OTL logfile created on: 2014-12-10 18:30:13 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Paulinka\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17420) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,99 Gb Total Physical Memory | 1,66 Gb Available Physical Memory | 55,51% Memory free 5,99 Gb Paging File | 4,37 Gb Available in Paging File | 72,99% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 102,68 Gb Total Space | 43,89 Gb Free Space | 42,75% Space Free | Partition Type: NTFS Drive D: | 195,31 Gb Total Space | 22,47 Gb Free Space | 11,50% Space Free | Partition Type: NTFS Computer Name: MALUTKA | User Name: Paulinka | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-12-10 17:20:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Paulinka\Desktop\OTL.exe PRC - [2014-11-28 18:22:44 | 005,473,552 | ---- | M] (TeamViewer GmbH) -- c:\users\paulinka\appdata\local\temp\teamviewer\TeamViewer_Desktop.exe PRC - [2014-11-28 18:22:43 | 016,289,040 | ---- | M] (TeamViewer GmbH) -- C:\Users\Paulinka\AppData\Local\Temp\TeamViewer\TeamViewer.exe PRC - [2014-11-28 18:01:35 | 000,229,136 | ---- | M] (TeamViewer GmbH) -- C:\Users\Paulinka\AppData\Local\Temp\TeamViewer\tv_w32.exe PRC - [2014-10-01 23:52:32 | 002,640,408 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe PRC - [2014-08-16 17:50:13 | 001,820,184 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe PRC - [2014-08-16 17:50:13 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe PRC - [2014-01-02 08:33:40 | 000,499,856 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\WPM\wprotectmanager.exe PRC - [2013-02-17 23:55:11 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe PRC - [2013-02-17 23:55:11 | 000,008,192 | ---- | M] () -- C:\Windows\SysWOW64\srvany.exe PRC - [2012-10-09 00:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Wacom\WacomHost.exe PRC - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-10-01 23:52:32 | 002,640,408 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe MOD - [2014-08-16 17:50:13 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2014-11-06 04:30:08 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2013-06-06 03:09:52 | 000,598,808 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro) SRV:[b]64bit:[/b] - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2013-02-17 23:30:48 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2014-11-12 19:08:29 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-08-16 17:50:13 | 001,820,184 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe -- (vToolbarUpdater18.1.9) SRV - [2014-03-20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2014-01-02 08:33:40 | 000,499,856 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\WPM\wprotectmanager.exe -- (Wpm) SRV - [2013-09-11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2013-02-17 23:55:11 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (KMService) SRV - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2014-12-10 17:31:33 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32) DRV:[b]64bit:[/b] - [2014-08-16 17:50:13 | 000,050,976 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp) DRV:[b]64bit:[/b] - [2013-04-30 18:18:10 | 000,085,304 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter) DRV:[b]64bit:[/b] - [2013-04-30 18:18:10 | 000,014,136 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf) DRV:[b]64bit:[/b] - [2013-02-12 05:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2012-12-20 23:20:06 | 000,015,344 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter) DRV:[b]64bit:[/b] - [2012-03-07 02:00:00 | 000,031,744 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetadb.sys -- (andnetadb) DRV:[b]64bit:[/b] - [2012-03-06 06:17:00 | 000,093,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetndis64.sys -- (andnetndis) DRV:[b]64bit:[/b] - [2012-03-06 06:04:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem) DRV:[b]64bit:[/b] - [2012-03-06 06:04:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag) DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-08-10 11:56:46 | 000,079,872 | ---- | M] (ZTE) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zte_cdc_acm.sys -- (zte_cdc_acm) DRV:[b]64bit:[/b] - [2011-08-10 11:56:46 | 000,014,336 | ---- | M] (ZTE) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zte_cpo.sys -- (zte_cpo) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2010-01-28 19:55:04 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2009-07-21 14:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-06-07 07:04:38 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) DRV:[b]64bit:[/b] - [2008-08-06 12:32:16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://start.qone8.com/web/?type=ds&ts=1383316283&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WX90A992232122321&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://start.qone8.com/web/?type=ds&ts=1383316283&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WX90A992232122321&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3453456924-2562164534-3920574783-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-3453456924-2562164534-3920574783-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-3453456924-2562164534-3920574783-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-3453456924-2562164534-3920574783-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKU\S-1-5-21-3453456924-2562164534-3920574783-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=119370&babsrc=SP_ss&mntrId=5452fb47000000000000000000000000 IE - HKU\S-1-5-21-3453456924-2562164534-3920574783-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://mysearch.avg.com/search?cid={B9C74FB1-DD8A-4892-8118-D2EE4A246833}&mid=ab371f49cd7147d398a4d16f642adaf7-e161a93104eaf741d93155fade9eef6dced24665&lang=en&ds=co011&coid=&cmpid=&pr=sa&d=2013-06-22 21:33:18&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-3453456924-2562164534-3920574783-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\addon FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-02-18 00:09:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\ [2014-10-01 23:52:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-02-18 18:02:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paulinka\AppData\Roaming\mozilla\Extensions [2014-12-10 17:25:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paulinka\AppData\Roaming\mozilla\Firefox\Profiles\u6vsizk8.default-1418228104891\extensions [2014-11-12 19:08:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2014-11-12 19:08:30 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2012-12-20 22:30:04 | 000,004,348 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 3dns.adobe.com O1 - Hosts: 127.0.0.1 3dns-1.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-4.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-5.adobe.com O1 - Hosts: 127.0.0.1 hh-software.com O1 - Hosts: 127.0.0.1 http://www.hh-software.com O1 - Hosts: 127.0.0.1 activate.adobe.de O1 - Hosts: 90 more lines... O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search) O3 - HKU\S-1-5-21-3453456924-2562164534-3920574783-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe () O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3453456924-2562164534-3920574783-1000..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:[b]64bit:[/b] - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{567264A6-AB25-4A2D-B3E3-BBA397BD3B93}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74B2D20D-8C05-48DE-8D3C-132A2C0464C8}: DhcpNameServer = 192.168.42.129 O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{b6c689f9-cdfe-11e2-9197-002622ce3304}\Shell - "" = AutoRun O33 - MountPoints2\{b6c689f9-cdfe-11e2-9197-002622ce3304}\Shell\AutoRun\command - "" = H:\LGAutoRun.exe O33 - MountPoints2\{c7076d5a-5412-11e3-841c-0c6076a107a4}\Shell - "" = AutoRun O33 - MountPoints2\{c7076d5a-5412-11e3-841c-0c6076a107a4}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-12-10 18:22:49 | 000,000,000 | ---D | C] -- C:\FRST [2014-12-10 18:04:33 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2014-12-10 17:38:19 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2014-12-10 17:31:33 | 000,026,528 | ---- | C] (REALiX(tm)) -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS [2014-12-10 17:31:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 [2014-12-10 17:31:22 | 000,000,000 | ---D | C] -- C:\Program Files\HWiNFO64 [2014-12-10 17:27:28 | 002,699,320 | ---- | C] (Martin Malík - REALiX ) -- C:\Users\Paulinka\Desktop\hw64_448.exe [2014-12-10 17:20:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Paulinka\Desktop\OTL.exe [2014-12-10 17:20:17 | 002,119,680 | ---- | C] (Farbar) -- C:\Users\Paulinka\Desktop\FRST64.exe [2014-12-10 17:15:10 | 000,000,000 | ---D | C] -- C:\Users\Paulinka\Desktop\Stare dane programu Firefox [2014-12-10 16:47:20 | 000,000,000 | ---D | C] -- C:\Users\Paulinka\AppData\Roaming\TeamViewer [2014-12-10 10:28:51 | 000,000,000 | ---D | C] -- C:\Users\Paulinka\Documents\Corel [2014-12-10 10:27:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel [2014-12-10 10:25:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis [2014-12-10 10:12:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5 [2014-12-10 10:05:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2014-11-26 14:56:03 | 000,000,000 | ---D | C] -- C:\Users\Paulinka\Desktop\serwis rozliczenia [2014-11-25 15:18:25 | 000,000,000 | ---D | C] -- C:\Users\Paulinka\Desktop\Cichocki [2014-11-24 18:10:24 | 000,000,000 | -HSD | C] -- C:\Users\Paulinka\AppData\Local\EmieUserList [2014-11-24 18:10:24 | 000,000,000 | -HSD | C] -- C:\Users\Paulinka\AppData\Local\EmieSiteList [2014-11-24 18:10:24 | 000,000,000 | -HSD | C] -- C:\Users\Paulinka\AppData\Local\EmieBrowserModeList [2014-11-19 20:00:06 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla [2014-11-19 19:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla [2014-11-16 13:47:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel [2014-11-12 19:08:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2014-11-12 17:54:34 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2014-11-12 17:54:34 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll [2014-11-12 17:54:34 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll [2014-11-12 17:54:34 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll [2014-11-12 17:54:34 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll [2014-11-12 17:54:31 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2014-11-12 17:54:31 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2014-11-12 17:54:31 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2014-11-12 17:54:31 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2014-11-12 17:54:31 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2014-11-12 17:54:30 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2014-11-12 17:54:30 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2014-11-12 17:54:30 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2014-11-12 17:54:30 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014-11-12 17:54:29 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2014-11-12 17:54:29 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2014-11-12 17:54:28 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2014-11-12 17:54:27 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2014-11-12 17:54:27 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2014-11-12 17:54:27 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2014-11-12 17:54:27 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2014-11-12 17:54:27 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2014-11-12 17:54:27 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2014-11-12 17:54:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2014-11-12 17:54:26 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2014-11-12 17:54:26 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014-11-12 17:54:26 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2014-11-12 17:54:25 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2014-11-12 17:54:24 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2014-11-12 17:54:24 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2014-11-12 17:54:24 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2014-11-12 17:54:24 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2014-11-12 17:54:24 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2014-11-12 17:54:23 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2014-11-12 17:54:23 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2014-11-12 17:54:23 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2014-11-12 17:54:22 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014-11-12 17:54:22 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2014-11-12 17:54:21 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2014-11-12 17:54:21 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2014-11-12 17:53:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2014-11-12 17:53:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2014-11-12 17:53:18 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL [2014-11-12 17:53:18 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL [2014-11-12 17:53:15 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll [2014-11-12 17:53:15 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll [2014-11-12 17:53:15 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll [2014-11-12 17:53:15 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll [2014-11-12 17:53:15 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll [2014-11-12 17:53:14 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2014-11-12 17:53:14 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2014-11-12 17:53:12 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2014-11-12 17:52:55 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2014-11-12 17:52:34 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2013-11-01 15:24:29 | 006,529,797 | ---- | C] (ASGVIS) -- C:\Program Files (x86)\uninstall.exe [2013-11-01 15:21:05 | 002,813,952 | ---- | C] (Python Software Foundation) -- C:\Program Files (x86)\python26.dll [2013-02-17 23:44:18 | 038,966,928 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files (x86)\AdbeRdr11000_pl_PL.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-12-10 18:31:00 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\FoxTab.job [2014-12-10 18:21:03 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-12-10 18:21:03 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-12-10 18:20:12 | 001,670,590 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014-12-10 18:20:12 | 000,740,688 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2014-12-10 18:20:12 | 000,654,480 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014-12-10 18:20:12 | 000,156,230 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2014-12-10 18:20:12 | 000,122,352 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014-12-10 18:13:36 | 009,743,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014-12-10 18:13:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-12-10 18:13:03 | 2411,671,552 | -HS- | M] () -- C:\hiberfil.sys [2014-12-10 17:59:33 | 000,009,256 | ---- | M] () -- C:\Users\Paulinka\Documents\cc_20141210_175922.reg [2014-12-10 17:58:48 | 000,188,814 | ---- | M] () -- C:\Users\Paulinka\Documents\cc_20141210_175830.reg [2014-12-10 17:38:20 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2014-12-10 17:31:33 | 000,026,528 | ---- | M] (REALiX(tm)) -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS [2014-12-10 17:30:10 | 000,000,930 | ---- | M] () -- C:\Users\Paulinka\Desktop\HD Tune.lnk [2014-12-10 17:27:34 | 002,699,320 | ---- | M] (Martin Malík - REALiX ) -- C:\Users\Paulinka\Desktop\hw64_448.exe [2014-12-10 17:21:11 | 000,380,416 | ---- | M] () -- C:\Users\Paulinka\Desktop\GMER.exe [2014-12-10 17:20:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Paulinka\Desktop\OTL.exe [2014-12-10 17:20:21 | 002,119,680 | ---- | M] (Farbar) -- C:\Users\Paulinka\Desktop\FRST64.exe [2014-12-10 16:52:59 | 000,000,669 | ---- | M] () -- C:\Users\Paulinka\Desktop\PC_HELP_RU — skrót.lnk [2014-12-10 10:35:53 | 000,002,625 | ---- | M] () -- C:\Users\Paulinka\Desktop\CorelDRAW X5.lnk [2014-12-09 21:48:14 | 000,000,252 | ---- | M] () -- C:\Users\Paulinka\AppData\Roaming\WB.CFG [2014-12-02 19:25:58 | 000,007,605 | ---- | M] () -- C:\Users\Paulinka\AppData\Local\Resmon.ResmonCfg [2014-12-01 22:57:41 | 000,000,617 | ---- | M] () -- C:\Users\Paulinka\Desktop\cv — skrót.lnk [2014-11-15 09:40:18 | 000,000,132 | ---- | M] () -- C:\Users\Paulinka\AppData\Roaming\Adobe PNG Format CS6 Prefs [2014-11-14 20:23:28 | 000,001,025 | ---- | M] () -- C:\Users\Paulinka\Desktop\Dropbox.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-12-10 18:13:06 | 009,743,696 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014-12-10 17:59:29 | 000,009,256 | ---- | C] () -- C:\Users\Paulinka\Documents\cc_20141210_175922.reg [2014-12-10 17:58:45 | 000,188,814 | ---- | C] () -- C:\Users\Paulinka\Documents\cc_20141210_175830.reg [2014-12-10 17:38:20 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2014-12-10 17:30:10 | 000,000,930 | ---- | C] () -- C:\Users\Paulinka\Desktop\HD Tune.lnk [2014-12-10 17:21:05 | 000,380,416 | ---- | C] () -- C:\Users\Paulinka\Desktop\GMER.exe [2014-12-10 16:52:59 | 000,000,669 | ---- | C] () -- C:\Users\Paulinka\Desktop\PC_HELP_RU — skrót.lnk [2014-12-10 10:35:53 | 000,002,625 | ---- | C] () -- C:\Users\Paulinka\Desktop\CorelDRAW X5.lnk [2014-12-02 19:25:58 | 000,007,605 | ---- | C] () -- C:\Users\Paulinka\AppData\Local\Resmon.ResmonCfg [2014-12-01 22:57:50 | 000,000,617 | ---- | C] () -- C:\Users\Paulinka\Desktop\cv — skrót.lnk [2014-10-20 12:51:59 | 000,000,132 | ---- | C] () -- C:\Users\Paulinka\AppData\Roaming\Adobe BMP Format CS6 Prefs [2014-10-20 12:50:33 | 000,000,132 | ---- | C] () -- C:\Users\Paulinka\AppData\Roaming\Adobe GIF Format CS6 Prefs [2014-02-27 06:59:28 | 001,643,196 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013-11-01 15:24:29 | 000,000,893 | ---- | C] () -- C:\Program Files (x86)\Uninstall V-Ray for SketchUp.lnk [2013-11-01 15:21:05 | 007,495,680 | ---- | C] () -- C:\Program Files (x86)\QtGui4.dll [2013-11-01 15:21:05 | 002,109,440 | ---- | C] () -- C:\Program Files (x86)\QtCore4.dll [2013-07-30 20:43:03 | 000,000,252 | ---- | C] () -- C:\Users\Paulinka\AppData\Roaming\WB.CFG [2013-07-01 20:58:44 | 000,000,132 | ---- | C] () -- C:\Users\Paulinka\AppData\Roaming\Adobe PNG Format CS6 Prefs [2013-06-22 20:33:06 | 000,003,738 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml [2013-06-17 20:43:12 | 000,000,006 | ---- | C] () -- C:\Users\Paulinka\AppData\Roaming\WBPU-TTL.DAT [2013-05-23 18:16:21 | 000,000,132 | ---- | C] () -- C:\Users\Paulinka\AppData\Roaming\Adobe IllExport Filter CS6 Prefs [2013-02-20 21:39:54 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2013-02-17 23:55:27 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe [2013-02-17 23:55:27 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014-06-25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014-06-25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2013-06-22 20:33:29 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\0D1F1S1C1P0P1C1F1N1C1T1H2UtF1E1I [2013-11-01 15:31:42 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\0F1F1C2Y1H1P1C0I0T [2014-10-09 21:46:16 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\Ambient Design [2013-02-17 23:35:44 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\Autodesk [2013-02-20 21:43:46 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\Babylon [2014-12-10 14:48:51 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\Dropbox [2013-02-20 21:43:51 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\DSite [2013-11-01 15:31:26 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\FoxTab [2013-09-21 11:17:46 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\GardenPuzzle.31FAFA193F692E138C6BB309B446CA42C25328E4.1 [2013-02-17 23:05:47 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\InternetManager_Z [2014-12-10 11:47:49 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\ipla [2014-06-03 23:22:48 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\NapiProjekt [2013-11-22 17:13:43 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\Quest3D [2013-03-07 19:17:23 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2014-12-10 16:47:20 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\TeamViewer [2013-02-20 21:45:55 | 000,000,000 | ---D | M] -- C:\Users\Paulinka\AppData\Roaming\Video Converter Packages [color=#E56717]========== Purity Check ==========[/color] < End of report >