OTL logfile created on: 2014-09-17 18:38:22 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wiex\Downloads\OTL Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2.00 Gb Total Physical Memory | 0.66 Gb Available Physical Memory | 33.13% Memory free 4.24 Gb Paging File | 2.64 Gb Available in Paging File | 62.37% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 78.14 Gb Total Space | 27.82 Gb Free Space | 35.61% Space Free | Partition Type: NTFS Drive D: | 154.75 Gb Total Space | 9.61 Gb Free Space | 6.21% Space Free | Partition Type: NTFS Computer Name: WIEX-PC | User Name: Wiex | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-09-17 18:36:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wiex\Downloads\OTL\OTL.exe PRC - [2014-09-13 04:03:27 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2014-09-13 03:08:04 | 000,179,200 | ---- | M] (Company) -- C:\Program Files\Popcorn Time\Updater.exe PRC - [2014-09-05 22:37:57 | 000,950,056 | ---- | M] (Bitsum LLC) -- D:\Programy\Process Lasso\ProcessLasso.exe PRC - [2014-09-05 22:37:57 | 000,670,504 | ---- | M] (Bitsum LLC) -- D:\Programy\Process Lasso\ProcessGovernor.exe PRC - [2014-08-22 12:44:44 | 000,022,192 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe PRC - [2014-08-22 12:44:40 | 000,288,120 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe PRC - [2014-08-22 12:41:00 | 000,974,432 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2014-05-30 01:35:33 | 002,352,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2014-05-30 01:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe PRC - [2014-05-21 12:22:08 | 002,135,232 | ---- | M] () -- D:\Programy\Comodo\Dragon\dragon_updater.exe PRC - [2014-05-20 02:04:07 | 000,943,048 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2014-05-20 02:04:06 | 001,818,456 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- D:\Programy\Malwarebytes Anti-Malware\mbamservice.exe PRC - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- D:\Programy\Malwarebytes Anti-Malware\mbamscheduler.exe PRC - [2014-05-12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- D:\Programy\Malwarebytes Anti-Malware\mbam.exe PRC - [2013-11-28 13:09:52 | 005,376,320 | ---- | M] (OrdinarySoft) -- D:\Programy\Start Menu X\StartMenuX.exe PRC - [2013-10-21 09:06:08 | 003,163,088 | ---- | M] (Altrixsoft) -- D:\Programy\Hard Drive Inspector\HDInspector.exe PRC - [2013-05-28 15:35:48 | 001,177,224 | ---- | M] (WiseCleaner.com) -- D:\Programy\Wise Care 365\WiseTray.exe PRC - [2013-03-10 15:38:22 | 000,484,304 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) -- C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe PRC - [2011-08-22 13:44:48 | 001,421,216 | ---- | M] () -- D:\Programy\Ashampoo Core Tuner 2\ACT2Service.exe PRC - [2009-10-07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe PRC - [2009-07-07 22:16:46 | 001,110,016 | ---- | M] (Singer's Creations) -- D:\Programy\Weather Watcher\ww.exe PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-09-13 04:02:57 | 003,716,720 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2014-04-11 16:35:04 | 001,734,416 | ---- | M] () -- d:\Programy\9-lab\Removal Tool\shellext.dll MOD - [2010-07-04 23:32:38 | 000,010,752 | ---- | M] () -- D:\Programy\Unlocker\UnlockerCOM.dll MOD - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll MOD - [2007-03-04 10:48:16 | 000,106,496 | ---- | M] () -- C:\Program Files\RocketDock\Docklets\RocketClock\RocketClock.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Desktop\Install\{a886596a-7018-f03a-8a2c-160be15bac0a}\ \...\‮ﯹ๛\{a886596a-7018-f03a-8a2c-160be15bac0a}\GoogleUpdate.exe < [WARNING: C:\Program Files\Google\Desktop\Install\{a886596a-7018-f03a-8a2c-160be15bac0a}\ \...\???\{a886596a-7018-f03a-8a2c-160be15bac0a}\GoogleUpdate.exe <] -- (‮etadpug) SRV - [2014-09-13 03:08:04 | 000,179,200 | ---- | M] (Company) [Auto | Running] -- C:\Program Files\Popcorn Time\Updater.exe -- (Update service) SRV - [2014-09-12 22:13:24 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014-08-22 12:44:44 | 000,022,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2014-08-22 12:44:40 | 000,288,120 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2014-05-30 01:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService) SRV - [2014-05-21 12:22:08 | 002,135,232 | ---- | M] () [Auto | Running] -- D:\Programy\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater) SRV - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programy\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programy\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2014-02-08 05:18:42 | 000,569,024 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2014-01-21 16:25:34 | 000,580,232 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- D:\Programy\Wise Care 365\BootTime.exe -- (WiseBootAssistant) SRV - [2013-06-13 21:31:00 | 000,293,144 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2013-03-10 15:38:22 | 000,484,304 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) [On_Demand | Running] -- C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe -- (HDDSvc) SRV - [2011-08-22 13:44:48 | 001,421,216 | ---- | M] () [Auto | Running] -- D:\Programy\Ashampoo Core Tuner 2\ACT2Service.exe -- (ACT2_Service) SRV - [2009-10-07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2008-01-21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\taphss6.sys -- (taphss6) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\taphss.sys -- (taphss) DRV - File not found [Kernel | Boot | Unknown] -- system32\drivers\Partizan.sys -- (Partizan) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | Boot | Stopped] -- -- (kovabf) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\cmdatp.sys -- (ATP) DRV - [2014-09-17 17:45:25 | 000,110,296 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV - [2014-09-17 17:44:34 | 000,039,464 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9E795D78-7C72-45B2-97B6-3C4D218E5DBC}\MpKslf9b6e7ac.sys -- (MpKslf9b6e7ac) DRV - [2014-09-08 16:44:16 | 000,024,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PPFlt.sys -- (PrivacyProtectorMP) DRV - [2014-09-08 16:44:16 | 000,024,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PPFlt.sys -- (Passthru) DRV - [2014-09-02 16:13:05 | 000,561,880 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2014-07-17 18:05:08 | 000,095,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2014-06-26 12:26:14 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2014-05-20 04:39:05 | 010,533,152 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2014-05-12 07:26:04 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl) DRV - [2014-05-12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2013-12-17 01:15:50 | 000,050,200 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- D:\EEK\Run\cleanhlp32.sys -- (cleanhlp) DRV - [2013-12-08 14:37:53 | 000,279,712 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2013-07-11 19:02:03 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2013-05-23 08:12:38 | 000,028,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2013-05-23 08:12:34 | 000,037,528 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2013-05-23 08:12:32 | 000,043,800 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2012-03-02 09:02:00 | 000,025,728 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandadb.sys -- (androidusb) DRV - [2012-03-02 09:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem) DRV - [2012-03-02 09:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag) DRV - [2012-03-02 09:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps) DRV - [2012-03-02 09:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus) DRV - [2011-07-01 11:46:40 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901) DRV - [2011-06-10 03:22:02 | 000,014,648 | ---- | M] () [Kernel | Auto | Running] -- D:\Programy\Ashampoo Core Tuner 2\ACT2ProcessMonitor32.sys -- (ACT2PM) DRV - [2011-06-02 12:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv) DRV - [2010-07-04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- D:\Programy\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2010-05-12 03:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB) DRV - [2009-10-07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB) DRV - [2009-05-01 01:01:34 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS) DRV - [2009-05-01 00:55:32 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter) DRV - [2009-04-30 22:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3592015403-793725120-2322176034-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = c:/oem/podziekowania/podziekowania.html IE - HKU\S-1-5-21-3592015403-793725120-2322176034-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2 IE - HKU\S-1-5-21-3592015403-793725120-2322176034-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3592015403-793725120-2322176034-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3592015403-793725120-2322176034-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - prefs.js..extensions.enabledAddons: support%40easy-hideip.com:1.0 FF - prefs.js..extensions.enabledAddons: firegestures%40xuldev.org:1.8.7 FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.61 FF - prefs.js..extensions.enabledAddons: thumbnailZoom%40dadler.github.com:3.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.1 FF - prefs.js..network.proxy.gopher: "" FF - prefs.js..network.proxy.gopher_port: 0 FF - prefs.js..network.proxy.share_proxy_settings: true FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Progamy\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Wiex\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Wiex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2014-02-07 16:18:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2014-02-07 16:18:41 | 000,000,000 | ---D | M] [2013-06-22 10:51:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wiex\AppData\Roaming\mozilla\Extensions [2014-09-17 13:42:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wiex\AppData\Roaming\mozilla\Firefox\Profiles\l00tk613.default\Extensions [2014-08-27 23:19:23 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Wiex\AppData\Roaming\mozilla\Firefox\Profiles\l00tk613.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-08-22 10:55:07 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Wiex\AppData\Roaming\mozilla\Firefox\Profiles\l00tk613.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-07-02 02:27:47 | 000,394,918 | ---- | M] () (No name found) -- C:\Users\Wiex\AppData\Roaming\mozilla\firefox\profiles\l00tk613.default\Extensions\firegestures@xuldev.org.xpi [2013-08-21 11:16:20 | 000,004,545 | ---- | M] () (No name found) -- C:\Users\Wiex\AppData\Roaming\mozilla\firefox\profiles\l00tk613.default\Extensions\support@easy-hideip.com.xpi [2014-09-17 13:42:08 | 000,184,041 | ---- | M] () (No name found) -- C:\Users\Wiex\AppData\Roaming\mozilla\firefox\profiles\l00tk613.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2014-08-11 13:07:58 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\Wiex\AppData\Roaming\mozilla\firefox\profiles\l00tk613.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-17 14:16:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2014-09-17 14:10:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014-09-13 04:03:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - plugin: Webcam Toy (Enabled) = lfbgimoladefibpklnfmkpknadbklade\1.5_1 CHR - plugin: Error reading preferences file CHR - Extension: Entanglement Web App = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\3.4.9_0\ CHR - Extension: Chrome = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh\1.0.56_1\ CHR - Extension: No name found = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\alnfdikmbdfgkcbdodjcbmedanjinmkk\1.0.1_0\ CHR - Extension: Chrome = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Chrome = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\ CHR - Extension: Dysk Google = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: Chrome = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\3.0.0.15_0\ CHR - Extension: Audiotool = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk\1.1_0\ CHR - Extension: YouTube = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Szukaj w Google = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: WGT Golf Challenge = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg\45.0.0_0\ CHR - Extension: Pixlr-o-matic = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj\1.3_0\ CHR - Extension: Chrome = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1312.1.2_0\ CHR - Extension: Chrome = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1408.5.2_0\ CHR - Extension: Virtual Piano Black = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjagcpcbacoaogfljhglghpjhkmmfeeo\4_0\ CHR - Extension: Chrome = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.2.2_0\ CHR - Extension: Full Screen Weather = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.3_0\ CHR - Extension: Chrome = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\ CHR - Extension: Chrome = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.12_0\ CHR - Extension: No name found = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl\1.3_0\ CHR - Extension: No name found = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgdeoagndhabdnoenpdcagbkkmjeibmh\2.4_0\ CHR - Extension: No name found = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdkcgeghhfjiglphfppinecpcpnnbne\1.0.0.0_0\ CHR - Extension: No name found = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk\0.204_0\ CHR - Extension: Webcam Toy = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.5_1\ CHR - Extension: AudioSauna = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae\0.404_0\ CHR - Extension: AS Magic Player = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.0_0\ CHR - Extension: Google Wallet = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: Chrome = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\5.2_0\ CHR - Extension: Chrome = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\5.3_0\ CHR - Extension: PhotoFit Me = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdpbdnchfplfpdjbckgbmpnddnjdijjk\1.0.0.4_0\ CHR - Extension: Gmail = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ CHR - Extension: \u0e15\u0e34\u0e4a\u0e01 \u0e0a\u0e35\u0e42\u0e23\u0e48 (\u0e21\u0e19\u0e31\u0e2a\u0e27\u0e34\u0e19 \u0e19\u0e31\u0e19\u0e17\u0e40\u0e2a\u0e19) = C:\Users\Wiex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pniaakffjlejdpocgnomjcnfofeajagg\1.0_1\ O1 HOSTS File: ([2014-09-17 16:40:27 | 000,000,821 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [HDInspector.exe] D:\Programy\Hard Drive Inspector\HDInspector.exe (Altrixsoft) O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-3592015403-793725120-2322176034-1000..\Run: [Google Update] Reg Error: Value error. File not found O4 - HKU\S-1-5-21-3592015403-793725120-2322176034-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-3592015403-793725120-2322176034-1000..\Run: [StartMenuX] D:\Programy\Start Menu X\StartMenuX.exe (OrdinarySoft) O4 - HKU\S-1-5-21-3592015403-793725120-2322176034-1000..\Run: [WeatherWatcher] D:\Programy\Weather Watcher\ww.exe (Singer's Creations) O7 - HKU\S-1-5-21-3592015403-793725120-2322176034-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221 O7 - HKU\S-1-5-21-3592015403-793725120-2322176034-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.113.224.134 217.113.224.135 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCE8346A-3DB9-4AE2-BF2D-D692878F18BB}: DhcpNameServer = 217.113.224.134 217.113.224.135 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Wiex\Pictures\Lasy\coniferous-trees-forest-1920x1080.jpg O24 - Desktop BackupWallPaper: C:\Users\Wiex\Pictures\Lasy\coniferous-trees-forest-1920x1080.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009-05-04 21:51:20 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{01a5cb54-db46-11e2-bcaf-001fd00c9dbe}\Shell - "" = AutoRun O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-09-17 18:30:24 | 000,000,000 | ---D | C] -- C:\FRST [2014-09-17 14:28:34 | 000,000,000 | ---D | C] -- C:\Users\Wiex\AppData\Roaming\9-lab [2014-09-17 14:28:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\9-lab Removal Tool [2014-09-17 14:28:25 | 000,000,000 | ---D | C] -- C:\ProgramData\9-lab [2014-09-15 06:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2014-09-15 06:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2014-09-13 04:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2014-09-12 15:21:04 | 000,000,000 | ---D | C] -- C:\Users\Wiex\AppData\Local\Gods_Will_Be_Watching [2014-09-12 15:16:46 | 000,000,000 | ---D | C] -- C:\Users\Wiex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gods Will Be Watching 1.0 [2014-09-10 12:15:34 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2014-09-10 12:15:32 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2014-09-10 12:15:32 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2014-09-10 12:15:32 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2014-09-10 12:15:31 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2014-09-10 12:15:30 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2014-09-10 12:15:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2014-09-10 12:15:29 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2014-09-10 12:15:27 | 001,810,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2014-09-10 12:15:27 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2014-09-10 12:15:26 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2014-09-10 12:15:24 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2014-09-08 23:30:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood [2014-09-08 23:27:26 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Windows\uninst.exe [2014-09-08 16:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\IPProtector [2014-09-08 16:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivacyProtectorGVN [2014-09-08 16:44:03 | 000,000,000 | ---D | C] -- C:\Users\Wiex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivacyProtectorGVN [2014-09-08 12:38:59 | 000,000,000 | -H-D | C] -- C:\_acestream_cache_ [2014-09-08 12:38:51 | 000,000,000 | ---D | C] -- C:\Users\Wiex\AppData\Roaming\.ACEStream [2014-09-08 12:35:33 | 000,000,000 | ---D | C] -- C:\Users\Wiex\AppData\Roaming\ACEStream [2014-09-08 12:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time [2014-09-08 12:21:03 | 000,000,000 | ---D | C] -- C:\Program Files\Popcorn Time [2014-09-08 11:11:23 | 000,000,000 | ---D | C] -- C:\Users\Wiex\AppData\Roaming\PopcornTime [2014-09-07 12:23:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt [2014-09-07 10:10:21 | 000,000,000 | ---D | C] -- C:\Users\Wiex\AppData\Roaming\ASK Video [2014-09-07 00:34:21 | 000,000,000 | ---D | C] -- C:\ASK Video [2014-09-06 23:15:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio Entertainment Ltd [2014-09-06 23:14:14 | 000,000,000 | ---D | C] -- C:\Users\Wiex\AppData\Roaming\Rovio Entertainment Ltd [2014-09-02 16:13:05 | 000,561,880 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys [2014-09-02 16:13:05 | 000,076,872 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RtNicProp32.dll [2014-09-02 16:09:26 | 001,283,176 | ---- | C] (CPUID) -- C:\Users\Wiex\AppData\Roaming\siw_sdk.dll [2014-09-02 15:44:59 | 001,823,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll [2014-09-02 15:44:56 | 000,606,968 | ---- | C] (DTS, Inc.) -- C:\Windows\System32\sltech32.dll [2014-09-02 15:44:56 | 000,219,896 | ---- | C] (TODO: ) -- C:\Windows\System32\slprp32.dll [2014-09-02 15:44:55 | 000,966,904 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\slcnt32.dll [2014-09-02 15:44:55 | 000,818,936 | ---- | C] (DTS, Inc.) -- C:\Windows\System32\sl3apo32.dll [2014-09-02 15:44:52 | 001,892,056 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2014-09-02 15:44:50 | 002,566,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2014-09-02 15:44:49 | 000,916,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll [2014-09-02 15:44:48 | 000,782,040 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2014-09-02 15:44:42 | 002,474,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RltkAPO.dll [2014-09-02 15:44:41 | 060,636,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat [2014-09-02 15:44:40 | 000,890,160 | ---- | C] (Nahimic Inc) -- C:\Windows\System32\NAHIMICAPOSettingsIPC.dll [2014-09-02 15:44:38 | 005,086,984 | ---- | C] (Nahimic Inc) -- C:\Windows\System32\NAHIMICAPOlfx.dll [2014-09-02 15:44:35 | 011,821,656 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVoiceAPO30.dll [2014-09-02 15:44:35 | 000,948,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxSpeechAPO.dll [2014-09-02 15:44:35 | 000,798,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVoiceAPO20.dll [2014-09-02 15:44:34 | 003,683,416 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioVnN.dll [2014-09-02 15:44:27 | 028,062,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioVnA.dll [2014-09-02 15:44:26 | 001,691,224 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll [2014-09-02 15:44:23 | 014,585,432 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll [2014-09-02 15:44:22 | 001,940,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2014-09-02 15:44:21 | 001,116,248 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO60.dll [2014-09-02 15:44:21 | 000,987,224 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO50.dll [2014-09-02 15:44:21 | 000,966,744 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO40.dll [2014-09-02 15:44:21 | 000,900,696 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll [2014-09-02 15:44:20 | 000,265,376 | ---- | C] (ICEpower a/s) -- C:\Windows\System32\ICEsoundAPO.dll [2014-09-02 15:44:18 | 002,421,792 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2014-09-02 15:44:17 | 006,177,624 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\DDPP32A.dll [2014-09-02 15:44:17 | 001,490,264 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\DDPD32A.dll [2014-09-02 15:44:17 | 000,274,264 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\DDPO32A.dll [2014-09-02 15:44:17 | 000,221,528 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\DDPA32.dll [2014-09-02 15:36:45 | 000,000,000 | ---D | C] -- C:\Users\Wiex\AppData\Roaming\IObit [2014-09-02 15:36:45 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2014-09-02 15:36:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster [2014-08-30 12:19:02 | 000,000,000 | ---D | C] -- C:\Program Files\FileViewPro [2014-08-30 12:16:50 | 000,000,000 | ---D | C] -- C:\Spacekace [2014-08-29 12:00:31 | 002,054,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2014-08-28 11:11:38 | 000,000,000 | ---D | C] -- C:\Users\Wiex\Documents\7 Days To Die [2014-08-28 10:50:24 | 000,000,000 | -H-D | C] -- C:\Windows\PIF [2014-08-25 23:41:00 | 000,000,000 | ---D | C] -- C:\Users\Wiex\AppData\Roaming\Morphopolis [2014-08-25 03:39:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\White Gold [2014-08-20 09:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RecoveryMechanic [2014-08-20 09:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\RecoveryMechanic [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-09-17 18:40:43 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-09-17 18:07:04 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\WpsNotifyTask_Wiex.job [2014-09-17 18:01:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\WpsUpdateTask_Wiex.job [2014-09-17 17:44:29 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2014-09-17 17:44:28 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2014-09-17 17:44:27 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job [2014-09-17 17:44:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-09-17 16:40:27 | 000,000,821 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2014-09-17 14:28:34 | 000,000,740 | ---- | M] () -- C:\Users\Public\Desktop\Removal Tool.lnk [2014-09-17 14:19:10 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-09-17 14:18:58 | 000,259,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2014-09-14 13:56:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\Wise Turbo Checker.job [2014-09-12 22:13:23 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2014-09-12 22:13:22 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2014-09-12 15:16:46 | 000,000,711 | ---- | M] () -- C:\Users\Wiex\Desktop\Gods Will Be Watching.lnk [2014-09-12 15:16:46 | 000,000,605 | ---- | M] () -- C:\Users\Wiex\Desktop\Cat-A-Cat GAMES.lnk [2014-09-10 12:14:29 | 000,728,314 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2014-09-10 12:14:29 | 000,646,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014-09-10 12:14:29 | 000,158,212 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2014-09-10 12:14:29 | 000,124,516 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014-09-10 12:08:09 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2014-09-08 17:50:56 | 000,002,249 | ---- | M] () -- C:\Users\Public\Desktop\PrivacyProtector GVN.lnk [2014-09-08 16:44:17 | 000,458,056 | ---- | M] (WeOnlyDo! COM) -- C:\Windows\System32\wodVPN.ocx [2014-09-08 16:44:17 | 000,420,680 | ---- | M] (WeOnlyDo! COM) -- C:\Windows\System32\wodVPN.dll [2014-09-08 16:44:16 | 000,024,824 | ---- | M] () -- C:\Windows\System32\drivers\PPFlt.sys [2014-09-08 12:21:30 | 000,000,918 | ---- | M] () -- C:\Users\Public\Desktop\Popcorn Time.lnk [2014-09-02 16:13:05 | 000,561,880 | ---- | M] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys [2014-09-02 16:13:05 | 000,100,896 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll [2014-09-02 16:13:05 | 000,076,872 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RtNicProp32.dll [2014-09-02 16:11:40 | 000,002,411 | ---- | M] () -- C:\Windows\System32\lgAxconfig.ini [2014-09-02 16:11:25 | 000,000,779 | ---- | M] () -- C:\Users\Wiex\Desktop\LGMobile Support Tool.lnk [2014-09-02 16:09:26 | 001,283,176 | ---- | M] (CPUID) -- C:\Users\Wiex\AppData\Roaming\siw_sdk.dll [2014-09-02 15:44:59 | 001,823,320 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll [2014-09-02 15:44:58 | 002,140,976 | ---- | M] () -- C:\Windows\System32\SStudio.dll [2014-09-02 15:44:56 | 000,606,968 | ---- | M] (DTS, Inc.) -- C:\Windows\System32\sltech32.dll [2014-09-02 15:44:56 | 000,219,896 | ---- | M] (TODO: ) -- C:\Windows\System32\slprp32.dll [2014-09-02 15:44:55 | 000,966,904 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\slcnt32.dll [2014-09-02 15:44:55 | 000,818,936 | ---- | M] (DTS, Inc.) -- C:\Windows\System32\sl3apo32.dll [2014-09-02 15:44:54 | 005,804,772 | ---- | M] () -- C:\Windows\System32\drivers\rtvienna.dat [2014-09-02 15:44:53 | 001,892,056 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2014-09-02 15:44:51 | 002,566,872 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2014-09-02 15:44:49 | 000,916,696 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll [2014-09-02 15:44:48 | 000,782,040 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2014-09-02 15:44:42 | 060,636,160 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat [2014-09-02 15:44:42 | 002,474,200 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RltkAPO.dll [2014-09-02 15:44:42 | 001,099,203 | ---- | M] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2014-09-02 15:44:40 | 000,890,160 | ---- | M] (Nahimic Inc) -- C:\Windows\System32\NAHIMICAPOSettingsIPC.dll [2014-09-02 15:44:39 | 005,086,984 | ---- | M] (Nahimic Inc) -- C:\Windows\System32\NAHIMICAPOlfx.dll [2014-09-02 15:44:37 | 011,821,656 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVoiceAPO30.dll [2014-09-02 15:44:35 | 003,683,416 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioVnN.dll [2014-09-02 15:44:35 | 000,948,336 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxSpeechAPO.dll [2014-09-02 15:44:35 | 000,798,296 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVoiceAPO20.dll [2014-09-02 15:44:34 | 028,062,296 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioVnA.dll [2014-09-02 15:44:26 | 014,585,432 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll [2014-09-02 15:44:26 | 001,691,224 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll [2014-09-02 15:44:22 | 001,940,056 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2014-09-02 15:44:21 | 001,116,248 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO60.dll [2014-09-02 15:44:21 | 000,987,224 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO50.dll [2014-09-02 15:44:21 | 000,966,744 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO40.dll [2014-09-02 15:44:21 | 000,900,696 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll [2014-09-02 15:44:20 | 000,265,376 | ---- | M] (ICEpower a/s) -- C:\Windows\System32\ICEsoundAPO.dll [2014-09-02 15:44:18 | 002,421,792 | ---- | M] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2014-09-02 15:44:17 | 006,177,624 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\DDPP32A.dll [2014-09-02 15:44:17 | 001,490,264 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\DDPD32A.dll [2014-09-02 15:44:17 | 000,274,264 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\DDPO32A.dll [2014-09-02 15:44:17 | 000,221,528 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\DDPA32.dll [2014-09-02 15:44:16 | 000,029,496 | ---- | M] () -- C:\Windows\System32\audioLibVc.dll [2014-08-28 01:12:02 | 000,023,358 | ---- | M] () -- C:\Users\Wiex\Documents\CV Tomasz Wieczorek.odt [2014-08-25 13:58:17 | 000,023,234 | ---- | M] () -- C:\Users\Wiex\Documents\CV moje 2.odt [2014-08-23 01:26:28 | 002,054,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-09-17 14:28:34 | 000,000,740 | ---- | C] () -- C:\Users\Public\Desktop\Removal Tool.lnk [2014-09-17 14:18:18 | 000,259,344 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2014-09-16 13:04:40 | 000,000,824 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera beta.lnk [2014-09-15 06:47:19 | 000,218,200 | ---- | C] () -- C:\Windows\System32\unrar.dll [2014-09-12 21:52:10 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-09-12 15:16:46 | 000,000,711 | ---- | C] () -- C:\Users\Wiex\Desktop\Gods Will Be Watching.lnk [2014-09-12 15:16:46 | 000,000,605 | ---- | C] () -- C:\Users\Wiex\Desktop\Cat-A-Cat GAMES.lnk [2014-09-08 16:44:13 | 000,002,249 | ---- | C] () -- C:\Users\Public\Desktop\PrivacyProtector GVN.lnk [2014-09-08 12:21:30 | 000,000,918 | ---- | C] () -- C:\Users\Public\Desktop\Popcorn Time.lnk [2014-09-02 15:44:57 | 002,140,976 | ---- | C] () -- C:\Windows\System32\SStudio.dll [2014-09-02 15:44:53 | 005,804,772 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat [2014-09-02 15:44:42 | 001,099,203 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2014-09-02 15:44:16 | 000,029,496 | ---- | C] () -- C:\Windows\System32\audioLibVc.dll [2014-08-25 14:00:31 | 000,023,358 | ---- | C] () -- C:\Users\Wiex\Documents\CV Tomasz Wieczorek.odt [2014-08-25 13:58:15 | 000,023,234 | ---- | C] () -- C:\Users\Wiex\Documents\CV moje 2.odt [2014-07-02 18:33:58 | 003,774,821 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin [2014-06-02 03:52:50 | 000,000,120 | ---- | C] () -- C:\Users\Wiex\AppData\Roaming\5fe15f47.dat [2014-05-06 14:40:28 | 000,375,256 | ---- | C] () -- C:\Windows\System32\EMRegSys.dll [2014-04-30 11:04:30 | 000,000,197 | ---- | C] () -- C:\Windows\ODBCINST.INI [2014-04-10 11:09:58 | 000,000,218 | ---- | C] () -- C:\Users\Wiex\AppData\Local\recently-used.xbel [2014-02-13 22:25:05 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll [2014-02-13 22:25:05 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll [2014-02-13 17:15:51 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2014-02-07 16:24:07 | 000,068,242 | ---- | C] () -- C:\Windows\hpqins13.dat [2014-02-07 16:12:49 | 000,156,374 | ---- | C] () -- C:\Windows\hpoins34.dat [2014-02-07 16:12:49 | 000,000,404 | ---- | C] () -- C:\Windows\hpomdl34.dat [2014-02-01 19:34:12 | 000,053,152 | ---- | C] () -- C:\Windows\System32\USBCoInstaller.dll [2014-01-11 14:22:24 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl [2014-01-11 14:16:50 | 000,188,696 | ---- | C] () -- C:\Windows\System32\AcpiServiceVnA.dll [2014-01-11 12:46:40 | 000,110,602 | ---- | C] () -- C:\Windows\System32\xcdsfx32.bin [2013-12-09 16:25:53 | 000,000,000 | -HS- | C] () -- C:\Users\Wiex\AppData\Local\LumaEmu [2013-11-27 02:32:33 | 000,024,824 | ---- | C] () -- C:\Windows\System32\drivers\PPFlt.sys [2013-11-27 02:01:39 | 000,000,000 | ---- | C] () -- C:\Windows\System32\cd.dat [2013-11-26 23:08:57 | 000,000,204 | ---- | C] () -- C:\Users\Wiex\SecurityKISSTunnel.config [2013-11-01 14:12:40 | 000,073,728 | ---- | C] () -- C:\Windows\System32\d3ddx10_43.dll [2013-09-24 19:29:20 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2013-09-24 19:29:20 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2013-09-18 18:00:59 | 000,000,008 | ---- | C] () -- C:\Users\Wiex\AppData\Roaming\pdfdrawcodec.dll [2013-08-12 08:43:41 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2013-08-12 08:43:41 | 000,002,411 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2013-07-11 19:02:04 | 000,279,712 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2013-07-11 19:02:03 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2013-07-09 13:13:48 | 000,000,020 | ---- | C] () -- C:\Windows\System32\time.dat [2013-07-09 13:12:49 | 001,907,200 | ---- | C] () -- C:\Windows\System32\Skybound.Gecko.dll [2013-07-09 13:12:48 | 002,002,944 | ---- | C] () -- C:\Windows\System32\js.exe [2013-07-09 13:12:48 | 001,945,600 | ---- | C] () -- C:\Windows\System32\mozjs.dll [2013-07-09 13:12:41 | 017,864,381 | ---- | C] () -- C:\Windows\System32\libs.exe [2013-07-04 02:18:17 | 000,094,208 | ---- | C] () -- C:\Windows\System32\DECO_322.DLL [2013-06-15 10:15:15 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2013-06-15 10:15:15 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2013-06-14 21:24:02 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2013-06-14 15:46:15 | 000,233,472 | ---- | C] () -- C:\Windows\System32\MafiaSetup.exe [2013-06-14 10:44:55 | 000,176,548 | ---- | C] () -- C:\Windows\hpoins21.dat [2013-06-14 10:44:55 | 000,007,262 | ---- | C] () -- C:\Windows\hpomdl21.dat [2013-06-14 09:36:54 | 000,030,208 | ---- | C] () -- C:\Users\Wiex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-06-14 00:13:46 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2013-06-14 00:09:29 | 000,000,552 | ---- | C] () -- C:\Users\Wiex\AppData\Local\d3d8caps.dat [2013-06-14 00:07:12 | 000,000,680 | ---- | C] () -- C:\Users\Wiex\AppData\Local\d3d9caps.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2006-11-02 14:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014-03-25 15:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2014-09-06 23:13:15 | 000,000,000 | ---D | M] -- C:\Users\wiekoo\AppData\Roaming\Rovio [2014-09-08 12:52:23 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\.ACEStream [2013-12-03 00:09:20 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\.mono [2013-06-26 08:22:22 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\.wtw [2013-11-02 11:26:23 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\3909 [2014-09-17 14:28:34 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\9-lab [2014-09-08 17:10:47 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\ACEStream [2014-09-17 13:25:30 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\AIMP3 [2014-03-16 18:28:04 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\AlawarEntertainment [2014-02-16 12:02:14 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\AlexanderTheGreat [2014-02-03 01:26:23 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Ambient Design [2013-11-01 22:21:42 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Artifex Mundi [2014-03-24 21:28:09 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Ascaron Entertainment [2014-09-17 13:55:43 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Ashampoo [2014-01-29 12:40:14 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Ashampoo Slideshow Studio 2013 [2014-09-07 10:10:21 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\ASK Video [2013-11-19 14:53:03 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\BlamGames [2014-01-15 14:21:05 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Boomzap [2014-04-16 10:28:56 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\calibre [2014-04-09 10:45:24 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\ChemTable Software [2013-09-12 15:22:41 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\com.shirogames.evoland [2014-09-17 13:25:30 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\DAEMON Tools Lite [2014-03-16 23:30:32 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\DailyMagic [2014-01-11 12:46:38 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Driver