OTL logfile created on: 1/20/2014 5:25:32 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000409 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 5.87 Gb Total Physical Memory | 3.48 Gb Available Physical Memory | 59.29% Memory free 11.73 Gb Paging File | 8.80 Gb Available in Paging File | 74.99% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 904.37 Gb Total Space | 775.78 Gb Free Space | 85.78% Space Free | Partition Type: NTFS Drive D: | 27.05 Gb Total Space | 0.26 Gb Free Space | 0.95% Space Free | Partition Type: NTFS Computer Name: USER-HP | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014/01/19 13:29:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\OTL.exe PRC - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/12/20 16:45:32 | 000,807,696 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe PRC - [2013/12/20 16:44:22 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe PRC - [2013/12/20 16:43:48 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe PRC - [2013/12/20 16:43:44 | 000,367,376 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe PRC - [2013/12/20 16:43:34 | 000,261,392 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe PRC - [2013/12/20 16:43:30 | 000,377,616 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-Network.exe PRC - [2013/12/17 12:03:22 | 000,046,904 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe PRC - [2013/12/12 22:19:45 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013/12/12 22:19:45 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2013/08/20 12:41:48 | 000,226,824 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTune.exe PRC - [2013/08/20 10:28:58 | 000,078,616 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe PRC - [2013/07/17 11:40:22 | 000,142,856 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTHelper.exe PRC - [2013/07/17 11:40:22 | 000,120,328 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTuneSrvc.exe PRC - [2013/01/31 10:28:36 | 000,310,864 | ---- | M] (337 Technology Limited.) -- C:\Program Files (x86)\QType\QtypeSvc.exe PRC - [2012/11/15 16:29:02 | 000,139,632 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe PRC - [2012/09/13 00:38:44 | 000,204,136 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe PRC - [2012/09/13 00:38:20 | 000,264,040 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe PRC - [2012/07/16 15:31:32 | 007,445,416 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe PRC - [2012/07/16 15:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012/07/16 15:22:42 | 000,106,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe PRC - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2010/10/22 23:21:52 | 001,121,304 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe PRC - [2010/09/04 01:33:10 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe PRC - [2010/08/06 01:08:52 | 000,020,480 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe PRC - [2010/08/06 01:08:38 | 000,016,384 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe PRC - [2010/07/30 23:03:34 | 000,432,752 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\OSDManager.exe PRC - [2010/07/30 23:03:22 | 001,600,112 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\dthtml.exe PRC - [2010/04/28 13:31:46 | 000,541,185 | ---- | M] (PS Soft Lab) -- C:\Program Files (x86)\PS Tray Factory\PSTrayFactory.exe PRC - [2010/04/23 21:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe PRC - [2010/02/11 19:07:54 | 000,710,656 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE PRC - [2009/10/01 05:02:50 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009/10/01 05:02:48 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009/07/02 23:58:40 | 000,406,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014/01/11 13:56:29 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\61cc4898fcd0b96a990e2751cbfdfa38\HD-Agent.ni.exe MOD - [2014/01/11 13:56:21 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\6228b782a5fd3efaccdb2af0f7f1183e\JSON.ni.dll MOD - [2014/01/11 11:29:21 | 000,399,640 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll MOD - [2014/01/11 11:29:17 | 004,055,320 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll MOD - [2014/01/11 11:28:15 | 000,715,544 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\32.0.1700.76\libglesv2.dll MOD - [2014/01/11 11:28:14 | 000,100,120 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\32.0.1700.76\libegl.dll MOD - [2014/01/11 11:28:11 | 001,634,584 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll MOD - [2013/12/12 22:19:45 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll MOD - [2013/12/12 18:23:45 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\6c422db78c17838c3eb9f9fcc01ca63f\System.Management.ni.dll MOD - [2013/12/12 18:23:41 | 001,079,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\51ffeacb880d9c15fecc1c74f83e8973\System.IdentityModel.ni.dll MOD - [2013/12/12 18:23:40 | 018,109,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\60608b811724b2711cb96817043c4dd8\System.ServiceModel.ni.dll MOD - [2013/12/12 18:22:32 | 002,906,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\7a2dfdf44f0610b43e65f28a1448f110\ReachFramework.ni.dll MOD - [2013/12/12 18:22:28 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll MOD - [2013/12/12 18:22:16 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\10ef07233e429503b5bc942aa6194fe8\System.Runtime.DurableInstancing.ni.dll MOD - [2013/12/12 18:22:15 | 002,659,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll MOD - [2013/12/12 18:22:15 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\af7d7a2e47e0ac57b4f0fe5e0c1cda9a\SMDiagnostics.ni.dll MOD - [2013/12/12 18:22:13 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f58dc6b661c4fb91c68945da9b701135\System.Xml.Linq.ni.dll MOD - [2013/12/12 17:36:09 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll MOD - [2013/12/12 16:44:51 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll MOD - [2013/12/12 16:44:22 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll MOD - [2013/12/12 16:44:16 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll MOD - [2013/12/12 16:44:01 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll MOD - [2013/12/12 16:43:56 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll MOD - [2013/12/12 16:43:55 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll MOD - [2013/12/12 00:47:43 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\464a76a3fdc9ee7456cb4baaea3e503a\PresentationFramework.ni.dll MOD - [2013/12/12 00:47:32 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b5b66869081b909d238fdea083cf3179\PresentationCore.ni.dll MOD - [2013/12/12 00:47:30 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll MOD - [2013/12/12 00:47:29 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e40d894a772b2cff5ffd5a84ef20d2d4\System.Windows.Forms.ni.dll MOD - [2013/12/12 00:47:26 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll MOD - [2013/12/12 00:47:25 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll MOD - [2013/12/12 00:47:21 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0b37b2bafc33ef52282b9d7b217cabaf\WindowsBase.ni.dll MOD - [2013/12/12 00:47:21 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\228b114c79c5d9024bdb4cc580e32c09\PresentationFramework.Aero.ni.dll MOD - [2013/12/12 00:47:20 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll MOD - [2013/12/12 00:47:17 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll MOD - [2013/07/13 11:19:48 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll MOD - [2013/07/13 02:05:27 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll MOD - [2012/09/13 00:39:18 | 000,336,232 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll MOD - [2012/09/13 00:38:52 | 007,955,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll MOD - [2012/09/13 00:38:52 | 000,341,352 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll MOD - [2012/09/13 00:38:52 | 000,127,336 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll MOD - [2012/09/13 00:38:52 | 000,028,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll MOD - [2012/09/13 00:38:44 | 002,144,104 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll MOD - [2012/09/13 00:38:20 | 000,264,040 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe MOD - [2012/01/17 16:21:12 | 000,068,104 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP My Display\PEGAACPIDLL.dll MOD - [2010/11/13 03:37:37 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/11/05 02:54:51 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pl_b77a5c561934e089\System.resources.dll MOD - [2010/07/30 22:50:36 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll MOD - [2009/07/02 23:58:40 | 000,406,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2013/12/12 22:19:45 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2012/04/24 19:38:30 | 000,318,464 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV) SRV:[b]64bit:[/b] - [2010/11/17 14:11:42 | 000,107,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service) SRV:[b]64bit:[/b] - [2010/10/06 06:51:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2010/08/06 04:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc) SRV:[b]64bit:[/b] - [2010/07/21 22:46:28 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b]64bit:[/b] - [2009/03/02 17:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters) SRV - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/12/20 16:44:22 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc) SRV - [2013/12/20 16:43:48 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc) SRV - [2013/12/17 12:03:22 | 000,046,904 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService) SRV - [2013/12/15 10:10:48 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/11/09 01:08:52 | 000,227,936 | ---- | M] (WildTangent) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService) SRV - [2013/11/04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service) SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2013/07/17 11:40:22 | 000,120,328 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTuneSrvc.exe -- (DTuneSrvc) SRV - [2013/01/31 10:28:36 | 000,310,864 | ---- | M] (337 Technology Limited.) [Auto | Running] -- C:\Program Files (x86)\QType\QtypeSvc.exe -- (qtypesvc) SRV - [2012/11/15 16:29:02 | 000,139,632 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC) SRV - [2012/07/16 15:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2010/11/20 13:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2010/11/20 13:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2010/11/20 13:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2010/10/22 23:21:52 | 001,121,304 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher) SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010/08/06 01:08:38 | 000,016,384 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService) SRV - [2010/03/18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/10/01 05:02:50 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2009/10/01 05:02:48 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2013/12/20 20:48:03 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2013/12/12 22:19:46 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2013/12/12 22:19:46 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2013/12/12 22:19:46 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:[b]64bit:[/b] - [2013/12/12 22:19:46 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2013/12/12 22:19:46 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:[b]64bit:[/b] - [2013/12/12 22:19:46 | 000,065,264 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2013/12/12 22:19:46 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b]64bit:[/b] - [2013/12/12 22:19:45 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2013/02/05 22:06:06 | 000,057,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2012/09/21 20:04:22 | 004,763,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) DRV:[b]64bit:[/b] - [2012/09/21 20:04:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:[b]64bit:[/b] - [2012/05/29 14:53:30 | 000,027,456 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cpqdfw.sys -- (CpqDfw) DRV:[b]64bit:[/b] - [2012/04/24 19:38:30 | 000,536,576 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011/11/11 21:18:10 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010/11/11 05:01:20 | 001,212,416 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerAVF2.sys -- (AVerAVF2) DRV:[b]64bit:[/b] - [2010/11/06 09:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2010/10/06 07:23:18 | 007,884,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2010/10/06 06:15:14 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2010/09/21 00:39:06 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010/09/04 01:33:22 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:[b]64bit:[/b] - [2010/07/20 07:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2010/07/20 07:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2010/07/20 07:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2010/07/14 00:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:[b]64bit:[/b] - [2010/07/13 13:57:08 | 000,069,736 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir) DRV:[b]64bit:[/b] - [2010/03/02 08:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2010/01/22 20:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:[b]64bit:[/b] - [2010/01/22 20:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:[b]64bit:[/b] - [2009/09/17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2013/12/20 16:44:10 | 000,114,448 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyCzz0AtA0CyEtA0FyByB0C0ByB0FyD0CtN0D0Tzu0CtByEyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1626845989 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{2938DCB1-22E7-FA29-D40C-48C2B1A63147}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyCzz0AtA0CyEtA0FyByB0C0ByB0FyD0CtN0D0Tzu0CtByEyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1626845989 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1561679157-2717032906-122649870-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKU\S-1-5-21-1561679157-2717032906-122649870-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-21-1561679157-2717032906-122649870-1000\..\SearchScopes,Backup.Old.DefaultScope = {E3062F69-6D00-4743-A0A9-A8BB52C4AD6D} IE - HKU\S-1-5-21-1561679157-2717032906-122649870-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1561679157-2717032906-122649870-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKU\S-1-5-21-1561679157-2717032906-122649870-1000\..\SearchScopes\{2938DCB1-22E7-FA29-D40C-48C2B1A63147}: "URL" = http://search.softonic.com/MON00085/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=639 IE - HKU\S-1-5-21-1561679157-2717032906-122649870-1000\..\SearchScopes\{E3062F69-6D00-4743-A0A9-A8BB52C4AD6D}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyCzz0AtA0CyEtA0FyByB0C0ByB0FyD0CtN0D0Tzu0CtByEyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1626845989 IE - HKU\S-1-5-21-1561679157-2717032906-122649870-1000\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox IE - HKU\S-1-5-21-1561679157-2717032906-122649870-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: c:\Program Files (x86)\Virtual Earth 3D\ [2013/05/03 12:23:30 | 000,000,000 | ---D | M] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: c:\Program Files (x86)\Virtual Earth 3D\ [2013/05/03 12:23:30 | 000,000,000 | ---D | M] FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) [2012/07/28 00:00:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [color=#E56717]========== Chrome ==========[/color] CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45\ CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippenodjaoidmkkfdlmdhofiebnpjddb\1.0.0\ CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771\ O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b]64bit:[/b] - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe (Hewlett-Packard ) O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.) O4 - HKLM..\Run: [DT HPO] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe () O4 - HKLM..\Run: [DT_HPO] C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTuneStartup.exe (Hewlett-Packard) O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [HP KEYBOARDx] C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE (Hewlett-Packard) O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc) O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TrayFactory] C:\Program Files (x86)\PS Tray Factory\PSTrayFactory.EXE (PS Soft Lab) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1561679157-2717032906-122649870-1000..\Run: [TrayFactory] C:\Program Files (x86)\PS Tray Factory\PSTrayFactory.exe (PS Soft Lab) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-1561679157-2717032906-122649870-1000..\RunOnce: [PSTF] C:\Program Files (x86)\PS Tray Factory\PSTrayFactory.exe (PS Soft Lab) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKU\S-1-5-21-1561679157-2717032906-122649870-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1561679157-2717032906-122649870-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKU\S-1-5-21-1561679157-2717032906-122649870-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:[b]64bit:[/b] - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b]64bit:[/b] - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O9:[b]64bit:[/b] - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16:[b]64bit:[/b] - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.251.160.14 94.251.182.11 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0925FC09-A7CD-4A5E-8884-3593D99C43F5}: DhcpNameServer = 94.251.160.14 94.251.182.11 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F4DD862-823A-4E78-9255-322A273ADDA7}: DhcpNameServer = 194.204.152.34 194.204.159.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{9dc75cf8-6982-11e3-8668-60eb69fd9fcb}\Shell - "" = AutoRun O33 - MountPoints2\{9dc75cf8-6982-11e3-8668-60eb69fd9fcb}\Shell\AutoRun\command - "" = G:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014/01/20 17:08:51 | 000,000,000 | ---D | C] -- C:\FRST [2014/01/19 13:39:11 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2014/01/19 13:30:44 | 000,000,000 | ---D | C] -- C:\_OTL [2014/01/18 18:17:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView [2014/01/18 16:30:04 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage [2014/01/18 16:29:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Portrait_Displays [2014/01/18 16:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools [2014/01/18 16:28:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2014/01/18 09:25:15 | 000,000,000 | ---D | C] -- C:\Windows\pss [2014/01/18 09:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2014/01/18 09:16:08 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2014/01/18 08:46:00 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Stardock [2014/01/18 08:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\{345977C2-5084-446C-9181-6AB4FF7DBA08} [2014/01/18 08:45:57 | 000,000,000 | ---D | C] -- C:\Program Files\Stardock [2014/01/18 08:45:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Stardock [2014/01/18 08:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock [2014/01/18 08:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\{9A791F26-7B69-4170-878D-72038B71C39D} [2014/01/18 08:44:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Stardock [2014/01/18 08:44:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stardock [2014/01/17 19:42:01 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Notes [2014/01/17 19:18:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Malwarebytes [2014/01/17 19:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2014/01/17 19:18:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2014/01/16 16:54:14 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\IrfanView [2014/01/16 16:54:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView [2014/01/16 16:27:36 | 000,000,000 | ---D | C] -- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} [2014/01/15 20:05:58 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2014/01/15 20:05:58 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2014/01/15 20:05:57 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2014/01/11 13:53:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks [2014/01/11 13:53:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks [2014/01/06 10:50:55 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache [2014/01/06 10:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compedia Multimedia [2014/01/06 10:49:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Compedia [2014/01/01 18:46:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader [2014/01/01 18:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2014/01/01 18:46:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2014/01/01 18:45:57 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2014/01/01 18:45:57 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2014/01/01 18:45:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2014/01/01 18:45:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2014/01/01 18:45:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2014/01/01 18:45:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2014/01/01 15:45:28 | 002,879,488 | ---- | C] (© 2013 NaukaDlaDzieci.net) -- C:\Users\user\Desktop\malymalarz_14(dobreprogramy.pl).exe [2014/01/01 13:34:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Canon Easy-PhotoPrint EX [2014/01/01 13:34:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2 [2014/01/01 13:34:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP [2014/01/01 12:56:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMIG [2014/01/01 12:56:00 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Canon [2014/01/01 12:55:26 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\wydruk [2013/12/27 17:06:54 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile [2013/12/26 19:52:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013/12/26 19:52:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013/12/24 12:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter [2013/12/24 12:34:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AC3Filter [2013/12/23 20:38:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\gtk-2.0 [2013/12/23 20:24:10 | 000,000,000 | ---D | C] -- C:\Users\user\.thumbnails [2013/12/23 20:19:10 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\fontconfig [2013/12/23 20:19:09 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\gegl-0.2 [2013/12/23 20:19:09 | 000,000,000 | ---D | C] -- C:\Users\user\.gimp-2.8 [2013/12/23 20:09:25 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2013/12/22 22:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo [2013/12/22 22:13:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Ashampoo [2013/12/22 22:13:33 | 000,034,304 | ---- | C] (mst software GmbH, Germany) -- C:\Windows\SysNative\DfSdkBt.exe [2013/12/22 22:13:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014/01/20 17:10:19 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014/01/20 17:10:19 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014/01/20 17:10:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014/01/20 17:01:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014/01/20 17:01:09 | 429,215,743 | -HS- | M] () -- C:\hiberfil.sys [2014/01/19 21:30:26 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1561679157-2717032906-122649870-1000UA.job [2014/01/19 13:41:02 | 000,001,185 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\22find.lnk [2014/01/19 13:41:02 | 000,001,134 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2014/01/18 23:30:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1561679157-2717032906-122649870-1000Core.job [2014/01/18 18:17:29 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\IrfanView Thumbnails.lnk [2014/01/18 18:17:29 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\IrfanView.lnk [2014/01/18 16:52:54 | 000,007,174 | ---- | M] () -- C:\Users\user\AppData\Local\recently-used.xbel [2014/01/18 16:41:42 | 000,002,083 | ---- | M] () -- C:\Users\Public\Desktop\HP Picture in Picture.lnk [2014/01/18 16:03:48 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForuser.job [2014/01/18 09:26:37 | 000,012,442 | ---- | M] () -- C:\Users\user\Documents\cc_20140118_092633.reg [2014/01/18 09:17:36 | 000,015,610 | ---- | M] () -- C:\Users\user\Documents\cc_20140118_091732.reg [2014/01/18 09:16:10 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2014/01/18 09:11:57 | 000,001,968 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2014/01/16 15:46:38 | 000,306,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014/01/13 22:10:21 | 000,000,536 | ---- | M] () -- C:\Users\user\Documents\cc_20140113_221019.reg [2014/01/11 13:54:46 | 000,001,821 | ---- | M] () -- C:\Users\Public\Desktop\Apps.lnk [2014/01/11 13:54:30 | 000,001,769 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk [2014/01/10 20:02:57 | 001,837,384 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014/01/10 20:02:57 | 000,803,362 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2014/01/10 20:02:57 | 000,710,302 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014/01/10 20:02:57 | 000,181,916 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2014/01/10 20:02:57 | 000,140,798 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014/01/09 22:06:11 | 000,147,756 | ---- | M] () -- C:\Users\user\Documents\FV_1063250_151.pdf [2014/01/06 10:49:52 | 000,001,261 | ---- | M] () -- C:\Users\Public\Desktop\Leniuchowo - Słodycze sportowców.lnk [2014/01/06 10:49:51 | 000,000,148 | ---- | M] () -- C:\Windows\compedia.ini [2014/01/03 21:10:33 | 000,106,064 | ---- | M] () -- C:\Users\user\Documents\faktura kablówka.pdf [2014/01/02 21:58:05 | 000,008,278 | ---- | M] () -- C:\Users\user\Documents\cc_20140102_215801.reg [2014/01/02 21:53:39 | 000,000,116 | ---- | M] () -- C:\Users\user\Desktop\RMF LOVE.url [2014/01/02 16:51:50 | 002,442,053 | ---- | M] () -- C:\Users\user\Desktop\dlababci(1).mp3 [2014/01/01 18:46:25 | 000,000,998 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk [2014/01/01 18:45:50 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2014/01/01 18:45:50 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2014/01/01 18:45:50 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2014/01/01 18:45:49 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2014/01/01 15:55:43 | 001,076,454 | ---- | M] () -- C:\Users\user\Documents\ms.bmp [2014/01/01 15:45:26 | 002,879,488 | ---- | M] (© 2013 NaukaDlaDzieci.net) -- C:\Users\user\Desktop\malymalarz_14(dobreprogramy.pl).exe [2014/01/01 13:34:29 | 000,001,888 | ---- | M] () -- C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk [2013/12/29 12:05:01 | 000,011,264 | ---- | M] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/12/27 17:07:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf [2013/12/27 12:29:45 | 000,000,031 | ---- | M] () -- C:\Windows\progress [2013/12/26 19:52:59 | 000,002,699 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2013/12/26 19:51:39 | 000,009,005 | ---- | M] () -- C:\Users\user\Desktop\hasła.odt [2013/12/24 12:32:40 | 000,001,171 | -H-- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk [2013/12/24 12:32:40 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk [2013/12/23 20:48:27 | 000,010,535 | ---- | M] () -- C:\Users\user\Documents\dane komputera.odt [2013/12/23 16:06:39 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\One-Click Optimizer.job [2013/12/22 22:13:42 | 000,002,184 | ---- | M] () -- C:\Users\Public\Desktop\1-Click-Optimizer (WO9).lnk [2013/12/22 22:13:42 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo WinOptimizer 9.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014/01/18 18:17:29 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\IrfanView Thumbnails.lnk [2014/01/18 18:17:29 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\IrfanView.lnk [2014/01/18 16:52:54 | 000,007,174 | ---- | C] () -- C:\Users\user\AppData\Local\recently-used.xbel [2014/01/18 09:26:36 | 000,012,442 | ---- | C] () -- C:\Users\user\Documents\cc_20140118_092633.reg [2014/01/18 09:17:34 | 000,015,610 | ---- | C] () -- C:\Users\user\Documents\cc_20140118_091732.reg [2014/01/18 09:16:10 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2014/01/13 22:10:20 | 000,000,536 | ---- | C] () -- C:\Users\user\Documents\cc_20140113_221019.reg [2014/01/11 13:54:46 | 000,001,821 | ---- | C] () -- C:\Users\Public\Desktop\Apps.lnk [2014/01/11 13:54:30 | 000,001,769 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk [2014/01/09 22:06:11 | 000,147,756 | ---- | C] () -- C:\Users\user\Documents\FV_1063250_151.pdf [2014/01/06 10:49:52 | 000,001,261 | ---- | C] () -- C:\Users\Public\Desktop\Leniuchowo - Słodycze sportowców.lnk [2014/01/06 10:49:51 | 000,000,148 | ---- | C] () -- C:\Windows\compedia.ini [2014/01/03 21:10:33 | 000,106,064 | ---- | C] () -- C:\Users\user\Documents\faktura kablówka.pdf [2014/01/02 21:58:03 | 000,008,278 | ---- | C] () -- C:\Users\user\Documents\cc_20140102_215801.reg [2014/01/02 21:53:22 | 000,000,116 | ---- | C] () -- C:\Users\user\Desktop\RMF LOVE.url [2014/01/02 16:51:51 | 002,442,053 | ---- | C] () -- C:\Users\user\Desktop\dlababci(1).mp3 [2014/01/01 18:46:25 | 000,000,998 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk [2014/01/01 15:55:43 | 001,076,454 | ---- | C] () -- C:\Users\user\Documents\ms.bmp [2014/01/01 13:34:29 | 000,001,888 | ---- | C] () -- C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk [2013/12/27 17:07:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf [2013/12/27 17:07:12 | 000,002,419 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk [2013/12/26 19:52:59 | 000,002,699 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2013/12/26 19:49:06 | 000,009,005 | ---- | C] () -- C:\Users\user\Desktop\hasła.odt [2013/12/24 12:34:22 | 001,202,688 | ---- | C] () -- C:\Windows\SysNative\ac3filter64.acm [2013/12/24 12:34:22 | 000,965,120 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.acm [2013/12/23 20:46:45 | 000,010,535 | ---- | C] () -- C:\Users\user\Documents\dane komputera.odt [2013/12/23 20:09:57 | 000,000,896 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk [2013/12/22 22:13:53 | 000,000,402 | ---- | C] () -- C:\Windows\tasks\One-Click Optimizer.job [2013/12/22 22:13:42 | 000,002,184 | ---- | C] () -- C:\Users\Public\Desktop\1-Click-Optimizer (WO9).lnk [2013/12/22 22:13:42 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo WinOptimizer 9.lnk [2013/12/22 09:40:29 | 000,011,264 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/12/14 13:05:45 | 000,000,706 | ---- | C] () -- C:\Windows\unins000.dat [2012/11/19 12:58:36 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\HPPA.ini [2012/09/21 20:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012/09/21 20:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012/09/21 20:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2012/09/01 15:45:02 | 000,001,095 | ---- | C] () -- C:\Users\user\Dokumenty — skrót.lnk [2012/07/27 20:58:08 | 000,007,620 | ---- | C] () -- C:\Users\user\AppData\Local\Resmon.ResmonCfg [2012/07/26 15:52:08 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2013/05/24 10:50:32 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\DisplayTune [2013/05/24 10:51:31 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\PictureMover [2014/01/16 20:47:59 | 000,000,000 | ---D | M] -- C:\Users\OGÓLNE\AppData\Roaming\AVAST Software [2014/01/16 20:47:58 | 000,000,000 | ---D | M] -- C:\Users\OGÓLNE\AppData\Roaming\DisplayTune [2014/01/16 21:45:02 | 000,000,000 | ---D | M] -- C:\Users\OGÓLNE\AppData\Roaming\PictureMover [2013/12/16 19:50:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Ambient Design [2013/12/12 22:21:05 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVAST Software [2014/01/01 12:56:41 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Canon [2013/12/28 10:12:52 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DAEMON Tools Lite [2012/07/26 15:55:40 | 000,000,000 | -H-D | M] -- C:\Users\user\AppData\Roaming\DisplayTune [2012/07/28 00:20:55 | 000,000,000 | -H-D | M] -- C:\Users\user\AppData\Roaming\Gadu-Gadu 10 [2013/02/23 17:52:51 | 000,000,000 | -H-D | M] -- C:\Users\user\AppData\Roaming\GoPlayer [2014/01/18 18:17:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\IrfanView [2013/05/03 12:21:10 | 000,000,000 | -H-D | M] -- C:\Users\user\AppData\Roaming\iSpy [2012/11/19 12:29:36 | 000,000,000 | -H-D | M] -- C:\Users\user\AppData\Roaming\iSpyServer [2013/03/09 18:14:59 | 000,000,000 | -H-D | M] -- C:\Users\user\AppData\Roaming\Leadertech [2013/05/03 12:21:15 | 000,000,000 | -H-D | M] -- C:\Users\user\AppData\Roaming\OpenFM [2013/12/13 15:54:09 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\OpenOffice [2013/05/03 12:23:28 | 000,000,000 | -H-D | M] -- C:\Users\user\AppData\Roaming\PictureMover [2014/01/18 08:46:00 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Stardock [2013/05/03 12:23:28 | 000,000,000 | -H-D | M] -- C:\Users\user\AppData\Roaming\TeamViewer [2014/01/02 21:57:39 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\uTorrent [2013/12/13 19:58:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WildTangent [2012/08/08 23:07:56 | 000,000,000 | -H-D | M] -- C:\Users\user\AppData\Roaming\WinBatch [2014/01/02 17:09:01 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Windows Live Writer [2013/12/14 22:48:58 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\_MDLogs [color=#E56717]========== Purity Check ==========[/color] < End of report >