OTL logfile created on: 2014-05-25 12:53:09 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\INSTALKI Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,50 Gb Total Physical Memory | 2,42 Gb Available Physical Memory | 69,05% Memory free 6,06 Gb Paging File | 4,94 Gb Available in Paging File | 81,46% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 37,46 Gb Total Space | 0,99 Gb Free Space | 2,64% Space Free | Partition Type: NTFS Drive D: | 54,09 Gb Total Space | 2,75 Gb Free Space | 5,08% Space Free | Partition Type: NTFS Drive F: | 19,65 Gb Total Space | 12,61 Gb Free Space | 64,18% Space Free | Partition Type: NTFS Computer Name: SEBEK-KOMPUTER | User Name: sebek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-05-25 12:51:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\INSTALKI\OTL(1).exe PRC - [2014-05-10 08:20:23 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2014-05-08 15:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2014-03-04 14:34:44 | 001,821,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2014-03-04 14:34:44 | 000,943,048 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2014-03-04 13:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2014-02-28 15:23:54 | 000,009,216 | ---- | M] (Hi-Rez Studios) -- D:\GRY\SMITE\HiPatchService.exe PRC - [2014-02-05 11:32:47 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2014-02-05 11:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe PRC - [2014-02-05 11:32:31 | 015,904,544 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe PRC - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2009-07-17 15:32:00 | 003,576,320 | ---- | M] (Native Instruments GmbH) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe PRC - [2009-07-14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009-07-14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-07-14 03:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2009-07-14 03:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-05-10 08:20:23 | 003,839,088 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2014-05-14 17:20:07 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014-05-10 08:20:23 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-05-08 15:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2014-03-04 13:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2014-02-28 15:23:54 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- D:\GRY\SMITE\HiPatchService.exe -- (HiPatchService) SRV - [2014-02-05 11:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService) SRV - [2014-02-05 11:32:31 | 015,904,544 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV - [2012-07-04 10:38:04 | 001,009,840 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe -- (AcuWVSSchedulerv8) SRV - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009-07-17 15:32:00 | 003,576,320 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-07-14 03:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS) SRV - [2009-07-14 03:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2009-07-14 03:15:21 | 000,308,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\ftpsvc.dll -- (ftpsvc) SRV - [2009-07-14 03:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [File_System | On_Demand | Stopped] -- C:\Program Files\Xfire2\XFDriver.sys -- (XFDriver) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\taphss6.sys -- (taphss6) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\sebek\AppData\Local\Temp\catchme.sys -- (catchme) DRV - [2014-05-25 12:50:00 | 000,030,976 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hitmanpro37.sys -- (hitmanpro37) DRV - [2014-05-24 21:03:21 | 000,107,736 | ---- | M] (Malwarebytes Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV - [2014-05-09 17:03:34 | 000,052,920 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys -- ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw) DRV - [2014-04-24 12:35:26 | 000,052,928 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{572f484b-455f-44b0-9d6a-da3ad2071365}Gw.sys -- ({572f484b-455f-44b0-9d6a-da3ad2071365}Gw) DRV - [2014-03-04 16:29:02 | 010,523,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2014-02-14 09:34:02 | 000,121,336 | ---- | M] (Ray Hinchliffe) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SIVX32.sys -- (SIVDriver) DRV - [2013-12-27 20:42:24 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible) DRV - [2013-12-24 12:50:03 | 000,015,112 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\apf004.sys -- (apf004) DRV - [2013-10-23 16:11:22 | 000,114,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu) DRV - [2010-02-23 12:39:48 | 001,500,160 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur) DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009-07-14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD) DRV - [2009-03-18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-826192588-505911015-375912798-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-826192588-505911015-375912798-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-826192588-505911015-375912798-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-826192588-505911015-375912798-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: sqlime%40security.compass:0.4.7 FF - prefs.js..extensions.enabledAddons: acunetixwebscanner%40attila.gerendi:1.0.48 FF - prefs.js..extensions.enabledAddons: ebesucher-surfbar%40kashiif.com:1.0.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found FF - HKLM\Software\MozillaPlugins\@qq.com/TXSSO: C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.94\Bin\npSSOAxCtrlForPTLogin.dll (Tencent) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: File not found [2013-12-12 08:59:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sebek\AppData\Roaming\mozilla\Extensions [2014-05-25 11:50:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sebek\AppData\Roaming\mozilla\Firefox\Profiles\7swdtaol.default\extensions [2014-05-15 07:50:59 | 000,097,884 | ---- | M] () (No name found) -- C:\Users\sebek\AppData\Roaming\mozilla\firefox\profiles\7swdtaol.default\extensions\acunetixwebscanner@attila.gerendi.xpi [2014-05-25 11:50:07 | 000,055,696 | ---- | M] () (No name found) -- C:\Users\sebek\AppData\Roaming\mozilla\firefox\profiles\7swdtaol.default\extensions\ebesucher-surfbar@kashiif.com.xpi [2014-05-10 14:55:29 | 003,570,288 | ---- | M] () (No name found) -- C:\Users\sebek\AppData\Roaming\mozilla\firefox\profiles\7swdtaol.default\extensions\firefox@mega.co.nz.xpi [2014-05-13 18:00:32 | 000,130,840 | ---- | M] () (No name found) -- C:\Users\sebek\AppData\Roaming\mozilla\firefox\profiles\7swdtaol.default\extensions\sqlime@security.compass.xpi [2014-05-20 12:55:00 | 000,019,530 | ---- | M] () (No name found) -- C:\Users\sebek\AppData\Roaming\mozilla\firefox\profiles\7swdtaol.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-05-04 15:39:30 | 000,957,880 | ---- | M] () (No name found) -- C:\Users\sebek\AppData\Roaming\mozilla\firefox\profiles\7swdtaol.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-10 08:20:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014-05-10 08:20:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2014-05-11 17:13:09 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - Reg Error: Value error. File not found O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-826192588-505911015-375912798-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found O15 - HKU\S-1-5-21-826192588-505911015-375912798-1001\..Trusted Domains: aeriagames.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-826192588-505911015-375912798-1001\..Trusted Domains: aeriagames.com ([]https in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.62 62.179.1.63 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC009A91-9D3A-4740-977A-4927B6AD3DDE}: DhcpNameServer = 62.179.1.62 62.179.1.63 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (bootdelete) O34 - HKLM BootExecute: (bootdelete) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-05-25 08:17:58 | 000,000,000 | ---D | C] -- C:\Users\sebek\Desktop\RISKBOT [2014-05-25 08:01:07 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Local\VirtualStore [2014-05-24 23:21:15 | 000,000,000 | ---D | C] -- C:\Users\sebek\Desktop\BOTEKDNT [2014-05-24 21:39:19 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat [2014-05-24 21:00:46 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-05-24 21:00:44 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2014-05-24 19:25:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat [2014-05-24 15:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro [2014-05-22 13:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios [2014-05-20 14:33:04 | 000,052,928 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\{572f484b-455f-44b0-9d6a-da3ad2071365}Gw.sys [2014-05-20 13:37:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard [2014-05-20 13:02:48 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\VOPackage [2014-05-20 13:02:48 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage [2014-05-20 13:01:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pazera Free MP4 to AVI Converter [2014-05-20 13:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\pazera-software [2014-05-19 19:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cool MKV To MP4 Converter [2014-05-19 19:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Cool MKV To MP4 Converter [2014-05-18 17:03:05 | 000,000,000 | ---D | C] -- C:\Users\sebek\Documents\eagle [2014-05-18 17:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 6.5.0 [2014-05-18 17:02:05 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\CadSoft [2014-05-15 07:51:01 | 000,000,000 | ---D | C] -- C:\Users\sebek\AcunetixScanner [2014-05-14 18:22:57 | 000,000,000 | ---D | C] -- C:\Users\sebek\Documents\Acunetix WVS 8 [2014-05-14 18:20:04 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Acunetix WVS 8 [2014-05-14 18:20:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acunetix Web Vulnerability Scanner 8 [2014-05-14 18:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\Acunetix [2014-05-14 18:18:43 | 000,000,000 | ---D | C] -- C:\Users\sebek\Desktop\Av8.0_full_100%_clean_and_cracked [2014-05-14 15:04:12 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Local\Skype [2014-05-14 15:03:39 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2014-05-14 15:03:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2014-05-14 15:03:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2014-05-13 18:02:10 | 000,000,000 | ---D | C] -- C:\Users\sebek\Desktop\Tor Browser [2014-05-13 12:50:55 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Local\Mega Limited [2014-05-13 11:45:09 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\Hex-Rays [2014-05-13 11:43:14 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Netwide Assembler 2.07 [2014-05-13 11:43:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Netwide Assembler 2.07 [2014-05-13 11:43:14 | 000,000,000 | ---D | C] -- C:\Program Files\NASM [2014-05-13 11:34:21 | 000,000,000 | ---D | C] -- C:\totalcmd [2014-05-13 11:34:21 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander [2014-05-13 11:34:21 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\GHISLER [2014-05-13 07:13:57 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\CodeBlocks [2014-05-13 07:13:10 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks [2014-05-13 07:13:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks [2014-05-11 17:14:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2014-05-11 17:14:14 | 000,000,000 | ---D | C] -- C:\Windows\temp [2014-05-11 17:14:14 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Local\temp [2014-05-11 16:51:37 | 000,000,000 | ---D | C] -- C:\SOPHTEMP [2014-05-11 16:46:18 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll [2014-05-11 16:45:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2014-05-11 16:37:03 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro [2014-05-11 16:36:44 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2014-05-11 14:09:40 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\MPC-HC [2014-05-11 14:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC [2014-05-11 14:09:05 | 000,000,000 | ---D | C] -- C:\Program Files\MPC-HC [2014-05-11 13:06:22 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2014-05-11 13:06:22 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2014-05-11 13:06:22 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2014-05-11 13:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [2014-05-11 09:57:46 | 000,000,000 | ---D | C] -- C:\NPE [2014-05-11 09:50:38 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Local\NPE [2014-05-11 09:34:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\BestPractices [2014-05-11 09:02:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2014-05-11 08:58:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2014-05-11 08:58:17 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2014-05-11 08:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller [2014-05-11 02:09:25 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Illusion [2014-05-11 02:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Illusion [2014-05-11 02:06:59 | 000,000,000 | ---D | C] -- C:\Program Files\Illusion [2014-05-10 21:22:06 | 000,000,000 | ---D | C] -- C:\Users\sebek\Documents\SQL Server Management Studio Express [2014-05-10 21:21:34 | 000,000,000 | ---D | C] -- C:\Users\sebek\Documents\Visual Studio 2005 [2014-05-10 21:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005 [2014-05-10 20:52:52 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Local\Microsoft_Corporation [2014-05-10 20:27:29 | 000,000,000 | ---D | C] -- C:\inetpub [2014-05-10 18:39:26 | 000,052,920 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys [2014-05-10 17:13:14 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ [2014-05-10 17:13:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ [2014-05-10 17:13:12 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\Notepad++ [2014-05-10 17:13:12 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++ [2014-05-10 17:11:56 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Local\LightTable [2014-05-10 17:08:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\kED [2014-05-10 17:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\kED [2014-05-10 10:32:25 | 000,000,000 | ---D | C] -- C:\Users\sebek\Documents\Bound by Flame [2014-05-10 10:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bound By Flame [2014-05-10 08:20:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2014-04-30 14:48:15 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\Gadu-Gadu [2014-04-30 11:39:38 | 000,000,000 | ---D | C] -- C:\Users\sebek\Gadu-Gadu [2014-04-30 11:39:37 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gadu-Gadu [2014-04-30 11:39:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadu-Gadu [2014-04-30 11:39:36 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu [2014-04-29 09:43:52 | 000,000,000 | ---D | C] -- C:\Users\sebek\AppData\Roaming\DarkSoulsII [2014-04-29 09:40:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dark Souls 2 [2014-04-27 21:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst [2014-04-27 18:32:57 | 000,000,000 | ---D | C] -- C:\Users\sebek\Documents\Assassin's Creed IV Black Flag [2014-04-27 18:16:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag [2014-04-27 12:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman - Contracts [2014-04-27 11:24:19 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-05-25 12:50:00 | 000,030,976 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro37.sys [2014-05-25 12:49:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-05-25 12:49:10 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-05-25 12:49:10 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-05-25 12:46:55 | 000,006,546 | ---- | M] () -- C:\Windows\System32\.crusader [2014-05-25 12:19:02 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-05-25 09:14:27 | 000,000,080 | ---- | M] () -- C:\Users\sebek\AppData\Roaming\mBot.ini [2014-05-25 08:01:18 | 003,736,672 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2014-05-24 21:03:21 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-05-24 21:00:43 | 000,001,050 | ---- | M] () -- C:\Users\sebek\Desktop\Anti-Malware Is Running.lnk [2014-05-24 15:31:41 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2014-05-24 15:26:01 | 000,007,626 | ---- | M] () -- C:\Users\sebek\AppData\Local\Resmon.ResmonCfg [2014-05-22 13:31:52 | 000,000,730 | ---- | M] () -- C:\Users\Public\Desktop\Smite.lnk [2014-05-22 13:31:52 | 000,000,553 | ---- | M] () -- C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk [2014-05-22 13:04:20 | 000,000,559 | ---- | M] () -- C:\Users\Public\Desktop\Global Agenda Live.lnk [2014-05-20 22:55:46 | 000,008,397 | ---- | M] () -- C:\Users\sebek\Desktop\images.jpg [2014-05-20 13:01:35 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Pazera Free MP4 to AVI Converter.lnk [2014-05-19 19:37:15 | 001,039,218 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014-05-19 19:37:15 | 000,776,162 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2014-05-19 19:37:15 | 000,366,790 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014-05-19 19:37:15 | 000,271,826 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2014-05-16 21:57:31 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2014-05-15 15:18:40 | 000,000,132 | ---- | M] () -- C:\Users\sebek\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe [2014-05-14 18:20:23 | 000,000,716 | ---- | M] () -- C:\Windows\WVS_InstDBLogFile.csv [2014-05-14 18:20:03 | 000,001,264 | ---- | M] () -- C:\Users\Public\Desktop\Acunetix Web Vulnerability Scanner 8.lnk [2014-05-14 18:20:03 | 000,001,255 | ---- | M] () -- C:\Users\Public\Desktop\Acunetix WVS Reporter 8.lnk [2014-05-14 17:20:06 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2014-05-14 17:20:06 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2014-05-14 15:03:39 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2014-05-13 11:43:14 | 000,001,791 | ---- | M] () -- C:\Users\sebek\Desktop\NASM.lnk [2014-05-13 11:34:22 | 000,000,632 | ---- | M] () -- C:\Users\sebek\Desktop\Total Commander.lnk [2014-05-11 19:01:41 | 000,000,586 | ---- | M] () -- C:\Users\sebek\Desktop\Bound By Flame.lnk [2014-05-11 17:30:21 | 000,000,857 | ---- | M] () -- C:\Users\sebek\Desktop\µTorrent.lnk [2014-05-11 17:13:09 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2014-05-11 17:00:38 | 003,116,032 | ---- | M] () -- C:\Windows\System32\pbsvc.exe [2014-05-11 17:00:37 | 000,356,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvusmu.exe [2014-05-11 17:00:36 | 000,530,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe [2014-05-11 17:00:36 | 000,356,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvunrm.exe [2014-05-11 17:00:36 | 000,356,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE [2014-05-11 17:00:33 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2014-05-11 17:00:32 | 000,338,944 | ---- | M] () -- C:\Windows\System32\gdsmux.exe [2014-05-11 14:09:08 | 000,001,817 | ---- | M] () -- C:\Users\Public\Desktop\MPC-HC.lnk [2014-05-11 10:32:31 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2014-05-11 09:10:16 | 000,000,028 | ---- | M] () -- C:\Windows\ODBC.INI [2014-05-10 16:49:09 | 010,539,380 | ---- | M] () -- C:\Users\sebek\Desktop\Databases.rar [2014-05-09 17:03:34 | 000,052,920 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys [2014-04-30 11:39:37 | 000,000,932 | ---- | M] () -- C:\Users\sebek\Desktop\Gadu-Gadu.lnk [2014-04-30 08:51:10 | 000,000,545 | ---- | M] () -- C:\Windows\UC.PIF [2014-04-30 08:51:10 | 000,000,545 | ---- | M] () -- C:\Windows\RAR.PIF [2014-04-30 08:51:10 | 000,000,545 | ---- | M] () -- C:\Windows\PKZIP.PIF [2014-04-30 08:51:10 | 000,000,545 | ---- | M] () -- C:\Windows\PKUNZIP.PIF [2014-04-30 08:51:10 | 000,000,545 | ---- | M] () -- C:\Windows\LHA.PIF [2014-04-30 08:51:10 | 000,000,545 | ---- | M] () -- C:\Windows\ARJ.PIF [2014-04-27 18:17:00 | 000,000,746 | ---- | M] () -- C:\Users\Public\Desktop\Assassin's Creed IV - Black Flag.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-05-25 12:50:00 | 000,030,976 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro37.sys [2014-05-24 21:00:43 | 000,001,050 | ---- | C] () -- C:\Users\sebek\Desktop\Anti-Malware Is Running.lnk [2014-05-24 15:50:12 | 000,006,546 | ---- | C] () -- C:\Windows\System32\.crusader [2014-05-24 15:31:41 | 000,001,931 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2014-05-22 13:31:52 | 000,000,730 | ---- | C] () -- C:\Users\Public\Desktop\Smite.lnk [2014-05-22 13:04:20 | 000,000,559 | ---- | C] () -- C:\Users\Public\Desktop\Global Agenda Live.lnk [2014-05-22 13:04:20 | 000,000,553 | ---- | C] () -- C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk [2014-05-20 22:55:46 | 000,008,397 | ---- | C] () -- C:\Users\sebek\Desktop\images.jpg [2014-05-20 13:01:35 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Pazera Free MP4 to AVI Converter.lnk [2014-05-16 21:57:31 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2014-05-16 21:57:31 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2014-05-14 18:20:03 | 000,001,264 | ---- | C] () -- C:\Users\Public\Desktop\Acunetix Web Vulnerability Scanner 8.lnk [2014-05-14 18:20:03 | 000,001,255 | ---- | C] () -- C:\Users\Public\Desktop\Acunetix WVS Reporter 8.lnk [2014-05-14 18:19:37 | 000,000,716 | ---- | C] () -- C:\Windows\WVS_InstDBLogFile.csv [2014-05-14 15:03:39 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2014-05-13 11:43:14 | 000,001,791 | ---- | C] () -- C:\Users\sebek\Desktop\NASM.lnk [2014-05-13 11:34:22 | 000,000,632 | ---- | C] () -- C:\Users\sebek\Desktop\Total Commander.lnk [2014-05-13 11:34:21 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF [2014-05-13 11:34:21 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF [2014-05-13 11:34:21 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF [2014-05-13 11:34:21 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF [2014-05-13 11:34:21 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF [2014-05-13 11:34:21 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF [2014-05-11 14:09:08 | 000,001,817 | ---- | C] () -- C:\Users\Public\Desktop\MPC-HC.lnk [2014-05-11 10:32:31 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2014-05-10 22:13:30 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI [2014-05-10 16:49:03 | 010,539,380 | ---- | C] () -- C:\Users\sebek\Desktop\Databases.rar [2014-05-10 10:31:13 | 000,000,586 | ---- | C] () -- C:\Users\sebek\Desktop\Bound By Flame.lnk [2014-04-30 11:39:37 | 000,000,932 | ---- | C] () -- C:\Users\sebek\Desktop\Gadu-Gadu.lnk [2014-04-27 18:17:00 | 000,000,746 | ---- | C] () -- C:\Users\Public\Desktop\Assassin's Creed IV - Black Flag.lnk [2014-03-19 18:08:41 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2014-02-02 23:40:33 | 000,000,132 | ---- | C] () -- C:\Users\sebek\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe [2014-01-21 22:49:23 | 000,139,584 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2014-01-21 22:49:17 | 000,138,904 | ---- | C] () -- C:\Users\sebek\AppData\Roaming\PnkBstrK.sys [2014-01-21 22:48:42 | 000,291,760 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2014-01-21 22:48:40 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2014-01-15 18:37:56 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2014-01-15 18:37:56 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2014-01-15 18:37:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2014-01-15 18:37:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2014-01-15 18:37:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013-12-24 12:50:03 | 000,026,376 | ---- | C] () -- C:\Windows\System32\apl004.sys [2013-12-24 12:50:03 | 000,015,112 | ---- | C] () -- C:\Windows\System32\apf004.sys [2013-11-25 00:15:53 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2013-11-17 19:31:17 | 000,007,626 | ---- | C] () -- C:\Users\sebek\AppData\Local\Resmon.ResmonCfg [2013-11-11 12:49:29 | 000,000,080 | ---- | C] () -- C:\Users\sebek\AppData\Roaming\mBot.ini [2013-11-09 13:28:48 | 000,001,552 | ---- | C] () -- C:\Windows\System32\drivers\SAMSfPa.dat [2013-08-29 21:36:04 | 000,039,896 | ---- | C] () -- C:\Windows\System32\DiscHandler.exe [2013-07-26 15:24:22 | 006,275,760 | ---- | C] () -- C:\Windows\System32\avcodec-lav-55.dll [2013-07-26 15:24:22 | 001,239,216 | ---- | C] () -- C:\Windows\System32\avformat-lav-55.dll [2013-07-26 15:24:22 | 000,394,416 | ---- | C] () -- C:\Windows\System32\swscale-lav-2.dll [2013-07-26 15:24:22 | 000,288,944 | ---- | C] () -- C:\Windows\System32\avutil-lav-52.dll [2013-07-26 15:24:22 | 000,235,184 | ---- | C] () -- C:\Windows\System32\avfilter-lav-3.dll [2013-07-26 15:24:22 | 000,190,640 | ---- | C] () -- C:\Windows\System32\libbluray.dll [2013-07-26 15:24:22 | 000,150,192 | ---- | C] () -- C:\Windows\System32\avresample-lav-1.dll [2013-06-08 13:54:10 | 003,915,776 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll [2013-06-08 13:53:06 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2013-06-08 13:52:30 | 000,271,360 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll [2013-06-08 13:52:12 | 000,157,184 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll [2013-06-08 13:52:10 | 000,147,456 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll [2013-06-08 13:52:10 | 000,099,840 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll [2013-06-08 13:52:08 | 001,525,760 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll [2013-06-08 13:52:08 | 000,211,968 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll [2013-06-08 13:52:08 | 000,114,688 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll [2013-06-08 13:52:06 | 000,136,704 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll [2013-03-21 06:10:16 | 000,042,880 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2012-11-21 00:32:40 | 003,116,032 | ---- | C] () -- C:\Windows\System32\pbsvc.exe [2012-09-30 00:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\System32\Formats.ini [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013-12-23 19:45:01 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\Aeria Games & Entertainment [2014-05-08 20:18:55 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\Audacity [2014-02-16 11:20:15 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\AVG [2014-01-01 01:19:11 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\AVG2014 [2013-11-09 13:59:22 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\Awesomium [2014-02-17 19:20:39 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\Battle.net [2013-11-11 13:45:31 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\BlueSprig [2014-05-18 17:02:05 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\CadSoft [2014-04-29 09:44:18 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\DarkSoulsII [2014-04-30 14:48:15 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\Gadu-Gadu [2014-04-01 19:47:19 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\GG [2014-05-13 11:34:21 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\GHISLER [2013-12-20 00:54:22 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\Grupa IMAGE [2013-11-22 11:42:05 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\Guitar Pro 6 [2014-02-15 16:48:00 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\HD Tune Pro [2014-05-13 11:45:09 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\Hex-Rays [2014-04-08 15:23:53 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\IrfanView [2014-05-11 14:09:40 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\MPC-HC [2013-12-19 00:37:30 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\NapiProjekt [2014-05-10 17:43:49 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\Notepad++ [2014-02-14 22:33:00 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\OBS [2014-01-24 12:07:37 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\openvr [2013-12-12 08:55:50 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\Opera Software [2013-12-25 19:58:06 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\Riot Games [2013-12-25 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\Tencent [2014-05-25 10:45:47 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\TS3Client [2014-02-16 11:24:41 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\TuneUp Software [2014-05-24 21:37:28 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\uTorrent [2014-05-24 21:21:08 | 000,000,000 | ---D | M] -- C:\Users\sebek\AppData\Roaming\VOPackage [color=#E56717]========== Purity Check ==========[/color] < End of report >