. SRV:[b]64bit:[/b] - [2011/09/12 17:08:46 | 000,142,904 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
  34. SRV:[b]64bit:[/b] - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
  35. SRV:[b]64bit:[/b] - [2010/06/14 14:39:06 | 000,090,112 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe -- (HPDayStarterService)
  36. SRV:[b]64bit:[/b] - [2010/04/05 20:12:00 | 000,103,992 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
  37. SRV:[b]64bit:[/b] - [2010/03/31 01:04:50 | 000,462,088 | ---- | M] (DigitalPersona, Inc.) [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
  38. SRV:[b]64bit:[/b] - [2010/02/19 00:52:30 | 002,045,232 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
  39. SRV:[b]64bit:[/b] - [2010/02/02 02:09:48 | 000,281,192 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
  40. SRV:[b]64bit:[/b] - [2010/02/02 02:05:52 | 000,704,512 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe -- (DEBridge)
  41. SRV:[b]64bit:[/b] - [2010/01/21 19:42:44 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Stopped] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
  42. SRV:[b]64bit:[/b] - [2009/12/30 00:19:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
  43. SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  44. SRV:[b]64bit:[/b] - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
  45. SRV:[b]64bit:[/b] - [2009/06/04 01:38:36 | 000,277,032 | ---- | M] (ActivIdentity) [Auto | Stopped] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore)
  46. SRV - [2012/08/30 20:17:44 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  47. SRV - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
  48. SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
  49. SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
  50. SRV - [2012/06/13 03:48:50 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe -- (avgfws)
  51. SRV - [2012/03/14 10:28:28 | 000,197,504 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
  52. SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
  53. SRV - [2012/01/18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
  54. SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
  55. SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
  56. SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
  57. SRV - [2011/08/11 19:29:24 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Stopped] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
  58. SRV - [2011/03/16 11:26:40 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
  59. SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
  60. SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
  61. SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  62. SRV - [2010/03/17 02:37:08 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Stopped] -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
  63. SRV - [2010/03/04 01:46:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
  64. SRV - [2010/03/04 01:46:54 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
  65. SRV - [2010/02/19 00:26:46 | 001,664,304 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
  66. SRV - [2010/01/19 20:17:10 | 000,297,984 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
  67. SRV - [2010/01/08 23:55:54 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
  68. SRV - [2009/12/07 20:36:10 | 000,362,040 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- c:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
  69. SRV - [2009/11/23 20:08:10 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
  70. SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  71.  
  72.  
  73. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  74.  
  75. DRV:[b]64bit:[/b] - [2012/08/24 15:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
  76. DRV:[b]64bit:[/b] - [2012/07/26 03:21:28 | 000,291,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
  77. DRV:[b]64bit:[/b] - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
  78. DRV:[b]64bit:[/b] - [2012/04/05 11:33:57 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
  79. DRV:[b]64bit:[/b] - [2012/03/01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  80. DRV:[b]64bit:[/b] - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
  81. DRV:[b]64bit:[/b] - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
  82. DRV:[b]64bit:[/b] - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
  83. DRV:[b]64bit:[/b] - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
  84. DRV:[b]64bit:[/b] - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
  85. DRV:[b]64bit:[/b] - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
  86. DRV:[b]64bit:[/b] - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
  87. DRV:[b]64bit:[/b] - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
  88. DRV:[b]64bit:[/b] - [2011/05/23 01:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
  89. DRV:[b]64bit:[/b] - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
  90. DRV:[b]64bit:[/b] - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
  91. DRV:[b]64bit:[/b] - [2011/04/02 20:00:04 | 000,310,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
  92. DRV:[b]64bit:[/b] - [2011/04/02 17:57:52 | 000,042,696 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
  93. DRV:[b]64bit:[/b] - [2011/03/11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  94. DRV:[b]64bit:[/b] - [2011/03/11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  95. DRV:[b]64bit:[/b] - [2011/03/03 02:00:11 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
  96. DRV:[b]64bit:[/b] - [2011/03/03 01:45:32 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
  97. DRV:[b]64bit:[/b] - [2011/03/03 01:45:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
  98. DRV:[b]64bit:[/b] - [2011/03/03 01:45:32 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
  99. DRV:[b]64bit:[/b] - [2010/09/14 03:25:01 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
  100. DRV:[b]64bit:[/b] - [2010/06/04 02:18:56 | 001,379,376 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
  101. DRV:[b]64bit:[/b] - [2010/04/21 21:18:44 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
  102. DRV:[b]64bit:[/b] - [2010/02/27 02:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
  103. DRV:[b]64bit:[/b] - [2010/02/16 21:24:20 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
  104. DRV:[b]64bit:[/b] - [2010/02/03 16:38:30 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
  105. DRV:[b]64bit:[/b] - [2010/02/02 02:11:36 | 000,015,688 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\SysNative\drivers\SbFsLock.sys -- (SbFsLock)
  106. DRV:[b]64bit:[/b] - [2010/02/02 02:11:34 | 000,058,184 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\windows\SysNative\drivers\RsvLock.sys -- (RsvLock)
  107. DRV:[b]64bit:[/b] - [2010/02/02 02:11:32 | 000,056,648 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\SafeBoot.sys -- (SafeBoot)
  108. DRV:[b]64bit:[/b] - [2010/02/01 21:12:14 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
  109. DRV:[b]64bit:[/b] - [2010/01/30 07:46:04 | 000,089,344 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
  110. DRV:[b]64bit:[/b] - [2010/01/21 19:42:48 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
  111. DRV:[b]64bit:[/b] - [2010/01/08 23:45:26 | 000,409,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
  112. DRV:[b]64bit:[/b] - [2010/01/07 20:22:44 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
  113. DRV:[b]64bit:[/b] - [2010/01/07 20:22:40 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
  114. DRV:[b]64bit:[/b] - [2010/01/07 20:22:36 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
  115. DRV:[b]64bit:[/b] - [2010/01/07 20:22:34 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
  116. DRV:[b]64bit:[/b] - [2010/01/07 19:37:40 | 000,295,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
  117. DRV:[b]64bit:[/b] - [2009/12/12 00:32:06 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
  118. DRV:[b]64bit:[/b] - [2009/12/01 19:55:31 | 000,359,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
  119. DRV:[b]64bit:[/b] - [2009/10/29 03:54:00 | 000,079,360 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
  120. DRV:[b]64bit:[/b] - [2009/10/27 00:52:00 | 000,061,952 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
  121. DRV:[b]64bit:[/b] - [2009/10/21 22:37:52 | 000,040,760 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
  122. DRV:[b]64bit:[/b] - [2009/09/17 23:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
  123. DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  124. DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  125. DRV:[b]64bit:[/b] - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  126. DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  127. DRV:[b]64bit:[/b] - [2009/07/14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
  128. DRV:[b]64bit:[/b] - [2009/07/09 12:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
  129. DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  130. DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  131. DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  132. DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  133. DRV:[b]64bit:[/b] - [2009/06/04 20:32:52 | 000,060,160 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\SbAlg.sys -- (SbAlg)
  134. DRV - [2010/02/02 02:11:46 | 000,051,800 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysWow64\drivers\SbAlg.sys -- (SbAlg)
  135. DRV - [2010/02/02 02:11:28 | 000,013,256 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\SysWow64\drivers\SbFsLock.sys -- (SbFsLock)
  136. DRV - [2010/02/02 02:11:24 | 000,040,088 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\windows\SysWow64\drivers\rsvlock.sys -- (RsvLock)
  137. DRV - [2010/02/02 02:11:22 | 000,110,520 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysWow64\drivers\SafeBoot.sys -- (SafeBoot)
  138. DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  139.  
  140.  
  141. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  142.  
  143.  
  144. [color=#E56717]========== Internet Explorer ==========[/color]
  145.  
  146. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
  147. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
  148. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
  149. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0D5D2DD1-D324-4580-8DD4-E2509D769537}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
  150. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  151. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
  152. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  153. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
  154. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
  155. IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
  156. IE - HKLM\..\SearchScopes\{0D5D2DD1-D324-4580-8DD4-E2509D769537}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
  157. IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  158.  
  159.  
