OTL logfile created on: 2014-01-08 17:35:06 - Run 3 OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Monika\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 282,56 Gb Total Space | 203,37 Gb Free Space | 71,97% Space Free | Partition Type: NTFS Computer Name: MONIKA-KOMPUTER | User Name: Monika | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-01-08 17:21:11 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Downloads\OTL (1).scr PRC - [2013-12-04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2013-08-30 08:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013-08-22 05:03:49 | 000,303,680 | ---- | M] (Wsys Co., Ltd.) -- C:\ProgramData\eSafe\eGdpSvc.exe PRC - [2013-05-11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-05-12 03:09:42 | 000,380,224 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011-02-01 12:20:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2011-02-01 12:20:46 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010-07-28 16:34:02 | 000,569,752 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2014-01-08 17:21:11 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Downloads\OTL (1).scr MOD - [2013-08-30 08:47:30 | 000,243,032 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2013-05-20 01:29:09 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll MOD - [2013-05-20 01:29:09 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll MOD - [2013-05-20 01:29:09 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll MOD - [2013-05-20 01:29:09 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll MOD - [2013-05-20 01:29:09 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll MOD - [2013-05-20 01:29:09 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll MOD - [2010-11-20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2013-11-26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2013-09-06 18:32:06 | 000,288,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService) SRV:[b]64bit:[/b] - [2013-08-30 08:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013-12-11 11:53:13 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-11-24 19:20:52 | 000,146,920 | ---- | M] (SaveSense) [On_Demand | Stopped] -- C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe -- (savesenselivem) SaveSenseLive Service (savesenselivem) SRV - [2013-11-24 19:20:52 | 000,146,920 | ---- | M] (SaveSense) [Auto | Stopped] -- C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe -- (savesenselive) SaveSenseLive Service (savesenselive) SRV - [2013-08-22 05:03:49 | 000,303,680 | ---- | M] (Wsys Co., Ltd.) [Auto | Running] -- C:\ProgramData\eSafe\eGdpSvc.exe -- (WsysSvc) SRV - [2013-08-17 14:55:38 | 000,199,976 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\WebConnect\updateWebConnect.exe -- (Update WK) SRV - [2013-05-11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-05-12 03:09:42 | 000,380,224 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012-01-05 16:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv) SRV - [2011-03-22 14:22:12 | 002,361,344 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2011-03-08 19:16:00 | 000,073,376 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2011-02-01 12:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2011-02-01 12:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010-07-28 16:34:02 | 000,569,752 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdvgkmd.sys -- (VGPU) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\synth3dvsc.sys -- (Synth3dVsc) DRV:[b]64bit:[/b] - [2013-11-27 13:29:50 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2013-08-30 08:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2013-08-30 08:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2012-06-11 09:37:16 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2012-05-01 02:09:40 | 000,423,696 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2011-06-21 00:03:42 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2011-03-22 14:22:42 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-03-08 19:16:14 | 000,286,880 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:[b]64bit:[/b] - [2011-03-08 19:16:14 | 000,283,296 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:[b]64bit:[/b] - [2011-03-08 19:16:12 | 000,259,232 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:[b]64bit:[/b] - [2011-03-08 19:16:12 | 000,166,048 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:[b]64bit:[/b] - [2011-03-08 19:16:12 | 000,109,216 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV:[b]64bit:[/b] - [2011-03-08 19:16:12 | 000,059,040 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:[b]64bit:[/b] - [2011-03-08 19:16:12 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:[b]64bit:[/b] - [2011-03-08 19:16:12 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2010-10-19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 01:21:35 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthMtpEnum.sys -- (BthMtpEnum) DRV:[b]64bit:[/b] - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2007-08-03 04:35:54 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXU1CB1T0384T0384&ts=1377244819 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXU1CB1T0384T0384&ts=1377244819 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXU1CB1T0384T0384&ts=1377244819 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXU1CB1T0384T0384&ts=1377244819 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-285220622-3368628840-1272070776-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD3200BPVT-55JJ5T0_WD-WXU1CB1T0384T0384&ts=1377244819 IE - HKU\S-1-5-21-285220622-3368628840-1272070776-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-285220622-3368628840-1272070776-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-285220622-3368628840-1272070776-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=FA2B642737A232A6&affID=125032&tsp=5026 IE - HKU\S-1-5-21-285220622-3368628840-1272070776-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-285220622-3368628840-1272070776-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-285220622-3368628840-1272070776-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-19 10:08:11 | 000,000,000 | ---D | M] [2013-08-07 12:26:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\Extensions [2013-07-04 10:30:00 | 000,000,785 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\delta-homes.xml [2013-05-19 17:49:22 | 000,000,737 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (SaveSense) - {0f21b1e5-5afc-43c9-9c66-515046e92ec2} - C:\Program Files (x86)\SaveSense\SaveSenseIE.dll (SaveSense) O2 - BHO: (WebConnect) - {2316c625-b487-4410-a1a5-ff040b65245f} - C:\Program Files (x86)\WebConnect\WebConnectbho.dll (Web Connect) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (searchgol Helper Object) - {8F547BDD-FCD4-48F8-A06F-573D6F404A3C} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\bh\searchgol.dll (Montera Technologeis LTD) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (searchgol Toolbar) - {00078E95-3A4A-4137-8DE7-2824908D1C17} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll (Montera Technologeis LTD) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKU\S-1-5-21-285220622-3368628840-1272070776-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe File not found O4 - HKLM..\Run: [InstaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.) O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-285220622-3368628840-1272070776-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-285220622-3368628840-1272070776-1000..\Run: [ChomikBox] C:\Program Files (x86)\ChomikBox\ChomikBox.exe File not found O4 - HKU\S-1-5-21-285220622-3368628840-1272070776-1000..\Run: [ConduitFloatingPlugin_pkmpcdbgnfjfeelcpebpkflcmbkclfho] C:\Users\Monika\AppData\Local\Temp\CT3288691\plugins\TBVerifier.DLL File not found O4 - HKU\S-1-5-21-285220622-3368628840-1272070776-1000..\Run: [NTRedirect] C:\Users\Monika\AppData\Roaming\BabSolution\Shared\enhancedNT.DLL () O4 - HKU\S-1-5-21-285220622-3368628840-1272070776-1000..\Run: [TBHostSupport] C:\Users\Monika\AppData\Local\TBHostSupport\TBHostSupport.DLL (Conduit Ltd.) O4 - HKU\S-1-5-21-285220622-3368628840-1272070776-1000..\Run: [Torntv Downloader] C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe File not found O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\SysWow64\SPReview\SPReview.exe File not found O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\SysWow64\SPReview\SPReview.exe File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:[b]64bit:[/b] - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found O20:[b]64bit:[/b] - AppInit_DLLs: (c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll) - c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll File not found O20:[b]64bit:[/b] - AppInit_DLLs: (c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll) - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{6ef70c1d-d988-11e2-8020-642737a232a6}\Shell - "" = AutoRun O33 - MountPoints2\{6ef70c1d-d988-11e2-8020-642737a232a6}\Shell\AutoRun\command - "" = E:\iLinker.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-01-08 15:59:39 | 000,000,000 | ---D | C] -- C:\_OTL [2013-12-30 16:46:28 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Ganja_Mafia-Wiesz_Co_Sie_Kruszy [2013-12-28 22:44:59 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\(1) Klub Enklawa Konin_files [2013-12-28 15:36:52 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Facebook_files [2013-12-22 01:43:47 | 000,000,000 | -H-D | C] -- C:\Users\Monika\Desktop\.picasaoriginals [2013-12-21 01:24:34 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Dixon37 - Od Zawsze Na Zawsze (www.rapvision.pl) [2013-12-20 14:46:27 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Paluch - Lepszego Zycia Diler (www.rapvision.pl) [2013-12-18 18:31:48 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Sokol_I_Marysia_Starosta-Czarna_Biala_Magia-WEB-PL-2013-p4weu [2013-12-18 00:55:24 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Sobota-X_Przykazan-PL-2013-EMPiK [2013-12-14 11:31:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013-12-11 23:43:14 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2013-12-11 23:43:13 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2013-12-11 23:43:12 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2013-12-11 23:43:11 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2013-12-11 23:41:18 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013-12-11 23:41:18 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013-12-11 23:41:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2013-12-11 23:41:17 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013-12-11 23:41:17 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013-12-11 23:41:17 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2013-12-11 23:41:17 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013-12-11 23:41:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2013-12-11 23:41:17 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013-12-11 23:41:16 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013-12-11 23:41:16 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2013-12-11 23:41:16 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2013-12-11 23:41:15 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013-12-11 23:41:14 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013-12-11 23:41:13 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013-12-11 23:41:10 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013-12-11 23:41:10 | 004,243,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2013-12-11 11:53:06 | 009,272,200 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2013-12-11 10:14:21 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll [2013-12-11 10:14:21 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll [2013-12-11 10:14:18 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imagehlp.dll [2013-12-11 10:14:18 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2013-12-11 10:14:16 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013-12-11 10:14:16 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013-12-11 10:14:08 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys [2013-12-11 10:14:08 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys [2013-12-11 10:14:07 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll [2013-12-11 10:14:07 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe [2013-12-11 10:14:07 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx [2013-12-11 10:14:07 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx [2013-12-11 10:14:06 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll [2013-12-11 10:14:06 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe [1 C:\Users\Monika\AppData\Local\*.tmp files -> C:\Users\Monika\AppData\Local\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-01-08 17:30:53 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-01-08 17:30:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-01-08 17:27:02 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-01-08 17:27:02 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-01-08 17:26:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\SaveSenseLiveUpdateTaskMachineUA.job [2014-01-08 17:20:03 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\SaveSense.job [2014-01-08 17:18:35 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\SaveSenseLiveUpdateTaskMachineCore.job [2014-01-08 17:18:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-01-08 17:18:14 | 3206,959,104 | -HS- | M] () -- C:\hiberfil.sys [2014-01-08 17:00:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\FoxTab.job [2014-01-08 16:53:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-01-07 18:51:51 | 000,139,264 | ---- | M] () -- C:\Users\Monika\Desktop\Rozdział 1 zagadnienia w rekreacji Monika Malanowska.doc [2014-01-06 20:54:49 | 000,069,383 | ---- | M] () -- C:\Users\Monika\Desktop\1530459_561809723897562_1278491951_n.jpg [2014-01-04 13:20:04 | 000,000,073 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\WB.CFG [2013-12-28 22:44:59 | 001,107,747 | ---- | M] () -- C:\Users\Monika\Desktop\(1) Klub Enklawa Konin.htm [2013-12-28 15:36:52 | 001,049,144 | ---- | M] () -- C:\Users\Monika\Desktop\Facebook.htm [2013-12-27 14:38:11 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-12-27 14:38:11 | 000,698,004 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-12-27 14:38:11 | 000,616,100 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-12-27 14:38:11 | 000,135,082 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-12-27 14:38:11 | 000,106,480 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-12-27 13:59:49 | 007,491,131 | ---- | M] () -- C:\Users\Monika\Desktop\Showtek Feat We Are Loud- amp- Sonny Wilson - Booyah -Original Mix-.mp3 [2013-12-27 13:49:36 | 000,017,083 | ---- | M] () -- C:\Users\Monika\Desktop\1535630_601051913275900_1137786239_n.jpg [2013-12-19 14:11:15 | 000,026,112 | ---- | M] () -- C:\Users\Monika\Desktop\Nowy Dokument programu Microsoft Word.doc [2013-12-17 00:40:18 | 000,012,800 | ---- | M] () -- C:\Users\Monika\Desktop\Nowy Prezentacja programu Microsoft PowerPoint.ppt [2013-12-12 13:23:53 | 000,433,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-12-11 11:53:13 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-12-11 11:53:13 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-12-11 11:53:06 | 009,272,200 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [1 C:\Users\Monika\AppData\Local\*.tmp files -> C:\Users\Monika\AppData\Local\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-01-06 20:54:47 | 000,069,383 | ---- | C] () -- C:\Users\Monika\Desktop\1530459_561809723897562_1278491951_n.jpg [2013-12-28 22:44:58 | 001,107,747 | ---- | C] () -- C:\Users\Monika\Desktop\(1) Klub Enklawa Konin.htm [2013-12-28 15:36:52 | 001,049,144 | ---- | C] () -- C:\Users\Monika\Desktop\Facebook.htm [2013-12-27 13:59:15 | 007,491,131 | ---- | C] () -- C:\Users\Monika\Desktop\Showtek Feat We Are Loud- amp- Sonny Wilson - Booyah -Original Mix-.mp3 [2013-12-27 13:49:35 | 000,017,083 | ---- | C] () -- C:\Users\Monika\Desktop\1535630_601051913275900_1137786239_n.jpg [2013-12-19 14:10:19 | 000,026,112 | ---- | C] () -- C:\Users\Monika\Desktop\Nowy Dokument programu Microsoft Word.doc [2013-12-19 12:20:13 | 000,000,073 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\WB.CFG [2013-12-17 00:40:18 | 000,012,800 | ---- | C] () -- C:\Users\Monika\Desktop\Nowy Prezentacja programu Microsoft PowerPoint.ppt [2013-11-23 01:49:09 | 000,000,000 | ---- | C] () -- C:\Users\Monika\AppData\Local\{B0E03F1B-E7FB-4FF6-B66D-CED8BE47FCF8} [2013-05-29 12:54:05 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TemppP1872.html [2013-05-29 12:54:05 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempMI1872.html [2013-05-28 17:59:20 | 000,004,096 | -H-- | C] () -- C:\Users\Monika\AppData\Local\keyfile3.drm [2013-05-28 17:21:23 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempNH1776.html [2013-05-28 17:21:23 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TemptE1776.html [2013-05-28 15:47:28 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempWb1728.html [2013-05-28 15:47:28 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempuo1728.html [2013-05-28 14:08:44 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempPf1808.html [2013-05-28 14:08:44 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempyc1808.html [2013-05-28 10:13:15 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempwj1824.html [2013-05-27 17:29:22 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Temppo1868.html [2013-05-27 16:22:33 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempdA1780.html [2013-05-27 16:22:33 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempTL1780.html [2013-05-27 13:43:17 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempuc1784.html [2013-05-27 13:43:17 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempZK1784.html [2013-05-27 13:07:12 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempxg1828.html [2013-05-27 13:07:12 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempow1828.html [2013-05-27 08:25:34 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempFk1800.html [2013-05-27 08:25:34 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempiZ1800.html [2013-05-26 13:03:43 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempBN1744.html [2013-05-26 13:03:43 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempIN1744.html [2013-05-25 15:11:27 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempGn1776.html [2013-05-25 15:11:27 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempba1776.html [2013-05-25 15:05:02 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempOZ1732.html [2013-05-25 15:05:02 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempIA1732.html [2013-05-25 14:16:43 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempNN1748.html [2013-05-25 07:20:14 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempCJ1744.html [2013-05-24 23:34:45 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempPC1740.html [2013-05-24 21:07:27 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempFo1760.html [2013-05-24 21:07:27 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempGq1760.html [2013-05-24 13:34:22 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Temprt1704.html [2013-05-24 13:34:22 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempDO1704.html [2013-05-24 10:47:43 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TemprB1744.html [2013-05-24 10:47:43 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempsK1744.html [2013-05-24 10:08:43 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempiL1744.html [2013-05-23 20:55:40 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TemplB1780.html [2013-05-23 14:06:26 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempaK1744.html [2013-05-23 14:06:26 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempeM1744.html [2013-05-11 16:12:30 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2003-04-08 13:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI [color=#E56717]========== LOP Check ==========[/color] [2013-05-19 22:44:13 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\337 [2013-08-20 17:13:35 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Audacity [2013-10-05 21:19:59 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\BabSolution [2013-05-14 21:02:42 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Babylon [2013-05-29 12:59:12 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\DealPly [2013-05-29 12:53:22 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Desk 365 [2013-06-03 18:57:12 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\eDownload [2013-05-29 12:53:46 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\eIntaller [2013-11-10 22:00:02 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\FoxTab [2013-05-23 14:06:25 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Gadu-Gadu 10 [2013-11-04 22:22:04 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Global.F58001C6A320BE09FB6D7E092A4A96AA9BF1591A.1 [2013-05-14 21:13:23 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\OpenFM [2013-05-27 17:04:17 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\PerformerSoft [2013-11-10 22:11:02 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\PhotoScape [2013-11-24 19:20:49 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\SaveSense [2013-10-05 21:20:05 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\searchgol [2013-05-27 17:05:28 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Systweak [2013-08-04 22:43:36 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Tibia [2013-11-28 00:25:46 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\uTorrent [2013-10-21 13:15:28 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\WinZipper [2014-01-08 17:00:00 | 000,000,292 | ---- | M] () -- C:\Windows\Tasks\FoxTab.job [2014-01-08 17:20:03 | 000,000,296 | ---- | M] () -- C:\Windows\Tasks\SaveSense.job [2014-01-08 17:18:35 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job [2014-01-08 17:26:01 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job [2013-11-26 12:14:07 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >