OTL logfile created on: 2014-09-27 09:57:50 - Run 4 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Marcin\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 165,92 Gb Total Space | 73,94 Gb Free Space | 44,57% Space Free | Partition Type: NTFS Drive D: | 299,75 Gb Total Space | 61,40 Gb Free Space | 20,48% Space Free | Partition Type: NTFS Drive G: | 14,94 Gb Total Space | 14,82 Gb Free Space | 99,20% Space Free | Partition Type: NTFS Computer Name: MARCIN-KOMPUTER | User Name: Marcin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-09-27 09:55:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Marcin\Desktop\OTL_3.2.17.3.exe PRC - [2014-09-26 20:15:14 | 001,133,968 | ---- | M] () -- C:\Users\Marcin\AppData\Local\Installer\Installsense_25464\delay.exe PRC - [2014-09-26 19:27:49 | 001,129,872 | ---- | M] () -- C:\Users\Marcin\AppData\Local\Installer\Install_16050\setup.exe PRC - [2014-09-12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2014-08-08 19:08:53 | 000,694,784 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\IePluginServices\PluginService.exe PRC - [2014-07-14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe PRC - [2014-07-14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe PRC - [2013-10-23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2013-10-18 03:34:57 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe PRC - [2013-05-09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-08-27 10:12:28 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2009-09-30 14:02:50 | 002,320,920 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009-09-30 14:02:48 | 000,268,824 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2014-09-27 09:55:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Marcin\Desktop\OTL_3.2.17.3.exe MOD - [2013-05-09 10:58:26 | 000,246,592 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2010-08-21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA) SRV:[b]64bit:[/b] - [2013-10-18 03:35:48 | 015,122,208 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV:[b]64bit:[/b] - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2014-09-26 20:15:41 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem) globalUpdate Update Service (globalUpdatem) SRV - [2014-09-26 20:15:41 | 000,068,608 | ---- | M] (globalUpdate) [Auto | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate) globalUpdate Update Service (globalUpdate) SRV - [2014-09-26 19:31:45 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2014-09-25 17:48:18 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014-09-12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2014-08-14 00:30:50 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2014-08-08 19:08:53 | 000,694,784 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginServices\PluginService.exe -- (IePluginServices) SRV - [2014-07-14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc) SRV - [2014-07-14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc) SRV - [2014-04-03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-10-23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013-10-18 03:34:26 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013-09-07 10:13:38 | 000,055,624 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2012-08-27 10:12:28 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-09-30 14:02:50 | 002,320,920 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009-09-30 14:02:48 | 000,268,824 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - File not found [Kernel | Auto | Stopped] -- C:\Windows\SysNative\Drivers\SSPORT.sys -- (SSPORT) DRV:[b]64bit:[/b] - [2014-07-19 16:09:22 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2014-07-19 16:04:56 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2013-09-28 01:01:44 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) NVIDIA Virtual Audio Device (Wave Extensible) (WDM) DRV:[b]64bit:[/b] - [2013-05-09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2013-05-09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2012-12-13 15:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2012-08-21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2011-03-11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-10-13 13:20:44 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1) DRV:[b]64bit:[/b] - [2010-07-08 10:32:19 | 000,050,056 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus) DRV:[b]64bit:[/b] - [2010-07-08 10:32:19 | 000,022,792 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini) DRV:[b]64bit:[/b] - [2010-07-08 10:32:14 | 000,172,040 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiK0836.sys -- (SaiK0836) DRV:[b]64bit:[/b] - [2009-12-30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt) DRV:[b]64bit:[/b] - [2009-11-06 09:52:52 | 007,773,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2009-10-30 00:56:34 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:[b]64bit:[/b] - [2009-09-17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:[b]64bit:[/b] - [2009-08-20 18:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-07-31 11:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\XENfiltv.sys -- (XENfiltv) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:[b]64bit:[/b] - [2008-12-26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM) DRV:[b]64bit:[/b] - [2006-12-05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207) DRV - [2014-08-27 17:58:01 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2012-03-03 10:38:20 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2011-09-10 17:11:06 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv) DRV - [2009-09-11 01:50:16 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\SSPORT.SYS -- (SSPORT) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1407517713&from=cor&uid=ST3500418AS_5VMCBGHWXXXX5VMCBGHW&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1407517713&from=cor&uid=ST3500418AS_5VMCBGHWXXXX5VMCBGHW&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1407517713&from=cor&uid=ST3500418AS_5VMCBGHWXXXX5VMCBGHW&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1407517713&from=cor&uid=ST3500418AS_5VMCBGHWXXXX5VMCBGHW&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-26 11:36:48 | 000,000,000 | ---D | M] [2013-10-18 12:54:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Apps Hat) - {11111111-1111-1111-1111-110411851159} - C:\Program Files (x86)\Apps Hat\Apps Hat-bho64.dll (Nero) O2:[b]64bit:[/b] - BHO: (Senses) - {11111111-1111-1111-1111-110611191115} - C:\Program Files (x86)\Senses\Senses-bho64.dll File not found O2:[b]64bit:[/b] - BHO: (iWebar) - {11111111-1111-1111-1111-110611511123} - C:\Program Files (x86)\iWebar\iWebar-bho64.dll File not found O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (YTAHelper) - {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} - C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.) O2 - BHO: (Apps Hat) - {11111111-1111-1111-1111-110411851159} - C:\Program Files (x86)\Apps Hat\Apps Hat-bho.dll (Nero) O2 - BHO: (iWebar) - {11111111-1111-1111-1111-110611511123} - C:\Program Files (x86)\iWebar\iWebar-bho.dll File not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (YTAHelper) - {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} - C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\system32\nvspcap64.DLL File not found O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKCU..\Run: [LiveSupport] C:\Program Files (x86)\LiveSupport\LiveSupport.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0 O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File not found O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.67.2) O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 1.7.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.67.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 206.217.129.42 8.8.8.8 O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll) - c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{0950c258-5251-11e2-9f11-6cf0490cc117}\Shell - "" = AutoRun O33 - MountPoints2\{0950c258-5251-11e2-9f11-6cf0490cc117}\Shell\AutoRun\command - "" = F:\Startme.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-09-27 09:56:01 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Marcin\Desktop\OTL_3.2.17.3.exe [2014-09-26 20:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative Labs [2014-09-26 20:25:01 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Creative [2014-09-26 20:15:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iWebar [2014-09-26 20:12:37 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\VS Revo Group [2014-09-26 20:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group [2014-09-26 20:12:29 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys [2014-09-26 20:12:28 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2014-09-26 20:02:47 | 000,000,000 | ---D | C] -- C:\ProgramData\374311380 [2014-09-26 20:00:45 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Creative [2014-09-26 19:56:44 | 000,873,472 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\XENAPO64.dll [2014-09-26 19:56:44 | 000,733,184 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\XENAPO32.dll [2014-09-26 19:56:44 | 000,285,696 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\XENCFX64.dll [2014-09-26 19:56:44 | 000,235,520 | ---- | C] (Creative Technology Limited) -- C:\Windows\SysNative\XENcInst.dll [2014-09-26 19:56:44 | 000,219,136 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\XENCFX32.dll [2014-09-26 19:56:44 | 000,057,856 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\XENpld64.dll [2014-09-26 19:56:44 | 000,025,600 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\XENfiltv.sys [2014-09-26 19:56:29 | 001,942,528 | ---- | C] (Creative) -- C:\Windows\SysNative\Sens_oal.dll [2014-09-26 19:56:24 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mscomct2.ocx [2014-09-26 19:56:24 | 000,053,248 | ---- | C] (Creative Technology Ltd ) -- C:\Windows\Ctregrun.exe [2014-09-26 19:55:45 | 000,000,000 | ---D | C] -- C:\Program Files\Creative [2014-09-26 19:49:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apps Hat [2014-09-26 19:46:47 | 087,095,816 | ---- | C] (Creative Technology Ltd) -- C:\Users\Marcin\Desktop\SBTA_PCDRV1_WIN8_BETA_LD_1_01_0001.exe [2014-09-26 19:39:19 | 001,464,728 | ---- | C] (Object Browser) -- C:\Users\Marcin\AppData\Roaming\IEDJ.exe [2014-09-26 19:38:51 | 001,909,144 | ---- | C] (Object Browser) -- C:\Users\Marcin\AppData\Roaming\IRGS.exe [2014-09-26 19:38:47 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\globalUpdate [2014-09-26 19:38:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate [2014-09-26 19:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative [2014-09-26 19:30:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative [2014-09-26 19:28:33 | 000,000,000 | ---D | C] -- C:\ProgramData\YTAHelper [2014-09-26 19:28:32 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\YTAHelper [2014-09-26 19:28:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTAHelper [2014-09-26 19:28:26 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\GOOBZO [2014-09-26 19:28:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouTube Accelerator [2014-09-26 19:27:59 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Installer [2014-09-25 17:48:18 | 000,701,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2014-09-25 17:48:18 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2014-09-18 20:36:31 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Overwolf [2014-09-15 20:39:01 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\NVIDIA [2014-09-14 15:17:31 | 001,063,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll [2014-09-14 15:17:31 | 000,955,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll [2014-09-14 15:16:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2014-09-14 15:15:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2014-09-14 15:14:15 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433165.dll [2014-09-14 15:14:15 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433165.dll [2014-09-14 15:14:13 | 030,344,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2014-09-14 15:14:13 | 025,257,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2014-09-14 15:14:13 | 022,933,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2014-09-14 15:14:13 | 018,286,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2014-09-14 15:14:13 | 018,199,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2014-09-14 15:14:13 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2014-09-14 15:14:13 | 015,855,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2014-09-14 15:14:13 | 015,212,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2014-09-14 15:14:13 | 011,426,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2014-09-14 15:14:13 | 011,374,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2014-09-14 15:14:13 | 009,524,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2014-09-14 15:14:13 | 009,480,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2014-09-14 15:14:13 | 003,131,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2014-09-14 15:14:13 | 003,124,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2014-09-14 15:14:13 | 003,067,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2014-09-14 15:14:13 | 002,946,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2014-09-14 15:14:13 | 002,747,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2014-09-14 15:14:13 | 002,695,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2014-09-14 15:14:13 | 000,696,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll [2014-09-14 15:14:13 | 000,655,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll [2014-09-14 15:14:13 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll [2014-09-14 15:14:13 | 000,560,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll [2014-09-14 15:13:51 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys [2014-09-14 15:13:47 | 000,029,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll [2014-09-14 15:13:47 | 000,028,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll [2014-09-06 23:13:44 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Razer_Inc [2014-09-06 23:13:41 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\Razer [2014-09-06 23:11:48 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Razer [2014-09-06 23:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer [2014-08-30 