OTL logfile created on: 2013-11-28 22:43:45 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jarek i Ela.JarekiEla-PC\Desktop\Nowy folder
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,99 Gb Total Physical Memory | 0,81 Gb Available Physical Memory | 40,94% Memory free
4,21 Gb Paging File | 2,88 Gb Available in Paging File | 68,25% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 52,73 Gb Total Space | 10,85 Gb Free Space | 20,58% Space Free | Partition Type: NTFS
Drive D: | 1,46 Gb Total Space | 1,04 Gb Free Space | 70,99% Space Free | Partition Type: NTFS
Drive F: | 57,59 Gb Total Space | 2,68 Gb Free Space | 4,65% Space Free | Partition Type: NTFS
Drive I: | 10,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: JAREKIELA-PC | User Name: Jarek i Ela | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-11-19 14:24:02 | 000,387,376 | R--- | M] (iS3, Inc.) -- c:\Program Files\STOPzilla!\STOPzilla.exe
PRC - [2013-11-19 14:24:02 | 000,057,136 | R--- | M] (iS3, Inc.) -- c:\Program Files\STOPzilla!\SZServer.exe
PRC - [2013-11-02 09:49:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jarek i Ela.JarekiEla-PC\Desktop\Nowy folder\OTL.exe
PRC - [2013-09-23 00:17:30 | 001,117,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2013-09-04 08:20:38 | 001,432,080 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgfws.exe
PRC - [2013-07-23 18:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013-07-10 00:33:22 | 000,452,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2013-07-04 14:53:28 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2013-07-04 14:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2013-04-04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2010-12-14 16:49:30 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
PRC - [2010-01-12 13:55:26 | 000,114,688 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe
PRC - [2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-01-19 08:33:04 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2006-08-23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006-02-17 14:03:57 | 002,396,160 | ---- | M] (Gadu-Gadu Sp. z oo) -- C:\Program Files\Gadu-Gadu\gg.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2010-07-04 22:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2010-01-12 13:55:26 | 000,114,688 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe
MOD - [2009-07-17 14:14:28 | 000,622,456 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2009 Advanced\ContextHandler.dll
MOD - [2008-05-23 12:25:44 | 000,040,960 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DeviceOperate.dll
MOD - [2008-05-23 12:25:38 | 000,147,456 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DetectDev.dll
MOD - [2008-05-23 12:25:28 | 000,524,288 | ---- | M] () -- C:\Program Files\PLAY ONLINE\atcomm.dll
MOD - [2008-05-23 12:24:38 | 000,061,440 | ---- | M] () -- C:\Program Files\PLAY ONLINE\XCodec.dll
MOD - [2008-05-21 15:58:10 | 000,114,688 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetInfoPlugin.dll
MOD - [2008-05-21 12:48:12 | 000,139,264 | ---- | M] () -- C:\Program Files\PLAY ONLINE\LocaleMgrPlugin.dll
MOD - [2008-05-21 12:47:32 | 000,159,744 | ---- | M] () -- C:\Program Files\PLAY ONLINE\SMSPlugin.dll
MOD - [2008-05-21 12:46:38 | 000,032,768 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NotifyServicePlugin.dll
MOD - [2008-05-21 12:44:36 | 000,057,344 | ---- | M] () -- C:\Program Files\PLAY ONLINE\ConfigFilePlugin.dll
MOD - [2008-05-21 12:43:30 | 000,098,304 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DeviceMgrPlugin.dll
MOD - [2008-05-21 12:39:04 | 000,086,016 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DialUpPlugin.dll
MOD - [2008-05-21 12:37:34 | 000,155,648 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DeviceMgrUIPlugin.dll
MOD - [2008-05-21 12:31:20 | 000,651,264 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NDISAPI.dll
MOD - [2008-04-29 17:27:22 | 000,090,112 | ---- | M] () -- C:\Program Files\PLAY ONLINE\FileManager.dll
MOD - [2008-04-29 17:27:14 | 000,014,848 | ---- | M] () -- C:\Program Files\PLAY ONLINE\isaputrace.dll
MOD - [2005-10-07 14:05:32 | 000,125,440 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2005-05-24 16:46:33 | 000,032,768 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggwhook.dll
MOD - [2005-05-24 16:45:44 | 000,405,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu\update.dll
MOD - [2005-05-24 16:45:43 | 000,786,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu\libeay32.dll
MOD - [2005-05-24 16:45:43 | 000,159,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ssleay32.dll
MOD - [2005-05-24 16:45:42 | 000,036,864 | ---- | M] () -- C:\Program Files\Gadu-Gadu\Crypto.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- C:\Users\JAREKI~1.JAR\AppData\Local\Temp\BTOA.exe -- (BTOA)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2013-11-25 21:08:57 | 000,416,640 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Users\JAREKI~1.JAR\AppData\Local\Temp\GAPNVWQKS.exe -- (GAPNVWQKS)
SRV - [2013-11-25 21:08:47 | 000,445,312 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Users\JAREKI~1.JAR\AppData\Local\Temp\MAODQ.exe -- (MAODQ)
SRV - [2013-11-19 14:24:02 | 000,057,136 | R--- | M] (iS3, Inc.) [Auto | Running] -- c:\Program Files\STOPzilla!\SZServer.exe -- (szserver)
SRV - [2013-10-27 21:38:24 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-09-04 08:20:38 | 001,432,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgfws.exe -- (avgfws)
SRV - [2013-07-23 18:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013-07-04 14:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013-04-16 02:07:06 | 000,039,056 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013-04-04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013-04-04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-07-13 13:01:18 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-03-27 14:04:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2011-03-27 14:03:24 | 000,118,784 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- c:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008-01-19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006-12-19 23:15:44 | 000,428,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2006-08-23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006-05-25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\szkgfs.sys -- (szkgfs)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\337E.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2013-11-25 21:30:48 | 000,070,024 | ---- | M] (VirusBlokAda Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\z9fahttb.sys -- (z9fahttb)
DRV - [2013-11-19 14:15:56 | 000,066,344 | R--- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\sbapifs.sys -- (sbapifs)
DRV - [2013-11-19 14:15:50 | 000,061,328 | R--- | M] (iS3 Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SZKG.sys -- (szkg5)
DRV - [2013-11-19 14:15:50 | 000,061,328 | R--- | M] (iS3 Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\is3srv.sys -- (is3srv)
DRV - [2013-09-10 00:34:48 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013-09-05 00:43:42 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013-07-20 00:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013-07-20 00:50:56 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013-07-20 00:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013-07-20 00:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013-07-01 00:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013-04-04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013-03-21 02:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012-09-04 09:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2011-01-21 21:54:36 | 000,135,032 | ---- | M] (Doctor Web, Ltd.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\dwprot.sys -- (DwProt)
DRV - [2010-10-07 13:11:38 | 006,639,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwLv32.sys -- (NETwLv32)
DRV - [2010-07-29 12:31:26 | 000,136,632 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010-07-04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010-03-04 13:50:14 | 000,261,152 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009-12-18 11:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009-06-19 21:44:14 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2009-05-28 22:41:28 | 004,233,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008-09-26 18:04:10 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007-11-09 05:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007-08-09 17:27:00 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2007-01-26 16:13:40 | 000,017,712 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007-01-24 14:57:38 | 000,073,728 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007-01-22 10:43:26 | 000,053,376 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007-01-18 15:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\KR10N.sys -- (KR10N)
DRV - [2007-01-18 15:40:56 | 000,219,392 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\KR10I.sys -- (KR10I)
DRV - [2007-01-13 09:40:00 | 004,452,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007-01-12 21:41:32 | 000,113,792 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007-01-12 21:16:54 | 000,040,576 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2006-12-09 01:01:02 | 002,206,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2006-11-28 15:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006-11-22 10:01:48 | 000,100,096 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aksusb.sys -- (aksusb)
DRV - [2006-11-22 10:01:46 | 000,327,168 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\akshasp.sys -- (akshasp)
DRV - [2006-11-22 09:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (Hardlock)
DRV - [2006-11-20 17:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006-11-02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2006-11-02 08:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2006-10-23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006-10-18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006-10-10 19:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2006-08-30 09:35:58 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006-07-28 16:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV - [2005-08-01 16:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005-03-11 15:17:40 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005-03-11 15:17:38 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005-03-11 15:17:34 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus)
DRV - [2005-01-06 13:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-100070510-2562720601-106335885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
IE - HKU\S-1-5-21-100070510-2562720601-106335885-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-100070510-2562720601-106335885-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
 
 
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-10-13 22:10:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-07-24 14:56:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-07-24 14:56:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-10-13 22:10:55 | 000,000,000 | ---D | M]
 
[2013-06-28 10:24:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\mozilla\Extensions
[2013-11-04 23:08:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\mozilla\Firefox\Profiles\tq63o6br.default\extensions
[2013-11-04 23:08:43 | 000,000,000 | ---D | M] (BonanzaDeals) -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\mozilla\Firefox\Profiles\tq63o6br.default\extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}
 
O1 HOSTS File: ([2013-10-25 14:44:22 | 000,000,159 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1    localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O4 - HKLM..\Run: [SBRegRebootCleaner] C:\Program Files\STOPzilla!\sbrc.exe (GFI Software)
O4 - HKU\S-1-5-21-100070510-2562720601-106335885-1000..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu Sp. z oo)
O4 - HKU\S-1-5-21-100070510-2562720601-106335885-1000..\Run: [Mobile Partner] C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe ()
O4 - Startup: C:\Users\All Users\Adobe [2012-01-15 22:48:35 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Application Data [2006-11-02 13:59:44 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\ashampoo [2011-03-25 20:23:03 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Atheros [2011-03-25 20:23:03 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\AVG [2013-02-21 16:30:35 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\AVG10 [2011-11-30 18:08:44 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\AVG2012 [2013-08-20 20:49:10 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\AVG2013 [2013-08-20 20:33:25 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\BlackPencil [2011-04-06 18:03:54 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\BlockBreaker [2012-04-08 18:07:39 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Common Files [2010-12-05 17:52:01 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\All Users\Dane aplikacji [2007-08-06 19:35:27 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Desktop [2006-11-02 13:59:44 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Documents [2006-11-02 13:59:44 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Dokumenty [2007-08-06 19:35:27 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\ezsid.dat ()
O4 - Startup: C:\Users\All Users\ezsidmv.dat ()
O4 - Startup: C:\Users\All Users\Favorites [2006-11-02 13:59:44 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Google [2011-03-25 20:25:10 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\HP [2011-11-02 10:08:40 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\HP Product Assistant [2009-10-13 22:06:55 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\HP(737) [2011-03-25 20:26:00 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\HPSSUPPLY [2011-03-25 20:26:00 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\hpzinstall.log ()
O4 - Startup: C:\Users\All Users\KONAMI [2013-04-01 17:12:28 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Malwarebytes [2011-03-26 11:29:01 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Malwarebytes' Anti-Malware (portable) [2013-11-26 16:11:30 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Malwarebytes(738) [2011-03-25 20:26:00 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Menu Start [2007-08-06 19:35:27 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\MFAData [2013-11-28 22:30:24 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Microsoft [2011-06-22 21:14:32 | 000,000,000 | --SD | M]
O4 - Startup: C:\Users\All Users\Microsoft(739) [2011-03-25 20:27:10 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Mozilla [2013-06-28 10:23:31 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\ntuser.pol ()
O4 - Startup: C:\Users\All Users\page [2011-03-26 11:29:12 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\page(741) [2011-03-25 20:27:10 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Pulpit [2007-08-06 19:35:27 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Real [2013-07-24 14:56:17 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Real(742) [2011-03-25 20:27:18 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\RealNetworks [2013-07-24 14:56:43 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\SecTaskMan [2011-03-26 11:29:13 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\SecTaskMan(743) [2011-03-25 20:27:19 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Skype [2012-09-14 02:04:09 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Skype(744) [2011-03-25 20:27:43 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Start Menu [2006-11-02 13:59:44 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\STOPzilla! [2013-11-28 22:45:25 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Sun [2012-05-31 11:28:03 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Szablony [2007-08-06 19:35:27 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\TEMP [2013-09-23 14:55:38 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Templates [2006-11-02 13:59:44 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Toshiba [2011-03-25 20:27:44 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\ToshibaEurope [2011-03-25 20:27:44 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Ulead Systems [2009-04-07 23:32:32 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Ulubione [2007-08-06 19:35:27 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Vista64 [2011-03-26 11:29:13 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\VULCAN [2011-06-12 20:28:42 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\WEBREG [2011-03-25 20:27:46 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\WildTangent [2012-04-09 17:19:48 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\WindowsSearch [2011-03-25 20:27:46 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\XP [2011-03-26 11:29:13 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} [2013-02-21 16:27:02 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\AppData [2011-03-26 11:29:14 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Default\AppData(747) [2011-03-25 20:33:27 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Default\Application Data [2006-11-02 13:59:44 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Dane aplikacji [2007-08-06 19:35:27 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Desktop [2006-11-02 11:23:35 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Documents [2011-03-26 11:29:15 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Documents(748) [2011-03-25 17:29:40 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Downloads [2006-11-02 11:23:35 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Favorites [2006-11-02 11:23:35 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Links [2006-11-02 11:23:35 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Local Settings [2006-11-02 13:59:44 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Menu Start [2007-08-06 19:35:27 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Moje dokumenty [2007-08-06 19:35:27 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Music [2006-11-02 11:23:35 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\My Documents [2006-11-02 13:59:44 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\NetHood [2006-11-02 13:59:44 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\NTUSER.DAT ()
O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG ()
O4 - Startup: C:\Users\Default\ntuser.dat.LOG1 ()
O4 - Startup: C:\Users\Default\ntuser.dat.LOG2 ()
O4 - Startup: C:\Users\Default\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf ()
O4 - Startup: C:\Users\Default\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Default\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Default\Pictures [2006-11-02 11:23:35 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\PrintHood [2006-11-02 13:59:44 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Recent [2006-11-02 13:59:44 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Saved Games [2006-11-02 11:23:35 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Default\SendTo [2006-11-02 13:59:44 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Start Menu [2006-11-02 13:59:44 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Szablony [2007-08-06 19:35:27 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Templates [2006-11-02 13:59:44 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Ustawienia lokalne [2007-08-06 19:35:27 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Videos [2006-11-02 11:23:35 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Jarek i Ela\AppData [2011-03-25 20:18:39 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Jarek i Ela\Contacts [2011-03-25 20:18:40 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Jarek i Ela\Favorites [2011-03-25 20:18:40 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Jarek i Ela\NTUSER.DAT ()
O4 - Startup: C:\Users\Jarek i Ela\ntuser.dat.LOG1 ()
O4 - Startup: C:\Users\Jarek i Ela\ntuser.dat.LOG2 ()
O4 - Startup: C:\Users\Jarek i Ela\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf ()
O4 - Startup: C:\Users\Jarek i Ela\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela\Searches [2011-03-25 20:18:40 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\5. Biblia - czytanie ze zrozumieniem z odpowiedziami.pdf ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\AppData [2007-08-06 19:39:45 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Application Data [2012-12-29 13:37:34 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Contacts [2011-05-22 16:53:45 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Cookies [2007-08-06 19:39:36 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Dane aplikacji [2007-08-06 19:39:36 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Desktop [2013-11-28 17:39:06 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Desktopversion.txt ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Documents [2013-09-23 14:59:49 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Documents(783) [2011-12-05 20:31:38 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Downloads [2013-11-04 23:04:17 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Favorites [2013-05-31 08:34:55 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Gadu-Gadu [2011-07-02 07:59:27 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Links [2012-01-20 12:24:07 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Menu Start [2007-08-06 19:39:37 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Moje dokumenty [2007-08-06 19:39:36 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Music [2013-09-23 11:48:16 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\NetHood [2007-08-06 19:39:36 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Nowy folder [2013-11-05 19:36:31 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat.LOG1 ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat.LOG2 ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat_previous ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat{0f07cfa5-3091-11e0-9693-0013e821417f}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat{0f07cfa5-3091-11e0-9693-0013e821417f}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat{6e6cdcdc-d307-11df-b29b-0013e821417f}.TM.blf ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat{6e6cdcdc-d307-11df-b29b-0013e821417f}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat{6e6cdcdc-d307-11df-b29b-0013e821417f}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\NTUSER.DAT{d8932e6c-6a6f-11db-b6ab-a038f15a5785}.TxR.0 (2).regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\NTUSER.DAT{d8932e6c-6a6f-11db-b6ab-a038f15a5785}.TxR.1 (2).regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\NTUSER.DAT{d8932e6c-6a6f-11db-b6ab-a038f15a5785}.TxR.2 (2).regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001 (2).regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002 (2).regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat{e994cc5f-5791-11e0-b223-0013e821417f}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat{e994cc5f-5791-11e0-b223-0013e821417f}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat{e994cc5f-5791-11e0-b223-0013e821417f}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat{e994cc5f-5791-11e0-b223-0013e821417f}.TxR.blf ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat{e994cc60-5791-11e0-b223-0013e821417f}.TM.blf ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat{e994cc60-5791-11e0-b223-0013e821417f}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.dat{e994cc60-5791-11e0-b223-0013e821417f}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\ntuser.ini ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\pcmscan.cfg ()
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Pictures [2013-11-11 17:55:48 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\PrintHood [2007-08-06 19:39:36 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Recent [2007-08-06 19:39:36 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Saved Games [2011-03-26 11:29:36 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Searches [2013-09-21 14:50:21 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\SendTo [2007-08-06 19:39:36 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Szablony [2007-08-06 19:39:37 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Ustawienia lokalne [2007-08-06 19:39:37 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Jarek i Ela.JarekiEla-PC\Videos [2011-03-31 21:07:33 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Desktop [2013-11-20 13:20:52 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\Documents [2011-11-22 21:38:26 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Documents(797) [2011-03-25 20:18:46 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Public\Downloads [2011-03-26 11:29:36 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Favorites [2006-11-02 11:23:35 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\Music [2011-03-26 11:29:36 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Music(799) [2011-03-26 11:38:06 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Public\Pictures [2011-03-26 11:29:37 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Videos [2011-03-26 11:29:37 | 000,000,000 | R--D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-100070510-2562720601-106335885-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-100070510-2562720601-106335885-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-100070510-2562720601-106335885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-100070510-2562720601-106335885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-100070510-2562720601-106335885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
O15 - HKU\S-1-5-21-100070510-2562720601-106335885-1000\..Trusted Domains: internet ([]about in Internet)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Tapeta z Galerii fotografii usługi Windows Live.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Tapeta z Galerii fotografii usługi Windows Live.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008-04-24 14:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - I:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007-11-07 16:41:52 | 000,000,047 | R--- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-21-100070510-2562720601-106335885-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-11-26 22:26:43 | 000,000,000 | ---D | C] -- C:\FRST
[2013-11-26 22:17:22 | 000,000,000 | ---D | C] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\Avg2013
[2013-11-26 21:59:18 | 000,000,000 | ---D | C] -- C:\Users\Jarek i Ela.JarekiEla-PC\Desktop\Nowy folder
[2013-11-26 15:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013-11-26 15:29:35 | 000,105,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2013-11-26 11:54:18 | 000,000,000 | ---D | C] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\Adobe
[2013-11-26 11:45:58 | 000,044,424 | R--- | C] (GFI Software) -- C:\Windows\System32\SBBD.EXE
[2013-11-26 11:45:58 | 000,022,064 | R--- | C] (GFI Software) -- C:\Windows\System32\drivers\sbaphd.sys
[2013-11-26 11:45:57 | 000,066,344 | R--- | C] (GFI Software) -- C:\Windows\System32\drivers\sbapifs.sys
[2013-11-25 21:30:48 | 000,070,024 | ---- | C] (VirusBlokAda Ltd.) -- C:\Windows\System32\drivers\z9fahttb.sys
[2013-11-19 14:15:50 | 000,061,328 | R--- | C] (iS3 Inc.) -- C:\Windows\System32\drivers\SZKG.sys
[2013-11-19 14:15:50 | 000,061,328 | R--- | C] (iS3 Inc.) -- C:\Windows\System32\drivers\is3srv.sys
[2013-11-08 20:52:43 | 000,000,000 | ---D | C] -- C:\Users\Jarek i Ela.JarekiEla-PC\Desktop\WOJTUŚ listopad 2013r
[2013-11-05 19:36:12 | 000,000,000 | ---D | C] -- C:\Users\Jarek i Ela.JarekiEla-PC\Nowy folder
[2013-11-02 21:42:23 | 000,000,000 | ---D | C] -- C:\Users\Jarek i Ela.JarekiEla-PC\Desktop\TECZKA MIANOWANEGO
[2013-11-02 09:39:13 | 000,007,668 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\drivers\RKREVEAL150.SYS
[2013-10-30 12:27:12 | 000,000,000 | ---D | C] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\uTorrent
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-11-28 22:45:49 | 000,000,648 | ---- | M] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2013-11-28 22:20:33 | 000,677,982 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2013-11-28 22:20:33 | 000,601,324 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-11-28 22:20:33 | 000,135,002 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2013-11-28 22:20:33 | 000,107,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-11-28 22:15:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-11-28 21:33:02 | 000,002,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013-11-28 21:33:02 | 000,002,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013-11-26 22:21:43 | 316,607,357 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013-11-26 15:29:35 | 000,105,176 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2013-11-26 15:27:53 | 000,075,992 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2013-11-26 11:31:12 | 000,540,203 | ---- | M] () -- C:\Users\Jarek i Ela.JarekiEla-PC\Desktop\PN-89_B-10425-przewody%20dymowe_wentylacyjne.pdf
[2013-11-25 21:30:48 | 000,070,024 | ---- | M] (VirusBlokAda Ltd.) -- C:\Windows\System32\drivers\z9fahttb.sys
[2013-11-19 14:15:56 | 000,066,344 | R--- | M] (GFI Software) -- C:\Windows\System32\drivers\sbapifs.sys
[2013-11-19 14:15:56 | 000,044,424 | R--- | M] (GFI Software) -- C:\Windows\System32\SBBD.EXE
[2013-11-19 14:15:56 | 000,022,064 | R--- | M] (GFI Software) -- C:\Windows\System32\drivers\sbaphd.sys
[2013-11-19 14:15:50 | 000,061,328 | R--- | M] (iS3 Inc.) -- C:\Windows\System32\drivers\SZKG.sys
[2013-11-19 14:15:50 | 000,061,328 | R--- | M] (iS3 Inc.) -- C:\Windows\System32\drivers\is3srv.sys
[2013-11-11 17:58:17 | 000,068,608 | ---- | M] () -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-11-11 13:41:25 | 000,121,813 | ---- | M] () -- C:\Users\Jarek i Ela.JarekiEla-PC\Desktop\D20051459L.pdf
[2013-11-02 09:39:13 | 000,007,668 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\drivers\RKREVEAL150.SYS