  160. IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
  161. IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  162.  
  163. IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
  164. IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  165.  
  166.  
  167.  
  168. IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
  169. IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
  170. IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
  171. IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\SearchScopes,DefaultScope = {0D5D2DD1-D324-4580-8DD4-E2509D769537}
  172. IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\SearchScopes\{0D5D2DD1-D324-4580-8DD4-E2509D769537}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
  173. IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
  174. IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_pl
  175. IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\SearchScopes\{824289E7-C086-4BB3-82E0-60676B1725CD}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=E9B797CF-EFB6-490A-81B0-357D3FC04A70&apn_sauid=12876BFC-61BF-46AF-97B4-721FC5D3EFA6&
  176. IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={B48EE48A-19DB-4F81-8153-63D8323C8365}&mid=&lang=pl&ds=AVG&pr=pr&d=&v=8.0.0.34&sap=dsp&q={searchTerms}
  177. IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\SearchScopes\{AF64A1F2-2644-4971-B54F-43CF95709972}: "URL" = http://search.avg.com/route/?d=4dfdca93&v=7.5.30.4&i=26&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
  178. IE - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  179.  
  180.  
  181. [color=#E56717]========== FireFox ==========[/color]
  182.  
  183. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
  184. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  185. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
  186. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  187. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
  188. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  189. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
  190. FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  191. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
  192. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
  193. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
  194. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  195.  
  196. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2010/09/14 02:58:37 | 000,000,000 | ---D | M]
  197. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/09/11 09:56:27 | 000,000,000 | ---D | M]
  198. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/08/31 09:58:50 | 000,000,000 | ---D | M]
  199.  
  200. [2011/04/08 00:51:04 | 000,002,049 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
  201.  
  202. [color=#E56717]========== Chrome ==========[/color]
  203.  
  204. CHR - homepage: http://www.google.com
  205. CHR - default_search_provider: Google (Enabled)
  206. CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
  207. CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
  208. CHR - homepage: http://www.google.com
  209. CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
  210. CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
  211. CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
  212. CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
  213. CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\pdf.dll
  214. CHR - plugin: AVG Internet Security (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
  215. CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
  216. CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
  217. CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
  218. CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
  219. CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
  220. CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
  221. CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
  222. CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
  223. CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
  224. CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
  225. CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
  226. CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
  227. CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
  228. CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
  229. CHR - Extension: AVG Safe Search = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
  230. CHR - Extension: AVG Do Not Track = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
  231.  
  232. O1 HOSTS File: ([2012/07/18 09:01:32 | 000,000,848 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  233. O1 - Hosts: 192.168.5.99 sekretariat
