OTL logfile created on: 2013-05-20 22:04:45 - Run 7
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Bartek\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,99 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 58,63% Memory free
7,48 Gb Paging File | 6,06 Gb Available in Paging File | 81,02% Paging File free
Paging file location(s): c:\pagefile.sys 4599 4599 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,32 Gb Total Space | 14,82 Gb Free Space | 5,14% Space Free | Partition Type: NTFS
 
Computer Name: PECET-KOMPUTER | User Name: Pecet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-05-16 22:47:30 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
PRC - [2013-04-12 14:12:44 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013-04-04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013-02-10 05:20:39 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013-02-10 02:35:07 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013-02-10 02:35:07 | 000,866,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012-12-18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-12-13 22:56:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bartek\Desktop\OTL.exe
PRC - [2012-11-29 21:33:04 | 000,232,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2012-11-29 21:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2011-06-20 09:00:24 | 000,049,752 | ---- | M] () -- C:\Program Files\blueconnect\BackgroundService\ServiceManager.exe
PRC - [2011-02-23 17:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-01-12 15:32:06 | 000,866,576 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2011-01-12 15:13:16 | 000,481,552 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009-10-31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-07-14 03:14:46 | 000,115,200 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009-07-14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-14 03:14:41 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
PRC - [2009-07-14 03:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009-06-04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009-01-26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-05-16 22:47:30 | 016,033,160 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2013-04-12 14:12:43 | 003,133,336 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2013-05-16 22:47:30 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-04-12 14:12:43 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013-02-10 05:20:39 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013-02-05 17:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012-12-18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-11-29 21:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2011-08-21 23:56:00 | 003,928,736 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2011-06-20 09:00:24 | 000,049,752 | ---- | M] () [Auto | Running] -- C:\Program Files\blueconnect\BackgroundService\ServiceManager.exe -- (Modem Device Helper)
SRV - [2011-03-16 11:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011-02-23 17:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011-01-12 15:32:06 | 000,866,576 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2011-01-12 15:15:08 | 000,227,600 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2011-01-12 15:13:16 | 000,481,552 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2010-07-25 09:21:51 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-06-04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva401.sys -- (XDva401)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva398.sys -- (XDva398)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\NETw5s32.sys -- (NETw5s32)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\netbt.sys -- (NetBT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\system32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Pecet\AppData\Local\Temp\cpuz130\cpuz_x32.sys -- (cpuz130)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\config\SYSTEM~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (a2fy6en7)
DRV - [2013-04-13 10:07:18 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013-04-04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013-02-10 05:20:39 | 008,944,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012-12-19 07:41:53 | 000,154,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012-02-27 02:35:32 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2012-02-27 02:35:32 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011-12-08 06:22:34 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2011-12-08 06:22:34 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2011-12-08 06:22:34 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2011-12-08 06:22:34 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2011-06-20 09:00:46 | 000,106,112 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jrdusbser.sys -- (jrdusbser)
DRV - [2011-02-23 16:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-02-23 16:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-02-23 16:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-02-23 16:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-02-23 16:55:03 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011-02-23 16:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-01-19 12:28:11 | 007,087,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwNs32.sys -- (NETwNs32)
DRV - [2010-01-05 03:20:10 | 001,500,160 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2009-11-04 13:38:06 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009-09-29 08:51:10 | 000,166,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009-07-14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009-07-14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009-07-14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2007-08-13 04:48:45 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2006-11-01 14:42:14 | 000,033,280 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=BA6100216BCD2263
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=Hitachi_HTS545032B9A300_090313PB0301QKG50Z3AX&ts=1358886632
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.b1.org/?bsrc=hmior&chid=c167991
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = 
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.b1.org/?bsrc=hmior&chid=c167991
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://searchou.com/?id=ba612d8800000000000000216bcd2263
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\..\SearchScopes,DefaultScope = {68B98452-5FF4-4BD9-B5C3-618CBDCC411D}
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\..\SearchScopes\${searchCLSID}: "URL" = http://search.yahoo.com/search?fr=megaup&p={searchTerms}
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=BA6100216BCD2263
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://tbsearch.ask.com/redirect?client=ie&tb=UT2V5&o=15158&src=crm&q={searchTerms}&locale=en_US
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\..\SearchScopes\{68B98452-5FF4-4BD9-B5C3-618CBDCC411D}: "URL" = http://searchou.com/?q={searchTerms}&id=ba612d8800000000000000216bcd2263&r=377
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:60646
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=BA6100216BCD2263"
FF - prefs.js..extensions.enabledAddons: %7B76063e7f-3558-4b68-8287-54eb6512adc0%7D:2.8.0
FF - prefs.js..extensions.enabledAddons: %7B7fb9a47c-8237-47dd-a247-bf2cb7f07e2a%7D:2.5.1
FF - prefs.js..extensions.enabledAddons: %7B34712C68-7391-4c47-94F3-8F88D49AD632%7D:1.3.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pecet\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pecet\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-03-13 09:44:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-23 12:32:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-02-27 01:08:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-04-12 14:12:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-03-11 15:20:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-04-12 14:12:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-03-11 15:20:18 | 000,000,000 | ---D | M]
 
[2012-05-10 20:05:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pecet\AppData\Roaming\mozilla\Extensions
[2013-04-18 16:52:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pecet\AppData\Roaming\mozilla\Firefox\Profiles\n2hgdq41.default\extensions
[2013-04-06 09:42:43 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\Pecet\AppData\Roaming\mozilla\Firefox\Profiles\n2hgdq41.default\extensions\ffxtlbr@delta.com
[2013-04-08 16:05:23 | 000,000,000 | ---D | M] (MagnIPic) -- C:\Users\Pecet\AppData\Roaming\mozilla\Firefox\Profiles\n2hgdq41.default\extensions\ioylxg@aaidf.net
[2013-04-18 16:52:15 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Pecet\AppData\Roaming\mozilla\Firefox\Profiles\n2hgdq41.default\extensions\plugin@yontoo.com
[2013-04-18 16:52:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pecet\AppData\Roaming\mozilla\Firefox\Profiles\ogrx41qn.default\extensions
[2010-06-06 13:18:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pecet\AppData\Roaming\mozilla\Firefox\Profiles\ogrx41qn.default\extensions\foxyproxy@eric.h.jung
[2013-04-18 16:52:15 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Pecet\AppData\Roaming\mozilla\Firefox\Profiles\ogrx41qn.default\extensions\plugin@yontoo.com
[2013-04-11 17:54:38 | 000,197,614 | ---- | M] () (No name found) -- C:\Users\Pecet\AppData\Roaming\mozilla\firefox\profiles\n2hgdq41.default\extensions\ftdownloader3@ftdownloader.com.xpi
[2012-05-10 23:10:21 | 000,106,705 | ---- | M] () (No name found) -- C:\Users\Pecet\AppData\Roaming\mozilla\firefox\profiles\n2hgdq41.default\extensions\{76063e7f-3558-4b68-8287-54eb6512adc0}.xpi
[2012-05-10 23:10:21 | 000,331,610 | ---- | M] () (No name found) -- C:\Users\Pecet\AppData\Roaming\mozilla\firefox\profiles\n2hgdq41.default\extensions\{7fb9a47c-8237-47dd-a247-bf2cb7f07e2a}.xpi
[2013-05-05 08:51:16 | 000,006,471 | ---- | M] () -- C:\Users\Pecet\AppData\Roaming\mozilla\firefox\profiles\n2hgdq41.default\searchplugins\babylon.xml
[2013-05-05 08:51:16 | 000,006,471 | ---- | M] () -- C:\Users\Pecet\AppData\Roaming\mozilla\firefox\profiles\n2hgdq41.default\searchplugins\BrowserProtect.xml
[2013-04-06 09:42:47 | 000,001,294 | ---- | M] () -- C:\Users\Pecet\AppData\Roaming\mozilla\firefox\profiles\n2hgdq41.default\searchplugins\delta.xml
[2013-04-08 16:05:00 | 000,001,378 | ---- | M] () -- C:\Users\Pecet\AppData\Roaming\mozilla\firefox\profiles\n2hgdq41.default\searchplugins\privitize.xml
[2013-04-06 09:42:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-02-19 18:26:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013-04-06 09:42:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2013-02-27 01:08:52 | 000,000,000 | ---D | M] (RealDownloader) -- C:\PROGRAMDATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
[2013-04-12 14:12:44 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013-02-27 01:08:19 | 000,124,056 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2013-02-19 18:27:08 | 000,002,980 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2013-02-19 18:27:08 | 000,001,619 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2013-02-19 18:27:08 | 000,001,130 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2013-02-19 18:27:08 | 000,001,071 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2013-02-19 18:27:08 | 000,001,396 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2013-02-19 18:27:08 | 000,001,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = http://www.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=BA6100216BCD2263
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - Extension: No name found = C:\Users\Pecet\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn\3.0_0\
CHR - Extension: Delta Toolbar = C:\Users\Pecet\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\
CHR - Extension: RealDownloader = C:\Users\Pecet\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
 
O1 HOSTS File: ([2013-05-20 21:48:26 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKU\S-1-5-21-3441852442-2004521568-503359352-1012..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 1
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 1
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSearchEverywhereLinkInStartMenu = 1
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMorePrograms = 0
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 1
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 1
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserFolderlnStartMenu = 1
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSearchPrograms = 1
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSearchFiles = 1
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 1
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 1
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 1
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuNetworkPlaces  = 1
O7 - HKU\S-1-5-21-3441852442-2004521568-503359352-1012\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Pobierz za pomocą Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.158.199.1 213.158.199.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{777454E9-B3E8-46D5-8DC1-66B28C69E8A5}: DhcpNameServer = 213.158.199.1 213.158.199.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F85B2C29-2ABD-4769-A4C8-D4B465B11FAC}: DhcpNameServer = 192.168.214.1 91.224.217.222
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\PROGRA~2\BROWSE~1\261249~1.132\{C16C1~1\BrowserProtect.dll) - c:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3441852442-2004521568-503359352-1001 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-05-20 21:52:34 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013-05-20 21:52:34 | 000,000,000 | ---D | C] -- C:\Users\Pecet\AppData\Local\temp
[2013-05-20 21:48:29 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013-05-20 21:27:23 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013-05-19 13:11:01 | 000,000,000 | -HSD | C] -- C:\Windows\%APPDATA%
[2013-05-08 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Pecet\Documents\Pyro Studios
[2013-05-08 19:39:56 | 000,000,000 | ---D | C] -- C:\Users\Pecet\AppData\Local\B1E
[2013-05-08 19:39:53 | 000,000,000 | ---D | C] -- C:\Users\Pecet\AppData\Roaming\B1Toolbar
[2013-05-08 19:14:52 | 000,441,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3drm16f.dll
[2013-05-08 19:14:52 | 000,439,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3drm8f.dll
[2013-05-08 19:14:52 | 000,255,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3drm.dll
[2013-05-08 19:14:52 | 000,187,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3drg16f.dll
[2013-05-08 19:14:52 | 000,186,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3drg8f.dll
[2013-05-08 19:14:52 | 000,131,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3drg24f.dll
[2013-05-08 19:14:52 | 000,130,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3drg32f.dll
[2013-05-08 19:14:52 | 000,118,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dhalf.dll
[2013-05-08 19:14:52 | 000,112,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3drm24f.dll
[2013-05-08 19:14:52 | 000,111,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3drm32f.dll
[2013-05-08 19:14:52 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3drgbf.dll
[2013-05-08 19:14:52 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3drampf.dll
[2013-05-08 19:14:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos Interactive
[2013-05-08 19:14:30 | 000,000,000 | ---D | C] -- C:\Users\Pecet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eidos Interactive
[2013-05-08 19:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\Eidos Interactive
[2013-05-08 19:13:30 | 000,283,648 | ---- | C] (Stirling Technologies, Inc.) -- C:\Windows\uninst.exe
[2013-05-08 19:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pyro Studios
[2013-05-08 19:09:46 | 000,000,000 | ---D | C] -- C:\Program Files\commandos
[2013-05-08 19:02:20 | 000,000,000 | ---D | C] -- C:\Commandos Behind Enemy Lines [PL]
[2013-05-08 18:43:06 | 000,000,000 | ---D | C] -- C:\behind enemy lines
[2013-05-07 12:51:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[2013-05-07 12:51:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions
[2013-05-07 12:34:03 | 000,000,000 | ---D | C] -- C:\larry7
[2013-05-07 11:46:55 | 000,000,000 | ---D | C] -- C:\commandos2
[2013-05-07 11:24:32 | 000,000,000 | ---D | C] -- C:\commandos call of duty
[2013-05-07 11:23:47 | 000,000,000 | ---D | C] -- C:\commandos3
[2013-05-07 11:19:07 | 000,000,000 | ---D | C] -- C:\commandos
[2013-04-30 06:17:33 | 000,000,000 | ---D | C] -- C:\Users\Pecet\Desktop\4FunMt2
[2013-04-29 21:46:04 | 000,000,000 | ---D | C] -- C:\Users\Pecet\Desktop\MoltenMT2
[2013-04-29 15:53:29 | 000,000,000 | ---D | C] -- C:\Users\Pecet\Desktop\XenoXMT2client_11.02.2012r_by_Pawemol
[2013-04-25 08:41:12 | 000,000,000 | ---D | C] -- C:\Users\Pecet\Desktop\PandoraMT2
[2013-04-24 19:11:56 | 000,000,000 | ---D | C] -- C:\Users\Pecet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystiqe
[2013-04-24 19:11:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mystiqe
[2012-12-23 12:34:39 | 000,349,176 | ---- | C] (AVAST Software) -- C:\Program Files\ashBase.dll
[2012-03-19 15:21:14 | 000,036,864 | ---- | C] (Blizzard North) -- C:\Program Files\Diablo II.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-05-20 22:05:56 | 000,836,524 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2013-05-20 22:05:56 | 000,692,304 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-05-20 22:05:56 | 000,189,556 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2013-05-20 22:05:56 | 000,153,090 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-05-20 22:00:03 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-05-20 21:59:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-05-20 21:59:07 | 2411,855,872 | -HS- | M] () -- C:\hiberfil.sys
[2013-05-20 21:48:26 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013-05-20 19:28:01 | 000,017,632 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-05-20 19:28:01 | 000,017,632 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-05-19 06:47:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3441852442-2004521568-503359352-1001UA.job
[2013-05-19 06:47:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-05-19 05:50:13 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-05-18 03:47:00 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3441852442-2004521568-503359352-1001Core.job
[2013-05-17 15:15:13 | 000,002,432 | ---- | M] () -- C:\Users\Pecet\AppData\Local\TempAT1284.html
[2013-05-17 15:15:13 | 000,002,089 | ---- | M] () -- C:\Users\Pecet\AppData\Local\TempTp1284.html
[2013-05-16 22:47:30 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013-05-16 22:47:30 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013-05-14 11:37:28 | 000,002,432 | ---- | M] () -- C:\Users\Pecet\AppData\Local\TempzG3512.html
[2013-05-13 03:21:03 | 000,002,432 | ---- | M] () -- C:\Users\Pecet\AppData\Local\Tempyd2496.html
[2013-05-13 03:21:03 | 000,002,089 | ---- | M] () -- C:\Users\Pecet\AppData\Local\Tempud2496.html
[2013-05-09 12:04:50 | 000,001,269 | ---- | M] () -- C:\Users\Pecet\Desktop\comandos — skrót.lnk
[2013-05-08 19:39:56 | 000,000,047 | ---- | M] () -- C:\chid
[2013-05-08 19:10:29 | 000,001,700 | ---- | M] () -- C:\Users\Public\Desktop\Commandos, Behind Enemy Lines.lnk
[2013-05-08 18:44:17 | 1854,628,528 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013-05-07 11:49:19 | 000,002,330 | ---- | M] () -- C:\Users\Pecet\Desktop\Google Chrome.lnk
[2013-04-25 10:20:37 | 000,000,993 | ---- | M] () -- C:\Users\Pecet\Desktop\metin2mod_2011sf — skrót.lnk
[2013-04-25 08:40:59 | 779,196,051 | ---- | M] () -- C:\Users\Pecet\Desktop\PandoraMT2.zip
[2013-04-24 19:25:50 | 000,001,853 | ---- | M] () -- C:\Users\Pecet\Desktop\Mystiqe.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-05-17 15:15:13 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempAT1284.html
[2013-05-17 15:15:13 | 000,002,089 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempTp1284.html
[2013-05-13 22:19:02 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempzG3512.html
[2013-05-11 19:22:36 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\Tempyd2496.html
[2013-05-11 19:22:36 | 000,002,089 | ---- | C] () -- C:\Users\Pecet\AppData\Local\Tempud2496.html
[2013-05-09 12:04:50 | 000,001,269 | ---- | C] () -- C:\Users\Pecet\Desktop\comandos — skrót.lnk
[2013-05-08 19:39:56 | 000,000,047 | ---- | C] () -- C:\chid
[2013-05-08 19:14:53 | 000,000,797 | ---- | C] () -- C:\Windows\System32\d3d.reg
[2013-05-08 19:10:29 | 000,001,700 | ---- | C] () -- C:\Users\Public\Desktop\Commandos, Behind Enemy Lines.lnk
[2013-05-08 18:44:17 | 1854,628,528 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013-05-07 11:49:19 | 000,002,330 | ---- | C] () -- C:\Users\Pecet\Desktop\Google Chrome.lnk
[2013-04-25 10:20:37 | 000,000,993 | ---- | C] () -- C:\Users\Pecet\Desktop\metin2mod_2011sf — skrót.lnk
[2013-04-25 08:34:11 | 779,196,051 | ---- | C] () -- C:\Users\Pecet\Desktop\PandoraMT2.zip
[2013-04-24 19:11:56 | 000,001,853 | ---- | C] () -- C:\Users\Pecet\Desktop\Mystiqe.lnk
[2013-04-10 21:40:28 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempVK2132.html
[2013-04-10 21:40:28 | 000,002,089 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempPO2132.html
[2013-04-08 16:12:33 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempqK4900.html
[2013-04-08 16:12:33 | 000,002,089 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempyD4900.html
[2013-04-08 15:31:48 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\Tempho7704.html
[2013-04-08 15:31:48 | 000,002,089 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempUZ7704.html
[2013-04-03 18:41:10 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempSw2196.html
[2013-03-26 22:00:21 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempugR948.html
[2013-02-26 14:10:40 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempmO3860.html
[2013-02-26 14:10:40 | 000,002,089 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempXq3860.html
[2013-02-01 21:48:07 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempFp5484.html
[2013-01-31 17:59:00 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2013-01-25 00:38:26 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempPa3108.html
[2013-01-15 00:51:17 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\Temphj5236.html
[2013-01-14 14:21:11 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempNi3012.html
[2013-01-14 14:21:11 | 000,002,089 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempNx3012.html
[2013-01-13 11:40:36 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempuJ3316.html
[2013-01-13 01:48:34 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempTO6004.html
[2013-01-08 01:00:29 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempRXm992.html
[2013-01-06 14:53:07 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempR27844.html
[2013-01-06 14:53:07 | 000,002,089 | ---- | C] () -- C:\Users\Pecet\AppData\Local\Tempi27844.html
[2013-01-04 19:00:21 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\Tempql4336.html
[2013-01-04 19:00:21 | 000,002,089 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempiD4336.html
[2013-01-04 00:37:38 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\Tempbw5208.html
[2013-01-04 00:37:38 | 000,002,089 | ---- | C] () -- C:\Users\Pecet\AppData\Local\Tempmm5208.html
[2012-12-31 22:29:18 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempRP2668.html
[2012-12-23 11:37:46 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempPS4848.html
[2012-12-21 13:30:00 | 000,002,432 | ---- | C] () -- C:\Users\Pecet\AppData\Local\TempCg2920.html
[2012-12-11 23:31:40 | 000,022,984 | ---- | C] () -- C:\Users\Pecet\AppData\Roaming\suspectphoto.jpg
[2012-12-11 22:56:16 | 000,223,811 | ---- | C] () -- C:\Users\Pecet\AppData\Roaming\bg2.jpg
[2012-10-23 09:31:49 | 000,000,042 | ---- | C] () -- C:\Windows\fiscprn.ini
[2012-10-23 09:31:00 | 000,000,066 | ---- | C] () -- C:\Windows\mxreader.INI
[2012-10-23 09:30:15 | 000,000,836 | ---- | C] () -- C:\Windows\amhm.ini
[2012-10-23 09:29:54 | 000,101,888 | ---- | C] () -- C:\Windows\System32\BUTIL.DLL
[2012-10-23 09:29:54 | 000,002,055 | R--- | C] () -- C:\Windows\BTI.INI
[2012-08-24 02:05:22 | 000,000,115 | ---- | C] () -- C:\Windows\System32\getfiles.ini
[2012-08-24 02:04:45 | 000,003,072 | ---- | C] () -- C:\Windows\setwintitle.exe
[2012-08-23 22:28:03 | 000,000,431 | ---- | C] () -- C:\Users\Pecet\AppData\Roaming\Metin2_Multibot.cfg
[2012-03-01 17:48:48 | 000,036,539 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012-02-10 17:26:02 | 000,007,597 | ---- | C] () -- C:\Users\Pecet\AppData\Local\Resmon.ResmonCfg
[2012-02-06 01:26:46 | 000,624,640 | ---- | C] () -- C:\Windows\System32\GD.dll
[2012-02-06 01:26:46 | 000,204,866 | ---- | C] () -- C:\Windows\System32\MuGuard.dll
[2012-02-06 01:26:46 | 000,200,800 | ---- | C] () -- C:\Windows\System32\AntiHack.dll
[2012-01-11 21:37:07 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012-01-11 21:37:07 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012-01-11 21:37:07 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012-01-11 21:37:07 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012-01-11 21:37:07 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011-12-23 21:58:28 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011-12-23 21:58:24 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011-12-23 21:58:24 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011-12-23 21:58:24 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011-12-23 21:58:24 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011-10-05 01:17:18 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011-10-05 01:17:18 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010-06-21 09:35:24 | 000,000,093 | ---- | C] () -- C:\Users\Pecet\AppData\Local\fusioncache.dat
[2009-12-11 14:16:32 | 000,022,328 | ---- | C] () -- C:\Users\Pecet\AppData\Roaming\PnkBstrK.sys
[2009-10-13 16:35:45 | 000,146,944 | ---- | C] () -- C:\Users\Pecet\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010-02-18 09:34:01 | 012,867,072 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009-10-14 17:57:42 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Nowe Gadu-Gadu
[2009-10-07 17:51:45 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\OpenFM
[2010-10-06 19:24:24 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Opera
[2012-02-14 22:02:35 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Synaptics
[2010-10-06 19:14:57 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Tibia
[2013-05-08 19:39:53 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\B1Toolbar
[2013-04-06 09:42:51 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\BabSolution
[2013-04-06 09:42:05 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\Babylon
[2010-06-27 15:12:38 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\Bioshock
[2010-11-15 20:10:49 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\Black Sea Studios
[2009-11-04 13:57:14 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\DAEMON Tools
[2009-11-04 13:57:14 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\DAEMON Tools Lite
[2013-04-06 09:42:38 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\Delta
[2012-01-10 10:40:12 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\Gadu-Gadu 10
[2012-02-06 13:36:41 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\ipla
[2009-10-26 19:15:41 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\ITTerritory
[2009-09-29 09:20:50 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\Leadertech
[2011-10-26 21:39:48 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\LolClient
[2012-05-28 20:45:13 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\LolClient2
[2010-05-05 22:43:24 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\Nowe Gadu-Gadu
[2009-10-03 20:53:47 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\OpenFM
[2010-05-19 16:48:40 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\OpenOffice.org
[2012-12-02 13:21:29 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\Opera
[2012-10-23 09:30:20 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\Sage
[2012-01-16 13:52:34 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\Samsung
[2010-05-07 22:47:31 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\Soldat
[2012-01-11 23:57:51 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\Synaptics
[2012-01-16 13:55:14 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\Temp
[2013-04-13 23:17:10 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\TS3Client
[2013-05-13 03:21:03 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\uTorrent
[2012-02-27 02:07:04 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\XRay Engine
[2013-05-17 22:15:54 | 000,000,000 | ---D | M] -- C:\Users\Pecet\AppData\Roaming\Yontoo
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >