OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\lukas\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17239) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,84 Gb Total Physical Memory | 5,76 Gb Available Physical Memory | 73,50% Memory free 15,68 Gb Paging File | 13,47 Gb Available in Paging File | 85,92% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 680,54 Gb Total Space | 386,87 Gb Free Space | 56,85% Space Free | Partition Type: NTFS Computer Name: lukas-Komputer | User Name: lukas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-09-07 19:24:46 | 027,904,512 | ---- | M] (Electronic Arts Inc.) -- C:\Users\lukas\AppData\Roaming\Mozzilla\csrss.exe PRC - [2014-08-26 10:13:51 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2014-08-25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe PRC - [2014-08-25 11:37:18 | 005,188,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe PRC - [2014-07-09 11:57:55 | 001,869,488 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe PRC - [2014-04-23 19:32:17 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2014-02-05 11:32:47 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2013-12-21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013-09-11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2013-06-26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2013-06-26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2013-04-07 15:58:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\lukas\Downloads\OTL.exe PRC - [2012-03-02 09:59:26 | 000,419,408 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe PRC - [2012-03-02 09:59:24 | 001,106,512 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2012-03-02 09:59:24 | 000,355,920 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2012-03-02 09:59:24 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2012-02-29 15:49:06 | 000,028,264 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe PRC - [2012-02-08 04:03:36 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012-02-08 04:03:34 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012-02-08 04:03:16 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe PRC - [2012-02-07 03:54:04 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe PRC - [2012-02-02 02:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2012-01-06 00:22:10 | 000,256,536 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe PRC - [2012-01-06 00:21:44 | 000,296,984 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-08-26 10:14:14 | 003,715,184 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2014-07-09 11:57:50 | 017,029,808 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll MOD - [2014-03-04 16:35:23 | 000,014,280 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll MOD - [2012-01-06 00:22:36 | 000,465,344 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2014-07-25 15:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2014-02-05 11:32:24 | 016,941,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV:[b]64bit:[/b] - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2012-02-08 02:53:48 | 000,871,296 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV:[b]64bit:[/b] - [2012-02-07 03:54:04 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service) SRV:[b]64bit:[/b] - [2012-02-03 07:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV:[b]64bit:[/b] - [2010-11-30 00:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:[b]64bit:[/b] - [2010-09-23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2014-08-26 10:14:07 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-08-25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd) SRV - [2014-08-14 00:30:50 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2014-07-09 07:18:40 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014-04-23 19:32:17 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2014-03-21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2013-12-21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013-09-11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2013-09-05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-06-26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2013-06-26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2012-07-25 