OTL logfile created on: 2014-10-21 02:27:34 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Przemek\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
8,00 Gb Total Physical Memory | 5,10 Gb Available Physical Memory | 63,77% Memory free
8,00 Gb Paging File | 5,30 Gb Available in Paging File | 66,34% Paging File free
Paging file location(s):  [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 77,88 Gb Total Space | 7,25 Gb Free Space | 9,31% Space Free | Partition Type: NTFS
Drive D: | 500,00 Gb Total Space | 156,81 Gb Free Space | 31,36% Space Free | Partition Type: NTFS
Drive E: | 35,00 Gb Total Space | 15,20 Gb Free Space | 43,42% Space Free | Partition Type: NTFS
Drive F: | 149,05 Gb Total Space | 124,41 Gb Free Space | 83,47% Space Free | Partition Type: NTFS
Drive G: | 897,26 Gb Total Space | 625,09 Gb Free Space | 69,67% Space Free | Partition Type: NTFS
Drive H: | 120,01 Gb Total Space | 19,86 Gb Free Space | 16,55% Space Free | Partition Type: NTFS
Drive J: | 7,09 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: PC-1 | User Name: Przemek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014-10-21 01:41:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Przemek\Downloads\OTL.exe
PRC - [2014-10-10 04:04:06 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014-09-05 16:34:22 | 003,364,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
PRC - [2014-09-05 16:29:52 | 003,593,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgui.exe
PRC - [2014-09-05 16:23:18 | 000,293,448 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
PRC - [2014-08-20 03:36:38 | 000,045,840 | ---- | M] (Raptr, Inc) -- C:\PROGRA~2\Raptr\raptr_im.exe
PRC - [2014-08-20 03:36:34 | 000,066,832 | ---- | M] (Raptr, Inc) -- C:\PROGRA~2\Raptr\raptr.exe
PRC - [2014-05-30 18:00:28 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014-03-12 00:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
PRC - [2013-05-10 05:48:09 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-11-15 18:30:16 | 002,139,400 | ---- | M] () -- D:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
PRC - [2010-03-06 04:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2014-10-10 04:04:04 | 014,902,600 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll
MOD - [2014-10-10 04:04:02 | 008,910,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
MOD - [2014-10-10 04:03:56 | 001,042,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
MOD - [2014-10-10 04:03:54 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
MOD - [2014-10-10 04:03:53 | 001,681,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
MOD - [2014-06-18 02:56:00 | 002,717,595 | ---- | M] () -- C:\PROGRA~2\Raptr\heliotrope._purple.pyd
MOD - [2014-05-14 01:26:54 | 001,662,464 | ---- | M] () -- C:\PROGRA~2\Raptr\PyQt4.QtCore.pyd
MOD - [2014-05-14 01:26:54 | 000,494,592 | ---- | M] () -- C:\PROGRA~2\Raptr\PyQt4.QtNetwork.pyd
MOD - [2014-05-14 01:26:52 | 005,812,736 | ---- | M] () -- C:\PROGRA~2\Raptr\PyQt4.QtGui.pyd
MOD - [2014-05-14 01:26:52 | 000,313,856 | ---- | M] () -- C:\PROGRA~2\Raptr\PyQt4.QtWebKit.pyd
MOD - [2014-05-14 01:26:40 | 000,067,584 | ---- | M] () -- C:\PROGRA~2\Raptr\sip.pyd
MOD - [2014-01-20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014-01-20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013-05-10 01:52:58 | 001,183,699 | ---- | M] () -- C:\PROGRA~2\Raptr\liboscar.dll
MOD - [2013-05-10 01:52:58 | 000,483,306 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\libicq.dll
MOD - [2013-05-10 01:52:56 | 000,495,680 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\libaim.dll
MOD - [2013-05-03 20:57:16 | 001,640,221 | ---- | M] () -- C:\PROGRA~2\Raptr\libjabber.dll
MOD - [2013-05-03 20:57:14 | 001,053,730 | ---- | M] () -- C:\PROGRA~2\Raptr\libymsg.dll
MOD - [2013-05-03 20:57:06 | 000,655,356 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\libirc.dll
MOD - [2013-05-03 20:57:04 | 000,603,326 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\ssl-nss.dll
MOD - [2013-05-03 20:57:02 | 000,474,199 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\ssl.dll
MOD - [2013-05-03 20:57:00 | 000,497,782 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\libyahoojp.dll
MOD - [2013-05-03 20:56:50 | 001,306,387 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\libmsn.dll
MOD - [2013-05-03 20:56:46 | 000,565,461 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\libxmpp.dll
MOD - [2013-05-03 20:56:44 | 000,506,276 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\libyahoo.dll
MOD - [2011-02-15 20:17:28 | 001,213,633 | ---- | M] () -- C:\PROGRA~2\Raptr\libxml2-2.dll
MOD - [2011-02-15 20:17:28 | 000,417,501 | ---- | M] () -- C:\PROGRA~2\Raptr\sqlite3.dll
MOD - [2010-11-23 01:06:22 | 000,055,808 | ---- | M] () -- C:\PROGRA~2\Raptr\zlib1.dll
MOD - [2010-11-23 00:57:34 | 000,167,936 | ---- | M] () -- C:\PROGRA~2\Raptr\win32gui.pyd
MOD - [2010-11-23 00:57:34 | 000,111,104 | ---- | M] () -- C:\PROGRA~2\Raptr\win32file.pyd
MOD - [2010-11-23 00:57:34 | 000,096,256 | ---- | M] () -- C:\PROGRA~2\Raptr\win32api.pyd
MOD - [2010-11-23 00:57:34 | 000,036,352 | ---- | M] () -- C:\PROGRA~2\Raptr\win32process.pyd
MOD - [2010-11-23 00:57:34 | 000,016,384 | ---- | M] () -- C:\PROGRA~2\Raptr\win32trace.pyd
MOD - [2010-11-23 00:57:18 | 000,141,312 | ---- | M] () -- C:\PROGRA~2\Raptr\gobject._gobject.pyd
MOD - [2010-11-23 00:57:06 | 000,263,168 | ---- | M] () -- C:\PROGRA~2\Raptr\win32com.shell.shell.pyd
MOD - [2010-11-23 00:56:56 | 000,354,304 | ---- | M] () -- C:\PROGRA~2\Raptr\pythoncom26.dll
MOD - [2010-11-23 00:56:56 | 000,110,592 | ---- | M] () -- C:\PROGRA~2\Raptr\pywintypes26.dll
MOD - [2010-11-23 00:56:02 | 000,805,376 | ---- | M] () -- C:\PROGRA~2\Raptr\_ssl.pyd
MOD - [2010-11-23 00:56:02 | 000,583,680 | ---- | M] () -- C:\PROGRA~2\Raptr\unicodedata.pyd
MOD - [2010-11-23 00:56:02 | 000,356,864 | ---- | M] () -- C:\PROGRA~2\Raptr\_hashlib.pyd
MOD - [2010-11-23 00:56:02 | 000,127,488 | ---- | M] () -- C:\PROGRA~2\Raptr\pyexpat.pyd
MOD - [2010-11-23 00:56:02 | 000,087,040 | ---- | M] () -- C:\PROGRA~2\Raptr\_ctypes.pyd
MOD - [2010-11-23 00:56:02 | 000,044,544 | ---- | M] () -- C:\PROGRA~2\Raptr\_sqlite3.pyd
MOD - [2010-11-23 00:56:02 | 000,043,008 | ---- | M] () -- C:\PROGRA~2\Raptr\_socket.pyd
MOD - [2010-11-23 00:56:02 | 000,010,240 | ---- | M] () -- C:\PROGRA~2\Raptr\select.pyd
MOD - [2010-11-23 00:56:02 | 000,009,216 | ---- | M] () -- C:\PROGRA~2\Raptr\winsound.pyd
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2014-09-19 03:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014-02-24 05:04:34 | 000,240,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2014-02-23 23:41:38 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:[b]64bit:[/b] - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014-09-10 18:22:09 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-09-05 16:34:22 | 003,364,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014-09-05 16:23:18 | 000,293,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe -- (avgwd)
SRV - [2014-05-30 18:00:28 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014-03-21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014-03-12 00:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe -- (BBUpdate)
SRV - [2014-03-12 00:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe -- (BBSvc)
SRV - [2013-09-11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013-07-27 00:46:24 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-11-15 18:30:16 | 002,139,400 | ---- | M] () [Auto | Running] -- D:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe -- (OS Selector)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2014-10-20 18:18:30 | 000,045,352 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\MpEngineStore\MpKsl41d8fba6.sys -- (MpKsl41d8fba6)
DRV:[b]64bit:[/b] - [2014-08-20 21:45:10 | 000,243,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:[b]64bit:[/b] - [2014-08-06 21:39:52 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:[b]64bit:[/b] - [2014-07-24 14:06:36 | 000,247,576 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:[b]64bit:[/b] - [2014-07-18 15:53:26 | 000,313,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:[b]64bit:[/b] - [2014-07-02 09:58:24 | 000,270,616 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:[b]64bit:[/b] - [2014-06-18 21:03:34 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:[b]64bit:[/b] - [2014-06-18 21:03:34 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:[b]64bit:[/b] - [2014-06-18 21:03:20 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:[b]64bit:[/b] - [2014-02-24 06:01:48 | 013,929,472 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2014-02-24 04:27:24 | 000,636,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2013-12-19 18:45:50 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2013-11-04 10:50:54 | 000,059,648 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
DRV:[b]64bit:[/b] - [2013-08-02 02:45:06 | 000,310,368 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:[b]64bit:[/b] - [2013-08-02 02:45:00 | 000,132,704 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:[b]64bit:[/b] - [2013-05-30 02:39:05 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2013-03-07 09:49:18 | 000,017,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:[b]64bit:[/b] - [2013-03-07 09:49:18 | 000,009,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:[b]64bit:[/b] - [2013-02-12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2012-12-13 15:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012-08-21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012-07-03 13:00:00 | 000,088,704 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:[b]64bit:[/b] - [2012-07-03 13:00:00 | 000,065,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:[b]64bit:[/b] - [2012-05-11 15:55:46 | 000,158,720 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV:[b]64bit:[/b] - [2012-05-11 15:55:46 | 000,123,392 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:[b]64bit:[/b] - [2012-05-11 15:55:46 | 000,123,392 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:[b]64bit:[/b] - [2012-05-11 15:55:46 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-09-29 11:30:34 | 000,646,248 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-05-13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:[b]64bit:[/b] - [2011-05-13 03:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:[b]64bit:[/b] - [2011-05-13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:[b]64bit:[/b] - [2011-05-13 03:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:[b]64bit:[/b] - [2011-05-13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:[b]64bit:[/b] - [2011-05-11 18:23:10 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-05-11 18:23:10 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008-01-19 01:10:30 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2013-03-07 09:49:20 | 000,013,896 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2013-03-07 09:49:20 | 000,009,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008-05-02 06:15:44 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}: C:\Program Files (x86)\RelevantKnowledge\firefox
 
[2014-08-18 08:42:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\Extensions
[2014-10-21 02:06:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\rukhls5a.default\extensions
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil9f.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0280303A-B68F-466D-971F-65A982DD7F71}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3F71217-D3A8-419D-92D4-BA039669E732}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DECCC713-696C-49B7-8BF7-1277DE9B2544}: DhcpNameServer = 192.168.0.1 192.168.0.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-11-19 11:39:09 | 000,000,646 | R--- | M] () - J:\AutoRun.dat -- [ CDFS ]
O32 - AutoRun File - [2012-11-19 11:39:09 | 000,333,136 | R--- | M] () - J:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2012-11-19 11:39:09 | 000,000,046 | R--- | M] () - J:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{5b48ffce-58a5-11e4-b35c-902b3413c030}\Shell - "" = AutoRun
O33 - MountPoints2\{5b48ffce-58a5-11e4-b35c-902b3413c030}\Shell\AutoRun\command - "" = J:\AutoRun.exe -- [2012-11-19 11:39:09 | 000,333,136 | R--- | M] ()
O33 - MountPoints2\{5b48ffdd-58a5-11e4-b35c-00a0c6000000}\Shell - "" = AutoRun
O33 - MountPoints2\{5b48ffdd-58a5-11e4-b35c-00a0c6000000}\Shell\AutoRun\command - "" = J:\AutoRun.exe -- [2012-11-19 11:39:09 | 000,333,136 | R--- | M] ()
O33 - MountPoints2\{70afda10-c8c1-11e2-888f-902b3413c030}\Shell - "" = AutoRun
O33 - MountPoints2\{70afda10-c8c1-11e2-888f-902b3413c030}\Shell\AutoRun\command - "" = K:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014-10-21 01:33:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014-10-21 01:32:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014-10-21 01:32:48 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Local\Google
[2014-10-21 01:32:21 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Local\Deployment
[2014-10-21 01:32:21 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Local\Apps
[2014-10-21 00:39:35 | 000,158,720 | ---- | C] (ZTE Corporation) -- C:\Windows\SysNative\drivers\ZTEusbnet.sys
[2014-10-21 00:39:35 | 000,123,392 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys
[2014-10-21 00:39:35 | 000,123,392 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys
[2014-10-21 00:39:35 | 000,123,392 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys
[2014-10-21 00:39:35 | 000,011,776 | ---- | C] (MBB Incorporated) -- C:\Windows\SysNative\drivers\massfilter.sys
[2014-10-21 00:39:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
[2014-10-21 00:39:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SupportAppCB
[2014-10-21 00:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Manager
[2014-10-20 18:18:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MpEngineStore
[2014-10-20 18:17:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014-10-19 12:51:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg_Update_0914av
[2014-10-19 12:49:54 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\AVG2015
[2014-10-19 12:49:09 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\TuneUp Software
[2014-10-19 12:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2014-10-19 12:48:12 | 000,000,000 | -H-D | C] -- C:\$AVG
[2014-10-19 12:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2015
[2014-10-19 12:48:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2014-10-19 12:47:23 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014-10-19 12:47:23 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Local\MFAData
[2014-10-19 12:47:23 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014-10-19 12:47:23 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Local\Avg2015
[2014-10-17 12:52:30 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\InstallShield
[2014-10-14 13:18:08 | 000,971,544 | ---- | C] (TMRG,  Inc.) -- C:\Windows\SysNative\rlls64.dll
[2014-10-13 13:13:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 3
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014-10-21 02:22:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-10-21 02:09:27 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-10-21 02:07:30 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014-10-21 01:37:37 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-10-21 01:33:51 | 000,002,261 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-10-21 01:12:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-10-21 01:12:06 | 2145,292,287 | -HS- | M] () -- C:\hiberfil.sys
[2014-10-21 00:39:56 | 001,698,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-10-21 00:39:56 | 000,749,806 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014-10-21 00:39:56 | 000,662,796 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-10-21 00:39:56 | 000,161,284 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014-10-21 00:39:56 | 000,125,926 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-10-21 00:39:32 | 000,002,000 | ---- | M] () -- C:\Users\Public\Desktop\Internet Manager.lnk
[2014-10-21 00:05:31 | 000,013,532 | ---- | M] () -- C:\Users\Przemek\Desktop\avg.csv
[2014-10-19 12:49:09 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2015.lnk
[2014-10-18 00:34:15 | 000,022,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-10-18 00:34:15 | 000,022,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-10-15 19:01:50 | 000,000,472 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014-10-13 13:13:31 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Mass Effect 3.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014-10-21 01:33:51 | 000,002,261 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-10-21 01:32:57 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-10-21 01:32:56 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-10-21 00:39:32 | 000,002,000 | ---- | C] () -- C:\Users\Public\Desktop\Internet Manager.lnk
[2014-10-21 00:05:31 | 000,013,532 | ---- | C] () -- C:\Users\Przemek\Desktop\avg.csv
[2014-10-19 12:49:09 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2015.lnk
[2014-10-13 13:13:31 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Mass Effect 3.lnk
[2014-02-23 23:53:44 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013-08-02 02:54:28 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2013-08-02 02:54:27 | 002,498,216 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2013-08-02 02:54:27 | 000,087,112 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2013-08-02 02:54:27 | 000,013,896 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2013-08-02 02:54:27 | 000,009,160 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2013-06-03 18:55:50 | 000,000,095 | ---- | C] () -- C:\Users\Przemek\AppData\Local\fusioncache.dat
[2013-06-02 10:18:28 | 000,000,008 | RHS- | C] () -- C:\Users\Przemek\ntuser.pol
[2013-06-02 10:18:15 | 000,000,472 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013-06-02 09:52:59 | 001,669,976 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-05-30 22:39:12 | 000,000,132 | ---- | C] () -- C:\Users\Przemek\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
[2013-05-30 05:59:27 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013-05-30 05:59:26 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013-05-29 19:01:36 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013-03-29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013-03-29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013-03-29 03:38:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013-03-29 03:38:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-11-21 15:10:20 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-06-25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-06-25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013-08-13 15:29:25 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Ashampoo
[2014-10-19 12:49:54 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\AVG2015
[2014-08-12 16:47:43 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\GHISLER
[2013-11-25 17:08:37 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Hard Disk Sentinel
[2014-05-30 17:08:42 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Origin
[2013-08-05 22:28:51 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\PunkBuster
[2014-10-21 01:06:32 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Raptr
[2014-10-19 12:49:09 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\TuneUp Software
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >