OTL logfile created on: 8/7/2014 4:23:07 PM - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Windows\win32\win\Do walki z wirusami Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2.00 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 56.33% Memory free 4.00 Gb Paging File | 2.94 Gb Available in Paging File | 73.63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 60.00 Gb Total Space | 14.59 Gb Free Space | 24.32% Space Free | Partition Type: NTFS Drive D: | 92.87 Gb Total Space | 23.36 Gb Free Space | 25.15% Space Free | Partition Type: NTFS Computer Name: ELA-KOMPUTER | User Name: Maaciek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 1 Day [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-08-04 15:00:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Windows\win32\win\Do walki z wirusami\OTL.exe PRC - [2014-02-11 18:08:58 | 002,288,928 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe PRC - [2014/07/31 20:30:08 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe PRC - [2014/07/30 13:07:15 | 000,106,488 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe PRC - [2014/07/30 10:18:08 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe PRC - [2014/03/04 14:34:44 | 000,943,048 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2014/03/04 13:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2014/01/14 15:50:06 | 000,881,952 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe PRC - [2013/10/25 13:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe PRC - [2013/10/16 01:06:12 | 001,016,712 | ---- | M] (Flux Software LLC) -- C:\Users\Maaciek\AppData\Local\FluxSoftware\Flux\flux.exe PRC - [2013/01/08 22:15:30 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-07-30 10:18:12 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll MOD - [2014-07-30 10:18:10 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll MOD - [2013-01-15 19:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 7\webres.dll MOD - [2011-03-17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2010-10-20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2014-07-30 23:30:07 | 000,119,408 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-07-30 13:07:15 | 000,106,488 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall) SRV - [2014-07-30 10:18:08 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2014-06-03 18:18:39 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2014-03-04 13:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2014-02-22 15:05:57 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService) SRV - [2014-01-14 15:50:06 | 000,881,952 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7) SRV - [2013-12-18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013-11-22 13:36:18 | 000,105,448 | ---- | M] (Razer Inc.) [Disabled | Stopped] -- C:\Program Files\Razer\Razer Game Booster\RzKLService.exe -- (RzKLService) SRV - [2013-11-11 18:19:48 | 000,341,824 | ---- | M] (IObit) [Disabled | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice) SRV - [2013-10-25 13:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc) SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-08-28 23:47:18 | 000,563,624 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013-07-13 13:18:36 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013-05-29 08:42:00 | 004,467,488 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2013-02-04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2012-09-20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2011-08-12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE) SRV - [2011-06-26 21:52:32 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009-08-03 01:05:24 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2014-08-07 16:20:00 | 000,110,296 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV - [2014-08-04 16:03:54 | 000,026,328 | ---- | M] (Sony Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsomc.sys -- (ggsomc) DRV - [2014-08-04 16:03:54 | 000,013,528 | ---- | M] (Sony Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt) DRV - [2014-08-03 16:26:34 | 000,030,976 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro37.sys -- (hitmanpro37) DRV - [2014-07-30 13:08:38 | 000,414,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP) DRV - [2014-07-30 13:07:21 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd) DRV - [2014-07-30 13:07:15 | 000,270,752 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdisFlt.sys -- (aswNdisFlt) DRV - [2014-07-30 10:18:19 | 000,779,536 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2014-07-30 10:18:19 | 000,192,352 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2014-07-30 10:18:19 | 000,071,944 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm) DRV - [2014-07-30 10:18:19 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2014-07-30 10:18:19 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2014-07-30 10:18:19 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid) DRV - [2014-07-30 10:18:18 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr) DRV - [2014-05-12 07:26:08 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl) DRV - [2014-05-12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2014-03-28 15:40:46 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb) DRV - [2014-03-28 15:24:20 | 000,074,240 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetndis.sys -- (andnetndis) DRV - [2014-03-28 15:22:50 | 000,027,776 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetmodem.sys -- (ANDNetModem) DRV - [2014-03-28 15:22:50 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetdiag.sys -- (AndNetDiag) DRV - [2014-03-04 16:29:02 | 