OTL logfile created on: 2015-03-16 19:38:51 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Karolek\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.17228) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,89 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 60,28% Memory free 4,58 Gb Paging File | 3,01 Gb Available in Paging File | 65,70% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 439,95 Gb Total Space | 373,25 Gb Free Space | 84,84% Space Free | Partition Type: NTFS Drive E: | 3,98 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: KAROL | User Name: Karolek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2015-03-16 19:38:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Karolek\Downloads\OTL.exe PRC - [2015-03-16 07:35:48 | 000,432,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe PRC - [2015-03-16 07:35:36 | 000,636,152 | ---- | M] () -- C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugincontainer.exe PRC - [2015-03-16 06:35:30 | 001,188,088 | ---- | M] () -- C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\2\Plugin.exe PRC - [2015-03-16 05:35:30 | 000,475,896 | ---- | M] () -- C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\3\Plugin.exe PRC - [2015-03-16 02:35:30 | 000,563,448 | ---- | M] () -- C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\5\Plugin.exe PRC - [2015-03-13 21:41:49 | 000,376,944 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2015-02-14 20:55:47 | 001,949,592 | ---- | M] (APN) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe PRC - [2015-01-31 00:53:30 | 000,177,560 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe PRC - [2015-01-16 09:45:12 | 000,673,968 | ---- | M] (XTab system) -- C:\Program Files (x86)\XTab\HPNotify.exe PRC - [2015-01-16 09:45:12 | 000,158,896 | ---- | M] (XTab system) -- C:\Program Files (x86)\XTab\ProtectService.exe PRC - [2015-01-16 09:45:10 | 000,048,304 | ---- | M] (SearchProtect) -- C:\Program Files (x86)\XTab\cmdshell.exe PRC - [2014-12-11 11:36:04 | 000,089,864 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe PRC - [2014-12-05 03:27:44 | 000,599,944 | ---- | M] (Autodesk Inc.) -- C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe PRC - [2014-12-05 03:27:43 | 000,493,960 | ---- | M] (Autodesk Inc.) -- C:\Users\Karolek\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe PRC - [2014-12-03 07:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2014-10-01 14:40:28 | 001,349,576 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2014-02-07 02:03:18 | 000,031,192 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe PRC - [2013-10-28 03:02:24 | 000,238,160 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2013-10-26 10:45:14 | 000,651,856 | ---- | M] () -- C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe PRC - [2012-10-12 03:22:02 | 002,807,416 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe PRC - [2012-01-25 15:23:54 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe PRC - [2012-01-25 15:23:54 | 000,192,792 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2015-03-16 05:35:30 | 000,475,896 | ---- | M] () -- C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\3\Plugin.exe MOD - [2014-12-05 03:27:52 | 000,104,328 | ---- | M] () -- C:\Users\Karolek\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2015-03-07 21:25:50 | 001,357,104 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2014-11-06 08:09:55 | 002,676,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:[b]64bit:[/b] - [2014-10-02 23:29:16 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2014-10-01 14:40:28 | 001,349,576 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2014-09-22 07:04:33 | 000,016,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:[b]64bit:[/b] - [2014-07-07 06:52:33 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:[b]64bit:[/b] - [2014-05-30 00:02:28 | 000,439,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:[b]64bit:[/b] - [2014-04-09 14:13:48 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe -- (McComponentHostService) SRV:[b]64bit:[/b] - [2013-08-16 06:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:[b]64bit:[/b] - [2013-06-01 10:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:[b]64bit:[/b] - [2013-05-04 07:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:[b]64bit:[/b] - [2013-05-04 07:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:[b]64bit:[/b] - [2013-03-02 03:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:[b]64bit:[/b] - [2013-03-02 03:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:[b]64bit:[/b] - [2013-01-10 00:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:[b]64bit:[/b] - [2012-09-20 07:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:[b]64bit:[/b] - [2012-08-29 15:22:36 | 000,208,384 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Windows\SysNative\AdminService.exe -- (AtherosSvc) SRV:[b]64bit:[/b] - [2012-07-26 04:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:[b]64bit:[/b] - [2012-07-26 04:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:[b]64bit:[/b] - [2012-07-26 04:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:[b]64bit:[/b] - [2012-07-26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:[b]64bit:[/b] - [2012-07-26 04:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:[b]64bit:[/b] - [2012-07-26 04:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:[b]64bit:[/b] - [2012-07-26 04:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:[b]64bit:[/b] - [2012-07-26 04:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:[b]64bit:[/b] - [2012-07-26 04:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:[b]64bit:[/b] - [2012-07-26 04:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent) SRV:[b]64bit:[/b] - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:[b]64bit:[/b] - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:[b]64bit:[/b] - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:[b]64bit:[/b] - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:[b]64bit:[/b] - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:[b]64bit:[/b] - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV - [2015-03-16 07:35:48 | 000,432,888 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe -- (Update Mgr StrongSignal) SRV - [2015-03-16 07:35:36 | 000,636,152 | ---- | M] () [Auto | Running] -- C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugincontainer.exe -- (Service Mgr StrongSignal) SRV - [2015-03-13 21:41:48 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2015-01-31 00:53:30 | 000,177,560 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP) SRV - [2015-01-16 09:45:12 | 000,158,896 | ---- | M] (XTab system) [Auto | Running] -- C:\Program Files (x86)\XTab\ProtectService.exe -- (IHProtect Service) SRV - [2014-12-11 11:36:04 | 000,089,864 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService) SRV - [2014-12-05 03:27:44 | 000,599,944 | ---- | M] (Autodesk Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe -- (AdAppMgrSvc) SRV - [2014-12-03 07:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2014-11-06 08:09:55 | 002,676,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2014-02-07 02:03:18 | 000,031,192 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service) SRV - [2014-01-29 23:02:44 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2013-10-28 03:02:26 | 000,351,824 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe) SRV - [2013-10-26 10:45:14 | 000,651,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc) SRV - [2013-07-19 12:01:38 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\Karolek\AppData\Local\Temp\7zS3244\hpslpsvc64.dll -- (HPSLPSVC) SRV - [2012-07-26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2012-01-25 15:23:54 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe -- (BBUpdate) SRV - [2012-01-25 15:23:54 | 000,192,792 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe -- (BBSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2015-02-14 01:31:39 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2014-12-18 09:51:28 | 000,096,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS) DRV:[b]64bit:[/b] - [2014-10-10 08:59:12 | 000,243,440 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\eamonm.sys -- (eamonm) DRV:[b]64bit:[/b] - [2014-10-10 08:59:12 | 000,241,368 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\edevmon.sys -- (edevmon) DRV:[b]64bit:[/b] - [2014-10-10 08:59:12 | 000,222,280 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\epfw.sys -- (epfw) DRV:[b]64bit:[/b] - [2014-10-10 08:59:12 | 000,169,280 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2014-10-10 08:59:12 | 000,063,160 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\epfwwfp.sys -- (epfwwfp) DRV:[b]64bit:[/b] - [2014-10-10 08:59:12 | 000,044,632 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\EpfwLWF.sys -- (EpfwLWF) DRV:[b]64bit:[/b] - [2014-09-22 06:53:10 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot) DRV:[b]64bit:[/b] - [2014-08-26 23:08:01 | 000,270,024 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter) DRV:[b]64bit:[/b] - [2014-07-24 14:50:54 | 000,447,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3) DRV:[b]64bit:[/b] - [2014-01-29 23:02:28 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2013-12-10 06:37:32 | 000,376,704 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ew_wwanecm.sys -- (hwusb_wwanecm) DRV:[b]64bit:[/b] - [2013-12-10 06:36:15 | 000,121,728 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ew_cdcacm.sys -- (hwusb_cdcacm) DRV:[b]64bit:[/b] - [2013-11-30 10:10:20 | 000,091,648 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:[b]64bit:[/b] - [2013-10-05 07:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport) DRV:[b]64bit:[/b] - [2013-08-16 06:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam) DRV:[b]64bit:[/b] - [2013-08-10 07:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM) DRV:[b]64bit:[/b] - [2013-07-09 09:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV:[b]64bit:[/b] - [2013-07-02 02:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI) DRV:[b]64bit:[/b] - [2013-07-02 02:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000) DRV:[b]64bit:[/b] - [2013-06-29 07:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2013-06-01 04:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:[b]64bit:[/b] - [2013-03-02 11:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci) DRV:[b]64bit:[/b] - [2013-03-02 11:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc) DRV:[b]64bit:[/b] - [2013-01-25 02:16:40 | 000,109,568 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:[b]64bit:[/b] - [2013-01-10 02:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV:[b]64bit:[/b] - [2012-12-22 02:46:11 | 000,014,976 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV:[b]64bit:[/b] - [2012-11-27 04:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid) DRV:[b]64bit:[/b] - [2012-11-20 05:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c) DRV:[b]64bit:[/b] - [2012-11-06 04:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM) DRV:[b]64bit:[/b] - [2012-10-12 09:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2012-10-11 08:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor) DRV:[b]64bit:[/b] - [2012-10-11 04:51:49 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\serscan.sys -- (StillCam) DRV:[b]64bit:[/b] - [2012-09-20 08:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2012-09-20 08:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2012-08-29 15:22:38 | 000,565,760 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter) DRV:[b]64bit:[/b] - [2012-07-26 06:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-07-26 06:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv) DRV:[b]64bit:[/b] - [2012-07-26 06:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:[b]64bit:[/b] - [2012-07-26 06:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt) DRV:[b]64bit:[/b] - [2012-07-26 06:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor) DRV:[b]64bit:[/b] - [2012-07-26 06:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex) DRV:[b]64bit:[/b] - [2012-07-26 06:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis) DRV:[b]64bit:[/b] - [2012-07-26 06:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2012-07-26 06:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2012-07-26 06:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS) DRV:[b]64bit:[/b] - [2012-07-26 06:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2012-07-26 06:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:[b]64bit:[/b] - [2012-07-26 06:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass) DRV:[b]64bit:[/b] - [2012-07-26 06:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2012-07-26 06:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware) DRV:[b]64bit:[/b] - [2012-07-26 06:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2012-07-26 06:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2012-07-26 05:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS) DRV:[b]64bit:[/b] - [2012-07-26 05:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci) DRV:[b]64bit:[/b] - [2012-07-26 04:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2012-07-26 03:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf) DRV:[b]64bit:[/b] - [2012-07-26 03:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV:[b]64bit:[/b] - [2012-07-26 03:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo) DRV:[b]64bit:[/b] - [2012-07-26 03:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender) DRV:[b]64bit:[/b] - [2012-07-26 03:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter) DRV:[b]64bit:[/b] - [2012-07-26 03:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic) DRV:[b]64bit:[/b] - [2012-07-26 03:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime) DRV:[b]64bit:[/b] - [2012-07-26 03:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig) DRV:[b]64bit:[/b] - [2012-07-26 03:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:[b]64bit:[/b] - [2012-07-26 03:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr) DRV:[b]64bit:[/b] - [2012-07-26 03:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd) DRV:[b]64bit:[/b] - [2012-07-26 03:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx) DRV:[b]64bit:[/b] - [2012-07-26 03:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx) DRV:[b]64bit:[/b] - [2012-07-26 03:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2012-07-26 03:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum) DRV:[b]64bit:[/b] - [2012-07-26 03:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2012-07-26 03:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2012-07-26 03:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr) DRV:[b]64bit:[/b] - [2012-07-26 03:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum) DRV:[b]64bit:[/b] - [2012-07-26 03:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:[b]64bit:[/b] - [2012-07-26 03:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp) DRV:[b]64bit:[/b] - [2012-07-26 03:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu) DRV:[b]64bit:[/b] - [2012-07-24 00:44:02 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr) DRV:[b]64bit:[/b] - [2012-07-17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2012-06-02 15:31:56 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168) DRV - [2002-04-26 12:04:16 | 000,095,484 | ---- | M] (DATOM Dariusz Cielebąk) [Kernel | Auto | Stopped] -- C:\WINDOWS\SysWow64\drivers\KMM4XNT.SYS -- (Kmm4xNT) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1423873940&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1423873940&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1423873940&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1423873940&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465 IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.mystartsearch.com/web/?type=ds&ts=1423873940&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465&q={searchTerms} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{352B63D1-CABB-4C5A-ADD8-85801D10ACF7}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1423873940&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1423873940&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1423873940&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1423873940&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465 IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.mystartsearch.com/web/?type=ds&ts=1423873940&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465&q={searchTerms} IE - HKLM\..\SearchScopes\{352B63D1-CABB-4C5A-ADD8-85801D10ACF7}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1423873940&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1423873940&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465 IE - HKCU\..\SearchScopes,DefaultScope = {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465&ts=1423874023&type=default&q={searchTerms} IE - HKCU\..\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465&ts=1423874023&type=default&q={searchTerms} IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465&ts=1423874023&type=default&q={searchTerms} IE - HKCU\..\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465&ts=1423874023&type=default&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.countryCode: "PL" FF - prefs.js..browser.search.highlightCount: 0 FF - prefs.js..browser.search.isUS: false FF - prefs.js..browser.search.region: "PL" FF - prefs.js..browser.search.searchengine.alias: "mystartsearch" FF - prefs.js..browser.search.searchengine.desc: "this is my first firefox searchEngine" FF - prefs.js..browser.search.searchengine.iconURL: "http://www.mystartsearch.com/favicon.ico" FF - prefs.js..browser.search.searchengine.name: "mystartsearch" FF - prefs.js..browser.search.searchengine.ptid: "smt" FF - prefs.js..browser.search.searchengine.uid: "ST500LM012XHN-M500MBB_S2RSJ9GCB01465" FF - prefs.js..browser.search.searchengine.url: "http://www.mystartsearch.com/web/?type=ds&ts=1423873940&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9GCB01465&q={searchTerms}" FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - prefs.js..extensions.enabledAddons: SignPlugin%40pekao.pl:1.3.0.84 FF - prefs.js..extensions.enabledAddons: %7B113c6a96-cbc4-4248-bc8a-c05e9ec4b669%7D:1.2 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:36.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fftoolbar2014@etech.com: C:\Users\Karolek\AppData\Roaming\Mozilla\Firefox\Profiles\5uw8q1ym.default\extensions\fftoolbar2014@etech.com [2015-02-14 01:32:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\faststartff@gmail.com: C:\Users\Karolek\AppData\Roaming\Mozilla\Firefox\Profiles\5uw8q1ym.default\extensions\faststartff@gmail.com [2015-02-14 01:32:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8}: C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04 11:36:14 | 000,010,691 | ---- | M] () FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015-02-07 12:19:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karolek\AppData\Roaming\mozilla\Extensions [2015-03-15 20:09:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karolek\AppData\Roaming\mozilla\Firefox\Profiles\5uw8q1ym.default\extensions [2015-02-17 10:07:50 | 000,000,000 | ---D | M] ("Better-Fox-Finder") -- C:\Users\Karolek\AppData\Roaming\mozilla\Firefox\Profiles\5uw8q1ym.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669} [2015-02-14 01:32:36 | 000,000,000 | ---D | M] ("Fast Start") -- C:\Users\Karolek\AppData\Roaming\mozilla\Firefox\Profiles\5uw8q1ym.default\extensions\faststartff@gmail.com [2015-02-14 01:32:28 | 000,000,000 | ---D | M] (FF Toolbar) -- C:\Users\Karolek\AppData\Roaming\mozilla\Firefox\Profiles\5uw8q1ym.default\extensions\fftoolbar2014@etech.com [2015-02-08 02:05:36 | 000,000,000 | ---D | M] (PEKAO S.A. Sign Plugin) -- C:\Users\Karolek\AppData\Roaming\mozilla\Firefox\Profiles\5uw8q1ym.default\extensions\SignPlugin@pekao.pl [2015-02-14 20:57:57 | 000,570,426 | ---- | M] () (No name found) -- C:\Users\Karolek\AppData\Roaming\mozilla\firefox\profiles\5uw8q1ym.default\extensions\toolbar_ORJ-SPE@apn.ask.com.xpi [2015-03-11 20:24:06 | 000,970,602 | ---- | M] () (No name found) -- C:\Users\Karolek\AppData\Roaming\mozilla\firefox\profiles\5uw8q1ym.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-14 03:09:29 | 000,005,779 | ---- | M] () (No name found) -- C:\Users\Karolek\AppData\Roaming\mozilla\firefox\profiles\5uw8q1ym.default\extensions\{f318d533-127c-4630-af87-2d2b706e5282}.xpi [2015-03-15 10:52:56 | 000,002,533 | ---- | M] () -- C:\Users\Karolek\AppData\Roaming\mozilla\firefox\profiles\5uw8q1ym.default\searchplugins\ask-search.xml [2015-03-13 21:41:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2015-03-13 21:41:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2012-07-26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Strong Signal) - {c723a437-2eaf-466d-a95b-3fa0966bf88c} - C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll () O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ADSKAppManager] C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe (Autodesk Inc.) O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN) O4 - HKCU..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKCU..\Run: [HP Deskjet 3510 series (NET)] C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01C5B8FC-52D5-4DE5-ABBA-12EB3D6366F8}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3CA2DA0B-8C98-49BD-9395-4042088031DC}: NameServer = 89.108.195.21 89.108.202.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{521E1D07-60ED-4B14-8B81-B099C38EF9CB}: NameServer = 89.108.195.21 89.108.202.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA8BDD64-728A-4FC7-8A9A-18768E5A5E42}: NameServer = 89.108.195.21 89.108.202.21 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2015-03-07 22:33:26 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2011-10-25 01:14:35 | 000,000,041 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{03899f42-aeac-11e4-be6d-50b7c3b15308}\Shell - "" = AutoRun O33 - MountPoints2\{03899f42-aeac-11e4-be6d-50b7c3b15308}\Shell\AutoRun\command - "" = "F:\LaunchU3.exe" -a O33 - MountPoints2\{32a9fb82-b683-11e4-be75-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{32a9fb82-b683-11e4-be75-806e6f6e6963}\Shell\AutoRun\command - "" = "F:\AutoRun.exe" O33 - MountPoints2\{32a9fcb3-b683-11e4-be75-50b7c3b15308}\Shell - "" = AutoRun O33 - MountPoints2\{32a9fcb3-b683-11e4-be75-50b7c3b15308}\Shell\AutoRun\command - "" = "F:\AutoRun.exe" O33 - MountPoints2\{a1ae3117-c822-11e4-be86-50b7c3b15308}\Shell - "" = AutoRun O33 - MountPoints2\{a1ae3117-c822-11e4-be86-50b7c3b15308}\Shell\AutoRun\command - "" = "F:\AutoRun.exe" O33 - MountPoints2\{b4373f75-b359-11e4-be71-50b7c3b15308}\Shell - "" = AutoRun O33 - MountPoints2\{b4373f75-b359-11e4-be71-50b7c3b15308}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2013-11-25 16:43:31 | 000,980,872 | R--- | M] (Autodesk, Inc.) O33 - MountPoints2\{e88a1b56-c765-11e4-be85-50b7c3b15308}\Shell - "" = AutoRun O33 - MountPoints2\{e88a1b56-c765-11e4-be85-50b7c3b15308}\Shell\AutoRun\command - "" = "F:\AutoRun.exe" O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2015-03-16 19:38:36 | 000,000,000 | ---D | C] -- C:\FRST [2015-03-13 21:41:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2015-03-13 13:43:40 | 000,000,000 | ---D | C] -- C:\ProgramData\firebird [2015-03-13 13:43:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ECLSOFT [2015-03-13 13:43:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fakturowanie40 [2015-03-13 13:42:39 | 000,000,000 | ---D | C] -- C:\Users\Karolek\AppData\Local\Programs [2015-03-13 13:08:35 | 000,000,000 | ---D | C] -- C:\Users\Karolek\AppData\Roaming\Macromedia [2015-03-13 13:06:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2015-03-13 13:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan [2015-03-13 13:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations [2015-03-13 13:06:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP Photo Creations [2015-03-13 13:06:19 | 000,000,000 | ---D | C] -- C:\Users\Karolek\AppData\Roaming\HpUpdate [2015-03-13 13:06:07 | 000,741,480 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\SysNative\HPDiscoPMAD11.dll [2015-03-13 13:06:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2015-03-13 13:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\HP [2015-03-13 13:04:39 | 000,000,000 | ---D | C] -- C:\Users\Karolek\AppData\Local\HP [2015-03-13 13:02:51 | 000,791,496 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2015-03-13 13:02:51 | 000,177,608 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2015-03-13 12:54:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard [2015-03-13 12:54:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hp [2015-03-10 22:08:32 | 000,000,000 | R--D | C] -- C:\Users\Karolek\Documents\Scanned Documents [2015-03-10 22:08:31 | 000,000,000 | ---D | C] -- C:\Users\Karolek\Documents\Fax [2015-03-07 22:37:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2015 — Polski (Polish) [2015-03-07 22:33:25 | 000,000,000 | ---D | C] -- C:\Autodesk [2015-03-07 21:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2015-03-07 21:55:38 | 000,000,000 | ---D | C] -- C:\Nowy folder [2015-03-07 21:44:37 | 000,000,000 | ---D | C] -- C:\Users\Karolek\Documents\Autodesk Application Manager [2015-03-07 21:35:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap [2015-03-07 21:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2015 - English [2015-03-07 21:29:21 | 000,000,000 | ---D | C] -- C:\Users\Karolek\Documents\Inventor Server SDK ACAD 2015 [2015-03-07 21:28:39 | 000,000,000 | ---D | C] -- C:\Users\Karolek\AppData\Local\Autodesk [2015-03-07 21:21:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Autodesk [2015-03-07 21:20:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared [2015-03-07 21:20:42 | 000,000,000 | ---D | C] -- C:\Program Files\Autodesk [2015-03-07 21:17:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk [2015-03-07 21:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk [2015-03-07 21:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared [2015-03-07 21:15:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2015-03-07 21:08:53 | 000,000,000 | ---D | C] -- C:\ISOS [2015-02-17 11:18:04 | 000,000,000 | ---D | C] -- C:\Users\Karolek\AppData\Roaming\Drimar [2015-02-17 11:17:50 | 000,000,000 | ---D | C] -- C:\Users\Karolek\AppData\Local\AskPartnerNetwork [2015-02-17 11:17:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork [2015-02-17 11:17:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork [2015-02-17 11:17:40 | 000,000,000 | ---D | C] -- C:\ProgramData\APN [2015-02-17 11:15:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2015-02-17 11:15:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2015-02-17 11:15:35 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll [2015-02-17 11:15:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [2015-02-17 11:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle [2015-02-17 11:14:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2015-02-17 11:10:31 | 000,000,000 | ---D | C] -- C:\Users\Karolek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fajna Faktura Start [2015-02-17 11:10:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fajna Faktura Start [2015-02-17 10:18:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2015-02-17 10:18:19 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan [2015-02-17 10:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\PLAY ONLINE [2015-02-17 10:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PLAY ONLINE [2015-02-17 10:15:24 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WdfCoInstaller01007.dll [2015-02-17 10:15:24 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdfCoInstaller01007.dll [2015-02-17 10:15:24 | 000,456,704 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\ewusbwwan.sys [2015-02-17 10:15:24 | 000,376,704 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\ew_wwanecm.sys [2015-02-17 10:15:24 | 000,246,272 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\ew_juwwanecm.sys [2015-02-17 10:15:24 | 000,226,176 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\ewusbmdm.sys [2015-02-17 10:15:24 | 000,121,728 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\ew_cdcacm.sys [2015-02-17 10:15:24 | 000,110,592 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\ew_jucdcacm.sys [2015-02-17 10:15:24 | 000,109,568 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\ew_hwusbdev.sys [2015-02-17 10:15:24 | 000,091,648 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\ew_jubusenum.sys [2015-02-17 10:15:24 | 000,077,312 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\ew_jucdcecm.sys [2015-02-17 10:15:24 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\ewdcsc.sys [2015-02-17 10:15:24 | 000,030,720 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\ew_juextctrl.sys [2015-02-17 10:15:24 | 000,022,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\ew_hwupgrade.sys [2015-02-17 10:15:24 | 000,014,976 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\ew_usbenumfilter.sys [2015-02-17 10:14:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PLAY ONLINE [2015-02-17 10:10:51 | 000,000,000 | ---D | C] -- C:\Users\Karolek\Documents\Notesy programu OneNote [2015-02-17 10:09:54 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService [2015-02-15 12:28:52 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2015-03-16 19:42:06 | 000,001,062 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2015-03-16 19:42:02 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2015-03-16 19:14:11 | 001,793,398 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2015-03-16 19:14:11 | 000,794,946 | ---- | M] () -- C:\WINDOWS\SysNative\perfh015.dat [2015-03-16 19:14:11 | 000,710,244 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2015-03-16 19:14:11 | 000,159,530 | ---- | M] () -- C:\WINDOWS\SysNative\perfc015.dat [2015-03-16 19:14:11 | 000,132,614 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2015-03-16 19:08:29 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2015-03-16 19:06:24 | 000,509,592 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2015-03-16 19:06:08 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2015-03-16 19:06:03 | 3341,217,792 | -HS- | M] () -- C:\hiberfil.sys [2015-03-13 20:22:54 | 000,606,097 | ---- | M] () -- C:\Users\Karolek\Documents\Scan0003.jpg [2015-03-13 20:22:08 | 000,711,999 | ---- | M] () -- C:\Users\Karolek\Documents\Scan0002.jpg [2015-03-13 20:21:09 | 000,584,699 | ---- | M] () -- C:\Users\Karolek\Documents\Scan0001.jpg [2015-03-13 13:43:37 | 000,001,115 | ---- | M] () -- C:\Users\Karolek\Desktop\Fakturowanie.lnk [2015-03-13 13:06:38 | 000,002,015 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk [2015-03-13 13:06:06 | 000,002,244 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 3510 series.lnk [2015-03-13 13:06:06 | 000,001,177 | ---- | M] () -- C:\Users\Public\Desktop\Zakup materiałów eksploatacyjnych - HP Deskjet 3510 series.lnk [2015-03-13 13:05:13 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini [2015-03-07 22:37:21 | 000,002,108 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD 2015 — Polski (Polish).lnk [2015-03-05 19:35:33 | 000,067,762 | ---- | M] () -- C:\Users\Karolek\Desktop\konstukcyjny.ath [2015-03-04 22:24:17 | 000,791,496 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2015-03-04 22:24:17 | 000,177,608 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2015-03-04 15:41:45 | 000,005,685 | ---- | M] () -- C:\Users\Karolek\Documents\fak kop.pdf [2015-02-17 11:14:52 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll [2015-02-17 11:10:31 | 000,001,128 | ---- | M] () -- C:\Users\Karolek\Desktop\FajnaFaktura.lnk [2015-02-17 10:18:22 | 000,001,943 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-02-17 10:18:22 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2015-02-17 10:16:19 | 000,001,057 | ---- | M] () -- C:\Users\Public\Desktop\PLAY ONLINE.lnk [2015-02-17 10:10:50 | 000,001,360 | ---- | M] () -- C:\Users\Karolek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2015-03-16 19:04:50 | 000,509,592 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2015-03-13 20:22:54 | 000,606,097 | ---- | C] () -- C:\Users\Karolek\Documents\Scan0003.jpg [2015-03-13 20:22:08 | 000,711,999 | ---- | C] () -- C:\Users\Karolek\Documents\Scan0002.jpg [2015-03-13 20:21:08 | 000,584,699 | ---- | C] () -- C:\Users\Karolek\Documents\Scan0001.jpg [2015-03-13 13:43:37 | 000,001,115 | ---- | C] () -- C:\Users\Karolek\Desktop\Fakturowanie.lnk [2015-03-13 13:06:38 | 000,002,015 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk [2015-03-13 13:06:06 | 000,002,244 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 3510 series.lnk [2015-03-13 13:06:06 | 000,001,177 | ---- | C] () -- C:\Users\Public\Desktop\Zakup materiałów eksploatacyjnych - HP Deskjet 3510 series.lnk [2015-03-13 13:05:13 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2015-03-07 22:37:21 | 000,002,108 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD 2015 — Polski (Polish).lnk [2015-03-04 15:41:45 | 000,005,685 | ---- | C] () -- C:\Users\Karolek\Documents\fak kop.pdf [2015-02-17 11:10:31 | 000,001,128 | ---- | C] () -- C:\Users\Karolek\Desktop\FajnaFaktura.lnk [2015-02-17 10:18:22 | 000,001,941 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2015-02-17 10:18:21 | 000,001,943 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-02-17 10:16:19 | 000,001,057 | ---- | C] () -- C:\Users\Public\Desktop\PLAY ONLINE.lnk [2015-02-17 10:10:50 | 000,001,360 | ---- | C] () -- C:\Users\Karolek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk [2015-02-14 12:29:12 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2015-02-07 13:19:26 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2015-02-07 12:35:24 | 000,165,376 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll [2014-01-29 23:02:42 | 000,272,928 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin [2014-01-29 23:02:22 | 000,077,312 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll [2014-01-29 23:02:20 | 000,963,452 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin [color=#E56717]========== ZeroAccess Check ==========[/color] [2015-02-14 04:04:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014-10-11 08:44:56 | 019,764,736 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014-10-11 06:57:57 | 017,562,112 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-07-26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012-07-26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-07-26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report >