23:22:49 | 000,000,000 | ---D | C] -- C:\4837d44a0c3ab12a3b [2014-08-28 19:42:30 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Publish Providers [2014-08-28 19:36:57 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2014-08-28 18:54:17 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\{6D3631B8-6D5C-438B-BB79-676B81127E51} [2014-08-28 18:47:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BandiMPEG1 [2014-08-28 18:38:58 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\BANDISOFT [2014-08-28 18:38:44 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\Bandicam [81 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-09-27 09:57:04 | 001,701,508 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014-09-27 09:57:04 | 000,754,982 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2014-09-27 09:57:04 | 000,660,412 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014-09-27 09:57:04 | 000,160,804 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2014-09-27 09:57:04 | 000,126,562 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014-09-27 09:56:16 | 000,019,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-09-27 09:56:16 | 000,019,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-09-27 09:55:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Marcin\Desktop\OTL_3.2.17.3.exe [2014-09-27 09:54:07 | 000,003,446 | ---- | M] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-6.job [2014-09-27 09:49:10 | 000,002,422 | ---- | M] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-5_user.job [2014-09-27 09:49:10 | 000,002,422 | ---- | M] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-5.job [2014-09-27 09:49:08 | 000,004,812 | ---- | M] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-11.job [2014-09-27 09:49:08 | 000,004,472 | ---- | M] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-11.job [2014-09-27 09:49:08 | 000,004,470 | ---- | M] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-4.job [2014-09-27 09:49:08 | 000,004,468 | ---- | M] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-11.job [2014-09-27 09:49:08 | 000,003,786 | ---- | M] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-7.job [2014-09-27 09:49:08 | 000,003,786 | ---- | M] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-6.job [2014-09-27 09:49:08 | 000,003,786 | ---- | M] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-4.job [2014-09-27 09:49:08 | 000,003,786 | ---- | M] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-7.job [2014-09-27 09:49:08 | 000,003,786 | ---- | M] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-6.job [2014-09-27 09:49:08 | 000,003,786 | ---- | M] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-4.job [2014-09-27 09:49:08 | 000,003,110 | ---- | M] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-7.job [2014-09-27 09:49:08 | 000,003,106 | ---- | M] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-3.job [2014-09-27 09:49:08 | 000,003,072 | ---- | M] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-1.job [2014-09-27 09:49:08 | 000,003,072 | ---- | M] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-1.job [2014-09-27 09:49:08 | 000,002,762 | ---- | M] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-5_user.job [2014-09-27 09:49:08 | 000,002,762 | ---- | M] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-5.job [2014-09-27 09:49:08 | 000,002,762 | ---- | M] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-5_user.job [2014-09-27 09:49:08 | 000,002,762 | ---- | M] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-5.job [2014-09-27 09:49:08 | 000,002,736 | ---- | M] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-1.job [2014-09-27 09:49:08 | 000,002,418 | ---- | M] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-2.job [2014-09-27 09:49:08 | 000,002,418 | ---- | M] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-2.job [2014-09-27 09:49:08 | 000,002,086 | ---- | M] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-2.job [2014-09-27 09:49:08 | 000,001,338 | ---- | M] () -- C:\Windows\tasks\IRGS.job [2014-09-27 09:49:08 | 000,001,338 | ---- | M] () -- C:\Windows\tasks\IEDJ.job [2014-09-27 09:49:08 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-09-27 09:49:08 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job [2014-09-27 09:48:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-09-27 09:48:45 | 3113,869,312 | -HS- | M] () -- C:\hiberfil.sys [2014-09-26 23:15:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-09-26 21:43:37 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-09-26 21:01:20 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2014-09-26 20:20:08 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job [2014-09-26 19:49:23 | 087,095,816 | ---- | M] (Creative Technology Ltd) -- C:\Users\Marcin\Desktop\SBTA_PCDRV1_WIN8_BETA_LD_1_01_0001.exe [2014-09-26 19:39:19 | 001,464,728 | ---- | M] (Object Browser) -- C:\Users\Marcin\AppData\Roaming\IEDJ.exe [2014-09-26 19:38:51 | 001,909,144 | ---- | M] (Object Browser) -- C:\Users\Marcin\AppData\Roaming\IRGS.exe [2014-09-25 17:48:18 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2014-09-25 17:48:18 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2014-09-25 15:20:08 | 000,002,149 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014-09-01 10:18:44 | 000,002,086 | ---- | M] () -- C:\Users\Marcin\AppData\Roaming\IEDJ [2014-09-01 10:18:44 | 000,001,248 | ---- | M] () -- C:\Users\Marcin\AppData\Roaming\IRGS [2014-08-28 19:47:38 | 000,007,670 | ---- | M] () -- C:\Windows\SysNative\--traceoff [2014-08-28 19:37:57 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\--debugoff [81 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-09-26 20:17:00 | 000,002,762 | ---- | C] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-5_user.job [2014-09-26 20:16:58 | 000,002,762 | ---- | C] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-5.job [2014-09-26 20:16:45 | 000,002,418 | ---- | C] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-2.job [2014-09-26 20:16:29 | 000,003,072 | ---- | C] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-1.job [2014-09-26 20:16:21 | 000,003,786 | ---- | C] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-4.job [2014-09-26 20:15:57 | 000,003,786 | ---- | C] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-6.job [2014-09-26 20:15:52 | 000,003,786 | ---- | C] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-7.job [2014-09-26 20:15:43 | 000,004,468 | ---- | C] () -- C:\Windows\tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-11.job [2014-09-26 19:56:20 | 000,007,062 | ---- | C] () -- C:\Windows\SysWow64\audiopid.vxd [2014-09-26 19:50:39 | 000,002,422 | ---- | C] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-5_user.job [2014-09-26 19:50:38 | 000,002,422 | ---- | C] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-5.job [2014-09-26 19:50:26 | 000,002,086 | ---- | C] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-2.job [2014-09-26 19:50:20 | 000,002,736 | ---- | C] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-1.job [2014-09-26 19:50:15 | 000,004,470 | ---- | C] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-4.job [2014-09-26 19:50:01 | 000,003,446 | ---- | C] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-6.job [2014-09-26 19:49:58 | 000,003,110 | ---- | C] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-7.job [2014-09-26 19:49:53 | 000,004,472 | ---- | C] () -- C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-11.job [2014-09-26 19:48:34 | 000,000,341 | ---- | C] () -- C:\Users\Marcin\AppData\Roaming\LiveSupport.exe_log.txt [2014-09-26 19:48:33 | 000,000,092 | ---- | C] () -- C:\Users\Marcin\AppData\Roaming\regsvr32.exe_log.txt [2014-09-26 19:39:40 | 000,002,762 | ---- | C] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-5_user.job [2014-09-26 19:39:38 | 000,002,762 | ---- | C] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-5.job [2014-09-26 19:39:28 | 000,002,418 | ---- | C] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-2.job [2014-09-26 19:39:21 | 000,003,072 | ---- | C] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-1.job [2014-09-26 19:39:20 | 000,001,338 | ---- | C] () -- C:\Windows\tasks\IEDJ.job [2014-09-26 19:39:15 | 000,003,786 | ---- | C] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-4.job [2014-09-26 19:39:01 | 000,003,786 | ---- | C] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-6.job [2014-09-26 19:38:59 | 000,003,786 | ---- | C] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-7.job [2014-09-26 19:38:53 | 000,004,812 | ---- | C] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-11.job [2014-09-26 19:38:52 | 000,001,338 | ---- | C] () -- C:\Windows\tasks\IRGS.job [2014-09-26 19:38:51 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job [2014-09-26 19:38:50 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job [2014-09-26 19:38:48 | 000,003,106 | ---- | C] () -- C:\Windows\tasks\07e3716a-533e-4980-a29f-839741f4d92a-3.job [2014-09-25 17:48:21 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-09-01 10:18:44 | 000,002,086 | ---- | C] () -- C:\Users\Marcin\AppData\Roaming\IEDJ [2014-09-01 10:18:44 | 000,001,248 | ---- | C] () -- C:\Users\Marcin\AppData\Roaming\IRGS [2014-08-28 19:37:57 | 000,007,670 | ---- | C] () -- C:\Windows\SysNative\--traceoff [2014-08-28 19:37:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\--debugoff [2014-03-17 23:21:51 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.INI [2013-11-17 09:58:16 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2013-11-17 09:58:16 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2013-11-17 09:58:15 