010,523,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2014-01-22 16:52:25 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013-11-28 15:38:19 | 000,162,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2013-11-19 17:10:38 | 000,032,288 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys -- (RegFilter) DRV - [2013-11-19 17:10:38 | 000,020,944 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys -- (UrlFilter) DRV - [2013-10-07 18:44:01 | 000,097,792 | ---- | M] (Protect Software GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ACEDRV05.sys -- (ACEDRV05) DRV - [2013-10-02 02:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2013-05-22 19:49:34 | 000,015,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver) DRV - [2013-03-23 16:49:20 | 000,021,480 | ---- | M] (IObit) [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys -- (FileMonitor) DRV - [2012-08-23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2011-12-30 21:06:18 | 000,685,816 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2011-07-29 14:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv) DRV - [2011-07-29 14:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2011-07-22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011-07-12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2011-06-11 20:50:10 | 000,072,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Cheat Engine 6.1\dbk32.sys -- (CEDRIVER60) DRV - [2011-04-12 11:46:00 | 000,013,824 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HPub4DE3.sys -- (HPub4DE3) DRV - [2011-03-09 10:44:52 | 000,020,992 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HPMo4DE3.sys -- (HPMo4DE3) DRV - [2011-02-09 15:03:00 | 000,011,832 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-04-19 07:43:57 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009-07-14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2009-07-14 00:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009-07-01 21:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt) DRV - [2009-06-29 05:52:06 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) DRV - [2005-08-30 03:47:38 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_bus.sys -- (ssm_bus) DRV - [2004-12-29 02:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\npptNT2.sys -- (NPPTNT2) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{AB7E738E-D9E0-4E59-A84F-475BC00BD4FE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2744727062-2866847131-1637843027-1011\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com [binary data] IE - HKU\S-1-5-21-2744727062-2866847131-1637843027-1011\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com IE - HKU\S-1-5-21-2744727062-2866847131-1637843027-1011\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-2744727062-2866847131-1637843027-1011\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename,: "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.order.1,: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.selectedEngine,: "" FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0 FF - prefs.js..keyword.URL: "" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.) FF - HKLM\Software\MozillaPlugins\@IObit.com/np_Asc_Plugin: C:\Program Files\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll (IObit) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: D:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\@vividas.com/npVividasPlayer: C:\Program Files\Vividas\Player\npVividasPlayer.dll ( ) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Maaciek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-30 13:07:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014-02-22 19:14:42 | 000,000,000 | ---D | M] [2013-09-26 17:04:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maaciek\AppData\Roaming\mozilla\Extensions [2014-08-03 22:33:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maaciek\AppData\Roaming\mozilla\Firefox\Profiles\h6wlrabr.default\extensions [2014-03-19 20:14:14 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Maaciek\AppData\Roaming\mozilla\Firefox\Profiles\h6wlrabr.default\extensions\ascsurfingprotection@iobit.com [2014-08-07 16:16:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013-10-04 18:53:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014-07-30 23:30:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012-10-26 13:42:36 | 000,172,032 | ---- | M] (vShare.tv) -- C:\Program Files\mozilla firefox\plugins\npffvsharetvplg.dll [color=#E56717]========== Chrome ==========[/color] CHR - homepage: CHR - plugin: Error reading preferences file CHR - Extension: Dokumenty Google = C:\Users\Maaciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\ CHR - Extension: Dysk Google = C:\Users\Maaciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Maaciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\ CHR - Extension: YouTube = C:\Users\Maaciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Adblock Plus = C:\Users\Maaciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\ CHR - Extension: Szukaj w Google = C:\Users\Maaciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: avast! Online Security = C:\Users\Maaciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2022.121_0\ CHR - Extension: Google Wallet = C:\Users\Maaciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: Gmail = C:\Users\Maaciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2014-08-03 23:27:34 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) O4 - HKU\S-1-5-21-2744727062-2866847131-1637843027-1011..\Run: [Advanced SystemCare 7] C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe (IObit) O4 - HKU\S-1-5-21-2744727062-2866847131-1637843027-1011..\Run: [F.lux] C:\Users\Maaciek\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC) O4 - HKU\S-1-5-21-2744727062-2866847131-1637843027-1011..\Run: [GarenaPlus] C:\Program Files\Garena Plus\GarenaMessenger.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2744727062-2866847131-1637843027-1011\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2744727062-2866847131-1637843027-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2744727062-2866847131-1637843027-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.55.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F12CE70-9157-405A-AE1D-D735C2891407}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2092249-E198-46C5-A2DF-FF16CE8CB2CA}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 1 Day ==========[/color] [color=#E56717]========== Files - Modified Within 1 Day ==========[/color] [2014-08-07 16:27:32 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-08-07 16:27:32 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-08-07 16:20:00 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\MBAMSwissArmy.sys [2014-08-07 16:19:06 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT [2014-08-07 16:18:47 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2014-08-07 16:18:39 | 1609,965,568 | -HS- | M] () -- C:\hiberfil.sys [2014-08-07 16:17:47 | 015,548,416 | ---- | M] () -- C:\Users\Maaciek\NTUSER.DAT [2014-08-07 13:34:02 | 002,628,110 | -H-- | M] () -- C:\Users\Maaciek\AppData\Local\IconCache.db [2014-08-07 12:40:39 | 000,004,069 | ---- | M] () -- C:\Users\Maaciek\Desktop\problem z WiFi.png [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-08-07 12:40:38 | 000,004,069 | ---- | C] () -- C:\Users\Maaciek\Desktop\problem z WiFi.png [2014-08-04 12:01:32 | 015,548,416 | ---- | C] () -- C:\Users\Maaciek\NTUSER.DAT [2014-08-04 01:24:56 | 002,628,110 | -H-- | C] () -- C:\Users\Maaciek\AppData\Local\IconCache.db [2014-08-03 16:26:34 | 000,030,976 | ---- | C] () -- C:\windows\System32\drivers\hitmanpro37.sys [2014-07-30 10:19:21 | 000,024,184 | ---- | C] () -- C:\windows\System32\drivers\aswHwid.sys [2014-03-22 20:08:09 | 012,543,682 | ---- | C] () -- C:\Users\Maaciek\Taniec ELENY Bandyta.mp4 [2014-03-22 20:08:09 | 010,903,649 | ---- | C] () -- C:\Users\Maaciek\Song of the Lonely Mountain Performed by Neil Finn The Hobbit- An Unexpected Journey Soundtrack.mp4 [2014-03-22 20:08:09 | 008,403,182 | ---- | C] () -- C:\Users\Maaciek\Bill Withers - Ain't No Sunshine.mp4 [2014-03-12 22:16:00 | 000,000,048 | ---- | C] () -- C:\windows\JQHApp.dat [2014-02-25 19:24:11 | 015,548,416 | ---- | C] () -- C:\Users\Maaciek\NTUSER.DAT.iodefrag.bak [2014-01-31 00:49:03 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2014-01-04 20:05:28 | 000,045,056 | ---- | C] () -- C:\windows\System32\BRTCPCON.DLL [2014-01-04 20:05:27 | 000,000,114 | ---- | C] () -- C:\windows\System32\BRLMW03A.INI [2014-01-04 20:05:26 | 000,000,050 | ---- | C] () -- C:\windows\System32\BRADM10A.DAT [2014-01-04 19:58:12 | 000,007,595 | ---- | C] () -- C:\Users\Maaciek\AppData\Local\resmon.resmoncfg [2013-12-08 14:37:23 | 000,015,672 | ---- | C] () -- C:\windows\System32\drivers\SmartDefragDriver.sys [2013-11-15 09:35:42 | 015,548,416 | ---- | C] () -- C:\Users\Maaciek\NTUSER.DAT.iobit [2013-08-08 11:25:04 | 000,138,056 | ---- | C] () -- C:\Users\Maaciek\AppData\Roaming\PnkBstrK.sys [2013-07-13 22:42:24 | 000,524,288 | -HS- | C] () -- C:\Users\Maaciek\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2013-07-13 22:42:24 | 000,524,288 | -HS- | C] () -- C:\Users\Maaciek\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2013-07-13 22:42:24 | 000,123,400 | ---- | C] () -- C:\Users\Maaciek\AppData\Local\GDIPFONTCACHEV1.DAT [2013-07-13 22:42:24 | 000,065,536 | -HS- | C] () -- C:\Users\Maaciek\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2013-07-13 22:42:17 | 000,000,020 | -HS- | C] () -- C:\Users\Maaciek\ntuser.ini [2013-04-30 21:18:35 | 000,192,352 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys [2013-04-30 21:18:34 | 000,049,944 | ---- | C] () -- C:\windows\System32\drivers\aswRvrt.sys [2013-02-22 17:05:21 | 000,157,696 | ---- | C] () -- C:\windows\ERUNT.exe [2013-01-09 17:51:11 | 000,001,723 | ---- | C] () -- C:\windows\Virtuos_v4.INI [2012-12-06 10:42:10 | 000,014,161 | ---- | C] () -- C:\windows\System32\RaCoInst.dat [2012-11-09 22:53:31 | 002,468,520 | ---- | C] () -- C:\windows\System32\BootMan.exe [2012-11-09 22:53:31 | 002,468,520 | ---- | C] () -- C:\windows\System32\¸´Ľţ BootMan.exe [2012-11-09 22:53:31 | 000,086,408 | ---- | C] () -- C:\windows\System32\setupempdrv03.exe [2012-11-09 22:53:31 | 000,019,840 | ---- | C] () -- C:\windows\System32\EuEpmGdi.dll [2012-11-09 22:53:31 | 000,014,216 | ---- | C] () -- C:\windows\System32\epmntdrv.sys [2012-11-09 22:53:31 | 000,008,456 | ---- | C] () -- C:\windows\System32\EuGdiDrv.sys [2012-10-27 11:12:28 | 000,042,440 | ---- | C] () -- C:\windows\System32\xfcodec.dll [2012-09-15 14:21:07 | 000,000,604 | -H-- | C] () -- C:\Program Files\_Z2 [2011-06-16 20:36:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-04-26 02:51:38 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2010-04-26 03:08:44 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\ASUS WebStorage [2014-04-17 09:32:17 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit [2010-04-26 03:08:44 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\ASUS WebStorage [2014-04-17 09:32:17 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit [2012-05-13 13:56:37 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\.minecraft [2013-06-12 10:55:57 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\ASUS WebStorage [2014-06-12 00:18:37 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\Audacity [2012-05-07 19:23:55 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\Auslogics [2014-02-23 03:01:36 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\AVAST Software [2012-03-16 20:03:05 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\AVG [2012-09-15 14:21:31 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\Avid [2012-05-29 21:26:20 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\DAEMON Tools Lite [2013-08-30 23:29:22 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\DAEMON Tools Pro [2013-11-27 18:42:28 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\DVDVideoSoft [2014-04-30 20:10:35 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\e-Deklaracje [2014-04-30 20:10:36 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 [2012-03-16 20:12:16 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\EarMaster [2012-06-03 23:09:23 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\ESET [2012-06-10 10:40:14 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\go [2011-10-16 18:11:06 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\HEXelon [2014-04-21 15:47:22 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\IDM [2011-10-02 17:23:29 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\InterTrust [2014-03-25 09:53:00 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\IObit [2013-01-01 16:26:32 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\ipla [2013-02-01 11:49:08 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\IrfanView [2014-06-25 21:54:06 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\LG Electronics [2012-06-08 01:26:21 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\liQeNSoft [2012-04-01 10:13:15 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\MusE [2012-04-25 09:33:23 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\NapiProjekt [2011-07-02 23:56:55 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\NetMeter [2011-09-03 08:57:47 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\Opera [2012-03-29 16:44:39 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\Rovio [2012-05-26 14:17:59 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\SFBot [2012-03-18 21:33:23 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\Spadille [2012-05-29 22:15:57 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\Template [2012-01-15 19:12:48 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\TS3Client [2012-09-26 18:16:33 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\Unity [2013-05-02 06:44:38 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\uTorrent [2011-08-02 06:41:01 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\wargaming.net [2012-02-28 14:51:39 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\Windows Live Writer [2012-06-11 20:44:41 | 000,000,000 | ---D | M] -- C:\Users\Ela\AppData\Roaming\Youtube Downloader HD [2013-09-28 20:41:53 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\Advanced [2010-04-26 03:08:44 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\ASUS WebStorage [2014-02-22 22:52:34 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\AVAST Software [2013-12-08 15:57:56 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\AVG [2014-05-23 16:16:07 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\Build and Shoot [2013-10-13 20:16:28 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\Carbon [2013-08-30 09:27:09 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\DAEMON Tools Lite [2013-10-31 17:46:13 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\DAEMON Tools Pro [2014-06-21 11:35:57 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\Garena [2014-06-21 12:01:22 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\GarenaPlus [2014-03-19 20:14:31 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\IObit [2013-10-09 16:51:56 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\ipla [2013-07-18 18:11:33 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\IrfanView [2014-06-14 23:14:13 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\LG Electronics [2013-07-14 13:31:33 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\LolClient [2013-10-27 16:50:45 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\NapiProjekt [2013-10-09 16:49:31 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\Opera [2014-06-01 14:39:50 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\Opera Software [2013-12-29 15:04:27 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\SFBot [2014-01-04 21:45:26 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\Soldat [2014-07-11 21:30:53 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\TS3Client [2013-10-04 19:06:24 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\Unity [2014-05-14 21:47:26 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\uTorrent [2013-10-06 09:44:51 | 000,000,000 | ---D | M] -- C:\Users\Maaciek\AppData\Roaming\Wargaming.net [2013-07-04 13:28:59 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\IObit [2010-04-26 03:08:44 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\AppData\Roaming\ASUS WebStorage [2010-04-26 03:08:44 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser.Ela-Komputer\AppData\Roaming\ASUS WebStorage [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 169 bytes -> C:\ProgramData\Temp:0B4227B4 @Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:07BF512B @Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:AB689DEA @Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:373E1720 @Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:5C5A503E < End of report >