Magician [2013-12-26 22:51:34 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Eipix [2013-12-19 15:16:27 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Elephant Games [2014-05-26 15:30:47 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Engelmann Media [2013-11-19 21:08:52 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\ERS Game Studios [2014-06-01 14:31:33 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\FearlessFantasy [2014-05-22 22:14:33 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Fenomen Games [2013-12-27 13:48:46 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Floodlight Games [2014-03-04 14:07:56 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Goblinz [2014-03-31 02:47:15 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Gomo [2013-08-21 11:15:20 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\HideIPEasy [2013-11-05 14:06:12 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\HipSoft [2014-01-17 14:04:24 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Ice Age 2 [2014-09-02 15:36:45 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\IObit [2013-06-16 00:39:29 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\iZotope [2014-04-08 12:02:27 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Kingsoft [2014-07-15 03:55:10 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\KTW [2013-06-27 00:27:04 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Leadertech [2013-12-19 14:41:00 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\LegacyInteractive [2013-08-12 09:34:05 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\LG Electronics [2013-11-06 12:59:27 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Mael [2013-06-14 09:23:42 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\md studio [2014-08-25 23:41:00 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Morphopolis [2014-08-13 14:53:04 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\MPC-BE [2013-11-05 23:39:13 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\NapiProjekt [2013-11-25 00:18:56 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Natural Threat.Ominous Shores [2013-10-07 11:11:44 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\OddPlanet [2013-06-19 11:18:20 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\OpenOffice.org [2014-05-23 15:56:10 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Opera Software [2014-01-16 16:56:13 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Organic 2 Digital [2013-12-15 17:12:49 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Orneon [2013-07-09 11:26:58 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\PlayFirst [2014-09-08 11:13:36 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\PopcornTime [2014-09-16 20:17:51 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\ProcessLasso [2013-12-23 10:59:19 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Propellerhead Software [2014-03-16 13:07:10 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\RedHedgehog Games [2014-05-23 13:45:57 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\RenPy [2013-06-14 09:22:37 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Rovio [2014-09-06 23:18:35 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Rovio Entertainment Ltd [2013-07-09 11:57:29 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Silverball Studios [2013-06-26 13:36:46 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Specialbit [2014-01-29 12:32:14 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\SpringPublisher [2013-06-30 08:16:12 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\StartMenuX [2014-08-12 15:10:37 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Steam [2014-04-21 16:11:33 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\System [2013-06-26 13:37:41 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\TikisLab [2013-07-03 01:04:30 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\To the Moon - Freebird Games [2013-11-02 18:14:58 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Unity [2013-06-24 19:34:07 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\URSoft [2014-09-17 13:25:30 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\uTorrent [2014-02-02 01:43:37 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\WandoujiaUsbDriver [2014-09-16 20:17:18 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\WeatherWatcher [2014-09-17 17:45:31 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Wise Care 365 [2014-09-17 17:41:45 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Wise Uninstaller [2014-07-07 10:31:32 | 000,000,000 | -HSD | M] -- C:\Users\Wiex\AppData\Roaming\wyUpdate AU [2013-12-10 16:11:34 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\XBMC [2013-09-18 18:03:34 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\YCanPDF [2014-02-10 23:17:22 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\YoudaGames [2014-01-09 10:25:08 | 000,000,000 | ---D | M] -- C:\Users\Wiex\AppData\Roaming\Zoner [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 174 bytes -> C:\ProgramData\TEMP:1CE11B51 @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:F89F2593 @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:ADF211B1 < End of report >