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2013-10-30 13:06:54 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2013-10-30 13:06:54 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2013-10-30 13:06:54 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2013-10-30 13:06:54 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2013-08-05 08:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll [2013-08-05 08:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll [2013-01-26 23:19:02 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2013-01-26 23:19:02 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll [2011-09-10 15:42:10 | 000,000,000 | ---- | C] () -- C:\Users\Marcin\AppData\Local\{C5D2262F-DB27-4350-B287-3731ACF32D38} [2011-07-11 18:13:10 | 000,003,608 | ---- | C] () -- C:\Windows\SysWow64\drivers\port_nt.sys [2011-07-07 13:11:00 | 000,000,000 | ---- | C] () -- C:\Users\Marcin\AppData\Local\{3917A3C9-836C-4ADB-8AD2-F5A939BB6C0D} [2011-06-23 18:20:26 | 000,000,017 | ---- | C] () -- C:\Users\Marcin\AppData\Local\resmon.resmoncfg [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011-02-16 20:20:49 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2011-02-05 23:27:52 | 000,000,095 | ---- | C] () -- C:\Windows\winamp.ini [2010-11-03 20:09:17 | 001,673,178 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010-09-26 19:50:20 | 000,009,216 | ---- | C] () -- C:\Users\Marcin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-12 10:56:59 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-07-28 14:12:05 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010-07-28 14:12:04 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2010-07-28 13:35:59 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2010-07-27 23:37:41 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2006-11-02 09:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\SysWow64\SP207.INI [2003-04-09 11:28:44 | 000,233,472 | R--- | C] () -- C:\Users\Marcin\AppData\Roaming\MafiaSetup.exe [color=#E56717]========== LOP Check ==========[/color] [2014-07-28 23:41:08 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\.minecraft [2011-06-06 18:40:13 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\AnvSoft [2014-06-30 20:51:04 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\AVG [2010-10-01 21:27:17 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Avnex [2014-08-28 18:38:58 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\BANDISOFT [2014-03-18 17:32:30 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\BESTplayer [2014-08-29 19:46:12 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\BitTorrent [2014-07-19 16:08:16 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\DAEMON Tools Lite [2011-01-24 13:49:47 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\DeepBurner [2012-03-03 11:17:16 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\DVDVideoSoft [2011-06-14 21:36:42 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Gadu-Gadu 10 [2012-05-20 15:25:48 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\GanymedeNet [2013-11-02 18:10:25 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\GG [2010-10-16 11:36:50 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\GHISLER [2013-09-07 14:01:17 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Grupa IMAGE [2011-09-14 17:50:33 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\gtk-2.0 [2014-08-20 21:21:40 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\HD Tune Pro [2010-10-02 18:20:40 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\InterTrust [2011-05-30 20:28:40 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\ipla [2013-05-26 11:52:05 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\IrfanView [2010-08-11 16:56:24 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Leadertech [2011-09-19 18:54:39 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\LolClient [2012-06-20 17:00:25 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\LolClient2 [2010-09-10 17:24:54 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Moyea [2011-05-22 22:36:45 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Mumble [2013-01-26 23:10:56 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\NapiProjekt [2014-06-30 20:48:45 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\OpenCandy [2010-07-29 18:46:59 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\OpenFM [2013-06-01 21:29:19 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Opera [2014-07-24 18:54:27 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Origin [2011-12-30 22:43:13 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\PC Suite [2014-08-28 19:42:30 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Publish Providers [2012-08-27 10:12:26 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\PunkBuster [2011-05-30 17:59:49 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\RDRM [2013-06-20 10:03:44 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\redsn0w [2011-05-30 16:55:28 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\SA-MP Audio Plugin [2014-07-30 22:11:29 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Samsung [2013-02-02 12:14:16 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\skyz [2010-11-03 20:26:14 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\SoftGrid Client [2014-08-28 19:42:25 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Sony [2010-09-13 18:04:08 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\SumatraPDF [2014-08-08 19:09:16 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Systweak [2010-11-03 20:11:55 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\TP [2014-09-26 19:57:19 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\TS3Client [2011-07-11 11:27:02 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\TuneUp Software [2012-10-06 18:57:46 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Ubisoft [2011-01-12 21:30:04 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Windows Live Writer [2014-08-08 19:07:57 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\WorldofTanks [2011-05-01 11:36:32 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\XnView [2014-09-27 09:49:08 | 000,003,072 | ---- | M] () -- C:\Windows\Tasks\07e3716a-533e-4980-a29f-839741f4d92a-1.job [2014-09-27 09:49:08 | 000,004,812 | ---- | M] () -- C:\Windows\Tasks\07e3716a-533e-4980-a29f-839741f4d92a-11.job [2014-09-27 09:49:08 | 000,002,418 | ---- | M] () -- C:\Windows\Tasks\07e3716a-533e-4980-a29f-839741f4d92a-2.job [2014-09-27 09:49:08 | 000,003,106 | ---- | M] () -- C:\Windows\Tasks\07e3716a-533e-4980-a29f-839741f4d92a-3.job [2014-09-27 09:49:08 | 000,003,786 | ---- | M] () -- C:\Windows\Tasks\07e3716a-533e-4980-a29f-839741f4d92a-4.job [2014-09-27 09:49:08 | 000,002,762 | ---- | M] () -- C:\Windows\Tasks\07e3716a-533e-4980-a29f-839741f4d92a-5.job [2014-09-27 09:49:08 | 000,002,762 | ---- | M] () -- C:\Windows\Tasks\07e3716a-533e-4980-a29f-839741f4d92a-5_user.job [2014-09-27 09:49:08 | 000,003,786 | ---- | M] () -- C:\Windows\Tasks\07e3716a-533e-4980-a29f-839741f4d92a-6.job [2014-09-27 09:49:08 | 000,003,786 | ---- | M] () -- C:\Windows\Tasks\07e3716a-533e-4980-a29f-839741f4d92a-7.job [2014-09-27 09:49:08 | 000,002,736 | ---- | M] () -- C:\Windows\Tasks\36316498-b3d9-47dd-98ae-f60936fb007c-1.job [2014-09-27 09:49:08 | 000,004,472 | ---- | M] () -- C:\Windows\Tasks\36316498-b3d9-47dd-98ae-f60936fb007c-11.job [2014-09-27 09:49:08 | 000,002,086 | ---- | M] () -- C:\Windows\Tasks\36316498-b3d9-47dd-98ae-f60936fb007c-2.job [2014-09-27 09:49:08 | 000,004,470 | ---- | M] () -- C:\Windows\Tasks\36316498-b3d9-47dd-98ae-f60936fb007c-4.job [2014-09-27 09:49:10 | 000,002,422 | ---- | M] () -- C:\Windows\Tasks\36316498-b3d9-47dd-98ae-f60936fb007c-5.job [2014-09-27 09:49:10 | 000,002,422 | ---- | M] () -- C:\Windows\Tasks\36316498-b3d9-47dd-98ae-f60936fb007c-5_user.job [2014-09-27 09:54:07 | 000,003,446 | ---- | M] () -- C:\Windows\Tasks\36316498-b3d9-47dd-98ae-f60936fb007c-6.job [2014-09-27 09:49:08 | 000,003,110 | ---- | M] () -- C:\Windows\Tasks\36316498-b3d9-47dd-98ae-f60936fb007c-7.job [2014-09-27 09:49:08 | 000,003,072 | ---- | M] () -- C:\Windows\Tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-1.job [2014-09-27 09:49:08 | 000,004,468 | ---- | M] () -- C:\Windows\Tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-11.job [2014-09-27 09:49:08 | 000,002,418 | ---- | M] () -- C:\Windows\Tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-2.job [2014-09-27 09:49:08 | 000,003,786 | ---- | M] () -- C:\Windows\Tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-4.job [2014-09-27 09:49:08 | 000,002,762 | ---- | M] () -- C:\Windows\Tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-5.job [2014-09-27 09:49:08 | 000,002,762 | ---- | M] () -- C:\Windows\Tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-5_user.job [2014-09-27 09:49:08 | 000,003,786 | ---- | M] () -- C:\Windows\Tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-6.job [2014-09-27 09:49:08 | 000,003,786 | ---- | M] () -- C:\Windows\Tasks\8293dac3-cf7e-4da9-842e-401d29c54fdf-7.job [2014-09-27 09:49:08 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [2014-09-26 20:20:08 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [2014-09-27 09:49:08 | 000,001,338 | ---- | M] () -- C:\Windows\Tasks\IEDJ.job [2014-09-27 09:49:08 | 000,001,338 | ---- | M] () -- C:\Windows\Tasks\IRGS.job [2014-08-27 17:44:15 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:05EE1EEF @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:010ADD2C @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:56E2E879 @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1 < End of report >