OTL logfile created on: 2014-06-16 09:01:52 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zbyszek\Desktop\Ikony 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,80 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 23,41% Memory free 7,60 Gb Paging File | 3,94 Gb Available in Paging File | 51,80% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 574,29 Gb Total Space | 176,53 Gb Free Space | 30,74% Space Free | Partition Type: NTFS Drive D: | 21,59 Gb Total Space | 3,11 Gb Free Space | 14,39% Space Free | Partition Type: NTFS Drive F: | 99,34 Mb Total Space | 89,03 Mb Free Space | 89,63% Space Free | Partition Type: FAT32 Computer Name: ZBYSZEK-HP | User Name: Zbyszek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-05-23 18:42:06 | 003,588,952 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe PRC - [2014-05-11 08:52:43 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe PRC - [2014-04-23 06:49:40 | 000,748,736 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe PRC - [2014-04-23 06:49:40 | 000,070,848 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\MgAssist.exe PRC - [2014-04-17 21:07:28 | 004,672,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Zbyszek\AppData\Local\Akamai\netsession_win.exe PRC - [2014-02-12 00:33:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zbyszek\Desktop\Ikony\OTL.exe PRC - [2012-02-15 12:58:00 | 000,577,408 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe PRC - [2012-02-15 12:58:00 | 000,034,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe PRC - [2012-01-31 11:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-03-24 08:11:25 | 000,167,936 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files (x86)\Freecorder\FLVSrvc.exe PRC - [2011-02-25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE PRC - [2010-12-16 07:19:28 | 012,984,928 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe PRC - [2010-06-24 22:32:50 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe PRC - [2010-05-01 03:21:14 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010-05-01 03:21:14 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010-04-23 18:42:36 | 000,625,416 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe PRC - [2010-04-23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe PRC - [2010-04-09 16:54:38 | 001,441,544 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-06-14 09:06:53 | 017,024,688 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll MOD - [2014-06-05 15:58:38 | 000,414,536 | ---- | M] () -- C:\Users\Zbyszek\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll MOD - [2014-06-05 15:58:37 | 014,612,296 | ---- | M] () -- C:\Users\Zbyszek\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll MOD - [2014-06-05 15:58:36 | 004,217,672 | ---- | M] () -- C:\Users\Zbyszek\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll MOD - [2014-06-05 15:58:32 | 000,716,616 | ---- | M] () -- C:\Users\Zbyszek\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll MOD - [2014-06-05 15:58:31 | 000,126,280 | ---- | M] () -- C:\Users\Zbyszek\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll MOD - [2014-06-05 15:58:30 | 001,732,424 | ---- | M] () -- C:\Users\Zbyszek\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll MOD - [2014-05-23 18:42:05 | 000,962,560 | ---- | M] () -- C:\Program Files (x86)\Origin\platforms\qwindows.dll MOD - [2014-05-23 18:42:04 | 000,302,592 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff.dll MOD - [2014-05-23 18:42:04 | 000,261,632 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng.dll MOD - [2014-05-23 18:42:04 | 000,217,088 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg.dll MOD - [2014-05-23 18:42:04 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico.dll MOD - [2014-05-23 18:42:04 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif.dll MOD - [2014-05-23 18:42:04 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtga.dll MOD - [2014-05-23 18:42:04 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qwbmp.dll MOD - [2014-04-23 06:49:40 | 000,748,736 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe MOD - [2014-04-23 06:49:40 | 000,474,816 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DCR.dll MOD - [2014-04-23 06:49:40 | 000,065,728 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\Device.dll MOD - [2010-12-16 07:20:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll MOD - [2010-12-16 07:20:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2010-12-16 07:20:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll MOD - [2010-12-16 07:20:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll MOD - [2010-12-16 07:20:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll MOD - [2010-08-06 21:01:42 | 002,404,352 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll MOD - [2010-08-06 21:01:42 | 001,515,520 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll MOD - [2010-08-06 21:01:42 | 001,040,384 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll MOD - [2010-08-06 21:01:42 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll MOD - [2010-08-06 21:01:42 | 000,323,584 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll MOD - [2010-08-06 21:01:40 | 013,553,664 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll MOD - [2010-08-06 21:01:38 | 008,818,688 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll MOD - [2010-08-06 21:01:22 | 003,334,144 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXmlPatterns4.dll MOD - [2010-08-06 21:00:32 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2010-08-06 21:00:32 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2010-08-06 21:00:32 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2010-08-06 21:00:32 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2010-08-06 21:00:32 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2010-06-16 12:48:34 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll MOD - [2010-06-16 12:48:32 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll MOD - [2010-06-16 12:48:32 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2010-03-19 09:33:38 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2014-02-08 15:42:14 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2011-05-13 13:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv) SRV:[b]64bit:[/b] - [2010-09-22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2010-06-29 11:52:12 | 004,181,256 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager) SRV:[b]64bit:[/b] - [2010-06-22 07:57:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2010-06-18 16:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service) SRV:[b]64bit:[/b] - [2010-06-18 07:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV) SRV:[b]64bit:[/b] - [2010-05-20 13:28:14 | 000,677,128 | ---- | M] (Motorola, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV:[b]64bit:[/b] - [2010-05-20 13:28:12 | 001,096,968 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service) SRV:[b]64bit:[/b] - [2010-04-23 18:42:40 | 000,445,192 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV:[b]64bit:[/b] - [2010-02-23 07:38:54 | 002,192,176 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-03-03 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters) SRV:[b]64bit:[/b] - [2007-11-07 09:11:22 | 004,466,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90) SRV - [2014-06-14 09:06:53 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014-05-11 08:52:43 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe -- (N360) SRV - [2014-04-23 06:49:40 | 000,070,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Mobogenie\MgAssist.exe -- (MgAssistService) SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-03-27 20:06:22 | 001,045,328 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012-09-27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service) SRV - [2012-02-15 12:58:00 | 000,034,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC) SRV - [2012-01-31 11:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service) SRV - [2011-06-08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-02-28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011-02-25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2010-05-01 03:21:14 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010-05-01 03:21:14 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010-04-04 01:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-02-23 07:19:02 | 001,799,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV:[b]64bit:[/b] - [2014-04-25 16:36:11 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:[b]64bit:[/b] - [2014-03-04 06:18:12 | 001,148,120 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\symefa64.sys -- (SymEFA) DRV:[b]64bit:[/b] - [2014-02-25 04:44:39 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\ccsetx64.sys -- (ccSet_N360) DRV:[b]64bit:[/b] - [2014-02-18 03:32:41 | 000,593,112 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\symnets.sys -- (SymNetS) DRV:[b]64bit:[/b] - [2014-02-13 03:59:49 | 000,875,736 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\srtsp64.sys -- (SRTSP) DRV:[b]64bit:[/b] - [2013-10-30 09:26:19 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\symds64.sys -- (SymDS) DRV:[b]64bit:[/b] - [2013-10-30 08:48:51 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\ironx64.sys -- (SymIRON) DRV:[b]64bit:[/b] - [2013-10-30 08:32:37 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\srtspx64.sys -- (SRTSPX) DRV:[b]64bit:[/b] - [2013-03-27 20:02:25 | 000,036,904 | ---- | M] (Feitian Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rockey4.sys -- (ROCKEYNT) DRV:[b]64bit:[/b] - [2012-12-06 10:42:12 | 002,350,176 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x) DRV:[b]64bit:[/b] - [2012-03-01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-11-15 05:50:14 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:[b]64bit:[/b] - [2011-10-14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2011-05-18 10:14:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:[b]64bit:[/b] - [2011-05-18 10:14:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:[b]64bit:[/b] - [2011-05-18 10:14:16 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:[b]64bit:[/b] - [2011-05-18 10:14:12 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:[b]64bit:[/b] - [2011-05-13 13:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt) DRV:[b]64bit:[/b] - [2011-05-13 13:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer) DRV:[b]64bit:[/b] - [2011-05-13 04:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:[b]64bit:[/b] - [2011-05-13 04:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) DRV:[b]64bit:[/b] - [2011-05-13 04:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) DRV:[b]64bit:[/b] - [2011-05-13 04:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:[b]64bit:[/b] - [2011-05-13 04:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) DRV:[b]64bit:[/b] - [2011-04-17 19:22:14 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2011-03-11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-09-23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2010-07-01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV:[b]64bit:[/b] - [2010-06-29 10:12:26 | 003,232,768 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmusb.sys -- (BTMUSB) DRV:[b]64bit:[/b] - [2010-06-24 22:32:52 | 000,032,880 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:[b]64bit:[/b] - [2010-06-22 09:17:52 | 006,856,704 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2010-06-22 07:28:32 | 010,342,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:[b]64bit:[/b] - [2010-06-22 07:28:32 | 010,342,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2010-06-22 07:24:12 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2010-06-18 07:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:[b]64bit:[/b] - [2010-05-20 12:19:14 | 000,042,496 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio) DRV:[b]64bit:[/b] - [2010-05-06 15:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2010-05-01 03:21:00 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:[b]64bit:[/b] - [2010-04-13 09:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2010-04-09 16:53:04 | 000,052,736 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmcom.sys -- (BTMCOM) DRV:[b]64bit:[/b] - [2010-03-05 07:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010-01-12 00:31:04 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:[b]64bit:[/b] - [2009-11-16 08:28:46 | 000,093,184 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HPIR.sys -- (HPIR) DRV:[b]64bit:[/b] - [2009-10-26 22:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:[b]64bit:[/b] - [2009-10-19 05:35:40 | 000,511,104 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HPAF35.sys -- (AVerAF35) DRV:[b]64bit:[/b] - [2009-09-19 06:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm) DRV:[b]64bit:[/b] - [2009-09-19 06:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) DRV:[b]64bit:[/b] - [2009-09-19 06:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:[b]64bit:[/b] - [2009-07-14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2009-07-14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2009-06-10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:[b]64bit:[/b] - [2009-06-10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:[b]64bit:[/b] - [2009-06-10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:[b]64bit:[/b] - [2009-06-10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:[b]64bit:[/b] - [2009-06-10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-02-17 19:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:[b]64bit:[/b] - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:[b]64bit:[/b] - [2007-02-16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2014-06-11 06:39:42 | 000,486,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2014-06-11 06:39:42 | 000,142,128 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2014-05-27 17:35:47 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140615.001\EX64.SYS -- (NAVEX15) DRV - [2014-05-27 17:35:47 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140615.001\ENG64.SYS -- (NAVENG) DRV - [2014-05-10 03:07:23 | 001,530,160 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\BASHDefs\20140606.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2014-04-24 15:07:06 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\IPSDefs\20140613.001\IDSvia64.sys -- (IDSVia64) DRV - [2011-11-22 19:19:57 | 000,017,408 | ---- | M] (MARX Datentechnik GmbH ) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\CBN.SYS -- (CBN) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2007-02-16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1391942882&from=ild&uid=SAMSUNGXHM641JI_S25YJDNZA08277&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1391942882&from=ild&uid=SAMSUNGXHM641JI_S25YJDNZA08277&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1391942882&from=ild&uid=SAMSUNGXHM641JI_S25YJDNZA08277 IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.awesomehp.com/web/?type=ds&ts=1391942882&from=ild&uid=SAMSUNGXHM641JI_S25YJDNZA08277&q={searchTerms} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{761B47FC-D982-470B-8CEA-E8FE27881A5D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{92189AF1-453B-4571-A044-EF06C15ECDF2}: "URL" = http://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1391942882&from=ild&uid=SAMSUNGXHM641JI_S25YJDNZA08277 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1391942882&from=ild&uid=SAMSUNGXHM641JI_S25YJDNZA08277&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1391942882&from=ild&uid=SAMSUNGXHM641JI_S25YJDNZA08277&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1391942882&from=ild&uid=SAMSUNGXHM641JI_S25YJDNZA08277 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.awesomehp.com/web/?type=ds&ts=1391942882&from=ild&uid=SAMSUNGXHM641JI_S25YJDNZA08277&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.awesomehp.com/web/?type=ds&ts=1391942882&from=ild&uid=SAMSUNGXHM641JI_S25YJDNZA08277&q={searchTerms} IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.awesomehp.com/web/?type=ds&ts=1391942882&from=ild&uid=SAMSUNGXHM641JI_S25YJDNZA08277&q={searchTerms} IE - HKLM\..\SearchScopes\{40207A6A-E158-431A-9507-F71D6C683E47}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKLM\..\SearchScopes\{761B47FC-D982-470B-8CEA-E8FE27881A5D}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=d268e5d7-017b-11e1-abe6-f8c666565d7d&q={searchTerms} IE - HKLM\..\SearchScopes\{92189AF1-453B-4571-A044-EF06C15ECDF2}: "URL" = http://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640 IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.searchpages.info/?unqvl=29&l=1&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {40207A6A-E158-431A-9507-F71D6C683E47} IE - HKCU\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=E67AE02A8219AF40&affID=120695&tsp=5027 IE - HKCU\..\SearchScopes\{40207A6A-E158-431A-9507-F71D6C683E47}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKCU\..\SearchScopes\{52DB8E41-2A5A-4023-A2B7-BCD5AC8EF233}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=d268e5d7-017b-11e1-abe6-f8c666565d7d&q={searchTerms} IE - HKCU\..\SearchScopes\{761B47FC-D982-470B-8CEA-E8FE27881A5D}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=d268e5d7-017b-11e1-abe6-f8c666565d7d&q={searchTerms} IE - HKCU\..\SearchScopes\{92189AF1-453B-4571-A044-EF06C15ECDF2}: "URL" = http://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640 IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.searchpages.info/?unqvl=29&l=1&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@rayv.com/rayvplugin: C:\Program Files (x86)\RayV\RayV\plugins\nprayvplugin.dll (RayV) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Zbyszek\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Zbyszek\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010-09-16 02:21:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\IPSFF [2014-04-25 16:37:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn\ [2014-06-16 08:32:08 | 000,000,000 | ---D | M] [2013-10-06 21:44:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zbyszek\AppData\Roaming\mozilla\Firefox\Profiles\extensions [2013-04-17 15:50:46 | 000,201,930 | ---- | M] () (No name found) -- C:\Users\Zbyszek\AppData\Roaming\mozilla\firefox\profiles\extensions\hdvc@hdvc.com.xpi [2013-05-28 21:11:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Zbyszek\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Zbyszek\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Zbyszek\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll CHR - plugin: Chrome IE Tab (Enabled) = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\6.1.21.1_0\plugin/blackfishietab.dll CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Java Deployment Toolkit 7.0.510.13 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll CHR - plugin: Java(TM) Platform SE 7 U51 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: RayV Plugin (Enabled) = C:\Program Files (x86)\RayV\RayV\plugins\nprayvplugin.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\Zbyszek\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll CHR - Extension: Angry Birds = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: YouTube = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: FoxTrick = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpfbbngccefbbndginomofgpagkjckik\0.13.0.1_0\ CHR - Extension: No name found = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.4_0\ CHR - Extension: Adblock Plus = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\ CHR - Extension: Eliminator SlajdĂłw = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\eplekpmdodlgejgogbojajncdlapamff\3.0.8_0\ CHR - Extension: Hattrick PsicoTSI = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gecmgapkepmkfmhlkbaccbkaeagohepm\0.88.10_0\ CHR - Extension: AdBlock = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.1_0\ CHR - Extension: Master Blaster = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\glijjfcpolilajfhpfjgohbbogficana\4.0.0_0\ CHR - Extension: Website Blocker (Beta) = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\ CHR - Extension: IE Tab = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\7.6.9.1_0\ietab_nm_ CHR - Extension: IE Tab = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\7.6.9.1_0\ CHR - Extension: Bubble Shooter-HD = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\ CHR - Extension: Halloween Mahjong = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ielpieklegnicibpoklcphmbonpbdknd\1.0.0.1_0\ CHR - Extension: SweetIM for Facebook = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\ CHR - Extension: LineBall = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeclmehkhpookgkhkecnaanahhoglakj\1.3.0_0\ CHR - Extension: FreeHDSport TV V6.0 = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjmheampjleaoikpfdkifgnbomdammdn\1.26.73_0\crossrider CHR - Extension: FreeHDSport TV V6.0 = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjmheampjleaoikpfdkifgnbomdammdn\1.26.73_0\ CHR - Extension: vshare plugin = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\ CHR - Extension: Sprawdzanie poczty Google = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\ CHR - Extension: Project Naptha = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\molncoemjfmpgdkbdlbjmhlcgniigdnf\0.9.1_0\ CHR - Extension: Google Wallet = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: LinkSwift = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\odpccdgkmiicgocepijnaeihjnjnomca\1.0.0_0\ CHR - Extension: LiveVDO plugin = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\ CHR - Extension: Lightning speedial = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn\4.4.7_0\ CHR - Extension: Angry Birds = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: YouTube = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: FoxTrick = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpfbbngccefbbndginomofgpagkjckik\0.13.0.1_0\ CHR - Extension: No name found = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.4_0\ CHR - Extension: Adblock Plus = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\ CHR - Extension: Eliminator SlajdĂłw = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\eplekpmdodlgejgogbojajncdlapamff\3.0.8_0\ CHR - Extension: Hattrick PsicoTSI = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gecmgapkepmkfmhlkbaccbkaeagohepm\0.88.10_0\ CHR - Extension: AdBlock = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.1_0\ CHR - Extension: Master Blaster = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\glijjfcpolilajfhpfjgohbbogficana\4.0.0_0\ CHR - Extension: Website Blocker (Beta) = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\ CHR - Extension: IE Tab = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\7.6.9.1_0\ietab_nm_ CHR - Extension: IE Tab = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\7.6.9.1_0\ CHR - Extension: Bubble Shooter-HD = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\ CHR - Extension: Halloween Mahjong = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ielpieklegnicibpoklcphmbonpbdknd\1.0.0.1_0\ CHR - Extension: SweetIM for Facebook = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\ CHR - Extension: LineBall = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeclmehkhpookgkhkecnaanahhoglakj\1.3.0_0\ CHR - Extension: FreeHDSport TV V6.0 = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjmheampjleaoikpfdkifgnbomdammdn\1.26.73_0\crossrider CHR - Extension: FreeHDSport TV V6.0 = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjmheampjleaoikpfdkifgnbomdammdn\1.26.73_0\ CHR - Extension: vshare plugin = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\ CHR - Extension: Sprawdzanie poczty Google = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\ CHR - Extension: Project Naptha = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\molncoemjfmpgdkbdlbjmhlcgniigdnf\0.9.1_0\ CHR - Extension: Google Wallet = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: LinkSwift = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\odpccdgkmiicgocepijnaeihjnjnomca\1.0.0_0\ CHR - Extension: LiveVDO plugin = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\ CHR - Extension: Lightning speedial = C:\Users\Zbyszek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn\4.4.7_0\ O1 HOSTS File: ([2011-07-07 22:17:14 | 000,000,995 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation) O2:[b]64bit:[/b] - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2 - BHO: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll () O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) O2 - BHO: (no name) - {EEE6C35C-6118-11DC-9C72-001320C79847} - No CLSID value found. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll () O3 - HKLM\..\Toolbar: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe () O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.) O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe () O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Zbyszek\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) O4 - HKCU..\Run: [NextLive] C:\Users\Zbyszek\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe) O4 - Startup: C:\Users\Zbyszek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja FIFA 11.lnk = C:\Program Files (x86)\EA Sports\FIFA 11\Support\EAregister.exe (Leader Technologies) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm () O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard) O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm () O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm () O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.51.2) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.51.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.113.224.36 217.113.224.134 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B8AF591-3AF9-44E3-B2A1-25E13680E385}: DhcpNameServer = 217.113.224.36 217.113.224.134 O18:[b]64bit:[/b] - Protocol\Handler\gopher - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\vsharechrome - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll () O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013-03-21 19:46:18 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2013-05-31 13:39:41 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{b5b404dd-8b1e-11e3-a731-f9c023f4b563}\Shell - "" = AutoRun O33 - MountPoints2\{b5b404dd-8b1e-11e3-a731-f9c023f4b563}\Shell\AutoRun\command - "" = H:\HTC_Sync_Manager_PC.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-06-12 21:30:37 | 000,000,000 | ---D | C] -- C:\Users\Zbyszek\Desktop\Gify 4 [2014-06-10 10:44:02 | 000,000,000 | ---D | C] -- C:\Users\Zbyszek\Desktop\Muzyka z tel [2014-06-10 10:40:23 | 000,000,000 | ---D | C] -- C:\Users\Zbyszek\Desktop\201405 [2014-06-10 10:40:22 | 000,000,000 | ---D | C] -- C:\Users\Zbyszek\Desktop\201404 [2014-06-10 10:40:21 | 000,000,000 | ---D | C] -- C:\Users\Zbyszek\Desktop\201403 [2014-06-10 10:40:21 | 000,000,000 | ---D | C] -- C:\Users\Zbyszek\Desktop\201401 [2014-06-10 10:40:20 | 000,000,000 | ---D | C] -- C:\Users\Zbyszek\Desktop\201305 [2014-06-10 10:40:20 | 000,000,000 | ---D | C] -- C:\Users\Zbyszek\Desktop\201303 [2014-06-10 10:40:20 | 000,000,000 | ---D | C] -- C:\Users\Zbyszek\Desktop\201212 [2014-06-10 10:40:19 | 000,000,000 | ---D | C] -- C:\Users\Zbyszek\Desktop\201211 [2014-06-10 10:31:17 | 000,000,000 | ---D | C] -- C:\Users\Zbyszek\Desktop\LP-THP-YM2014 [2014-06-06 15:59:21 | 000,000,000 | ---D | C] -- C:\Users\Zbyszek\Documents\BFBC2 [2014-06-06 15:27:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts [2014-05-26 17:55:03 | 000,000,000 | ---D | C] -- C:\Users\Zbyszek\Documents\NFSTR [2014-05-26 17:15:49 | 000,000,000 | ---D | C] -- C:\Need for Speed The Run [2014-05-23 19:31:00 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller [2014-05-23 18:44:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games [2014-05-23 18:43:13 | 000,000,000 | ---D | C] -- C:\Users\Zbyszek\AppData\Roaming\Origin [2014-05-23 18:43:07 | 000,000,000 | ---D | C] -- C:\Users\Zbyszek\AppData\Local\Origin [2014-05-23 18:40:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2014-05-23 18:40:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2014-05-23 18:39:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2014-05-23 18:39:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-06-16 08:56:30 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-06-16 08:42:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-06-16 08:41:59 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-06-16 08:41:59 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-06-16 08:32:42 | 000,001,962 | ---- | M] () -- C:\Users\Zbyszek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet 3520 series (sieć).lnk [2014-06-16 08:31:55 | 000,002,238 | ---- | M] () -- C:\Windows\tasks\FreeHDSport TV V6.0-chromeinstaller.job [2014-06-16 08:31:26 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-06-16 08:31:21 | 000,002,506 | ---- | M] () -- C:\Windows\tasks\FreeHDSport TV V6.0-firefoxinstaller.job [2014-06-16 08:31:21 | 000,001,506 | ---- | M] () -- C:\Windows\tasks\FreeHDSport TV V6.0-codedownloader.job [2014-06-16 08:31:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-06-16 08:31:00 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys [2014-06-16 01:19:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job [2014-06-16 01:14:18 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2129732763-1731710969-2681909747-1000UA.job [2014-06-15 15:13:02 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2129732763-1731710969-2681909747-1000Core.job [2014-06-15 11:23:55 | 000,011,366 | ---- | M] () -- C:\Users\Zbyszek\Desktop\f-pielucha-tetrowa-z-nadrukiem-70x80-cm-ega-niebieskie-smerfy.jpg [2014-06-15 10:53:23 | 004,320,054 | ---- | M] () -- C:\Users\Zbyszek\Desktop\loko.bmp [2014-06-14 09:06:57 | 000,000,030 | ---- | M] () -- C:\AVScanner.ini [2014-06-14 09:06:53 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2014-06-14 09:06:53 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2014-06-13 17:41:30 | 001,672,600 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014-06-13 17:41:30 | 000,741,676 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2014-06-13 17:41:30 | 000,655,376 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014-06-13 17:41:30 | 000,156,216 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2014-06-13 17:41:30 | 000,122,248 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014-06-13 00:18:56 | 009,907,897 | ---- | M] () -- C:\Users\Zbyszek\Desktop\mixdo250614.pdf [2014-06-13 00:16:49 | 005,130,739 | ---- | M] () -- C:\Users\Zbyszek\Desktop\Frisco.pdf [2014-06-12 21:24:07 | 118,379,572 | ---- | M] () -- C:\Users\Zbyszek\Desktop\Gify 4.rar [2014-06-10 22:59:27 | 002,983,942 | ---- | M] () -- C:\Users\Zbyszek\Desktop\Beats by Dre - The Game Before The Game.mp3 [2014-06-10 22:51:03 | 005,410,742 | ---- | M] () -- C:\Users\Zbyszek\Desktop\The Game Before The Game (1).mp3 [2014-06-10 22:34:00 | 004,872,726 | ---- | M] () -- C:\Users\Zbyszek\Desktop\The Game Before The Game.mp3 [2014-06-10 10:31:01 | 108,704,270 | ---- | M] () -- C:\Users\Zbyszek\Desktop\LP-THP-YM2014.rar [2014-06-08 08:54:46 | 004,320,054 | ---- | M] () -- C:\Users\Zbyszek\Desktop\harpagan1.bmp [2014-06-08 08:54:11 | 004,320,054 | ---- | M] () -- C:\Users\Zbyszek\Desktop\harpagan.bmp [2014-06-08 08:48:38 | 000,099,184 | ---- | M] () -- C:\Users\Zbyszek\Desktop\99143899_800_s.jpg [2014-06-06 16:40:48 | 000,001,878 | ---- | M] () -- C:\Users\Zbyszek\Desktop\BFBC2Game — skrót.lnk [2014-06-04 21:14:44 | 000,038,119 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\VT20140604.020 [2014-06-01 16:15:55 | 536,621,369 | ---- | M] () -- C:\Windows\MEMORY.DMP [2014-05-26 17:54:56 | 000,001,201 | ---- | M] () -- C:\Users\Zbyszek\Desktop\Need For Speed The Run — skrót.lnk [2014-05-25 12:49:29 | 004,320,054 | ---- | M] () -- C:\Users\Zbyszek\Desktop\murarze.bmp [2014-05-23 19:31:26 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\EA Sports FIFA World.lnk [2014-05-23 18:40:07 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk [2014-05-21 06:20:07 | 002,008,112 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\Cat.DB [2014-05-21 00:05:09 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForZbyszek.job [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-06-15 11:23:53 | 000,011,366 | ---- | C] () -- C:\Users\Zbyszek\Desktop\f-pielucha-tetrowa-z-nadrukiem-70x80-cm-ega-niebieskie-smerfy.jpg [2014-06-15 10:53:22 | 004,320,054 | ---- | C] () -- C:\Users\Zbyszek\Desktop\loko.bmp [2014-06-14 09:07:49 | 000,000,030 | ---- | C] () -- C:\AVScanner.ini [2014-06-13 00:18:56 | 009,907,897 | ---- | C] () -- C:\Users\Zbyszek\Desktop\mixdo250614.pdf [2014-06-13 00:16:48 | 005,130,739 | ---- | C] () -- C:\Users\Zbyszek\Desktop\Frisco.pdf [2014-06-12 21:16:11 | 118,379,572 | ---- | C] () -- C:\Users\Zbyszek\Desktop\Gify 4.rar [2014-06-10 22:54:57 | 002,983,942 | ---- | C] () -- C:\Users\Zbyszek\Desktop\Beats by Dre - The Game Before The Game.mp3 [2014-06-10 22:50:58 | 005,410,742 | ---- | C] () -- C:\Users\Zbyszek\Desktop\The Game Before The Game (1).mp3 [2014-06-10 22:33:40 | 004,872,726 | ---- | C] () -- C:\Users\Zbyszek\Desktop\The Game Before The Game.mp3 [2014-06-10 10:24:55 | 108,704,270 | ---- | C] () -- C:\Users\Zbyszek\Desktop\LP-THP-YM2014.rar [2014-06-08 08:54:46 | 004,320,054 | ---- | C] () -- C:\Users\Zbyszek\Desktop\harpagan1.bmp [2014-06-08 08:54:11 | 004,320,054 | ---- | C] () -- C:\Users\Zbyszek\Desktop\harpagan.bmp [2014-06-08 08:48:38 | 000,099,184 | ---- | C] () -- C:\Users\Zbyszek\Desktop\99143899_800_s.jpg [2014-06-06 16:40:48 | 000,001,878 | ---- | C] () -- C:\Users\Zbyszek\Desktop\BFBC2Game — skrót.lnk [2014-05-26 17:54:56 | 000,001,201 | ---- | C] () -- C:\Users\Zbyszek\Desktop\Need For Speed The Run — skrót.lnk [2014-05-25 12:49:28 | 004,320,054 | ---- | C] () -- C:\Users\Zbyszek\Desktop\murarze.bmp [2014-05-23 19:31:24 | 000,001,189 | ---- | C] () -- C:\Users\Public\Desktop\EA Sports FIFA World.lnk [2014-05-23 18:40:07 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk [2014-05-11 14:54:49 | 000,002,708 | ---- | C] () -- C:\Users\Zbyszek\.recently-used.xbel [2014-03-17 21:20:00 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2014-02-08 15:44:55 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2013-09-10 10:28:56 | 000,000,078 | ---- | C] () -- C:\Windows\CAMDXP.INI [2013-08-29 16:49:07 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\ltserial.dll [2013-04-22 16:51:05 | 000,000,266 | RHS- | C] () -- C:\Users\Zbyszek\ntuser.pol [2013-03-25 19:01:57 | 000,004,096 | -H-- | C] () -- C:\Users\Zbyszek\AppData\Local\keyfile3.drm [2012-12-26 23:19:44 | 000,000,000 | ---- | C] () -- C:\Windows\Otdr.INI [2012-10-16 09:50:21 | 001,648,738 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-07-25 11:47:07 | 000,333,551 | ---- | C] () -- C:\Program Files (x86)\gifview.exe [2012-05-14 21:03:22 | 000,007,211 | ---- | C] () -- C:\Users\Zbyszek\SHAPE.ini [2012-03-19 20:09:00 | 000,068,252 | ---- | C] () -- C:\Users\Zbyszek\data.gnuplot [2012-03-12 18:50:04 | 000,001,304 | ---- | C] () -- C:\Users\Zbyszek\maxout.gnuplot [2011-12-28 13:03:00 | 000,007,602 | ---- | C] () -- C:\Users\Zbyszek\AppData\Local\Resmon.ResmonCfg [2011-05-22 14:48:14 | 000,006,656 | ---- | C] () -- C:\Users\Zbyszek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-05-10 06:19:05 | 000,001,854 | ---- | C] () -- C:\Users\Zbyszek\AppData\Roaming\GhostObjGAFix.xml [2011-05-04 13:25:57 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 24 bytes -> C:\Windows:6005062AA492E123 @Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1 < End of report >