  234. O2:[b]64bit:[/b] - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
  235. O2:[b]64bit:[/b] - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
  236. O2:[b]64bit:[/b] - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
  237. O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
  238. O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
  239. O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
  240. O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
  241. O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
  242. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
  243. O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
  244. O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
  245. O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
  246. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
  247. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
  248. O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
  249. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
  250. O3:[b]64bit:[/b] - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
  251. O4:[b]64bit:[/b] - HKLM..\Run: [] File not found
  252. O4:[b]64bit:[/b] - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
  253. O4:[b]64bit:[/b] - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
  254. O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
  255. O4:[b]64bit:[/b] - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe (Hewlett-Packard Company, L.P.)
  256. O4:[b]64bit:[/b] - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
  257. O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
  258. O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
  259. O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
  260. O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
  261. O4 - HKLM..\Run: [] File not found
  262. O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
  263. O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
  264. O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
  265. O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe ()
  266. O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe (Symantec Corporation)
  267. O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
  268. O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
  269. O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
  270. O4 - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background File not found
  271. O4 - HKLM..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/pl.special-uninstallation-feedback-app?lic=SU1PVFctNDlZUDMtV1c2WlotUVk0VUstQVQzNFctUw"&"inst=NzYtOTQ4OTcxNTE1LUZMMTArMS1MSUMrOC1TUDErMS1TUDFUQisxLVNQMVMzKzEtU1VEKzEtUzFJKzEtU1UzKzEtVFVHKzMtU1UzVCsxLUREVCswLVNUMTJPSSsxLUVVTEErMS1TVDEyQVBQKzE"&"prod=94"&"ver=2012.0.1831"&"mid=61978ecc475347d690c73163c42be5e8-0a8b5e41ff6d58dfa833a3999d4b0dae62bc0c92 File not found
  272. O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  273. O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  274. O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe (Sonic Solutions)
  275. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  276. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  277. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  278. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  279. O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
  280. O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
  281. O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
  282. O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
  283. O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
  284. O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
  285. O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
  286. O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
  287. O9:[b]64bit:[/b] - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
  288. O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
  289. O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
  290. O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
  291. O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
  292. O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
  293. O13[b]64bit:[/b] - gopher Prefix: missing
  294. O13 - gopher Prefix: missing
  295. O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
  296. O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
  297. O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
  298. O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
  299. O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
  300. O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
  301. O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
  302. O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
  303. O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
  304. O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
  305. O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
  306. O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
  307. O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
  308. O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
  309. O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
  310. O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
  311. O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
  312. O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
  313. O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
  314. O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
  315. O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
  316. O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
  317. O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
  318. O15 - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..Trusted Domains: hp.com ([]http in Trusted sites)
  319. O15 - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002\..Trusted Domains: oirpwarszawa.pl ([www] http in Trusted sites)
  320. O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
  321. O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
  322. O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
  323. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
  324. O16 - DPF: {96816368-C1E3-414D-A193-63C3CC921990} http://hotelforumrome.remotemanager.co.uk/common/activex/MJPEGRender.ocx (MJPEGRender Control)
  325. O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
  326. O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
  327. O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
  328. O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
  329. O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab (SysInfo Class)
  330. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
  331. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0767B55-54D4-4503-8794-E2CECE15AEA1}: DhcpNameServer = 62.179.1.63 62.179.1.62
  332. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E26AD895-8A6A-4985-8C2D-31A3C2120680}: DhcpNameServer = 194.204.152.34 194.204.159.1
  333. O18:[b]64bit:[/b] - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
  334. O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
  335. O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
  336. O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
  337. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
  338. O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
  339. O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
  340. O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
  341. O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
  342. O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
  343. O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
  344. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - File not found
  345. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  346. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
  347. O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
  348. O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
  349. O20 - HKLM Winlogon: UserInit - (userinit.exe) - File not found
  350. O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
  351. O20 - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002 Winlogon: Shell - (explorer.exe) - File not found
  352. O20 - HKU\S-1-5-21-1090760936-2188769239-1242224907-1002 Winlogon: Shell - (C:\Users\user\AppData\Roaming\msconfig.dat) - C:\Users\user\AppData\Roaming\msconfig.dat ()
  353. O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
  354. O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - File not found
  355. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  356. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  357. O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - File not found
  358. O29 - HKLM SecurityProviders - (credssp.dll) - File not found
  359. O31 - SafeBoot: UseAlternatShell - 1
  360. O32 - HKLM CDRom: AutoRun - 1
  361. O32 - AutoRun File - [2011/11/05 13:52:32 | 000,049,648 | ---- | M] () - D:\autoruns.chm -- [ FAT32 ]
  362. O32 - AutoRun File - [2012/09/10 09:16:28 | 000,649,864 | ---- | M] (Sysinternals - www.sysinternals.com) - D:\autoruns.exe -- [ FAT32 ]
  363. O32 - AutoRun File - [2012/09/10 09:16:28 | 000,567,944 | ---- | M] (Sysinternals - www.sysinternals.com) - D:\autorunsc.exe -- [ FAT32 ]
  364. O33 - MountPoints2\{4838e458-8479-11e0-b3c4-e02a82cf0c1b}\Shell - "" = AutoRun
  365. O33 - MountPoints2\{4838e458-8479-11e0-b3c4-e02a82cf0c1b}\Shell\AutoRun\command - "" = D:\Startme.exe
  366. O33 - MountPoints2\{61ace44a-53c8-11e0-b16b-e02a82cf0c1b}\Shell - "" = AutoRun
  367. O33 - MountPoints2\{61ace44a-53c8-11e0-b16b-e02a82cf0c1b}\Shell\AutoRun\command - "" = D:\HPLauncher.exe
  368. O34 - HKLM BootExecute: (autocheck autochk *)
  369. O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
  370. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  371. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  372. O35 - HKLM\..comfile [open] -- "%1" %*
  373. O35 - HKLM\..exefile [open] -- "%1" %*
  374. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  375. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  376. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  377. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  378. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  379. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  380. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  381.  
  382. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  383.  
  384. [2012/09/16 18:24:14 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
  385. [2012/09/14 11:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
  386. [2012/09/14 11:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson
  387. [2012/09/14 11:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
  388. [2012/09/14 11:33:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
  389. [2012/09/14 11:33:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
  390. [2012/09/13 18:35:06 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Zefyvi
  391. [2012/09/13 18:35:06 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Udut
  392. [2012/09/13 18:35:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Giet
  393. [2012/09/12 13:02:15 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
  394. [2012/09/12 10:07:25 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LexPolonica
  395. [2012/09/12 10:07:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LexPolonica
  396. [2012/09/11 09:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
  397. [2012/09/05 16:31:06 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
  398. [2012/09/05 16:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
  399. [2012/09/05 16:31:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
  400. [2012/08/30 16:02:14 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\restore
  401. [2012/08/30 15:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\tmp
  402. [2012/08/30 15:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\hps
  403. [2012/08/30 15:44:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FOTOJOKER Fotoswiat
  404. [2012/08/30 15:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fotojoker
  405. [2012/08/24 15:43:16 | 000,384,352 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgtdia.sys
  406. [1 C:\windows\Fonts\*.tmp files -> C:\windows\Fonts\*.tmp -> ]
  407.  
  408. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  409.  
  410. [2012/09/16 20:33:27 | 007,077,888 | -HS- | M] () -- C:\Users\user\NTUSER.DAT
  411. [2012/09/16 20:10:33 | 001,560,168 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
  412. [2012/09/16 20:10:33 | 000,701,696 | ---- | M] () -- C:\windows\SysNative\perfh015.dat
  413. [2012/09/16 20:10:33 | 000,619,388 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
  414. [2012/09/16 20:10:33 | 000,136,456 | ---- | M] () -- C:\windows\SysNative\perfc015.dat
  415. [2012/09/16 20:10:33 | 000,107,450 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
  416. [2012/09/16 20:05:24 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
  417. [2012/09/16 20:05:17 | 4076,265,472 | -HS- | M] () -- C:\hiberfil.sys
  418. [2012/09/16 19:58:50 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  419. [2012/09/16 19:58:50 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  420. [2012/09/16 19:58:38 | 000,000,045 | ---- | M] () -- C:\Users\user\AppData\Roaming\msconfig.ini
  421. [2012/09/16 19:56:53 | 000,001,040 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
  422. [2012/09/16 19:56:29 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
  423. [2012/09/16 15:55:00 | 000,001,044 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
  424. [2012/09/16 15:19:20 | 001,167,781 | -H-- | M] () -- C:\Users\user\AppData\Local\IconCache.db
  425. [2012/09/16 15:19:00 | 000,000,930 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
  426. [2012/09/16 10:58:12 | 094,923,394 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\incavi.avm
  427. [2012/09/14 17:54:43 | 000,004,265 | ---- | M] () -- C:\windows\polonica.ini
  428. [2012/09/14 11:33:56 | 000,002,100 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
  429. [2012/09/13 18:12:42 | 000,357,220 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\iavichjg.avm
  430. [2012/09/13 15:37:15 | 000,000,328 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForuser.job
  431. [2012/09/12 10:07:25 | 000,000,705 | ---- | M] () -- C:\Users\user\Desktop\LexPolonica.lnk
  432. [2012/09/11 09:56:27 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
  433. [2012/09/04 20:57:35 | 000,112,815 | ---- | M] () -- C:\Users\user\Desktop\04.09.2012.gpx
  434. [2012/09/04 19:56:14 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
  435. [2012/09/03 09:00:42 | 000,145,416 | ---- | M] () -- C:\Users\user\Desktop\potwierdzenie.pdf
  436. [2012/08/31 21:33:41 | 000,627,150 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\iavifw.avm
  437. [2012/08/30 20:29:48 | 000,092,367 | ---- | M] () -- C:\Users\user\Desktop\no name.gpx
  438. [2012/08/30 20:17:43 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
  439. [2012/08/30 20:17:43 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
  440. [2012/08/30 15:44:51 | 000,001,281 | ---- | M] () -- C:\Users\Public\Desktop\FOTOJOKER Fotoswiat.lnk
  441. [2012/08/30 15:44:51 | 000,001,276 | ---- | M] () -- C:\Users\Public\Desktop\CEWE-Podglad Zdjec.lnk
  442. [2012/08/24 15:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgtdia.sys
  443.  
  444. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  445.  
  446. [2012/09/16 15:19:20 | 001,167,781 | -H-- | C] () -- C:\Users\user\AppData\Local\IconCache.db
  447. [2012/09/16 14:20:47 | 000,000,045 | ---- | C] () -- C:\Users\user\AppData\Roaming\msconfig.ini
  448. [2012/09/14 11:33:56 | 000,002,100 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
  449. [2012/09/04 20:57:35 | 000,112,815 | ---- | C] () -- C:\Users\user\Desktop\04.09.2012.gpx
  450. [2012/08/30 20:29:48 | 000,092,367 | ---- | C] () -- C:\Users\user\Desktop\no name.gpx
  451. [2012/08/30 15:44:51 | 000,001,281 | ---- | C] () -- C:\Users\Public\Desktop\FOTOJOKER Fotoswiat.lnk
  452. [2012/08/30 15:44:51 | 000,001,276 | ---- | C] () -- C:\Users\Public\Desktop\CEWE-Podglad Zdjec.lnk
  453. [2012/01/11 14:02:51 | 000,076,288 | ---- | C] () -- C:\Users\user\AppData\Roaming\msconfig.dat
  454. [2011/10/20 11:06:28 | 001,588,724 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
  455. [2011/09/16 23:58:32 | 000,003,584 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  456. [2011/08/17 15:05:01 | 000,004,265 | ---- | C] () -- C:\windows\polonica.ini
  457. [2011/05/10 14:23:31 | 000,023,148 | ---- | C] () -- C:\windows\aku.ini
  458. [2011/04/28 19:12:21 | 000,001,854 | ---- | C] () -- C:\Users\user\AppData\Roaming\GhostObjGAFix.xml
  459. [2011/03/18 11:52:12 | 000,124,288 | ---- | C] () -- C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
  460. [2011/03/18 11:40:41 | 007,077,888 | -HS- | C] () -- C:\Users\user\NTUSER.DAT
  461. [2011/03/18 11:40:41 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
  462. [2011/03/18 11:40:41 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
  463. [2011/03/18 11:40:41 | 000,065,536 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
  464. [2011/03/18 11:40:41 | 000,000,020 | -HS- | C] () -- C:\Users\user\ntuser.ini
  465.  
  466. [color=#E56717]========== LOP Check ==========[/color]
  467.  
  468. [2011/10/18 15:57:52 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG
  469. [2011/10/18 09:41:38 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG2012
  470. [2011/03/18 11:40:56 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DigitalPersona
  471. [2011/04/26 16:25:34 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1
  472. [2011/03/21 16:47:34 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GHISLER
  473. [2012/09/13 21:00:28 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Giet
  474. [2011/08/17 22:57:34 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Imaging Sciences International
  475. [2011/05/18 18:13:08 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\My Games
  476. [2011/10/20 13:04:30 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SoftGrid Client
  477. [2011/10/20 12:28:24 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TP
  478. [2012/09/13 18:35:45 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Udut
  479. [2012/09/13 18:35:06 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Zefyvi
  480. [2012/09/09 11:27:32 | 000,032,604 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
  481.  
  482. [color=#E56717]========== Purity Check ==========[/color]
  483.  
  484.  
  485.  
  486. [color=#E56717]========== Alternate Data Streams ==========[/color]
  487.  
  488. @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0B4227B4
  489.  
  490. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!