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-11-26 22:25:23 | 000,000,648 | ---- | C] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2013-11-26 22:20:28 | 316,607,357 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013-11-26 11:31:11 | 000,540,203 | ---- | C] () -- C:\Users\Jarek i Ela.JarekiEla-PC\Desktop\PN-89_B-10425-przewody%20dymowe_wentylacyjne.pdf
[2013-11-11 13:41:25 | 000,121,813 | ---- | C] () -- C:\Users\Jarek i Ela.JarekiEla-PC\Desktop\D20051459L.pdf
[2013-11-05 19:35:27 | 003,278,632 | ---- | C] () -- C:\Users\Jarek i Ela.JarekiEla-PC\5. Biblia - czytanie ze zrozumieniem z odpowiedziami.pdf
[2012-09-12 19:59:57 | 000,000,875 | ---- | C] () -- C:\Users\Jarek i Ela.JarekiEla-PC\pcmscan.cfg
[2012-04-08 18:07:14 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012-01-07 19:35:05 | 000,167,157 | ---- | C] () -- C:\Windows\hpoins44.dat
[2012-01-07 19:13:48 | 000,167,042 | ---- | C] () -- C:\Windows\hpoins44.dat.temp
[2012-01-07 19:13:48 | 000,000,586 | ---- | C] () -- C:\Windows\hpomdl44.dat.temp
[2011-12-07 18:43:59 | 000,000,000 | ---- | C] () -- C:\Windows\System32\setup_xp.ini
[2011-03-25 20:23:03 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011-03-25 20:23:03 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2010-12-07 18:08:00 | 000,000,112 | ---- | C] () -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\fusioncache.dat
[2009-08-19 14:59:13 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2007-10-06 13:15:22 | 000,031,007 | ---- | C] () -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\UserTile (2).png
[2007-08-06 19:44:26 | 000,068,608 | ---- | C] () -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007-08-06 19:40:51 | 000,080,800 | ---- | C] () -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\GDIPFONTCACHEV1 (2).DAT
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2006-11-02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011-01-21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-03-03 05:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008-01-19 08:36:49 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013-01-31 22:10:45 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013-01-31 22:10:45 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013-09-23 14:58:52 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\AnvSoft
[2011-10-09 16:00:32 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\ArcaVirMicroScan
[2011-03-25 20:30:11 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Ashampoo
[2013-02-21 16:29:32 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\AVG
[2013-08-20 20:38:42 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\AVG2013
[2013-10-26 19:22:58 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Azureus
[2011-03-25 20:31:21 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Azureus(768)
[2013-09-23 14:01:20 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Cool Record Edit Pro
[2011-03-25 20:31:21 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\DesktopSMS
[2011-04-09 10:59:11 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\DriverFinder
[2013-10-25 20:57:47 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\DSite
[2013-03-29 14:25:33 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\efile.epity2012
[2011-03-25 20:31:21 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\ESET
[2013-06-27 09:14:45 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\ExpressFiles
[2013-09-23 14:02:35 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Free Sound Recorder
[2011-03-25 20:31:22 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\InterVideo
[2013-06-27 09:05:49 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\iPumper
[2009-08-30 08:55:56 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\PeerNetworking
[2013-05-30 19:40:59 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\pl.ydp.maturarom.jezykpolski
[2013-05-30 19:32:53 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\pl.ydp.maturarom.jezykpolski2
[2013-02-25 16:57:17 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Podatnik.info
[2011-04-09 11:06:53 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\RegGenie
[2012-05-29 13:44:58 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Rovio
[2011-03-25 20:32:04 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\toshiba
[2013-02-21 16:08:28 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\TuneUp Software
[2011-03-26 11:29:35 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Ulead Systems
[2011-03-25 20:32:09 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Ulead Systems(780)
[2011-03-25 20:32:09 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Uniblue
[2013-11-10 23:44:27 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\uTorrent
[2011-06-12 20:29:34 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\VULCAN
[2012-09-20 11:58:39 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\wargaming.net
[2013-05-30 19:28:31 | 000,000,000 | ---D | M] -- C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\YDP
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:2A81F9CE
@Alternate Data Stream - 235 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:8CE646EE

< End of report >