OTL logfile created on: 2014-11-15 22:07:19 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sławek\Desktop Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,87 Gb Total Physical Memory | 1,14 Gb Available Physical Memory | 61,20% Memory free 3,98 Gb Paging File | 3,22 Gb Available in Paging File | 80,85% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 116,29 Gb Total Space | 19,46 Gb Free Space | 16,73% Space Free | Partition Type: NTFS Drive D: | 115,13 Gb Total Space | 12,45 Gb Free Space | 10,82% Space Free | Partition Type: NTFS Drive H: | 7,28 Gb Total Space | 7,21 Gb Free Space | 99,00% Space Free | Partition Type: NTFS Computer Name: SŁAWEK-PC | User Name: Sławek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-11-15 22:02:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sławek\Desktop\OTL.exe PRC - [2014-11-15 17:20:27 | 000,526,112 | ---- | M] () -- C:\Program Files\WebSpades\bin\utilWebSpades.exe PRC - [2014-11-15 17:19:44 | 000,526,112 | ---- | M] () -- C:\Program Files\WebSpades\updateWebSpades.exe PRC - [2014-11-15 14:49:28 | 000,123,680 | ---- | M] () -- C:\ProgramData\421e43cc-ed79-4e60-91b6-5efd8c307dd0\maintainer.exe PRC - [2014-11-02 23:30:38 | 001,409,984 | ---- | M] (http://lucky-tab.com/) -- C:\Program Files\LuckyTab\LuckyTab.exe PRC - [2014-08-01 15:17:43 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2014-08-01 15:16:52 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2014-02-26 19:52:07 | 000,425,104 | ---- | M] (Taiwan Shui Mu Chih Ching Technology Limited.) -- C:\Program Files\WinZipper\winzipersvc.exe PRC - [2014-02-26 09:30:22 | 000,501,904 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\WPM\wprotectmanager.exe PRC - [2013-12-03 07:09:26 | 000,240,720 | ---- | M] () -- C:\ProgramData\MobileBrServ\mbbService.exe PRC - [2013-09-05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2009-04-10 22:28:16 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE PRC - [2009-04-10 22:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-09-12 13:18:54 | 006,037,504 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-08-01 15:16:58 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll MOD - [2014-08-01 15:16:56 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2014-11-15 17:20:27 | 000,526,112 | ---- | M] () [Auto | Running] -- C:\Program Files\WebSpades\bin\utilWebSpades.exe -- (Util WebSpades) SRV - [2014-11-15 17:19:44 | 000,526,112 | ---- | M] () [Auto | Running] -- C:\Program Files\WebSpades\updateWebSpades.exe -- (Update WebSpades) SRV - [2014-11-15 14:49:28 | 000,123,680 | ---- | M] () [Auto | Running] -- C:\ProgramData\421e43cc-ed79-4e60-91b6-5efd8c307dd0\maintainer.exe -- (MaintainerSvc3.62.8360938) SRV - [2014-11-13 17:01:03 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem) SRV - [2014-11-13 17:01:03 | 000,068,608 | ---- | M] (globalUpdate) [Auto | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate) SRV - [2014-11-12 17:32:44 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014-11-10 18:33:35 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-10-10 16:03:38 | 001,771,560 | ---- | M] (pdfforge GmbH) [On_Demand | Stopped] -- C:\Program Files\PDF Architect 2\ws.exe -- (PDF Architect 2) SRV - [2014-10-10 16:03:38 | 000,861,736 | ---- | M] (pdfforge GmbH) [On_Demand | Stopped] -- C:\Program Files\PDF Architect 2\crash-handler-ws.exe -- (pdfforge CrashHandler) SRV - [2014-08-09 23:55:14 | 000,694,784 | ---- | M] (Cherished Technololgy LIMITED) [Disabled | Stopped] -- C:\ProgramData\IePluginServices\PluginService.exe -- (IePluginServices) SRV - [2014-08-01 15:16:52 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2014-04-03 19:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2014-02-26 19:52:07 | 000,425,104 | ---- | M] (Taiwan Shui Mu Chih Ching Technology Limited.) [Auto | Running] -- C:\Program Files\WinZipper\winzipersvc.exe -- (winzipersvc) SRV - [2014-02-26 09:30:22 | 000,501,904 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\WPM\wprotectmanager.exe -- (Wpm) SRV - [2014-01-28 16:23:36 | 000,146,920 | ---- | M] (SaveSense) [On_Demand | Stopped] -- C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe -- (savesenselivem) SRV - [2014-01-28 16:23:36 | 000,146,920 | ---- | M] (SaveSense) [Auto | Stopped] -- C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe -- (savesenselive) SRV - [2013-12-03 07:09:26 | 000,240,720 | ---- | M] () [Auto | Running] -- C:\ProgramData\MobileBrServ\mbbService.exe -- (Huawei E3272) SRV - [2013-09-05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2008-11-04 03:37:58 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService) SRV - [2008-01-18 22:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnet.sys -- (ZTEusbnet) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - [2014-11-09 18:54:20 | 000,320,120 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2014-09-27 21:14:42 | 000,279,712 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2014-09-27 21:14:40 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2014-08-09 12:19:54 | 000,055,232 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}t.sys -- ({ed7eb956-75ed-460d-8f69-29a93b07afd1}t) DRV - [2014-08-01 15:17:37 | 000,414,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP) DRV - [2014-08-01 15:17:04 | 000,779,536 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2014-08-01 15:17:04 | 000,192,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2014-08-01 15:17:04 | 000,057,800 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2014-08-01 15:17:03 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2014-08-01 15:17:03 | 000,055,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2014-08-01 15:17:03 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2014-08-01 15:17:03 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid) DRV - [2014-03-25 12:26:52 | 000,055,224 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\tStLibG.sys -- (tStLibG) DRV - [2013-11-10 20:01:23 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2010-11-15 11:52:08 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2010-11-15 11:52:08 | 000,082,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV - [2010-11-15 11:52:08 | 000,072,576 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2008-11-04 03:32:20 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio) DRV - [2008-05-19 19:42:56 | 000,912,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2007-11-09 04:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ) DRV - [2006-11-19 21:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1407624859&from=ild&uid=ST9250320AS_5SW33W3GXXXX5SW33W3G IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1407624859&from=ild&uid=ST9250320AS_5SW33W3GXXXX5SW33W3G&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1407624859&from=ild&uid=ST9250320AS_5SW33W3GXXXX5SW33W3G&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220141109 IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.istartsurf.com/web/?type=ds&ts=1407624859&from=ild&uid=ST9250320AS_5SW33W3GXXXX5SW33W3G&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1407624859&from=ild&uid=ST9250320AS_5SW33W3GXXXX5SW33W3G IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST9250320AS_5SW33W3GXXXX5SW33W3G&ts=1393440641&type=default&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST9250320AS_5SW33W3GXXXX5SW33W3G&ts=1393440641&type=default&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220141109 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.istartsurf.com/web/?type=ds&ts=1407624859&from=ild&uid=ST9250320AS_5SW33W3GXXXX5SW33W3G&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "https://www.google.pl/webhp?tab=ww&ei=dFFmVO73HYySaI3pgaAI&ved=0CAMQ1S4" FF - prefs.js..extensions.enabledAddons: 9d2db1ce83264e61a7ee63d4f%40f932995ed00643899218cf824d695.com:0.95.62 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1 FF - prefs.js..keyword.URL: "" FF - prefs.js..network.proxy.type: 2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3: C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense) FF - HKLM\Software\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9: C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\PDF Architect 2: C:\Program Files\PDF Architect 2\np-previewer.dll (pdfforge GmbH) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Sławek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-01 15:17:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014-01-13 17:45:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sławek\AppData\Roaming\mozilla\Extensions [2014-11-15 19:00:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sławek\AppData\Roaming\mozilla\Firefox\Profiles\9stj7b5r.default-1414792012326\extensions [2014-10-26 14:01:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sławek\AppData\Roaming\mozilla\Firefox\Profilesdmuk2o5c.default-1408473808382\extensions [2014-10-26 14:01:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sławek\AppData\Roaming\mozilla\Firefox\Profilesdmuk2o5c.default-1408473808382\extensions\staged [2014-11-12 21:03:44 | 000,979,699 | ---- | M] () (No name found) -- C:\Users\Sławek\AppData\Roaming\mozilla\firefox\profiles\9stj7b5r.default-1414792012326\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-10 18:33:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014-11-10 18:33:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} File not found (No name found) -- C:\USERS\SĹ‚AWEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9STJ7B5R.DEFAULT-1414792012326\EXTENSIONS\9D2DB1CE83264E61A7EE63D4F@F932995ED00643899218CF824D695.COM [color=#E56717]========== Chrome ==========[/color] CHR - plugin: Error reading preferences file CHR - Extension: No name found = C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\becofaobcinoilkmebdbeojebncfepbl\1.0.1_0\ CHR - Extension: No name found = C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2021.112_0\ CHR - Extension: No name found = C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.8.4_1\ CHR - Extension: No name found = C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\ CHR - Extension: No name found = C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_1\ CHR - Extension: No name found = C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.7_0\ CHR - Extension: No name found = C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn\1.1.7_1\ O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.) O2 - BHO: (TheTorntv V10) - {11111111-1111-1111-1111-110611181155} - C:\Program Files\TheTorntv V10\TheTorntv V10-bho.dll (esc) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (WebSpades) - {c919d8b2-11e4-43c7-a2c2-9294fd2c4106} - C:\Program Files\WebSpades\WebSpadesBHO.dll (WebSpades) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [mbot_pl_60] File not found O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O9 - Extra Button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30EBE80B-201E-465C-AA28-E06F53467B53}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F508BA3-6E9B-4EF7-B8CB-91B5EA700E5C}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2444A6D-B46C-4555-BDB0-92099217BEFA}: DhcpNameServer = 192.168.1.1 192.168.1.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Sławek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\Sławek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{614416a4-4a09-11e3-848c-d2a475ba39d4}\Shell - "" = AutoRun O33 - MountPoints2\{614416a4-4a09-11e3-848c-d2a475ba39d4}\Shell\AutoRun\command - "" = G:\Setup.exe O33 - MountPoints2\{6f347c2f-07d0-11e4-aaa2-d46d3843a3e1}\Shell - "" = AutoRun O33 - MountPoints2\{6f347c2f-07d0-11e4-aaa2-d46d3843a3e1}\Shell\AutoRun\command - "" = F:\Setup.exe O33 - MountPoints2\{821f61b3-d19f-11e2-a0d8-e7c3f75bc2b5}\Shell\AutoRun\command - "" = dolly\\bejbe.exe O33 - MountPoints2\{821f61b3-d19f-11e2-a0d8-e7c3f75bc2b5}\Shell\explore\command - "" = dolly\bejbe.exe O33 - MountPoints2\{821f61b3-d19f-11e2-a0d8-e7c3f75bc2b5}\Shell\install\command - "" = dolly\bejbe.exe O33 - MountPoints2\{821f61b3-d19f-11e2-a0d8-e7c3f75bc2b5}\Shell\open\command - "" = dolly\bejbe.exe O33 - MountPoints2\{84dff134-08be-11e3-8e7f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{84dff134-08be-11e3-8e7f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autoplay.exe O33 - MountPoints2\{8b1a1d03-5e91-11e3-9f1c-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{8b1a1d03-5e91-11e3-9f1c-806e6f6e6963}\Shell\AutoRun\command - "" = F:\MicroLauncher.exe O33 - MountPoints2\{92113b64-d454-11e2-86e1-e630eb0a16a9}\Shell - "" = AutoRun O33 - MountPoints2\{92113b64-d454-11e2-86e1-e630eb0a16a9}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{92113b74-d454-11e2-86e1-a45e5c7bfa6e}\Shell - "" = AutoRun O33 - MountPoints2\{92113b74-d454-11e2-86e1-a45e5c7bfa6e}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{9f02535d-1e1d-11e4-8fc0-887bb78c8adf}\Shell - "" = AutoRun O33 - MountPoints2\{9f02535d-1e1d-11e4-8fc0-887bb78c8adf}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{e369722f-e0f3-11e3-bff0-abce0c65148d}\Shell - "" = AutoRun O33 - MountPoints2\{e369722f-e0f3-11e3-bff0-abce0c65148d}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-11-15 22:06:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sławek\Desktop\OTL.exe [2014-11-15 22:06:41 | 001,108,480 | ---- | C] (Farbar) -- C:\Users\Sławek\Desktop\FRST.exe [2014-11-15 20:59:35 | 000,000,000 | ---D | C] -- C:\Program Files\ltmoh [2014-11-15 20:59:32 | 000,050,752 | ---- | C] (Agere Systems) -- C:\Windows\agrsmdel.exe [2014-11-15 20:19:25 | 000,912,384 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys [2014-11-15 20:19:24 | 000,393,216 | ---- | C] (Atheros) -- C:\Windows\System32\athihvs.dll [2014-11-15 20:19:24 | 000,376,832 | ---- | C] (Atheros) -- C:\Windows\System32\S64CPA.exe [2014-11-15 20:19:24 | 000,053,248 | ---- | C] (Atheros) -- C:\Windows\System32\athihvui.dll [2014-11-15 20:19:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\nn-NO [2014-11-15 20:18:46 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros [2014-11-15 20:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco [2014-11-15 20:02:06 | 000,290,304 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\rtl8187B.sys [2014-11-15 20:02:05 | 000,290,304 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System\rtl8187B.sys [2014-11-15 20:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK RTL8187B Wireless LAN Driver [2014-11-15 20:01:36 | 000,000,000 | ---D | C] -- C:\Users\Sławek\AppData\Roaming\WinBatch [2014-11-15 20:00:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2014-11-15 20:00:04 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2014-11-15 19:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek [2014-11-15 19:34:51 | 000,000,000 | ---D | C] -- C:\Windows\OPTIONS [2014-11-14 18:26:22 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games [2014-11-10 19:19:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive [2014-11-10 19:17:17 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL [2014-11-10 19:17:16 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll [2014-11-10 19:17:16 | 000,110,592 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll [2014-11-10 19:09:35 | 000,000,000 | ---D | C] -- C:\Program Files\City Interactive [2014-11-10 18:33:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2014-11-09 18:54:20 | 000,320,120 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys [2014-11-09 12:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2014-11-02 23:30:42 | 000,000,000 | ---D | C] -- C:\Program Files\LuckyTab [2014-10-30 16:29:19 | 000,000,000 | ---D | C] -- C:\ProgramData\421e43cc-ed79-4e60-91b6-5efd8c307dd0 [2014-10-28 17:59:10 | 000,000,000 | ---D | C] -- C:\Users\Sławek\AppData\Local\Pay-By-Ads [2014-10-26 20:59:23 | 000,000,000 | ---D | C] -- C:\Users\Sławek\AppData\Roaming\PDF Architect 2 [2014-10-26 20:59:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2 [2014-10-26 20:58:46 | 000,000,000 | ---D | C] -- C:\Program Files\PDF Architect 2 [2014-10-26 20:56:16 | 000,000,000 | ---D | C] -- C:\ProgramData\PDF Architect 2 [2014-10-26 20:55:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [2014-10-26 20:55:50 | 000,000,000 | ---D | C] -- C:\Users\Sławek\AppData\Roaming\pdfforge [2014-10-26 20:55:47 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX [2014-10-26 20:55:47 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX [2014-10-26 20:55:47 | 000,095,416 | ---- | C] (pdfforge GmbH) -- C:\Windows\System32\pdfcmon.dll [2014-10-26 20:55:44 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL [2014-10-26 20:55:43 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator [2014-10-26 18:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.1.0 [2014-10-26 18:07:33 | 000,000,000 | ---D | C] -- C:\EAGLE-7.1.0 [2014-10-26 18:07:19 | 000,000,000 | ---D | C] -- C:\Users\Sławek\AppData\Roaming\CadSoft [2014-10-26 14:33:42 | 000,092,216 | R--- | C] (Un4seen Developments) -- C:\Windows\System\bass.dll [2014-10-26 14:01:13 | 000,000,000 | ---D | C] -- C:\Users\Sławek\AppData\Roaming\WebExtend [2014-10-26 14:00:55 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games [2014-10-21 16:25:50 | 000,000,000 | ---D | C] -- C:\Program Files\predm [2014-10-20 21:46:46 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2014-10-20 21:45:39 | 000,000,000 | ---D | C] -- C:\Users\Sławek\AppData\Roaming\SimpleFiles [2014-10-17 22:47:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-11-15 22:07:46 | 000,724,202 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2014-11-15 22:07:46 | 000,642,912 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014-11-15 22:07:46 | 000,156,946 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2014-11-15 22:07:46 | 000,123,736 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014-11-15 22:03:16 | 001,108,480 | ---- | M] (Farbar) -- C:\Users\Sławek\Desktop\FRST.exe [2014-11-15 22:03:05 | 000,380,416 | ---- | M] () -- C:\Users\Sławek\Desktop\0qmnqief.exe [2014-11-15 22:02:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sławek\Desktop\OTL.exe [2014-11-15 22:01:44 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-11-15 22:01:38 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job [2014-11-15 22:01:37 | 000,003,792 | ---- | M] () -- C:\Windows\tasks\7a781de1-3377-41d3-b84f-61fedd171008-11.job [2014-11-15 22:01:37 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2014-11-15 22:01:37 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2014-11-15 22:01:37 | 000,002,422 | ---- | M] () -- C:\Windows\tasks\7a781de1-3377-41d3-b84f-61fedd171008-3.job [2014-11-15 22:01:37 | 000,002,304 | ---- | M] () -- C:\Windows\tasks\7a781de1-3377-41d3-b84f-61fedd171008-4.job [2014-11-15 22:01:37 | 000,001,862 | ---- | M] () -- C:\Windows\tasks\7a781de1-3377-41d3-b84f-61fedd171008-6.job [2014-11-15 22:01:37 | 000,001,582 | ---- | M] () -- C:\Windows\tasks\7a781de1-3377-41d3-b84f-61fedd171008-1.job [2014-11-15 22:01:37 | 000,001,438 | ---- | M] () -- C:\Windows\tasks\7a781de1-3377-41d3-b84f-61fedd171008-5.job [2014-11-15 22:01:37 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\SaveSenseLiveUpdateTaskMachineCore.job [2014-11-15 22:01:34 | 000,003,446 | ---- | M] () -- C:\Windows\tasks\9c58613a-4d4c-4bc2-b8c7-d8e2c5bfff38.job [2014-11-15 22:01:34 | 000,001,912 | ---- | M] () -- C:\Windows\tasks\7a781de1-3377-41d3-b84f-61fedd171008-7.job [2014-11-15 22:01:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-11-15 22:01:14 | 2009,075,712 | -HS- | M] () -- C:\hiberfil.sys [2014-11-15 20:43:38 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-11-15 20:34:09 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\SaveSenseLiveUpdateTaskMachineUA.job [2014-11-15 20:32:15 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-11-15 20:09:16 | 000,000,008 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2014-11-15 19:24:31 | 004,542,853 | ---- | M] () -- C:\Users\Sławek\Desktop\lan-20080908152424.ZIP [2014-11-15 19:09:03 | 000,000,729 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk [2014-11-15 17:06:09 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job [2014-11-15 16:32:07 | 000,039,936 | ---- | M] () -- C:\Users\Sławek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-11-15 15:56:52 | 1474,657,322 | ---- | M] () -- C:\Users\Sławek\Desktop\Syberyjska edukacja - Siberian Education.avi [2014-11-14 17:18:04 | 000,001,886 | ---- | M] () -- C:\Users\Sławek\Desktop\Continue installation - Windows Update KB12695 Installation.lnk [2014-11-12 20:27:45 | 000,202,752 | ---- | M] () -- C:\Users\Sławek\Desktop\GTASAsf1.b [2014-11-12 17:32:42 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2014-11-12 17:32:42 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2014-11-10 19:19:16 | 000,001,999 | ---- | M] () -- C:\Users\Public\Desktop\MOTORM4X.lnk [2014-11-10 19:17:17 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll [2014-11-10 19:17:16 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll [2014-11-03 18:41:54 | 000,379,064 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2014-10-28 18:53:15 | 000,002,127 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014-10-26 21:12:41 | 000,012,996 | ---- | M] () -- C:\Users\Sławek\Wall-i pcb.druk.pdf [2014-10-26 20:59:07 | 000,000,782 | ---- | M] () -- C:\Users\Public\Desktop\PDF Architect 2.lnk [2014-10-26 18:51:15 | 000,068,824 | ---- | M] () -- C:\Users\Sławek\Desktop\Wall-i pcb.brd [2014-10-26 15:28:19 | 000,000,794 | ---- | M] () -- C:\Users\Sławek\Desktop\PlantsVsZombies — skrót.lnk [2014-10-26 14:32:31 | 000,092,216 | R--- | M] (Un4seen Developments) -- C:\Windows\System32\bass.dll [2014-10-26 14:32:31 | 000,092,216 | R--- | M] (Un4seen Developments) -- C:\Windows\System\bass.dll [2014-10-26 14:00:36 | 042,708,728 | ---- | M] () -- C:\Users\Sławek\Desktop\PlantsVsZombies_20110922_EN_3_1.exe [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-11-15 22:06:41 | 000,380,416 | ---- | C] () -- C:\Users\Sławek\Desktop\0qmnqief.exe [2014-11-15 19:26:48 | 004,542,853 | ---- | C] () -- C:\Users\Sławek\Desktop\lan-20080908152424.ZIP [2014-11-15 19:09:03 | 000,000,729 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk [2014-11-15 16:30:45 | 1474,657,322 | ---- | C] () -- C:\Users\Sławek\Desktop\Syberyjska edukacja - Siberian Education.avi [2014-11-11 14:15:23 | 000,202,752 | ---- | C] () -- C:\Users\Sławek\Desktop\GTASAsf1.b [2014-11-10 19:19:16 | 000,001,999 | ---- | C] () -- C:\Users\Public\Desktop\MOTORM4X.lnk [2014-11-03 18:41:30 | 000,379,064 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2014-10-26 21:12:40 | 000,012,996 | ---- | C] () -- C:\Users\Sławek\Wall-i pcb.druk.pdf [2014-10-26 20:59:07 | 000,000,782 | ---- | C] () -- C:\Users\Public\Desktop\PDF Architect 2.lnk [2014-10-26 18:51:15 | 000,068,824 | ---- | C] () -- C:\Users\Sławek\Desktop\Wall-i pcb.brd [2014-10-26 18:35:27 | 000,212,000 | ---- | C] () -- C:\Users\Sławek\Desktop\Wall-i_a.jpg [2014-10-26 18:35:27 | 000,206,246 | ---- | C] () -- C:\Users\Sławek\Desktop\Wall-i_b.jpg [2014-10-26 18:35:26 | 000,188,843 | ---- | C] () -- C:\Users\Sławek\Desktop\31_1269612929.jpg [2014-10-26 18:35:26 | 000,031,000 | ---- | C] () -- C:\Users\Sławek\Desktop\1.png [2014-10-26 15:28:21 | 000,000,794 | ---- | C] () -- C:\Users\Sławek\Desktop\PlantsVsZombies — skrót.lnk [2014-10-26 13:59:56 | 042,708,728 | ---- | C] () -- C:\Users\Sławek\Desktop\PlantsVsZombies_20110922_EN_3_1.exe [2014-10-22 15:58:15 | 000,001,886 | ---- | C] () -- C:\Users\Sławek\Desktop\Continue installation - Windows Update KB12695 Installation.lnk [2014-10-17 22:45:31 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-09-27 21:14:41 | 000,279,712 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2014-09-27 21:14:39 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2014-09-19 13:21:04 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2014-08-01 15:17:17 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys [2014-08-01 10:18:43 | 000,000,137 | ---- | C] () -- C:\Windows\disney.ini [2014-06-19 15:55:02 | 000,000,024 | ---- | C] () -- C:\Users\Sławek\AppData\Roaming\temp.ini [2014-06-18 19:20:00 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll [2014-06-18 19:20:00 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll [2014-06-17 10:31:43 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat [2014-01-29 20:19:22 | 000,000,094 | ---- | C] () -- C:\Users\Sławek\AppData\Local\fusioncache.dat [2014-01-28 16:24:12 | 000,000,062 | ---- | C] () -- C:\Users\Sławek\AppData\Roaming\WB.CFG [2014-01-28 16:23:29 | 000,018,248 | ---- | C] () -- C:\Windows\System32\roboot.exe [2013-11-02 20:23:40 | 000,039,936 | ---- | C] () -- C:\Users\Sławek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-09-16 13:17:31 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2013-09-16 13:17:13 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2013-09-16 13:15:05 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2013-09-16 13:15:05 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2013-09-16 11:40:01 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en [2013-09-01 22:49:48 | 000,039,904 | ---- | C] () -- C:\Windows\System32\DiscHandler.exe [2013-08-30 04:54:26 | 003,915,776 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll [2013-08-30 04:53:34 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2013-08-30 04:51:58 | 000,099,840 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll [2013-08-30 04:51:54 | 000,157,184 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll [2013-08-30 04:51:50 | 000,147,456 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll [2013-08-30 04:51:48 | 001,525,760 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll [2013-08-30 04:51:48 | 000,211,968 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll [2013-08-30 04:51:48 | 000,114,688 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll [2013-08-30 04:51:40 | 000,271,360 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll [2013-08-30 04:51:40 | 000,136,704 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll [2013-08-27 10:35:40 | 000,192,352 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys [2013-08-27 10:35:38 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys [2013-07-26 14:24:22 | 006,275,760 | ---- | C] () -- C:\Windows\System32\avcodec-lav-55.dll [2013-07-26 14:24:22 | 001,239,216 | ---- | C] () -- C:\Windows\System32\avformat-lav-55.dll [2013-07-26 14:24:22 | 000,394,416 | ---- | C] () -- C:\Windows\System32\swscale-lav-2.dll [2013-07-26 14:24:22 | 000,288,944 | ---- | C] () -- C:\Windows\System32\avutil-lav-52.dll [2013-07-26 14:24:22 | 000,235,184 | ---- | C] () -- C:\Windows\System32\avfilter-lav-3.dll [2013-07-26 14:24:22 | 000,190,640 | ---- | C] () -- C:\Windows\System32\libbluray.dll [2013-07-26 14:24:22 | 000,150,192 | ---- | C] () -- C:\Windows\System32\avresample-lav-1.dll [2013-06-14 15:55:39 | 000,153,671 | ---- | C] () -- C:\Windows\hpoins15.dat [2013-06-14 15:55:39 | 000,001,039 | ---- | C] () -- C:\Windows\hpomdl15.dat [2013-06-10 09:51:16 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll [2013-06-10 09:51:15 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2013-06-10 09:51:06 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin [2013-06-10 09:51:04 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2013-06-10 08:28:40 | 000,000,680 | ---- | C] () -- C:\Users\Sławek\AppData\Local\d3d9caps.dat [2013-04-14 11:00:06 | 000,150,016 | ---- | C] () -- C:\Windows\System32\mkx.dll [2013-04-14 11:00:02 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll [2013-04-14 10:59:54 | 000,143,872 | ---- | C] () -- C:\Windows\System32\mp4.dll [2013-04-14 10:59:48 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll [2013-04-14 10:59:36 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe [2013-04-14 10:59:32 | 000,154,624 | ---- | C] () -- C:\Windows\System32\ts.dll [2013-04-14 10:59:28 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll [2013-04-14 10:59:12 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll [2013-04-14 10:59:10 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe [2013-04-14 10:59:06 | 000,357,376 | ---- | C] () -- C:\Windows\System32\gdsmux.exe [2013-04-14 10:59:06 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll [2013-04-14 10:58:12 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll [2013-04-14 10:58:12 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [2006-11-02 13:53:06 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014-03-25 14:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-10 22:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-10 22:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:85AA7074 @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:6387AA6C < End of report >