x-kom hosting

Key-finder zamiast google; inne badziewia w przegladarce + filmom na yt skacze obraz(chrome)

Parafian12
utworzono
utworzono

 [log]OTL logfile created on: 2015-03-01 12:47:06 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = D:\chrome
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17633)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
8,00 Gb Total Physical Memory | 5,22 Gb Available Physical Memory | 65,23% Memory free
14,00 Gb Paging File | 10,56 Gb Available in Paging File | 75,47% Paging File free
Paging file location(s): d:\pagefile.sys 6144 6144 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,53 Gb Total Space | 2,25 Gb Free Space | 3,78% Space Free | Partition Type: NTFS
Drive D: | 78,03 Gb Total Space | 45,17 Gb Free Space | 57,88% Space Free | Partition Type: NTFS
Drive E: | 387,63 Gb Total Space | 20,28 Gb Free Space | 5,23% Space Free | Partition Type: NTFS
Drive H: | 100,00 Mb Total Space | 76,24 Mb Free Space | 76,24% Space Free | Partition Type: NTFS
Drive Z: | 139,28 Gb Total Space | 4,30 Gb Free Space | 3,09% Space Free | Partition Type: NTFS
 
Computer Name: ADRIAN-KOMPUTER | User Name: Adrian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - File not found -- 
PRC - [2015-03-01 12:44:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\chrome\OTL.exe
PRC - [2015-02-19 00:51:20 | 001,543,872 | ---- | M] (Valve Corporation) -- E:\Steam\bin\steamwebhelper.exe
PRC - [2015-02-19 00:51:18 | 002,874,048 | ---- | M] (Valve Corporation) -- E:\Steam\Steam.exe
PRC - [2015-02-17 23:45:00 | 000,843,592 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014-12-19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014-11-21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014-08-09 06:49:41 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014-06-16 15:02:24 | 000,579,584 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
PRC - [2014-06-16 14:59:40 | 001,537,536 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2014-03-01 00:20:50 | 000,026,112 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe
PRC - [2014-03-01 00:14:08 | 001,216,512 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe
PRC - [2013-10-23 23:39:14 | 001,017,224 | ---- | M] (Flux Software LLC) -- E:\Users\Adrian\AppData\Local\FluxSoftware\Flux\flux.exe
PRC - [2013-09-04 18:21:42 | 002,112,000 | ---- | M] () -- E:\screenSHU\screenSHU.exe
PRC - [2013-01-18 10:01:12 | 002,009,088 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
PRC - [2012-12-27 13:26:20 | 004,522,496 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2012-10-26 09:40:10 | 000,282,112 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2012-09-13 00:38:44 | 000,204,136 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2012-03-20 10:59:04 | 003,340,288 | ---- | M] () -- C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2015-02-19 00:51:40 | 002,360,000 | ---- | M] () -- E:\Steam\video.dll
MOD - [2015-02-19 00:51:18 | 000,702,656 | ---- | M] () -- E:\Steam\bin\chromehtml.dll
MOD - [2015-02-17 23:44:57 | 009,171,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
MOD - [2015-02-17 23:44:53 | 001,117,512 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
MOD - [2015-02-17 23:44:51 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
MOD - [2015-01-28 02:30:26 | 034,641,288 | ---- | M] () -- E:\Steam\bin\libcef.dll
MOD - [2014-12-02 01:29:50 | 005,002,752 | ---- | M] () -- E:\Steam\v8.dll
MOD - [2014-12-02 01:29:34 | 001,612,800 | ---- | M] () -- E:\Steam\icui18n.dll
MOD - [2014-12-02 01:29:34 | 001,210,368 | ---- | M] () -- E:\Steam\icuuc.dll
MOD - [2014-12-01 22:31:16 | 002,396,672 | ---- | M] () -- E:\Steam\libavcodec-56.dll
MOD - [2014-12-01 22:31:16 | 000,485,888 | ---- | M] () -- E:\Steam\libswscale-3.dll
MOD - [2014-12-01 22:31:16 | 000,479,744 | ---- | M] () -- E:\Steam\libavformat-56.dll
MOD - [2014-12-01 22:31:16 | 000,442,880 | ---- | M] () -- E:\Steam\libavutil-54.dll
MOD - [2014-12-01 22:31:16 | 000,332,800 | ---- | M] () -- E:\Steam\libavresample-2.dll
MOD - [2014-11-11 19:47:56 | 000,774,656 | ---- | M] () -- E:\Steam\SDL2.dll
MOD - [2014-03-01 00:20:56 | 000,002,560 | ---- | M] () -- C:\Windows\SysWOW64\CtxfiRes.dll
MOD - [2013-09-05 00:14:10 | 004,300,456 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2013-09-04 18:21:42 | 002,112,000 | ---- | M] () -- E:\screenSHU\screenSHU.exe
MOD - [2012-09-13 00:38:52 | 007,955,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
MOD - [2012-09-13 00:38:52 | 000,341,352 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
MOD - [2012-09-13 00:38:52 | 000,127,336 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
MOD - [2012-09-13 00:38:52 | 000,028,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
MOD - [2012-09-13 00:38:44 | 002,144,104 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
MOD - [2012-03-20 10:59:04 | 003,340,288 | ---- | M] () -- C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
MOD - [2012-02-07 10:20:12 | 002,413,568 | ---- | M] () -- C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\ScreenCapture\ScreenCapture.dll
MOD - [2011-08-10 12:43:18 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_Wheel4D.dll
MOD - [2011-06-08 08:32:26 | 000,011,362 | ---- | M] () -- E:\screenSHU\mingwm10.dll
MOD - [2011-06-08 08:32:24 | 000,043,008 | ---- | M] () -- E:\screenSHU\libgcc_s_dw2-1.dll
MOD - [2011-04-12 14:14:04 | 000,063,488 | ---- | M] () -- C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_AnalyzeGesturesInRight.dll
MOD - [2011-03-21 18:33:16 | 000,999,424 | ---- | M] () -- C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
MOD - [2011-01-09 19:45:54 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_MouseDeviceManager.dll
MOD - [2010-12-02 16:56:52 | 000,815,104 | ---- | M] () -- C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\OSD_Text\OSD_Text.dll
MOD - [2010-11-01 19:16:00 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_AnalyzeGesturesInOne.dll
MOD - [2010-09-20 13:18:56 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_ZoomControl.dll
MOD - [2010-09-20 13:18:54 | 000,054,272 | ---- | M] () -- C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_ScrollbarControl.dll
MOD - [2009-02-27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2015-02-12 00:14:10 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014-12-02 14:55:04 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:[b]64bit:[/b] - [2014-11-21 03:12:40 | 000,244,736 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2014-11-20 21:23:06 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:[b]64bit:[/b] - [2014-08-09 10:25:02 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:[b]64bit:[/b] - [2013-07-10 23:09:35 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2013-01-11 16:36:24 | 004,466,120 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV - [2015-02-28 11:35:01 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015-01-17 18:03:18 | 000,762,320 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2015-01-02 19:45:12 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014-12-19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014-12-02 14:50:16 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2014-12-02 14:50:16 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2014-08-14 00:52:22 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014-08-09 06:49:41 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014-06-12 07:47:26 | 000,076,328 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- E:\SOLIDWORKS\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2014-06-11 20:13:12 | 000,193,024 | ---- | M] (Trace Software International) [Auto | Running] -- E:\SOLIDWORKS\SolidWorks Electrical\server\EwServer.exe -- (ewserver)
SRV - [2014-04-11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014-02-08 01:02:50 | 000,569,024 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013-10-23 17:09:09 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2012-10-26 09:40:10 | 000,282,112 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2012-02-11 08:55:18 | 000,597,080 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- e:\Solidworks Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$TEW_SQLEXPRESS)
SRV - [2012-02-11 08:55:16 | 000,191,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- e:\Solidworks Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$TEW_SQLEXPRESS)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.2)
DRV:[b]64bit:[/b] - [2015-03-01 12:39:47 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2014-11-24 11:18:47 | 000,040,960 | ---- | M] (Chingachguk & Denger2k) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\mcamvusb.sys -- (mcamvusb)
DRV:[b]64bit:[/b] - [2014-11-21 03:40:00 | 018,959,360 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2014-11-21 03:08:54 | 000,589,312 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2014-06-21 18:01:22 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2014-03-01 02:56:24 | 001,564,440 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:[b]64bit:[/b] - [2014-03-01 02:56:10 | 000,120,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:[b]64bit:[/b] - [2014-03-01 02:55:58 | 000,215,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:[b]64bit:[/b] - [2014-03-01 02:55:46 | 000,018,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:[b]64bit:[/b] - [2014-03-01 02:55:34 | 000,181,528 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:[b]64bit:[/b] - [2014-03-01 02:55:20 | 000,689,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)
DRV:[b]64bit:[/b] - [2014-03-01 02:55:08 | 000,582,936 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:[b]64bit:[/b] - [2014-03-01 02:54:56 | 001,419,544 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:[b]64bit:[/b] - [2014-03-01 02:54:56 | 001,419,544 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:[b]64bit:[/b] - [2014-03-01 02:54:44 | 000,097,048 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:[b]64bit:[/b] - [2014-03-01 02:54:44 | 000,097,048 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:[b]64bit:[/b] - [2014-03-01 02:54:34 | 000,205,080 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:[b]64bit:[/b] - [2014-03-01 02:54:34 | 000,205,080 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:[b]64bit:[/b] - [2014-02-11 16:36:52 | 000,059,616 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\AMD\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
DRV:[b]64bit:[/b] - [2013-04-20 18:11:51 | 000,303,616 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2013-04-20 18:11:48 | 000,035,328 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2013-03-11 12:03:58 | 000,331,144 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:[b]64bit:[/b] - [2013-03-07 13:23:02 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2013-02-19 15:04:12 | 000,141,064 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:[b]64bit:[/b] - [2013-01-14 12:32:16 | 000,090,056 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:[b]64bit:[/b] - [2012-09-21 20:04:22 | 004,763,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:[b]64bit:[/b] - [2012-09-21 20:04:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:[b]64bit:[/b] - [2012-08-07 18:09:56 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-06-15 10:39:36 | 000,296,576 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aksusb.sys -- (aksusb)
DRV:[b]64bit:[/b] - [2012-06-15 08:44:14 | 000,053,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\akshasp.sys -- (akshasp)
DRV:[b]64bit:[/b] - [2012-02-11 07:59:34 | 000,334,936 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0200.sys -- (RsFx0200)
DRV:[b]64bit:[/b] - [2011-09-16 20:00:32 | 000,106,496 | ---- | M] (SteelSeries Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SteelBus64.sys -- (busenum)
DRV:[b]64bit:[/b] - [2011-09-16 20:00:28 | 000,034,944 | ---- | M] (SteelSeries Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SAlpham64.sys -- (SAlphamHid)
DRV:[b]64bit:[/b] - [2011-05-11 17:06:52 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-05-11 17:06:52 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-10-15 08:24:56 | 000,115,200 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:[b]64bit:[/b] - [2010-02-18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:[b]64bit:[/b] - [2009-09-16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:[b]64bit:[/b] - [2009-08-13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008-12-26 11:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV - [2014-12-05 16:00:45 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2013-05-23 23:48:54 | 000,058,088 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver4.2.0)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Adrian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: E:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: E:\Assassin's Creed III\Ubisoft Game Launcher\npuplaypc.dll File not found
 
 
[2013-06-06 11:33:09 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Adrian\AppData\Roaming\Mozilla\Extensions
[2014-02-22 01:18:06 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\vgufdm98.default\extensions
[2013-08-13 10:35:26 | 000,824,302 | ---- | M] () (No name found) -- E:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\vgufdm98.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-08-17 09:34:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Widevine Content Decryption Module (Disabled) = E:\Users\Adrian\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\internal-nacl-plugin
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: Battlelog Game Launcher (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 8.0.310.13 (Disabled) = C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 8 U31 (Disabled) = C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Disabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Disabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Disabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
CHR - plugin: Unity Player (Disabled) = E:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - Extension: No name found = E:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.18.1_0\
CHR - Extension: No name found = E:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmolgbmkhjnoekekdogckilbbedhdnoh\1.0.206_0\
CHR - Extension: No name found = E:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: No name found = E:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = E:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [QuickTime Plugin Install] C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [f.lux] E:\Users\Adrian\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_632E392FD7EB2196DF268833A1CEF651] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [OscarEditor] C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe ()
O4 - HKCU..\Run: [screenSHU] E:\screenSHU\screenSHU.exe ()
O4 - HKCU..\Run: [Steam] E:\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: mks.com.pl ([www] https in Trusted sites)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab(Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab(Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab(Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9E180B1-2F6B-42C0-862E-7DEB9DEC7974}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D357759B-3E48-450F-A57F-1AA33D0BB3AF}: DhcpNameServer = 194.204.159.1 194.204.152.34
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-05-21 07:41:27 | 000,008,447 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O32 - AutoRun File - [2013-12-28 11:23:37 | 000,024,150 | ---- | M] () - C:\autoupdate.log -- [ NTFS ]
O33 - MountPoints2\{a5fe077f-b7e1-11e3-b1d1-6c626d725463}\Shell - "" = AutoRun
O33 - MountPoints2\{a5fe077f-b7e1-11e3-b1d1-6c626d725463}\Shell\AutoRun\command - "" = I:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2015-03-01 12:17:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015-02-28 12:07:04 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015-02-28 12:06:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015-02-28 11:35:01 | 000,701,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015-02-28 11:35:01 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015-02-26 00:58:02 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perftrack.dll
[2015-02-26 00:58:02 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powertracker.dll
[2015-02-24 22:34:33 | 000,000,000 | ---D | C] -- E:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
[2015-02-24 22:32:49 | 000,000,000 | ---D | C] -- E:\Users\Adrian\AppData\Local\JDownloader 2.0
[2015-02-24 22:30:40 | 000,000,000 | ---D | C] -- E:\Users\Adrian\AppData\Local\JDownloader v2.0
[2015-02-21 08:44:35 | 000,000,000 | ---D | C] -- E:\Users\Adrian\AppData\Local\Steam
[2015-02-20 21:10:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total War Attila
[2015-02-20 20:51:04 | 000,000,000 | ---D | C] -- C:\Total War Attila
[2015-02-20 10:31:56 | 000,000,000 | ---D | C] -- E:\Users\Adrian\Documents\efile-backup
[2015-02-20 10:02:40 | 000,000,000 | ---D | C] -- E:\Users\Adrian\Documents\efile
[2015-02-20 10:02:39 | 000,000,000 | ---D | C] -- E:\Users\Adrian\AppData\Roaming\com.efile.epity2014
[2015-02-20 10:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-pity
[2015-02-20 10:02:35 | 000,000,000 | ---D | C] -- E:\Users\Adrian\AppData\Roaming\fillUp
[2015-02-13 02:17:43 | 006,041,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015-02-13 02:17:43 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015-02-13 02:17:43 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015-02-12 13:06:42 | 000,000,000 | ---D | C] -- C:\Windows\rescache
[2015-02-12 00:15:09 | 001,239,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitstatic.exe
[2015-02-12 00:15:09 | 001,098,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015-02-12 00:15:09 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015-02-12 00:15:09 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015-02-12 00:15:09 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015-02-12 00:15:09 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015-02-12 00:15:09 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015-02-12 00:15:09 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015-02-12 00:14:28 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015-02-12 00:14:11 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015-02-12 00:14:11 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015-02-12 00:14:11 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015-02-12 00:14:11 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015-02-12 00:14:11 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015-02-12 00:14:11 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015-02-12 00:14:11 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015-02-12 00:14:10 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015-02-12 00:14:10 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015-02-12 00:14:10 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015-02-12 00:14:10 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015-02-12 00:14:10 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015-02-12 00:14:10 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015-02-12 00:14:10 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015-02-12 00:14:10 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015-02-12 00:14:10 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015-02-12 00:14:10 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015-02-12 00:14:10 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015-02-12 00:14:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015-02-12 00:14:10 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015-02-12 00:14:10 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015-02-12 00:14:10 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015-02-12 00:14:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015-02-12 00:14:09 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015-02-12 00:14:09 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015-02-12 00:14:09 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015-02-12 00:14:09 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015-02-12 00:14:09 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015-02-12 00:14:09 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015-02-12 00:14:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015-02-12 00:14:09 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015-02-12 00:14:09 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015-02-12 00:14:04 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2015-02-12 00:13:36 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015-02-12 00:13:36 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015-02-12 00:13:36 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015-02-12 00:13:36 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015-02-12 00:13:36 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015-02-12 00:13:36 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015-02-12 00:13:36 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015-02-12 00:13:36 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015-02-12 00:13:36 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015-02-12 00:13:36 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015-02-12 00:13:36 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015-02-12 00:13:36 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015-02-12 00:13:19 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015-02-12 00:13:19 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015-02-12 00:13:06 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2015-02-12 00:13:03 | 003,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2015-02-12 00:13:03 | 003,221,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2015-02-12 00:13:03 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2015-02-12 00:12:36 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2015-02-12 00:12:36 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2015-02-12 00:06:46 | 005,554,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015-02-12 00:06:46 | 003,972,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015-02-12 00:06:46 | 003,917,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015-02-12 00:06:46 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015-02-12 00:06:46 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015-02-12 00:06:46 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015-02-11 13:19:34 | 000,000,000 | ---D | C] -- E:\Users\Adrian\AppData\Roaming\EurekaLog
[2015-02-08 20:18:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2015-02-08 20:18:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2015-02-08 20:18:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2015-02-08 20:15:34 | 000,000,000 | ---D | C] -- E:\Users\Adrian\Documents\DyingLight
[2015-02-06 11:56:15 | 000,000,000 | ---D | C] -- E:\Users\Adrian\Documents\My Cheat Tables
[2015-02-06 11:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
[2015-02-06 11:56:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.4
[2015-02-01 15:51:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15
[2015-02-01 15:51:22 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2015-03-01 12:39:47 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015-03-01 12:37:41 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015-03-01 12:37:38 | 000,000,202 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2015-03-01 12:37:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015-03-01 12:37:03 | 000,003,424 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000003-00000000-00000006-00001102-00000005-00331102}.rfx
[2015-03-01 12:37:03 | 000,003,424 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000003-00000000-00000006-00001102-00000005-00331102}.rfx
[2015-03-01 12:37:03 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000003-00000000-00000006-00001102-00000005-00331102}.rfx
[2015-03-01 12:20:10 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015-03-01 12:17:20 | 000,002,261 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015-03-01 12:14:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015-03-01 09:03:00 | 000,000,202 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job
[2015-02-28 23:56:23 | 000,024,288 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015-02-28 23:56:23 | 000,024,288 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015-02-28 12:06:43 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015-02-28 11:35:01 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015-02-28 11:35:01 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015-02-26 00:58:02 | 000,950,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\perftrack.dll
[2015-02-26 00:58:02 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\powertracker.dll
[2015-02-24 22:34:33 | 000,001,968 | ---- | M] () -- E:\Users\Adrian\Desktop\JDownloader 2.lnk
[2015-02-24 08:53:51 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015-02-21 08:39:36 | 000,544,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015-02-20 21:16:50 | 000,000,512 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2015-02-20 21:10:26 | 000,001,498 | ---- | M] () -- C:\Users\Public\Desktop\Total War Attila.lnk
[2015-02-20 20:42:36 | 000,001,233 | ---- | M] () -- E:\Users\Adrian\Desktop\Origianl Sin.lnk
[2015-02-20 15:13:33 | 000,344,065 | ---- | M] () -- E:\Users\Adrian\Desktop\12.mp3
[2015-02-20 15:12:02 | 002,346,872 | ---- | M] () -- E:\Users\Adrian\Desktop\24 Blood Theme.mp3
[2015-02-20 10:02:38 | 000,000,664 | ---- | M] () -- E:\Users\Adrian\Desktop\e-pity 2014 - program, pity roczne, e-deklaracje.lnk
[2015-02-19 20:04:52 | 000,104,619 | ---- | M] () -- E:\Users\Adrian\Desktop\laura.jpg
[2015-02-18 14:19:55 | 000,007,889 | ---- | M] () -- C:\Windows\BRRBCOM.INI
[2015-02-17 15:43:32 | 000,442,884 | ---- | M] () -- E:\Users\Adrian\Desktop\zwolnienie Aneta Parafianowicz.jpg
[2015-02-14 16:51:13 | 000,830,782 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2015-02-14 16:51:13 | 000,744,170 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015-02-14 16:51:13 | 000,192,542 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2015-02-14 16:51:13 | 000,158,260 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015-02-14 16:51:12 | 001,928,800 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015-02-13 02:17:43 | 006,041,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015-02-13 02:17:43 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015-02-13 02:17:43 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015-02-12 00:15:09 | 001,239,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aitstatic.exe
[2015-02-12 00:15:09 | 001,098,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015-02-12 00:15:09 | 000,894,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015-02-12 00:15:09 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015-02-12 00:15:09 | 000,609,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015-02-12 00:15:09 | 000,414,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015-02-12 00:15:09 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015-02-12 00:15:09 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015-02-12 00:14:28 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015-02-12 00:14:11 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015-02-12 00:14:11 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015-02-12 00:14:11 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015-02-12 00:14:11 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015-02-12 00:14:11 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015-02-12 00:14:11 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015-02-12 00:14:11 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015-02-12 00:14:10 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015-02-12 00:14:10 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015-02-12 00:14:10 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015-02-12 00:14:10 | 000,718,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015-02-12 00:14:10 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015-02-12 00:14:10 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015-02-12 00:14:10 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015-02-12 00:14:10 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015-02-12 00:14:10 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015-02-12 00:14:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015-02-12 00:14:10 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015-02-12 00:14:10 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015-02-12 00:14:10 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015-02-12 00:14:10 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015-02-12 00:14:10 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015-02-12 00:14:10 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015-02-12 00:14:09 | 002,125,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015-02-12 00:14:09 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015-02-12 00:14:09 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015-02-12 00:14:09 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015-02-12 00:14:09 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015-02-12 00:14:09 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015-02-12 00:14:09 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015-02-12 00:14:09 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015-02-12 00:14:09 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015-02-12 00:14:05 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2015-02-12 00:13:36 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015-02-12 00:13:36 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015-02-12 00:13:36 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015-02-12 00:13:36 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015-02-12 00:13:36 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015-02-12 00:13:36 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015-02-12 00:13:36 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015-02-12 00:13:36 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015-02-12 00:13:36 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015-02-12 00:13:36 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015-02-12 00:13:36 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015-02-12 00:13:36 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015-02-12 00:13:19 | 001,480,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015-02-12 00:13:19 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015-02-12 00:13:06 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2015-02-12 00:13:03 | 003,722,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2015-02-12 00:13:03 | 003,221,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2015-02-12 00:13:03 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2015-02-12 00:12:36 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2015-02-12 00:12:36 | 000,308,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2015-02-12 00:06:46 | 005,554,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015-02-12 00:06:46 | 003,972,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015-02-12 00:06:46 | 003,917,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015-02-12 00:06:46 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015-02-12 00:06:46 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015-02-12 00:06:46 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015-02-11 16:19:56 | 002,563,919 | ---- | M] () -- E:\Users\Adrian\Desktop\Divinity Original Sin - Main Menu Theme.mp3
[2015-02-10 23:01:58 | 003,174,556 | ---- | M] () -- E:\Users\Adrian\Desktop\Video - Wszystko Jedno + tekst piosenki.mp3
[2015-02-10 13:29:40 | 003,816,125 | ---- | M] () -- E:\Users\Adrian\Desktop\Sam Smith - I'm Not The Only One (Official Audio).mp3
[2015-02-09 00:24:43 | 000,000,941 | ---- | M] () -- E:\Users\Adrian\Desktop\Fifa 15.lnk
[2015-02-08 20:22:58 | 000,001,182 | ---- | M] () -- E:\Users\Adrian\Desktop\Dying light.lnk
[2015-02-08 20:18:42 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle.lnk
[2015-02-06 18:51:09 | 000,000,970 | ---- | M] () -- E:\Users\Adrian\Desktop\Dragon Age.lnk
[2015-02-06 11:56:08 | 000,000,959 | ---- | M] () -- E:\Users\Adrian\Desktop\Cheat Engine.lnk
[2015-02-04 17:22:33 | 103,857,397 | ---- | M] () -- E:\Users\Adrian\Desktop\Dragon_Age_-_Inquisition_-_atlas_-_Poradnik_GRY-OnLine.pdf
[2015-01-30 14:03:05 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\AIMP3.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2015-03-01 12:17:20 | 000,002,261 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015-02-28 11:35:01 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015-02-24 22:34:33 | 000,001,968 | ---- | C] () -- E:\Users\Adrian\Desktop\JDownloader 2.lnk
[2015-02-20 21:16:50 | 000,000,512 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2015-02-20 21:10:26 | 000,001,498 | ---- | C] () -- C:\Users\Public\Desktop\Total War Attila.lnk
[2015-02-20 15:13:33 | 000,344,065 | ---- | C] () -- E:\Users\Adrian\Desktop\12.mp3
[2015-02-20 15:11:57 | 002,346,872 | ---- | C] () -- E:\Users\Adrian\Desktop\24 Blood Theme.mp3
[2015-02-20 10:02:38 | 000,000,664 | ---- | C] () -- E:\Users\Adrian\Desktop\e-pity 2014 - program, pity roczne, e-deklaracje.lnk
[2015-02-20 10:02:38 | 000,000,664 | ---- | C] () -- E:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\e-pity 2014 - program, pity roczne, e-deklaracje.lnk
[2015-02-19 20:04:51 | 000,104,619 | ---- | C] () -- E:\Users\Adrian\Desktop\laura.jpg
[2015-02-17 15:43:22 | 000,442,884 | ---- | C] () -- E:\Users\Adrian\Desktop\zwolnienie Aneta Parafianowicz.jpg
[2015-02-11 16:19:49 | 002,563,919 | ---- | C] () -- E:\Users\Adrian\Desktop\Divinity Original Sin - Main Menu Theme.mp3
[2015-02-11 16:14:16 | 000,001,233 | ---- | C] () -- E:\Users\Adrian\Desktop\Origianl Sin.lnk
[2015-02-10 23:01:52 | 003,174,556 | ---- | C] () -- E:\Users\Adrian\Desktop\Video - Wszystko Jedno + tekst piosenki.mp3
[2015-02-10 13:29:14 | 003,816,125 | ---- | C] () -- E:\Users\Adrian\Desktop\Sam Smith - I'm Not The Only One (Official Audio).mp3
[2015-02-09 00:24:22 | 000,000,941 | ---- | C] () -- E:\Users\Adrian\Desktop\Fifa 15.lnk
[2015-02-08 22:04:36 | 000,814,347 | ---- | C] () -- E:\Users\Adrian\Desktop\Plan.pdf
[2015-02-08 20:22:58 | 000,001,182 | ---- | C] () -- E:\Users\Adrian\Desktop\Dying light.lnk
[2015-02-08 20:18:42 | 000,000,991 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle.lnk
[2015-02-06 18:50:46 | 000,000,970 | ---- | C] () -- E:\Users\Adrian\Desktop\Dragon Age.lnk
[2015-02-06 11:56:08 | 000,000,959 | ---- | C] () -- E:\Users\Adrian\Desktop\Cheat Engine.lnk
[2015-02-04 17:19:17 | 103,857,397 | ---- | C] () -- E:\Users\Adrian\Desktop\Dragon_Age_-_Inquisition_-_atlas_-_Poradnik_GRY-OnLine.pdf
[2015-01-25 23:44:16 | 000,003,298 | ---- | C] () -- E:\Users\Adrian\AppData\Local\recently-used.xbel
[2014-12-02 15:04:41 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2014-11-20 21:35:00 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014-10-09 09:05:56 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2014-10-09 09:05:56 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2014-10-08 09:46:45 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014-08-20 12:14:47 | 000,007,889 | ---- | C] () -- C:\Windows\BRRBCOM.INI
[2014-08-20 12:14:47 | 000,007,818 | ---- | C] () -- C:\Windows\BROPJ132W.INI
[2014-08-20 12:14:08 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2014-08-20 12:14:08 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2014-08-17 18:47:33 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2014-07-12 10:41:53 | 000,000,860 | ---- | C] () -- C:\Windows\client.config.ini
[2014-07-09 11:25:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014-06-05 12:53:26 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2014-05-03 16:37:26 | 001,014,400 | ---- | C] () -- E:\Users\Adrian\CCF20140503_00000.jpg
[2014-04-18 03:22:56 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014-04-18 03:22:56 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014-04-18 02:25:52 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014-04-18 02:25:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014-03-01 01:39:40 | 000,027,116 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2014-03-01 01:39:34 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2014-03-01 00:23:32 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2014-03-01 00:20:56 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2014-03-01 00:06:00 | 000,321,512 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2014-03-01 00:06:00 | 000,056,509 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2014-02-28 23:48:26 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2014-02-28 23:48:16 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[2014-02-22 01:17:57 | 000,049,664 | ---- | C] () -- E:\Users\Adrian\AppData\Roaming\csr.exe
[2014-02-22 01:17:29 | 000,007,621 | ---- | C] () -- E:\Users\Adrian\AppData\Local\Resmon.ResmonCfg
[2014-02-22 01:17:29 | 000,000,127 | ---- | C] () -- E:\Users\Adrian\AppData\Local\SC2UIChanger.ini
[2014-02-22 01:17:28 | 000,000,934 | ---- | C] () -- E:\Users\Adrian\Desktop.lnk
[2014-02-22 01:17:28 | 000,000,639 | ---- | C] () -- E:\Users\Adrian\chrome.lnk
[2014-02-22 01:17:28 | 000,000,058 | ---- | C] () -- E:\Users\Adrian\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2014-02-03 22:35:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2013-12-30 15:02:11 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013-08-15 11:11:24 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2013-08-13 08:56:14 | 000,218,200 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013-06-26 21:08:17 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2013-03-11 20:00:56 | 000,000,025 | ---- | C] () -- C:\Windows\emcore.INI
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-08-14 00:47:52 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-08-14 00:47:52 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2014-08-17 12:51:52 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\2K Sports
[2015-03-01 12:21:50 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\AIMP3
[2014-12-02 15:11:30 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\AMD
[2014-02-22 01:17:58 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\AVG2013
[2014-05-17 12:52:22 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\AVG2014
[2014-02-22 01:17:58 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Avnex
[2014-08-13 14:37:47 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Battle.net
[2014-02-22 01:17:58 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\BESTplayer
[2014-06-14 15:10:14 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Bioshock
[2014-02-22 01:17:59 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Bitcoin
[2014-02-22 01:17:59 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\BITS
[2014-08-28 16:13:38 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\calibre
[2014-02-22 01:17:59 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Canneverbe Limited
[2015-02-20 10:02:40 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\com.efile.epity2014
[2014-10-21 19:08:54 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\ControlCenter4
[2015-03-01 12:21:51 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\DAEMON Tools Lite
[2014-02-22 01:18:00 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\DassaultSystemes
[2014-02-22 01:18:01 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Dev-Cpp
[2014-02-22 01:18:01 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\DonationCoder
[2014-02-22 01:18:01 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\EDrawings
[2015-02-11 13:19:34 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\EurekaLog
[2015-02-23 18:22:12 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\fillUp
[2013-03-11 20:00:37 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\FlashgetSetup
[2014-02-22 01:18:03 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Gadu-Gadu 10
[2014-02-22 01:18:03 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\GG
[2014-02-22 01:18:03 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\GOG
[2014-05-17 12:50:14 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Golden Software
[2014-02-22 01:18:03 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\ImgBurn
[2015-03-01 12:21:50 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\inkscape
[2014-06-22 09:51:13 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\ipla
[2014-02-01 16:42:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Kits
[2014-02-22 01:18:04 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Leadertech
[2014-07-09 11:23:56 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\library_dir
[2014-02-22 01:18:04 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\LolClient
[2014-02-22 01:18:04 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\LRDon
[2014-12-09 17:12:48 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Luxology
[2014-02-22 01:18:06 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\MKKE
[2014-08-18 20:30:08 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Mobipocket
[2014-06-02 08:36:54 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\MPC-HC
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Mumble
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\NapiProjekt
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\OBS
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\OnLive App
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Opera
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Origin
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\PDF Architect
[2014-06-17 13:33:55 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\PDF Architect 2
[2014-08-28 15:08:17 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\pdftoepub
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\PhotoFiltre 7
[2014-05-17 12:50:17 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Polar Engineering
[2013-08-13 09:06:12 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Publish Providers
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\raidcall
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Remere's Map Editor
[2014-08-02 08:28:29 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\RIFT
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Riot Games
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Softland
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\SolidDocuments
[2014-02-22 01:18:09 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Sony
[2014-02-22 01:18:09 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\SplitMediaLabs
[2014-10-04 08:31:38 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Steam
[2013-07-24 01:31:11 | 000,000,000 | RHSD | M] -- E:\Users\Adrian\AppData\Roaming\System32
[2015-02-20 21:12:51 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\The Creative Assembly
[2014-02-22 01:18:09 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Theta
[2015-01-04 15:12:10 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Tibia
[2014-02-22 01:18:11 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Tibiacast
[2015-03-01 12:21:50 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\TS3Client
[2014-02-22 01:18:12 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\TuneUp Software
[2015-02-08 20:18:44 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Tunngle
[2014-04-02 16:38:24 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Unity
[2015-03-01 12:21:50 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\uTorrent
[2014-02-22 01:18:12 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\VOS
[2014-02-22 01:18:12 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\WordToPDF
[2014-02-22 01:18:12 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\XROALY
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]< C:\*.* >[/color]
[2013-05-21 07:41:27 | 000,008,447 | ---- | M] () -- C:\AutoMapaSetupLog.txt
[2013-12-28 11:23:37 | 000,024,150 | ---- | M] () -- C:\autoupdate.log
[2014-11-24 22:15:42 | 000,037,921 | ---- | M] () -- C:\dump.txt
[2013-01-01 23:19:47 | 000,002,120 | ---- | M] () -- C:\scu.dat
[2012-10-12 21:22:05 | 000,003,246 | ---- | M] () -- C:\shared.log
[2013-08-19 18:55:12 | 000,007,650 | ---- | M] () -- C:\test.log
[2009-07-14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009-07-14 06:08:49 | 000,032,604 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013-12-29 14:00:27 | 000,001,044 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013-12-29 14:00:28 | 000,001,048 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014-06-05 12:53:26 | 000,000,202 | ---- | C] () -- C:\Windows\Tasks\AutoKMS.job
[2014-06-05 12:53:26 | 000,000,202 | ---- | C] () -- C:\Windows\Tasks\AutoKMSDaily.job
[2015-02-28 11:35:01 | 000,000,930 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
 
[color=#A23BEC]< D:\*.* >[/color]
[2012-08-07 15:34:26 | 000,000,528 | R--- | M] () -- D:\MediaID.bin
[2015-03-01 12:37:34 | 2147,483,647 | -HS- | M] () -- D:\pagefile.sys
[2014-01-02 00:33:20 | 000,000,029 | ---- | M] () -- D:\ValveUnhandledExceptionFilter.txt
 
[color=#A23BEC]< E:\*.* >[/color]
[2012-08-15 00:44:38 | 001,128,175 | ---- | M] () -- E:\20120815_014438.jpg
[2006-12-01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- E:\msdia80.dll
[2014-08-07 17:02:51 | 3292,834,129 | ---- | M] () -- E:\Zdjecia(wszystkie).rar
[1 E:\*.tmp files -> E:\*.tmp -> ]
 
[color=#A23BEC]< F:\*.* >[/color]
 
[color=#A23BEC]< G:\*.* >[/color]
 
[color=#A23BEC]< H:\*.* >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
 
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2014-08-17 12:51:52 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\2K Sports
[2014-02-22 01:17:57 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Adobe
[2015-03-01 12:21:50 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\AIMP3
[2014-12-02 15:11:30 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\AMD
[2014-02-22 01:17:58 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Apple Computer
[2014-02-22 01:17:58 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\ATI
[2014-02-22 01:17:58 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\AVG2013
[2014-05-17 12:52:22 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\AVG2014
[2014-02-22 01:17:58 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Avnex
[2014-08-13 14:37:47 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Battle.net
[2014-02-22 01:17:58 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\BESTplayer
[2014-06-14 15:10:14 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Bioshock
[2014-02-22 01:17:59 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Bitcoin
[2014-02-22 01:17:59 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\BITS
[2014-02-22 01:17:59 | 000,000,000 | R--D | M] -- E:\Users\Adrian\AppData\Roaming\Brother
[2014-08-28 16:13:38 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\calibre
[2014-02-22 01:17:59 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Canneverbe Limited
[2015-02-20 10:02:40 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\com.efile.epity2014
[2014-10-21 19:08:54 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\ControlCenter4
[2015-02-20 20:50:22 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Corel
[2015-03-01 12:21:51 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\DAEMON Tools Lite
[2014-02-22 01:18:00 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\DassaultSystemes
[2014-02-22 01:18:01 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Dev-Cpp
[2014-02-22 01:18:01 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\DonationCoder
[2014-08-06 08:44:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\dvdcss
[2014-02-22 01:18:01 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\EDrawings
[2015-02-11 13:19:34 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\EurekaLog
[2015-02-23 18:22:12 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\fillUp
[2013-03-11 20:00:37 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\FlashgetSetup
[2014-02-22 01:18:03 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Gadu-Gadu 10
[2014-02-22 01:18:03 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\GG
[2014-02-22 01:18:03 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\GOG
[2014-05-17 12:50:14 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Golden Software
[2014-02-22 01:18:03 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\help_images_otherUI
[2014-02-22 01:18:03 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Identities
[2014-02-22 01:18:03 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\ImgBurn
[2015-03-01 12:21:50 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\inkscape
[2014-02-22 01:18:03 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\InstallShield
[2014-06-22 09:51:13 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\ipla
[2014-02-01 16:42:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Kits
[2014-02-22 01:18:04 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Leadertech
[2014-07-09 11:23:56 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\library_dir
[2014-02-22 01:18:04 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\LolClient
[2014-02-22 01:18:04 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\LRDon
[2014-12-09 17:12:48 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Luxology
[2014-02-22 01:18:04 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Macromedia
[2014-08-28 18:13:21 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Malwarebytes
[2010-11-21 08:16:41 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Media Center Programs
[2013-11-10 00:50:24 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Media Player Classic
[2014-02-22 01:18:06 | 000,000,000 | --SD | M] -- E:\Users\Adrian\AppData\Roaming\Microsoft
[2014-02-22 01:18:06 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\MKKE
[2014-08-18 20:30:08 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Mobipocket
[2014-02-22 01:18:06 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Mozilla
[2014-06-02 08:36:54 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\MPC-HC
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Mumble
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\NapiProjekt
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\OBS
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\OnLive App
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Opera
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Origin
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\PDF Architect
[2014-06-17 13:33:55 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\PDF Architect 2
[2014-08-28 15:08:17 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\pdftoepub
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\PhotoFiltre 7
[2014-05-17 12:50:17 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Polar Engineering
[2013-08-13 09:06:12 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Publish Providers
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\raidcall
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Remere's Map Editor
[2014-08-02 08:28:29 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\RIFT
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Riot Games
[2015-03-01 12:39:22 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Skype
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Softland
[2014-02-22 01:18:07 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\SolidDocuments
[2014-12-02 15:10:33 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\SolidWorks
[2014-02-22 01:18:09 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\SolidWorks 2013
[2015-01-25 22:42:29 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\SolidWorks 2014
[2014-02-22 01:18:09 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\SolidWorks hotfix
[2014-02-22 01:18:09 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Sony
[2014-02-22 01:18:09 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\SplitMediaLabs
[2014-10-04 08:31:38 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Steam
[2013-07-24 01:31:11 | 000,000,000 | RHSD | M] -- E:\Users\Adrian\AppData\Roaming\System32
[2015-02-20 21:12:51 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\The Creative Assembly
[2014-02-22 01:18:09 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Theta
[2015-01-04 15:12:10 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Tibia
[2014-02-22 01:18:11 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Tibiacast
[2015-03-01 12:21:50 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\TS3Client
[2014-02-22 01:18:12 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\TuneUp Software
[2015-02-08 20:18:44 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Tunngle
[2014-04-02 16:38:24 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Unity
[2015-03-01 12:21:50 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\uTorrent
[2014-02-22 01:18:12 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\Ventrilo
[2015-03-01 11:23:27 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\vlc
[2014-02-22 01:18:12 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\VOS
[2014-02-22 01:18:12 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\WinRAR
[2014-02-22 01:18:12 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\WordToPDF
[2014-02-22 01:18:12 | 000,000,000 | ---D | M] -- E:\Users\Adrian\AppData\Roaming\XROALY
 
[color=#A23BEC]< %SYSTEMDRIVE%\*. /mp /s >[/color]
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
 
[color=#A23BEC]< MD5 for: BEEP.SYS  >[/color]
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2011-05-11 17:05:56 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011-05-11 17:05:56 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011-05-11 17:05:56 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011-05-11 17:05:56 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010-11-21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011-05-11 17:05:56 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011-05-11 17:05:56 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010-11-21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
[color=#A23BEC]< MD5 for: NTFS.SYS  >[/color]
[2010-11-21 04:23:55 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[2014-04-09 22:55:53 | 001,684,928 | ---- | M] (Microsoft Corporation) MD5=1A29A59A4C5BA6F8C85062A613B7E2B2 -- C:\Windows\SysNative\drivers\ntfs.sys
[2014-04-09 22:55:53 | 001,684,928 | ---- | M] (Microsoft Corporation) MD5=1A29A59A4C5BA6F8C85062A613B7E2B2 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.18378_none_045a363833b85029\ntfs.sys
[2014-04-09 22:55:53 | 001,684,416 | ---- | M] (Microsoft Corporation) MD5=48B6047F82D5A8D0AEC71593F4ACD79B -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22580_none_04d102ad4ce53e53\ntfs.sys
[2011-05-11 17:06:52 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys
[2011-05-11 17:06:52 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys
 
[color=#A23BEC]< MD5 for: SVCHOST.EXE  >[/color]
[2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014-11-21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009-07-14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009-07-14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2010-11-21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010-11-21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010-11-21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010-11-21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014-11-21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014-05-15 00:07:33 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014-05-15 00:07:33 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014-11-19 08:45:19 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014-11-19 08:45:19 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014-11-19 08:45:19 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
 
[color=#A23BEC]< %systemroot%\system32\ws2_32.dll /md5 >[/color]
[2010-11-21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\system32\ws2_32.dll
 
[color=#A23BEC]< %systemroot%\system32\kernel32.dll /md5 >[/color]
[2014-04-09 22:55:54 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=76161B9D78A275F8F28DD67436013110 -- C:\Windows\system32\kernel32.dll
 
[color=#A23BEC]< %systemroot%\system32\user32.dll /md5 >[/color]
[2012-08-07 14:39:31 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=861C4346F9281DC0380DE72C8D55D6BE -- C:\Windows\system32\user32.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.* /lockedfiles >[/color]
 
[color=#E56717]========== Restore Points Found ==========[/color]
 
[color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color]
[C:\Users\All Users] ->  -> Unknown point type
[C:\Windows\SoftwareDistribution] ->  -> Unknown point type
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 13633 bytes -> C:\Users\All Users\Kaspersky Lab\AVP13\Report:kisextended
@Alternate Data Stream - 13633 bytes -> C:\ProgramData\Kaspersky Lab\AVP13\Report:kisextended
 
< End of report >
 

[/log] 

Parafian12
komentarz
komentarz

FRST

Zayfi
komentarz
komentarz (edytowane)

Otwórz notatnik i wklej

  • Dobra wypowiedź 1
Parafian12
komentarz
komentarz (edytowane)

logi

@edit

sorry nie ten log dałem 

FIX dodany

Zayfi
komentarz
komentarz (edytowane)

gdzie masz raport fixlog.txt ?

 

Dałeś ten sam log z FRST po skanowaniu co w poście nr3

 

zrób nowy skan FRST i wstaw raport.

Parafian12
komentarz
komentarz

log

 

Zayfi
komentarz
komentarz

Dalej masz problem z reklamami?

  • Dobra wypowiedź 1
Parafian12
komentarz
komentarz

Nie, wszystkie problemy ustąpiły ;)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.