OTL logfile created on: 2013-10-21 16:32:00 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\sklep\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,87 Gb Total Physical Memory | 2,48 Gb Available Physical Memory | 86,41% Memory free 5,73 Gb Paging File | 5,35 Gb Available in Paging File | 93,44% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 282,38 Gb Total Space | 198,67 Gb Free Space | 70,35% Space Free | Partition Type: NTFS Drive D: | 15,42 Gb Total Space | 2,17 Gb Free Space | 14,05% Space Free | Partition Type: NTFS Drive E: | 4,32 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: SKLEP-HP | User Name: sklep | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-10-21 15:14:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sklep\Desktop\OTL.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-10-31 00:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2010-06-22 07:57:44 | 000,203,264 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2010-06-18 16:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service) SRV:[b]64bit:[/b] - [2010-06-17 15:54:20 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Stopped] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService) SRV:[b]64bit:[/b] - [2009-11-18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013-10-08 14:17:48 | 003,032,032 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe -- (BitGuard) SRV - [2013-08-02 09:29:03 | 000,218,624 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Multimedia mobilNET\UpdateDog\ouc.exe -- (Multimedia mobilNET. RunOuc) SRV - [2013-07-25 08:52:52 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-07-23 02:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE -- (BBUpdate) SRV - [2013-07-23 02:46:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE -- (BBSvc) SRV - [2013-06-26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2013-06-26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011-12-29 12:16:40 | 000,054,784 | ---- | M] (Macrovision) [Auto | Stopped] -- C:\Windows\SysWOW64\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA) SRV - [2010-11-16 15:38:16 | 000,339,456 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe) SRV - [2010-07-02 11:51:16 | 000,027,192 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC) SRV - [2010-04-13 09:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010-04-04 01:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2010-03-18 21:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010-03-18 21:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2013-08-02 09:29:03 | 000,421,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb) DRV:[b]64bit:[/b] - [2013-08-02 09:29:03 | 000,221,312 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:[b]64bit:[/b] - [2013-08-02 09:29:03 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:[b]64bit:[/b] - [2013-06-26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:[b]64bit:[/b] - [2013-06-26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:[b]64bit:[/b] - [2013-06-26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:[b]64bit:[/b] - [2013-06-26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:[b]64bit:[/b] - [2012-10-31 00:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2012-10-31 00:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2012-10-31 00:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2012-10-31 00:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2012-10-31 00:51:55 | 000,021,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd) DRV:[b]64bit:[/b] - [2012-10-31 00:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b]64bit:[/b] - [2012-10-15 18:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2012-08-21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2012-07-09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2012-03-26 