19:58:26 | 000,126,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service) SRV - [2012-07-25 19:13:16 | 000,139,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe -- (fussvc) SRV - [2012-06-14 19:33:14 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012-03-02 09:59:24 | 000,355,920 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2012-02-29 15:49:06 | 000,028,264 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2012-02-20 06:18:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012-02-08 04:03:36 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012-02-08 04:03:34 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012-02-08 04:03:16 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) SRV - [2012-02-02 02:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2012-01-18 13:33:22 | 000,111,776 | ---- | M] (Atheros Communication Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe -- (DCDhcpService) SRV - [2012-01-06 00:22:10 | 000,256,536 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2011-06-21 22:55:04 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service) SRV - [2010-12-28 10:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE) SRV - [2010-10-12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2014-08-29 20:56:27 | 000,050,976 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp) DRV:[b]64bit:[/b] - [2014-06-30 12:43:02 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska) DRV:[b]64bit:[/b] - [2014-06-17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga) DRV:[b]64bit:[/b] - [2014-06-17 16:06:58 | 000,269,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:[b]64bit:[/b] - [2014-06-17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:[b]64bit:[/b] - [2014-03-04 16:35:23 | 000,033,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2013-06-26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:[b]64bit:[/b] - [2013-06-26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:[b]64bit:[/b] - [2013-06-26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:[b]64bit:[/b] - [2013-06-26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:[b]64bit:[/b] - [2012-11-20 21:20:46 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2012-05-03 23:59:06 | 000,081,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa) DRV:[b]64bit:[/b] - [2012-03-07 15:48:20 | 000,238,384 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:[b]64bit:[/b] - [2012-03-06 14:12:53 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:[b]64bit:[/b] - [2012-03-06 14:12:53 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:[b]64bit:[/b] - [2012-03-06 14:12:53 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-14 20:47:38 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2012-02-07 08:03:06 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:[b]64bit:[/b] - [2012-02-07 08:03:06 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:[b]64bit:[/b] - [2012-02-02 02:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2012-01-19 10:30:42 | 000,435,240 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:[b]64bit:[/b] - [2012-01-11 06:38:28 | 002,801,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2011-12-06 13:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2011-11-10 11:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2011-11-04 11:21:38 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp) DRV:[b]64bit:[/b] - [2011-11-04 11:21:36 | 000,068,648 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd) DRV:[b]64bit:[/b] - [2011-09-02 15:36:58 | 000,051,752 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa) DRV:[b]64bit:[/b] - [2011-07-14 07:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-07-14 07:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-30 00:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:[b]64bit:[/b] - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://istart.webssearches.com/web/?type=ds&ts=1406394586&from=wpc&uid=ST750LM022XHN-M750MBB_S2UNJ9BC400424&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://istart.webssearches.com/web/?type=ds&ts=1406394586&from=wpc&uid=ST750LM022XHN-M750MBB_S2UNJ9BC400424&q={searchTerms} IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll (Site Finder) IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{8B35EDEA-8021-445E-9684-3EA5176666DB}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1605787 IE - HKCU\..\SearchScopes\{szukaj.gazeta.pl}: "URL" = http://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\lukas\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\lukas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013-07-21 22:40:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukas\AppData\Roaming\mozilla\Extensions [2013-11-12 19:36:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukas\AppData\Roaming\mozilla\Firefox\C\Users\lukas\extensions [2013-11-12 19:36:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukas\AppData\Roaming\mozilla\Firefox\C\Users\lukas\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5} [2014-06-10 20:32:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukas\AppData\Roaming\mozilla\Firefox\C\Users\lukas\extensions\staged [2013-01-26 19:57:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukas\AppData\Roaming\mozilla\Firefox\C\Users\lukas\AppData\Roaming\Mozilla\Profiles\1vgg1mpn.cleaver\extensions [2013-01-26 19:57:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukas\AppData\Roaming\mozilla\Firefox\C\Users\lukas\AppData\Roaming\Mozilla\Profiles\1vgg1mpn.cleaver\extensions\{fcbf663e-8530-46f8-a880-ac5abe9d2b23} [2013-02-19 15:58:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukas\AppData\Roaming\mozilla\Profiles\1vgg1mpn.cleaver\extensions [2012-11-11 22:05:00 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\lukas\AppData\Roaming\mozilla\Profiles\1vgg1mpn.cleaver\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2014-09-07 20:44:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2014-09-07 20:44:43 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: http://www.google.com/ CHR - plugin: Error reading preferences file CHR - Extension: Dokumenty Google = C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\ CHR - Extension: Dysk Google = C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Szukaj w Google = C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google Wallet = C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: Gmail = C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\ O1 HOSTS File: ([2013-05-12 14:35:37 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No CLSID value found. O2:[b]64bit:[/b] - BHO: (Adblocker) - {AA6BB54A-8D54-9D39-AFC9-891563211FD2} - C:\Program Files (x86)\Adblocker\iPx7QEk.x64.dll File not found O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Reg Error: Value error. File not found O2 - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No CLSID value found. O2 - BHO: (Adblocker) - {AA6BB54A-8D54-9D39-AFC9-891563211FD2} - Reg Error: Value error. File not found O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - Reg Error: Value error. File not found O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (SiteFinder) - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll (Site Finder) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [ALU] C:\Program Files\Acer\Acer Updater\ALU.exe (Acer Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [NET Framework] C:\Users\lukas\AppData\Roaming\Mozzilla\csrss.exe (Electronic Arts Inc.) F3:[b]64bit:[/b] - HKCU WinNT: Load - (C:\Users\lukas\LOCALS~1\Temp\msqfvxcv.com) - C:\Users\lukas\LOCALS~1\Temp\msqfvxcv.com (adah jaws) F3 - HKCU WinNT: Load - (C:\Users\lukas\LOCALS~1\Temp\msqfvxcv.com) - C:\Users\lukas\LOCALS~1\Temp\msqfvxcv.com (adah jaws) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: 46791 = C:\PROGRA~3\LOCALS~1\Temp\msayxi.cmd (adah jaws) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced: StartMenuLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoClose = 0 O8:[b]64bit:[/b] - Extra context menu item: &P&obierz &za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com) O8:[b]64bit:[/b] - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &P&obierz &za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com) O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra Button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll (Site Finder) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.231.1.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{837E32BD-56D0-468D-A51D-CC8DD3307F0F}: DhcpNameServer = 217.172.224.160 89.231.1.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A6992DB-70CD-4F79-93A5-F5B329D82D4F}: DhcpNameServer = 192.168.0.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWOW64\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Users\lukas\AppData\Roaming\Mozzilla\csrss.exe) - C:\Users\lukas\AppData\Roaming\Mozzilla\csrss.exe (Electronic Arts Inc.) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Users\lukas\AppData\Roaming\Mozzilla\csrss.exe) - C:\Users\lukas\AppData\Roaming\Mozzilla\csrss.exe (Electronic Arts Inc.) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Users\lukas\AppData\Roaming\Mozzilla\csrss.exe) - C:\Users\lukas\AppData\Roaming\Mozzilla\csrss.exe (Electronic Arts Inc.) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Users\lukas\AppData\Roaming\Mozzilla\csrss.exe) - C:\Users\lukas\AppData\Roaming\Mozzilla\csrss.exe (Electronic Arts Inc.) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Users\lukas\AppData\Roaming\Mozzilla\csrss.exe) - C:\Users\lukas\AppData\Roaming\Mozzilla\csrss.exe (Electronic Arts Inc.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWOW64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013-07-21 22:12:45 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-09-07 20:55:21 | 000,000,000 | ---D | C] -- C:\Users\lukas\safebrowsing [2014-09-07 20:50:40 | 000,000,000 | ---D | C] -- C:\Users\lukas\startupCache [2014-09-07 20:45:32 | 000,000,000 | ---D | C] -- C:\Users\lukas\cache2 [2014-09-07 20:29:14 | 000,108,544 | ---- | C] (adah jaws) -- C:\ProgramData\svv.exe [2014-09-07 20:10:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2014-09-07 19:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Local Settings [2014-09-07 19:28:06 | 000,000,000 | ---D | C] -- C:\Users\lukas\AppData\Roaming\Mozzilla [2014-09-06 22:09:02 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2014-09-06 21:51:07 | 000,000,000 | ---D | C] -- C:\Users\lukas\Desktop\crack do rutor [2014-09-06 19:33:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games [2014-09-05 19:04:05 | 000,000,000 | -HSD | C] -- C:\found.001 [2014-08-31 14:48:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Among The Sleep [2014-08-31 14:45:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Among The Sleep [2014-08-31 13:55:04 | 000,000,000 | ---D | C] -- C:\Users\lukas\Documents\4A Games [2014-08-31 13:46:50 | 000,000,000 | ---D | C] -- C:\Users\lukas\AppData\Roaming\Steam [2014-08-31 13:44:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro 2033 Redux [2014-08-31 13:36:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Metro 2033 Redux [2014-08-29 20:56:40 | 000,000,000 | ---D | C] -- C:\Users\lukas\AppData\Local\AVG Web TuneUp [2014-08-29 20:56:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Web TuneUp [2014-08-29 20:56:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Web TuneUp [2014-08-27 18:59:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gazillion Entertainment [2014-08-26 23:38:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WB Games [2014-08-24 17:15:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Absolution [2014-08-24 16:39:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hitman Absolution [2014-08-24 16:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2014-08-24 16:04:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2014-08-23 19:18:29 | 000,000,000 | ---D | C] -- C:\Windows\RazorDOX [2014-08-22 18:16:35 | 000,000,000 | ---D | C] -- C:\Users\lukas\AppData\Local\Electronic_Arts_Inc [2014-08-21 18:37:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warner Bros. Interactive Entertainment [2014-08-17 20:47:24 | 000,000,000 | ---D | C] -- C:\Users\lukas\Documents\Games for Windows - LIVE Demos [2014-08-17 20:44:05 | 000,000,000 | ---D | C] -- C:\Users\lukas\AppData\Roaming\Microsoft Games [2014-08-17 13:19:43 | 000,000,000 | ---D | C] -- C:\Users\lukas\Documents\Disney Interactive Studios [2014-08-17 12:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney Interactive Studios [2014-08-13 22:50:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4 Demo Stwórz Sima [2014-08-13 22:32:58 | 000,000,000 | ---D | C] -- C:\Users\lukas\AppData\Local\Origin [2014-08-13 22:31:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin [2014-08-13 17:20:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2014-08-12 21:28:40 | 000,000,000 | ---D | C] -- C:\Users\lukas\lwtheme [2014-08-12 21:26:01 | 000,000,000 | ---D | C] -- C:\Users\lukas\adblockplus [2014-08-12 21:25:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-09-07 20:58:08 | 000,590,288 | ---- | M] () -- C:\Users\lukas\cookies.sqlite-wal [2014-09-07 20:57:22 | 002,097,152 | ---- | M] () -- C:\Users\lukas\cookies.sqlite [2014-09-07 20:54:33 | 000,100,821 | ---- | M] () -- C:\Users\lukas\sessionstore.js [2014-09-07 20:52:25 | 000,028,138 | ---- | M] () -- C:\Users\lukas\localstore.rdf [2014-09-07 20:52:18 | 010,485,760 | ---- | M] () -- C:\Users\lukas\places.sqlite [2014-09-07 20:52:18 | 000,623,080 | ---- | M] () -- C:\Users\lukas\places.sqlite-wal [2014-09-07 20:51:11 | 000,012,246 | ---- | M] () -- C:\Users\lukas\prefs.js [2014-09-07 20:50:51 | 000,032,768 | ---- | M] () -- C:\Users\lukas\healthreport.sqlite-shm [2014-09-07 20:50:51 | 000,000,000 | ---- | M] () -- C:\Users\lukas\healthreport.sqlite-wal [2014-09-07 20:50:41 | 000,032,768 | ---- | M] () -- C:\Users\lukas\webappsstore.sqlite-shm [2014-09-07 20:50:41 | 000,032,768 | ---- | M] () -- C:\Users\lukas\cookies.sqlite-shm [2014-09-07 20:50:41 | 000,000,090 | ---- | M] () -- C:\Users\lukas\sessionCheckpoints.json [2014-09-07 20:50:41 | 000,000,000 | ---- | M] () -- C:\Users\lukas\webappsstore.sqlite-wal [2014-09-07 20:50:40 | 000,032,768 | ---- | M] () -- C:\Users\lukas\places.sqlite-shm [2014-09-07 20:50:40 | 000,000,206 | ---- | M] () -- C:\Users\lukas\compatibility.ini [2014-09-07 20:50:40 | 000,000,000 | ---- | M] () -- C:\Users\lukas\parent.lock [2014-09-07 20:45:46 | 001,540,096 | ---- | M] () -- C:\Users\lukas\healthreport.sqlite [2014-09-07 20:45:46 | 000,327,680 | ---- | M] () -- C:\Users\lukas\cert8.db [2014-09-07 20:45:46 | 000,016,384 | ---- | M] () -- C:\Users\lukas\key3.db [2014-09-07 20:45:45 | 000,131,072 | ---- | M] () -- C:\Users\lukas\permissions.sqlite [2014-09-07 20:45:45 | 000,098,583 | ---- | M] () -- C:\Users\lukas\sessionstore.bak [2014-09-07 20:45:39 | 000,013,632 | ---- | M] () -- C:\Users\lukas\logins.json [2014-09-07 20:45:35 | 000,044,533 | ---- | M] () -- C:\Users\lukas\search.json [2014-09-07 20:45:34 | 000,005,236 | ---- | M] () -- C:\Users\lukas\addons.json [2014-09-07 20:45:34 | 000,000,141 | ---- | M] () -- C:\Users\lukas\extensions.ini [2014-09-07 20:45:34 | 000,000,002 | ---- | M] () -- C:\Users\lukas\directoryLinks.json [2014-09-07 20:45:33 | 000,034,778 | ---- | M] () -- C:\Users\lukas\extensions.json [2014-09-07 20:45:33 | 000,004,469 | ---- | M] () -- C:\Users\lukas\pluginreg.dat [2014-09-07 20:45:27 | 017,104,896 | ---- | M] () -- C:\Users\lukas\content-prefs.sqlite [2014-09-07 20:45:26 | 000,098,304 | ---- | M] () -- C:\Users\lukas\downloads.sqlite [2014-09-07 20:45:26 | 000,008,064 | ---- | M] () -- C:\Users\lukas\sessionstore.bak-20140825202822 [2014-09-07 20:45:26 | 000,000,001 | ---- | M] () -- C:\Users\lukas\_CACHE_CLEAN_ [2014-09-07 20:44:51 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2014-09-07 20:36:19 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-09-07 20:36:19 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-09-07 20:31:05 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-09-07 20:29:16 | 000,108,544 | ---- | M] (adah jaws) -- C:\ProgramData\svv.exe [2014-09-07 20:28:57 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-09-07 20:28:57 | 000,000,266 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2014-09-07 20:28:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-09-07 20:28:35 | 2018,791,423 | -HS- | M] () -- C:\hiberfil.sys [2014-09-07 20:27:42 | 005,931,008 | ---- | M] () -- C:\Users\lukas\webappsstore.sqlite [2014-09-07 20:11:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-09-07 20:10:34 | 000,524,288 | ---- | M] () -- C:\Users\lukas\addons.sqlite [2014-09-07 20:10:31 | 000,524,288 | ---- | M] () -- C:\Users\lukas\extensions.sqlite [2014-09-07 19:49:50 | 001,370,467 | ---- | M] () -- C:\Users\lukas\Desktop\adwcleaner_3.309.exe [2014-09-07 19:15:37 | 000,014,730 | ---- | M] () -- C:\Users\lukas\mimeTypes.rdf [2014-09-07 18:15:45 | 000,327,680 | ---- | M] () -- C:\Users\lukas\signons.sqlite [2014-09-07 18:15:45 | 000,196,608 | ---- | M] () -- C:\Users\lukas\formhistory.sqlite [2014-09-07 18:06:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-392196104-1519082344-2039332671-1001UA.job [2014-09-07 18:06:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-392196104-1519082344-2039332671-1001Core.job [2014-09-07 15:45:47 | 000,134,208 | ---- | M] () -- C:\Users\lukas\blocklist.xml [2014-09-04 16:57:47 | 000,002,153 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014-09-02 17:16:35 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk [2014-08-29 20:56:27 | 000,050,976 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys [2014-08-29 12:28:46 | 000,271,080 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014-08-26 23:57:26 | 000,001,722 | ---- | M] () -- C:\Users\lukas\Desktop\LEGOHarry2 — skrót.lnk [2014-08-17 20:41:32 | 000,000,792 | ---- | M] () -- C:\Windows\wininit.ini [2014-08-12 21:35:59 | 000,000,526 | ---- | M] () -- C:\Users\lukas\hotfix.v20140527.01.json [2014-08-12 21:28:40 | 000,117,087 | ---- | M] () -- C:\Users\lukas\lightweighttheme-header [2014-08-12 21:28:40 | 000,002,261 | ---- | M] () -- C:\Users\lukas\lightweighttheme-footer [2014-08-08 21:15:23 | 000,000,170 | ---- | M] () -- C:\Windows\game.ini [7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-09-07 20:54:33 | 000,100,821 | ---- | C] () -- C:\Users\lukas\sessionstore.js [2014-09-07 20:52:25 | 000,028,138 | ---- | C] () -- C:\Users\lukas\localstore.rdf [2014-09-07 20:51:11 | 000,012,246 | ---- | C] () -- C:\Users\lukas\prefs.js [2014-09-07 20:50:51 | 000,032,768 | ---- | C] () -- C:\Users\lukas\healthreport.sqlite-shm [2014-09-07 20:50:51 | 000,000,000 | ---- | C] () -- C:\Users\lukas\healthreport.sqlite-wal [2014-09-07 20:50:41 | 000,590,288 | ---- | C] () -- C:\Users\lukas\cookies.sqlite-wal [2014-09-07 20:50:41 | 000,032,768 | ---- | C] () -- C:\Users\lukas\webappsstore.sqlite-shm [2014-09-07 20:50:41 | 000,032,768 | ---- | C] () -- C:\Users\lukas\cookies.sqlite-shm [2014-09-07 20:50:41 | 000,000,000 | ---- | C] () -- C:\Users\lukas\webappsstore.sqlite-wal [2014-09-07 20:50:40 | 000,623,080 | ---- | C] () -- C:\Users\lukas\places.sqlite-wal [2014-09-07 20:50:40 | 000,032,768 | ---- | C] () -- C:\Users\lukas\places.sqlite-shm [2014-09-07 20:50:40 | 000,000,090 | ---- | C] () -- C:\Users\lukas\sessionCheckpoints.json [2014-09-07 20:45:39 | 000,013,632 | ---- | C] () -- C:\Users\lukas\logins.json [2014-09-07 20:45:35 | 000,044,533 | ---- | C] () -- C:\Users\lukas\search.json [2014-09-07 20:45:35 | 000,008,064 | ---- | C] () -- C:\Users\lukas\sessionstore.bak-20140825202822 [2014-09-07 20:45:34 | 000,005,236 | ---- | C] () -- C:\Users\lukas\addons.json [2014-09-07 20:45:34 | 000,000,002 | ---- | C] () -- C:\Users\lukas\directoryLinks.json [2014-09-07 20:45:33 | 000,034,778 | ---- | C] () -- C:\Users\lukas\extensions.json [2014-09-07 20:45:33 | 000,004,469 | ---- | C] () -- C:\Users\lukas\pluginreg.dat [2014-09-07 20:45:32 | 000,000,141 | ---- | C] () -- C:\Users\lukas\extensions.ini [2014-09-07 20:45:26 | 000,098,583 | ---- | C] () -- C:\Users\lukas\sessionstore.bak [2014-09-07 20:10:51 | 000,098,304 | ---- | C] () -- C:\Users\lukas\downloads.sqlite [2014-09-07 20:10:20 | 000,001,123 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2014-09-07 20:10:20 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2014-09-07 19:49:49 | 001,370,467 | ---- | C] () -- C:\Users\lukas\Desktop\adwcleaner_3.309.exe [2014-09-07 19:15:37 | 000,014,730 | ---- | C] () -- C:\Users\lukas\mimeTypes.rdf [2014-09-07 15:45:47 | 000,134,208 | ---- | C] () -- C:\Users\lukas\blocklist.xml [2014-09-06 22:13:45 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\msvcrt10.dll [2014-08-26 23:57:26 | 000,001,722 | ---- | C] () -- C:\Users\lukas\Desktop\LEGOHarry2 — skrót.lnk [2014-08-13 17:20:19 | 000,002,153 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014-08-13 17:19:58 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-08-13 17:19:57 | 000,001,042 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-08-12 21:35:59 | 000,000,526 | ---- | C] () -- C:\Users\lukas\hotfix.v20140527.01.json [2014-08-12 21:28:40 | 000,117,087 | ---- | C] () -- C:\Users\lukas\lightweighttheme-header [2014-08-12 21:28:40 | 000,002,261 | ---- | C] () -- C:\Users\lukas\lightweighttheme-footer [2014-08-12 21:25:56 | 000,000,206 | ---- | C] () -- C:\Users\lukas\compatibility.ini [2014-08-08 20:40:40 | 000,000,170 | ---- | C] () -- C:\Windows\game.ini [2014-07-26 19:08:15 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2014-07-19 10:48:22 | 000,000,203 | ---- | C] () -- C:\Windows\disney.ini [2014-06-13 00:31:04 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2014-06-10 20:32:08 | 000,000,126 | ---- | C] () -- C:\Users\lukas\search-metadata.json [2014-05-31 19:55:57 | 000,000,000 | ---- | C] () -- C:\Windows\ka.ini [2014-05-10 17:47:53 | 000,753,664 | ---- | C] () -- C:\Users\lukas\netpredictions.sqlite [2014-04-23 19:32:20 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2014-04-23 19:32:17 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2014-03-19 20:03:56 | 000,000,627 | ---- | C] () -- C:\Users\lukas\AppData\Roaming\All CPU MeterV3_Settings.ini [2014-03-17 21:15:10 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2013-12-08 00:55:33 | 000,000,000 | -HS- | C] () -- C:\Users\lukas\AppData\Local\LumaEmu [2013-07-21 22:41:23 | 001,540,096 | ---- | C] () -- C:\Users\lukas\healthreport.sqlite [2013-07-21 22:40:23 | 002,097,152 | ---- | C] () -- C:\Users\lukas\cookies.sqlite [2013-07-21 22:40:23 | 000,000,001 | ---- | C] () -- C:\Users\lukas\_CACHE_CLEAN_ [2013-07-21 22:40:18 | 000,000,029 | ---- | C] () -- C:\Users\lukas\times.json [2013-04-19 22:51:24 | 000,000,792 | ---- | C] () -- C:\Windows\wininit.ini [2013-04-07 23:58:20 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013-04-07 23:58:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013-04-07 23:58:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013-04-07 23:58:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013-04-07 23:58:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013-03-22 19:30:42 | 002,643,352 | ---- | C] () -- C:\Windows\SysWow64\pb.exe [2013-02-25 21:55:16 | 000,000,000 | ---- | C] () -- C:\Users\lukas\parent.lock [2013-02-19 16:51:48 | 000,524,288 | ---- | C] () -- C:\Users\lukas\addons.sqlite [2013-02-19 16:47:46 | 000,196,608 | ---- | C] () -- C:\Users\lukas\formhistory.sqlite [2013-02-19 16:46:23 | 000,327,680 | ---- | C] () -- C:\Users\lukas\signons.sqlite [2013-02-19 16:46:22 | 052,428,800 | ---- | C] () -- C:\Users\lukas\urlclassifier3.sqlite [2013-02-19 16:46:22 | 017,104,896 | ---- | C] () -- C:\Users\lukas\content-prefs.sqlite [2013-02-19 16:46:22 | 001,446,954 | ---- | C] () -- C:\Users\lukas\urlclassifier.pset [2013-02-19 16:46:21 | 010,485,760 | ---- | C] () -- C:\Users\lukas\places.sqlite [2013-02-19 16:46:21 | 005,931,008 | ---- | C] () -- C:\Users\lukas\webappsstore.sqlite [2013-02-19 16:46:21 | 000,524,288 | ---- | C] () -- C:\Users\lukas\extensions.sqlite [2013-02-19 16:46:21 | 000,327,680 | ---- | C] () -- C:\Users\lukas\cert8.db [2013-02-19 16:46:21 | 000,131,072 | ---- | C] () -- C:\Users\lukas\permissions.sqlite [2013-02-19 16:46:21 | 000,016,384 | ---- | C] () -- C:\Users\lukas\secmod.db [2013-02-19 16:46:21 | 000,016,384 | ---- | C] () -- C:\Users\lukas\key3.db [2013-01-25 23:01:51 | 000,007,597 | ---- | C] () -- C:\Users\lukas\AppData\Local\Resmon.ResmonCfg [2012-12-12 22:45:15 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012-11-20 21:31:33 | 000,000,000 | ---- | C] () -- C:\Windows\Setup32.INI [2012-10-31 17:20:59 | 000,171,008 | ---- | C] () -- C:\Windows\SysWow64\rld.dll [2012-10-26 22:00:08 | 001,644,748 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014-06-25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014-06-25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2013-09-27 22:13:27 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\2K Sports [2014-07-25 18:23:04 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Ace [2014-06-28 11:57:18 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Activision [2014-09-06 22:47:39 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\AIMP3 [2014-04-18 22:16:59 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\AVG2014 [2014-04-01 20:47:14 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Battle.net [2012-12-27 11:49:19 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Behaviour Interactive [2014-03-25 20:38:16 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\BinarySense [2014-09-07 19:28:49 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\BitComet [2012-10-30 21:18:49 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\BitSpirit [2014-05-01 08:53:49 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\BitTorrent [2014-06-07 19:53:23 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\BlueSprig [2014-07-26 17:07:41 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\CLOUDY [2014-08-26 23:33:13 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\DAEMON Tools Lite [2014-02-03 00:37:35 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Day 1 Studios [2012-10-29 21:31:11 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\DeadMage [2014-07-23 20:53:01 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Disney Interactive Studios [2014-02-28 19:26:08 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\DisneyInteractiveStudios [2013-03-17 20:08:04 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\DMCache [2013-11-24 13:01:56 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Injustice [2014-05-18 16:56:22 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Injustice - Gods Among Us. Ultimate Edition [2014-04-15 11:48:10 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Kalypso Media [2014-07-09 20:58:28 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\LEGO Marvel Super Heroes [2014-01-19 14:15:39 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\LucasArts [2014-09-07 19:28:06 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Mozzilla [2013-03-12 14:51:45 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\NapiProjekt [2013-09-24 18:09:29 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Octane [2012-12-07 22:29:29 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Opera [2014-06-15 16:07:15 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Opera Software [2014-03-23 18:35:35 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Origin [2014-04-23 19:32:14 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\PunkBuster [2014-07-26 22:45:19 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Riot Games [2012-10-26 01:35:05 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Screensaver [2014-08-19 11:46:42 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\SoftGrid Client [2014-07-18 22:46:19 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Splinter Cell - Blacklist [2014-08-31 13:46:50 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Steam [2014-04-06 10:44:32 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Talisman [2013-02-28 19:37:19 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Theta [2013-08-21 15:09:10 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\TMNT [2012-10-26 22:00:38 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\TP [2014-02-08 16:26:03 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\ttales [2012-12-25 14:51:52 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\TuneUp Software [2014-07-13 16:45:13 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Ubisoft [2012-11-19 16:50:34 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Unity [2013-11-12 19:42:40 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\uTorrent [2014-08-10 11:20:58 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Warner Bros. Interactive Entertainment [2014-03-26 18:57:17 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\WB Games [2012-10-26 21:53:32 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\WildTangent [2013-12-03 14:00:58 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Windows Live Writer [2013-02-09 21:48:50 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\YoudaGames [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:55B41E6A < End of report >