14:50:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl) DRV:[b]64bit:[/b] - [2012-03-01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-03-11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-09-22 12:27:48 | 003,063,360 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2010-06-23 09:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010-06-22 09:17:52 | 006,856,704 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2010-06-22 07:28:32 | 010,342,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:[b]64bit:[/b] - [2010-06-22 07:28:32 | 010,342,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2010-06-22 07:24:12 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2010-05-27 22:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2010-05-06 15:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2010-04-13 09:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009-09-23 03:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:[b]64bit:[/b] - [2009-09-17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2009-06-20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009-06-10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:[b]64bit:[/b] - [2009-06-10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:[b]64bit:[/b] - [2009-06-10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:[b]64bit:[/b] - [2009-06-10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:[b]64bit:[/b] - [2009-06-10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:[b]64bit:[/b] - [2009-06-10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2011-12-29 12:58:01 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\CDAC15BA.SYS -- (CdaC15BA) DRV - [2010-01-29 12:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Stopped] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive) DRV - [2009-09-23 03:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{5447512E-4515-4A00-BF4F-A8A33F14E957}: "URL" = http://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{DDA461D0-65EE-4276-BAA8-7241F0054A57}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{5447512E-4515-4A00-BF4F-A8A33F14E957}: "URL" = http://pl.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{DDA461D0-65EE-4276-BAA8-7241F0054A57}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/ IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=119535&babsrc=SP_ss&mntrId=74795b420000000000005cac4cab67ae IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.20\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-05-12 18:26:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.20\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011-03-19 19:14:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sklep\AppData\Roaming\mozilla\Extensions [2011-03-19 19:14:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sklep\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013-02-24 15:30:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Delta Search (Enabled) CHR - default_search_provider: search_url = http://www.delta-search.com/?q={searchTerms}&affID=119535&babsrc=SP_ss&mntrId=74795b420000000000005cac4cab67ae CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.delta-search.com/?affID=119535&babsrc=HP_ss&mntrId=74795b420000000000005cac4cab67ae CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\gcswf32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: YouTube = C:\Users\sklep\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Szukaj w Google = C:\Users\sklep\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Delta Toolbar = C:\Users\sklep\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.5.1_0\ CHR - Extension: avast! WebRep = C:\Users\sklep\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ CHR - Extension: Chrome In-App Payments service = C:\Users\sklep\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\ CHR - Extension: Gmail = C:\Users\sklep\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:[b]64bit:[/b] - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.) O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe () O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [GameXN GO] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS) O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe () O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D376B402-B4FA-485A-B35E-A9B0A6A0EF8A}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll) - c:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll () O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (C:\Users\sklep\AppData\Roaming\Other.res) - C:\Users\sklep\AppData\Roaming\Other.res () O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O31 - SafeBoot: UseAlternatShell - 1 O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-12-29 10:45:05 | 000,000,000 | ---D | M] - C:\autocad-plik instalacyjny -- [ NTFS ] O33 - MountPoints2\{8fedc3a2-fb44-11e2-be27-e09388ddfcac}\Shell - "" = AutoRun O33 - MountPoints2\{8fedc3a2-fb44-11e2-be27-e09388ddfcac}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-10-21 15:19:34 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Roaming\Malwarebytes [2013-10-21 15:19:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013-10-21 15:19:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013-10-21 15:19:21 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013-10-21 15:19:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013-10-21 15:19:12 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\Programs [2013-10-21 15:18:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\sklep\Desktop\OTL.exe [2013-10-08 20:25:06 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard [2013-10-08 20:25:02 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\avgchrome [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-10-21 16:30:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-10-21 16:30:33 | 2307,280,896 | -HS- | M] () -- C:\hiberfil.sys [2013-10-21 16:29:22 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-10-21 15:19:22 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013-10-21 15:19:05 | 001,551,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-10-21 15:19:05 | 000,698,348 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-10-21 15:19:05 | 000,616,484 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-10-21 15:19:05 | 000,135,200 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-10-21 15:19:05 | 000,106,606 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-10-21 15:16:02 | 001,060,070 | ---- | M] () -- C:\Users\sklep\Desktop\AdwCleaner.exe [2013-10-21 15:14:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sklep\Desktop\OTL.exe [2013-10-20 22:13:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cc91bf91356cc8.job [2013-10-20 22:05:54 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-10-20 22:05:54 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-10-20 16:35:52 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job [2013-10-20 16:34:33 | 000,001,368 | ---- | M] () -- C:\Users\sklep\Desktop\Wyczyść rejestr za darmo!.lnk [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-10-21 15:19:22 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013-10-21 15:18:52 | 001,060,070 | ---- | C] () -- C:\Users\sklep\Desktop\AdwCleaner.exe [2013-09-20 23:49:00 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2013-05-09 22:36:07 | 050,562,246 | ---- | C] () -- C:\Users\sklep\IMG_0793.MOV [2013-05-09 22:35:18 | 287,857,618 | ---- | C] () -- C:\Users\sklep\IMG_0792.MOV [2013-05-09 22:35:14 | 027,215,733 | ---- | C] () -- C:\Users\sklep\IMG_0791.MOV [2013-05-09 22:35:01 | 073,350,457 | ---- | C] () -- C:\Users\sklep\IMG_0790.MOV [2013-05-09 22:35:00 | 002,376,897 | ---- | C] () -- C:\Users\sklep\IMG_0789.JPG [2013-05-09 22:34:53 | 044,384,948 | ---- | C] () -- C:\Users\sklep\IMG_0788.MOV [2013-05-09 22:34:49 | 022,124,048 | ---- | C] () -- C:\Users\sklep\IMG_0787.MOV [2013-05-09 22:34:49 | 002,621,176 | ---- | C] () -- C:\Users\sklep\IMG_0786.JPG [2013-05-09 22:34:29 | 111,651,068 | ---- | C] () -- C:\Users\sklep\IMG_0785.MOV [2013-05-09 22:33:48 | 240,505,062 | ---- | C] () -- C:\Users\sklep\IMG_0784.MOV [2013-05-09 22:33:46 | 009,981,071 | ---- | C] () -- C:\Users\sklep\IMG_0783.MOV [2013-05-09 22:33:46 | 002,216,184 | ---- | C] () -- C:\Users\sklep\IMG_0782.JPG [2013-05-09 22:33:46 | 001,758,973 | ---- | C] () -- C:\Users\sklep\IMG_0781.JPG [2013-05-09 22:33:40 | 028,655,829 | ---- | C] () -- C:\Users\sklep\IMG_0780.MOV [2013-05-09 22:33:35 | 028,425,708 | ---- | C] () -- C:\Users\sklep\IMG_0779.MOV [2013-05-09 22:33:35 | 002,257,787 | ---- | C] () -- C:\Users\sklep\IMG_0778.JPG [2013-05-09 22:33:26 | 048,925,450 | ---- | C] () -- C:\Users\sklep\IMG_0777.MOV [2013-05-09 22:33:26 | 002,459,752 | ---- | C] () -- C:\Users\sklep\IMG_0776.JPG [2013-05-09 22:33:15 | 062,713,519 | ---- | C] () -- C:\Users\sklep\IMG_0775.MOV [2013-05-09 22:33:15 | 001,387,735 | ---- | C] () -- C:\Users\sklep\IMG_0774.JPG [2013-05-09 22:33:14 | 002,505,632 | ---- | C] () -- C:\Users\sklep\IMG_0773.JPG [2013-05-09 22:33:12 | 011,596,422 | ---- | C] () -- C:\Users\sklep\IMG_0772.MOV [2013-05-09 22:33:12 | 002,210,412 | ---- | C] () -- C:\Users\sklep\IMG_0771.JPG [2013-05-09 22:33:12 | 001,997,629 | ---- | C] () -- C:\Users\sklep\IMG_0770.JPG [2013-05-09 22:33:11 | 002,402,691 | ---- | C] () -- C:\Users\sklep\IMG_0768.JPG [2013-05-09 22:33:11 | 002,337,389 | ---- | C] () -- C:\Users\sklep\IMG_0769.JPG [2013-05-09 22:33:10 | 002,416,899 | ---- | C] () -- C:\Users\sklep\IMG_0766.JPG [2013-05-09 22:33:10 | 002,261,879 | ---- | C] () -- C:\Users\sklep\IMG_0767.JPG [2013-05-09 22:33:09 | 002,306,860 | ---- | C] () -- C:\Users\sklep\IMG_0764.JPG [2013-05-09 22:33:09 | 001,799,901 | ---- | C] () -- C:\Users\sklep\IMG_0765.JPG [2013-05-09 22:33:08 | 002,361,032 | ---- | C] () -- C:\Users\sklep\IMG_0761.JPG [2013-05-09 22:33:08 | 002,304,909 | ---- | C] () -- C:\Users\sklep\IMG_0763.JPG [2013-05-09 22:33:08 | 002,198,308 | ---- | C] () -- C:\Users\sklep\IMG_0762.JPG [2013-05-09 22:33:07 | 002,234,403 | ---- | C] () -- C:\Users\sklep\IMG_0759.JPG [2013-05-09 22:33:07 | 002,116,596 | ---- | C] () -- C:\Users\sklep\IMG_0758.JPG [2013-05-09 22:33:06 | 001,774,208 | ---- | C] () -- C:\Users\sklep\IMG_0754.JPG [2013-05-09 22:33:06 | 001,627,757 | ---- | C] () -- C:\Users\sklep\IMG_0755.JPG [2013-05-09 22:33:06 | 001,093,382 | ---- | C] () -- C:\Users\sklep\IMG_0757.JPG [2013-05-09 22:32:57 | 051,170,578 | ---- | C] () -- C:\Users\sklep\IMG_0753.MOV [2013-05-09 22:32:57 | 002,120,175 | ---- | C] () -- C:\Users\sklep\IMG_0752.JPG [2013-05-09 22:32:56 | 002,681,312 | ---- | C] () -- C:\Users\sklep\IMG_0751.JPG [2013-05-09 22:32:55 | 002,656,103 | ---- | C] () -- C:\Users\sklep\IMG_0750.JPG [2013-05-09 22:32:54 | 002,617,612 | ---- | C] () -- C:\Users\sklep\IMG_0749.JPG [2013-05-09 22:32:54 | 002,115,297 | ---- | C] () -- C:\Users\sklep\IMG_0747.JPG [2013-05-09 22:32:54 | 001,876,823 | ---- | C] () -- C:\Users\sklep\IMG_0746.JPG [2013-05-09 22:32:53 | 002,217,220 | ---- | C] () -- C:\Users\sklep\IMG_0744.JPG [2013-05-09 22:32:53 | 001,954,940 | ---- | C] () -- C:\Users\sklep\IMG_0745.JPG [2013-05-09 22:32:52 | 002,361,674 | ---- | C] () -- C:\Users\sklep\IMG_0743.JPG [2013-05-09 22:32:52 | 002,281,013 | ---- | C] () -- C:\Users\sklep\IMG_0742.JPG [2013-05-09 22:32:51 | 002,433,470 | ---- | C] () -- C:\Users\sklep\IMG_0740.JPG [2013-05-09 22:32:51 | 002,423,198 | ---- | C] () -- C:\Users\sklep\IMG_0741.JPG [2013-05-09 22:32:51 | 001,873,507 | ---- | C] () -- C:\Users\sklep\IMG_0739.JPG [2013-05-09 22:32:50 | 002,760,158 | ---- | C] () -- C:\Users\sklep\IMG_0738.JPG [2013-05-09 22:32:50 | 002,613,529 | ---- | C] () -- C:\Users\sklep\IMG_0737.JPG [2013-05-09 22:32:48 | 002,639,619 | ---- | C] () -- C:\Users\sklep\IMG_0736.JPG [2013-05-09 22:32:47 | 002,198,643 | ---- | C] () -- C:\Users\sklep\IMG_0733.JPG [2013-05-09 22:32:47 | 001,699,999 | ---- | C] () -- C:\Users\sklep\IMG_0735.JPG [2013-05-09 22:32:47 | 001,576,632 | ---- | C] () -- C:\Users\sklep\IMG_0734.JPG [2013-05-09 22:32:46 | 002,397,760 | ---- | C] () -- C:\Users\sklep\IMG_0732.JPG [2013-05-09 22:32:46 | 002,339,847 | ---- | C] () -- C:\Users\sklep\IMG_0731.JPG [2013-05-09 22:32:45 | 002,252,997 | ---- | C] () -- C:\Users\sklep\IMG_0729.JPG [2013-05-09 22:32:45 | 001,995,228 | ---- | C] () -- C:\Users\sklep\IMG_0730.JPG [2013-05-09 22:32:45 | 001,793,407 | ---- | C] () -- C:\Users\sklep\IMG_0728.JPG [2013-05-09 22:32:43 | 002,514,653 | ---- | C] () -- C:\Users\sklep\IMG_0727.JPG [2013-05-09 22:32:36 | 033,483,134 | ---- | C] () -- C:\Users\sklep\IMG_0726.MOV [2013-05-09 22:32:35 | 002,214,515 | ---- | C] () -- C:\Users\sklep\IMG_0724.JPG [2013-05-09 22:32:35 | 002,046,070 | ---- | C] () -- C:\Users\sklep\IMG_0723.JPG [2013-05-09 22:32:35 | 001,910,426 | ---- | C] () -- C:\Users\sklep\IMG_0725.JPG [2013-05-09 22:32:34 | 002,367,371 | ---- | C] () -- C:\Users\sklep\IMG_0722.JPG [2013-05-09 22:32:34 | 002,350,675 | ---- | C] () -- C:\Users\sklep\IMG_0721.JPG [2013-05-09 22:32:33 | 002,272,249 | ---- | C] () -- C:\Users\sklep\IMG_0719.JPG [2013-05-09 22:32:33 | 002,234,649 | ---- | C] () -- C:\Users\sklep\IMG_0720.JPG [2013-05-09 22:32:32 | 002,340,417 | ---- | C] () -- C:\Users\sklep\IMG_0716.JPG [2013-05-09 22:32:32 | 002,316,417 | ---- | C] () -- C:\Users\sklep\IMG_0717.JPG [2013-05-09 22:32:32 | 001,971,406 | ---- | C] () -- C:\Users\sklep\IMG_0718.JPG [2013-05-09 22:32:24 | 042,001,067 | ---- | C] () -- C:\Users\sklep\IMG_0715.MOV [2013-05-09 22:32:24 | 002,247,026 | ---- | C] () -- C:\Users\sklep\IMG_0714.JPG [2013-05-09 22:32:23 | 002,241,378 | ---- | C] () -- C:\Users\sklep\IMG_0712.JPG [2013-05-09 22:32:23 | 002,229,525 | ---- | C] () -- C:\Users\sklep\IMG_0713.JPG [2013-05-09 22:32:11 | 068,703,786 | ---- | C] () -- C:\Users\sklep\IMG_0711.MOV [2013-05-09 22:32:11 | 002,354,554 | ---- | C] () -- C:\Users\sklep\IMG_0708.JPG [2013-05-09 22:32:10 | 002,756,247 | ---- | C] () -- C:\Users\sklep\IMG_0707.JPG [2013-05-09 22:32:10 | 002,173,440 | ---- | C] () -- C:\Users\sklep\IMG_0706.JPG [2013-05-09 22:32:09 | 002,520,313 | ---- | C] () -- C:\Users\sklep\IMG_0705.JPG [2013-05-09 22:32:03 | 038,030,705 | ---- | C] () -- C:\Users\sklep\IMG_0703.MOV [2013-05-09 22:32:02 | 002,130,367 | ---- | C] () -- C:\Users\sklep\IMG_0702.JPG [2013-05-09 22:32:02 | 002,076,543 | ---- | C] () -- C:\Users\sklep\IMG_0700.JPG [2013-05-09 22:32:01 | 002,259,314 | ---- | C] () -- C:\Users\sklep\IMG_0699.JPG [2013-05-09 22:32:01 | 002,017,961 | ---- | C] () -- C:\Users\sklep\IMG_0698.JPG [2013-05-09 22:32:00 | 002,495,282 | ---- | C] () -- C:\Users\sklep\IMG_0697.JPG [2013-05-09 22:32:00 | 001,892,751 | ---- | C] () -- C:\Users\sklep\IMG_0694.JPG [2013-05-09 22:32:00 | 001,806,257 | ---- | C] () -- C:\Users\sklep\IMG_0695.JPG [2013-05-09 22:31:59 | 002,225,798 | ---- | C] () -- C:\Users\sklep\IMG_0692.JPG [2013-05-09 22:31:59 | 001,882,382 | ---- | C] () -- C:\Users\sklep\IMG_0691.JPG [2013-05-09 22:31:59 | 001,670,511 | ---- | C] () -- C:\Users\sklep\IMG_0693.JPG [2013-05-09 22:31:58 | 002,113,384 | ---- | C] () -- C:\Users\sklep\IMG_0690.JPG [2013-05-09 22:31:58 | 002,018,405 | ---- | C] () -- C:\Users\sklep\IMG_0689.JPG [2013-05-09 22:31:57 | 002,098,168 | ---- | C] () -- C:\Users\sklep\IMG_0688.JPG [2013-05-09 22:31:57 | 002,014,819 | ---- | C] () -- C:\Users\sklep\IMG_0687.JPG [2013-05-09 22:31:57 | 001,933,741 | ---- | C] () -- C:\Users\sklep\IMG_0686.JPG [2013-05-09 22:31:56 | 002,008,011 | ---- | C] () -- C:\Users\sklep\IMG_0685.JPG [2013-05-09 22:31:47 | 053,805,524 | ---- | C] () -- C:\Users\sklep\IMG_0684.MOV [2013-05-09 22:31:39 | 042,503,015 | ---- | C] () -- C:\Users\sklep\IMG_0683.MOV [2013-05-09 22:31:32 | 042,654,294 | ---- | C] () -- C:\Users\sklep\IMG_0682.MOV [2013-05-09 22:31:28 | 017,456,617 | ---- | C] () -- C:\Users\sklep\IMG_0681.MOV [2013-05-09 22:31:18 | 063,533,099 | ---- | C] () -- C:\Users\sklep\IMG_0680.MOV [2013-05-09 22:31:10 | 044,620,479 | ---- | C] () -- C:\Users\sklep\IMG_0679.MOV [2013-05-09 22:31:03 | 037,608,766 | ---- | C] () -- C:\Users\sklep\IMG_0678.MOV [2013-05-09 22:31:03 | 002,048,831 | ---- | C] () -- C:\Users\sklep\IMG_0675.JPG [2013-05-09 22:31:03 | 001,833,411 | ---- | C] () -- C:\Users\sklep\IMG_0676.JPG [2013-05-09 22:31:02 | 002,050,457 | ---- | C] () -- C:\Users\sklep\IMG_0673.JPG [2013-05-09 22:31:02 | 001,843,310 | ---- | C] () -- C:\Users\sklep\IMG_0674.JPG [2013-05-09 22:30:34 | 163,296,076 | ---- | C] () -- C:\Users\sklep\IMG_0672.MOV [2013-05-09 22:30:34 | 002,087,875 | ---- | C] () -- C:\Users\sklep\IMG_0671.JPG [2013-05-09 22:30:33 | 001,829,232 | ---- | C] () -- C:\Users\sklep\IMG_0670.JPG [2013-05-09 22:30:27 | 039,083,329 | ---- | C] () -- C:\Users\sklep\IMG_0668.MOV [2013-05-09 22:29:55 | 186,731,559 | ---- | C] () -- C:\Users\sklep\IMG_0667.MOV [2013-05-09 22:29:54 | 002,173,371 | ---- | C] () -- C:\Users\sklep\IMG_0663.JPG [2013-05-09 22:29:54 | 001,927,505 | ---- | C] () -- C:\Users\sklep\IMG_0664.JPG [2013-05-09 22:29:54 | 000,810,905 | ---- | C] () -- C:\Users\sklep\IMG_0661.JPG [2013-05-09 22:29:53 | 002,373,620 | ---- | C] () -- C:\Users\sklep\IMG_0659.JPG [2013-05-09 22:29:53 | 001,877,709 | ---- | C] () -- C:\Users\sklep\IMG_0660.JPG [2013-05-09 22:29:52 | 002,214,645 | ---- | C] () -- C:\Users\sklep\IMG_0658.JPG [2013-05-09 22:29:42 | 060,029,955 | ---- | C] () -- C:\Users\sklep\IMG_0656.MOV [2013-05-09 22:29:28 | 080,442,494 | ---- | C] () -- C:\Users\sklep\IMG_0655.MOV [2013-05-09 22:29:28 | 001,960,766 | ---- | C] () -- C:\Users\sklep\IMG_0654.JPG [2013-05-09 22:29:27 | 001,996,573 | ---- | C] () -- C:\Users\sklep\IMG_0653.JPG [2013-05-09 22:29:27 | 001,422,065 | ---- | C] () -- C:\Users\sklep\IMG_0651.JPG [2013-05-09 22:29:19 | 050,310,670 | ---- | C] () -- C:\Users\sklep\IMG_0650.MOV [2013-05-09 22:29:12 | 038,500,528 | ---- | C] () -- C:\Users\sklep\IMG_0648.MOV [2013-05-09 22:29:12 | 002,223,708 | ---- | C] () -- C:\Users\sklep\IMG_0647.JPG [2013-05-09 22:29:08 | 024,066,005 | ---- | C] () -- C:\Users\sklep\IMG_0646.MOV [2013-05-09 22:29:07 | 001,887,026 | ---- | C] () -- C:\Users\sklep\IMG_0643.JPG [2013-05-09 22:29:07 | 001,455,523 | ---- | C] () -- C:\Users\sklep\IMG_0645.JPG [2013-05-09 22:29:03 | 025,290,522 | ---- | C] () -- C:\Users\sklep\IMG_0641.MOV [2013-05-09 22:29:02 | 002,096,620 | ---- | C] () -- C:\Users\sklep\IMG_0639.JPG [2013-05-09 22:29:02 | 001,963,754 | ---- | C] () -- C:\Users\sklep\IMG_0638.JPG [2013-05-09 22:29:02 | 001,461,306 | ---- | C] () -- C:\Users\sklep\IMG_0640.JPG [2013-05-09 22:29:01 | 002,145,023 | ---- | C] () -- C:\Users\sklep\IMG_0632.JPG [2013-05-09 22:29:01 | 001,696,628 | ---- | C] () -- C:\Users\sklep\IMG_0633.JPG [2013-05-09 22:28:50 | 063,595,043 | ---- | C] () -- C:\Users\sklep\IMG_0629.MOV [2013-05-09 22:28:46 | 024,314,109 | ---- | C] () -- C:\Users\sklep\IMG_0628.MOV [2013-05-09 22:28:45 | 002,010,750 | ---- | C] () -- C:\Users\sklep\IMG_0627.JPG [2013-05-09 22:28:45 | 001,921,554 | ---- | C] () -- C:\Users\sklep\IMG_0625.JPG [2013-05-09 22:28:31 | 077,233,068 | ---- | C] () -- C:\Users\sklep\IMG_0624.MOV [2013-05-09 22:28:31 | 001,337,461 | ---- | C] () -- C:\Users\sklep\IMG_0619.JPG [2013-05-09 22:28:31 | 001,271,909 | ---- | C] () -- C:\Users\sklep\IMG_0621.JPG [2013-05-09 22:28:31 | 001,235,711 | ---- | C] () -- C:\Users\sklep\IMG_0620.JPG [2013-05-09 22:28:30 | 001,334,288 | ---- | C] () -- C:\Users\sklep\IMG_0617.JPG [2013-05-09 22:28:29 | 008,641,661 | ---- | C] () -- C:\Users\sklep\IMG_0615.MOV [2013-05-09 22:28:28 | 002,014,853 | ---- | C] () -- C:\Users\sklep\IMG_0612.JPG [2013-05-09 22:28:28 | 001,465,009 | ---- | C] () -- C:\Users\sklep\IMG_0614.JPG [2013-05-09 22:28:28 | 001,441,020 | ---- | C] () -- C:\Users\sklep\IMG_0613.JPG [2013-05-09 22:28:28 | 000,769,076 | ---- | C] () -- C:\Users\sklep\IMG_0610.JPG [2013-05-09 22:28:27 | 000,859,130 | ---- | C] () -- C:\Users\sklep\IMG_0607.JPG [2013-05-09 22:28:27 | 000,807,123 | ---- | C] () -- C:\Users\sklep\IMG_0609.JPG [2013-05-09 22:28:27 | 000,075,229 | ---- | C] () -- C:\Users\sklep\IMG_0608.JPG [2013-05-09 22:28:26 | 002,217,284 | ---- | C] () -- C:\Users\sklep\IMG_0606.JPG [2013-05-09 22:28:16 | 062,450,801 | ---- | C] () -- C:\Users\sklep\IMG_0605.MOV [2013-05-09 22:28:16 | 002,194,295 | ---- | C] () -- C:\Users\sklep\IMG_0603.JPG [2013-05-09 22:28:11 | 028,469,523 | ---- | C] () -- C:\Users\sklep\IMG_0602.MOV [2013-05-09 22:28:06 | 030,590,947 | ---- | C] () -- C:\Users\sklep\IMG_0601.MOV [2013-05-09 22:28:00 | 030,797,966 | ---- | C] () -- C:\Users\sklep\IMG_0598.MOV [2013-05-09 22:27:32 | 164,474,220 | ---- | C] () -- C:\Users\sklep\IMG_0596.MOV [2013-05-09 22:26:55 | 217,468,535 | ---- | C] () -- C:\Users\sklep\IMG_0595.MOV [2013-05-09 22:26:45 | 057,691,893 | ---- | C] () -- C:\Users\sklep\IMG_0593.MOV [2013-05-09 22:26:45 | 002,425,257 | ---- | C] () -- C:\Users\sklep\IMG_0592.JPG [2013-05-09 22:26:36 | 054,067,642 | ---- | C] () -- C:\Users\sklep\IMG_0591.MOV [2013-05-09 22:26:18 | 082,306,257 | ---- | C] () -- C:\Users\sklep\IMG_0590.MOV [2013-05-09 22:25:49 | 170,577,528 | ---- | C] () -- C:\Users\sklep\IMG_0589.MOV [2013-05-09 22:25:49 | 002,927,979 | ---- | C] () -- C:\Users\sklep\IMG_0588.JPG [2013-05-09 22:24:56 | 304,960,290 | ---- | C] () -- C:\Users\sklep\IMG_0587.MOV [2013-05-09 22:24:32 | 144,244,957 | ---- | C] () -- C:\Users\sklep\IMG_0585.MOV [2013-05-09 22:24:31 | 002,504,329 | ---- | C] () -- C:\Users\sklep\IMG_0583.JPG [2013-05-09 22:24:31 | 002,393,383 | ---- | C] () -- C:\Users\sklep\IMG_0582.JPG [2013-05-09 22:24:30 | 002,539,256 | ---- | C] () -- C:\Users\sklep\IMG_0581.JPG [2013-05-09 22:24:30 | 002,088,049 | ---- | C] () -- C:\Users\sklep\IMG_0580.JPG [2013-05-09 22:24:29 | 002,101,420 | ---- | C] () -- C:\Users\sklep\IMG_0578.JPG [2013-05-09 22:24:29 | 001,980,692 | ---- | C] () -- C:\Users\sklep\IMG_0579.JPG [2013-05-09 22:24:29 | 001,961,619 | ---- | C] () -- C:\Users\sklep\IMG_0576.JPG [2013-05-09 22:24:28 | 002,721,726 | ---- | C] () -- C:\Users\sklep\IMG_0575.JPG [2013-05-09 22:24:28 | 001,993,213 | ---- | C] () -- C:\Users\sklep\IMG_0574.JPG [2013-05-09 22:24:28 | 000,123,763 | ---- | C] () -- C:\Users\sklep\IMG_0572.JPG [2013-05-09 22:24:27 | 002,231,607 | ---- | C] () -- C:\Users\sklep\IMG_0570.JPG [2013-05-09 22:24:27 | 002,064,523 | ---- | C] () -- C:\Users\sklep\IMG_0571.JPG [2013-05-09 22:24:26 | 002,497,887 | ---- | C] () -- C:\Users\sklep\IMG_0566.JPG [2013-05-09 22:24:26 | 002,285,150 | ---- | C] () -- C:\Users\sklep\IMG_0565.JPG [2013-05-09 22:24:25 | 002,255,312 | ---- | C] () -- C:\Users\sklep\IMG_0560.JPG [2013-05-09 22:24:25 | 002,159,673 | ---- | C] () -- C:\Users\sklep\IMG_0559.JPG [2013-05-09 22:24:25 | 001,983,228 | ---- | C] () -- C:\Users\sklep\IMG_0564.JPG [2013-05-09 22:24:24 | 003,153,515 | ---- | C] () -- C:\Users\sklep\IMG_0556.JPG [2013-05-09 22:24:24 | 002,086,585 | ---- | C] () -- C:\Users\sklep\IMG_0557.JPG [2013-05-09 22:24:23 | 002,567,964 | ---- | C] () -- C:\Users\sklep\IMG_0554.JPG [2013-05-09 22:24:23 | 002,043,291 | ---- | C] () -- C:\Users\sklep\IMG_0555.JPG [2013-05-09 22:24:22 | 001,925,399 | ---- | C] () -- C:\Users\sklep\IMG_0552.JPG [2013-05-09 22:24:22 | 001,909,174 | ---- | C] () -- C:\Users\sklep\IMG_0551.JPG [2013-05-09 22:24:22 | 001,592,344 | ---- | C] () -- C:\Users\sklep\IMG_0550.JPG [2013-05-09 22:24:21 | 002,231,979 | ---- | C] () -- C:\Users\sklep\IMG_0549.JPG [2013-05-09 22:24:21 | 001,775,597 | ---- | C] () -- C:\Users\sklep\IMG_0548.JPG [2013-05-09 22:24:21 | 001,678,882 | ---- | C] () -- C:\Users\sklep\IMG_0546.JPG [2013-05-09 22:24:20 | 001,867,109 | ---- | C] () -- C:\Users\sklep\IMG_0544.JPG [2013-05-09 22:24:20 | 001,820,159 | ---- | C] () -- C:\Users\sklep\IMG_0545.JPG [2013-05-09 22:24:19 | 002,113,965 | ---- | C] () -- C:\Users\sklep\IMG_0543.JPG [2013-05-09 22:24:19 | 002,100,551 | ---- | C] () -- C:\Users\sklep\IMG_0541.JPG [2013-05-09 22:24:19 | 001,993,966 | ---- | C] () -- C:\Users\sklep\IMG_0542.JPG [2013-05-09 22:24:18 | 002,086,442 | ---- | C] () -- C:\Users\sklep\IMG_0538.JPG [2013-05-09 22:24:18 | 001,604,242 | ---- | C] () -- C:\Users\sklep\IMG_0539.JPG [2013-05-09 22:24:17 | 002,154,979 | ---- | C] () -- C:\Users\sklep\IMG_0537.JPG [2013-05-09 22:24:17 | 002,052,585 | ---- | C] () -- C:\Users\sklep\IMG_0534.JPG [2013-05-09 22:24:17 | 001,974,981 | ---- | C] () -- C:\Users\sklep\IMG_0533.JPG [2013-05-09 22:24:16 | 002,332,505 | ---- | C] () -- C:\Users\sklep\IMG_0532.JPG [2013-05-09 22:24:16 | 002,164,106 | ---- | C] () -- C:\Users\sklep\IMG_0531.JPG [2013-05-09 22:24:15 | 002,353,458 | ---- | C] () -- C:\Users\sklep\IMG_0530.JPG [2013-05-09 22:24:15 | 001,960,539 | ---- | C] () -- C:\Users\sklep\IMG_0529.JPG [2013-05-09 22:24:14 | 002,120,390 | ---- | C] () -- C:\Users\sklep\IMG_0528.JPG [2013-05-09 22:24:14 | 002,006,406 | ---- | C] () -- C:\Users\sklep\IMG_0526.JPG [2013-05-09 22:24:14 | 001,340,476 | ---- | C] () -- C:\Users\sklep\IMG_0527.JPG [2013-05-09 22:24:07 | 042,603,553 | ---- | C] () -- C:\Users\sklep\IMG_0525.MOV [2013-05-09 22:24:07 | 001,104,917 | ---- | C] () -- C:\Users\sklep\IMG_0524.JPG [2013-05-09 22:24:06 | 001,989,386 | ---- | C] () -- C:\Users\sklep\IMG_0523.JPG [2013-05-09 22:24:06 | 001,988,506 | ---- | C] () -- C:\Users\sklep\IMG_0521.JPG [2013-05-09 22:24:05 | 002,291,485 | ---- | C] () -- C:\Users\sklep\IMG_0519.JPG [2013-05-09 22:24:05 | 002,176,694 | ---- | C] () -- C:\Users\sklep\IMG_0520.JPG [2013-05-09 22:24:04 | 002,518,564 | ---- | C] () -- C:\Users\sklep\IMG_0516.JPG [2013-05-09 22:24:04 | 002,333,037 | ---- | C] () -- C:\Users\sklep\IMG_0517.JPG [2013-05-09 22:24:04 | 001,985,816 | ---- | C] () -- C:\Users\sklep\IMG_0515.JPG [2013-05-09 22:24:03 | 001,850,369 | ---- | C] () -- C:\Users\sklep\IMG_0513.JPG [2013-05-09 22:24:03 | 001,827,160 | ---- | C] () -- C:\Users\sklep\IMG_0508.JPG [2012-01-11 21:00:21 | 000,102,400 | ---- | C] () -- C:\Users\sklep\AppData\Roaming\Other.res [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2011-12-29 10:48:09 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\Autodesk [2013-02-24 15:29:59 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\Babylon [2013-02-24 15:30:32 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\Delta [2013-07-09 20:58:18 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\File Scout [2013-10-21 16:14:14 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\go [2012-08-21 20:49:15 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\Imaging Sciences International [2011-10-19 19:19:28 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\SoftGrid Client [2013-02-24 15:30:42 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\Systweak [2011-03-19 19:14:37 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\Thunderbird [2011-01-27 21:23:53 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\Tific [2011-02-08 20:04:43 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\TP [2011-12-18 18:32:01 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\UpdateTemp1358748285 [2011-02-01 20:53:04 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\WildTangent [2011-01-28 14:18:12 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\_MDLogs [color=#E56717]========== Purity Check ==========[/color] < End of report >