Dzięki Wielkie :) Wygląda dużo lepiej Zaaplikowałem skrypt, użyłem AdwCleaner, i oto wynik z OLT (funkcjionalnie wygląda ok) Czy coś jeszcze warto zrobić? Dodam, że komputer - Win7, ma Avasta, coś lepszego darmowego jest na rynku? Nie śledzę tematu antywirusów (kiedyś byłem za NODem)
OTL logfile created on: 2014-01-19 23:21:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\nadusia\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
2,99 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 74,61% Memory free
5,99 Gb Paging File | 5,21 Gb Available in Paging File | 86,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,12 Gb Total Space | 20,46 Gb Free Space | 26,18% Space Free | Partition Type: NTFS
Drive D: | 61,16 Gb Total Space | 26,78 Gb Free Space | 43,78% Space Free | Partition Type: NTFS
Drive E: | 618,37 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: TRUSKAWKA | User Name: nadusia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2014-01-19 22:40:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\nadusia\Desktop\OTL.exe
PRC - [2014-01-07 17:46:34 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014-01-07 17:46:34 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014-01-07 17:46:10 | 000,113,704 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2013-07-08 12:09:10 | 004,153,184 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013-06-29 22:00:43 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013-02-22 12:32:59 | 002,849,120 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2013-01-18 15:21:02 | 000,873,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013-01-18 15:21:00 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013-01-18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2014-01-07 17:46:39 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV - [2014-01-07 17:46:34 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014-01-07 17:46:10 | 000,113,704 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2013-11-26 09:29:52 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013-07-08 12:09:10 | 004,153,184 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013-06-25 23:45:34 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013-06-24 20:16:45 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013-06-20 18:24:18 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-05-27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013-04-18 10:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2013-02-25 23:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013-02-22 12:32:59 | 002,849,120 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2013-01-18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2007-11-15 09:09:42 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007-03-20 15:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2014-01-08 17:47:25 | 000,265,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswndisflt.sys -- (aswNdisFlt)
DRV - [2014-01-08 09:20:30 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014-01-07 17:46:42 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014-01-07 17:46:42 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014-01-07 17:46:42 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014-01-07 17:46:42 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014-01-07 17:46:42 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014-01-07 17:46:41 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014-01-07 17:46:24 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013-12-19 14:11:31 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013-08-21 05:31:38 | 000,182,680 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013-08-21 05:31:38 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013-08-21 05:31:26 | 000,153,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2013-08-21 05:31:26 | 000,136,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2013-08-21 05:31:26 | 000,130,248 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2013-08-21 05:31:26 | 000,017,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2013-02-25 23:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013-01-23 09:31:50 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2013-01-23 09:31:50 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2013-01-23 09:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2013-01-23 09:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2012-10-17 13:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2010-11-20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2007-09-21 02:10:46 | 000,036,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007-09-21 02:10:40 | 000,035,088 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.pl/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1544609573-2829570244-1130742154-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.pl/
IE - HKU\S-1-5-21-1544609573-2829570244-1130742154-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
IE - HKU\S-1-5-21-1544609573-2829570244-1130742154-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1544609573-2829570244-1130742154-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & src=IE-SearchBox & FORM=IE10SR
IE - HKU\S-1-5-21-1544609573-2829570244-1130742154-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0
IE - HKU\S-1-5-21-1544609573-2829570244-1130742154-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyOverride " = *.local
IE - HKU\S-1-5-21-1544609573-2829570244-1130742154-1003\..\SearchScopes,DefaultScope =
[color=#E56717]========== FireFox ==========[/color]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013-08-03 20:53:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2013-08-03 21:40:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nadusia\AppData\Roaming\mozilla\Extensions
[2013-06-25 10:25:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-03-12 09:27:46 | 000,093,976 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\nppluginrichmediaplayer.dll
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms} & {google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient} & xssi=t & q={searchTerms} & {google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - Extension: Przelewy24 = C:\Users\nadusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\adlghgifgkapabijdmenlghpcjhaojnp\5.11_0\
CHR - Extension: Angry Birds = C:\Users\nadusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Dokumenty Google = C:\Users\nadusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1\
CHR - Extension: Dysk Google = C:\Users\nadusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\nadusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\nadusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\
CHR - Extension: Szukaj w Google = C:\Users\nadusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Panda Poet = C:\Users\nadusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\daicmhhkdcccfobnkidlhnieapcikadf\6_0\
CHR - Extension: Session Buddy = C:\Users\nadusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko\3.2.5_0\
CHR - Extension: avast! Online Security = C:\Users\nadusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Sprawdzanie poczty Google = C:\Users\nadusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Google Wallet = C:\Users\nadusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\nadusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1544609573-2829570244-1130742154-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1544609573-2829570244-1130742154-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.60 62.179.1.61
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71F6D1B8-2BC0-4CE8-B276-37F3595DE899}: DhcpNameServer = 62.179.1.60 62.179.1.61
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{caafb472-6d80-11e3-952e-00030da617a6}\Shell - " " = AutoRun
O33 - MountPoints2\{caafb472-6d80-11e3-952e-00030da617a6}\Shell\AutoRun\command - " " = F:\AutoRun.exe
O33 - MountPoints2\{d1803630-dcfe-11e2-baee-00030da617a6}\Shell - " " = AutoRun
O33 - MountPoints2\{d1803630-dcfe-11e2-baee-00030da617a6}\Shell\AutoRun\command - " " = " F:\WD SmartWare.exe " autoplay=true
O33 - MountPoints2\{ed29fa7b-4e42-11e3-8c92-00030da617a6}\Shell - " " = AutoRun
O33 - MountPoints2\{ed29fa7b-4e42-11e3-8c92-00030da617a6}\Shell\AutoRun\command - " " = F:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - " " = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - " " = " G:\WD SmartWare.exe " autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- " %1 " %*
O35 - HKLM\..exefile [open] -- " %1 " %*
O37 - HKLM\...com [@ = comfile] -- " %1 " %*
O37 - HKLM\...exe [@ = exefile] -- " %1 " %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2014-01-19 22:53:07 | 000,000,000 | ---D | C] -- C:\_OTL
[2014-01-19 22:42:35 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-01-19 22:42:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\nadusia\Desktop\OTL.exe
[2014-01-17 23:36:53 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014-01-15 17:25:18 | 000,000,000 | ---D | C] -- C:\Users\nadusia\pożyczki
[2014-01-15 12:55:13 | 000,000,000 | ---D | C] -- C:\Users\nadusia\Desktop\CV
[2014-01-15 09:19:05 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014-01-15 09:19:04 | 000,240,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014-01-15 09:19:03 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2014-01-15 09:19:03 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2014-01-08 09:17:55 | 000,000,000 | ---D | C] -- C:\Users\nadusia\AppData\Roaming\AVAST Software
[2014-01-07 17:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014-01-07 17:47:10 | 000,064,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014-01-07 17:39:56 | 000,204,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2014-01-07 17:39:54 | 000,104,752 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2014-01-07 17:39:51 | 000,026,136 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2014-01-07 17:39:31 | 000,265,072 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswndisflt.sys
[2014-01-07 10:12:29 | 000,000,000 | ---D | C] -- C:\Users\nadusia\Documents\instrukcje lego
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2014-01-19 23:20:13 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-01-19 23:19:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-01-19 23:19:32 | 2411,708,416 | -HS- | M] () -- C:\hiberfil.sys
[2014-01-19 23:02:57 | 000,013,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-01-19 23:02:57 | 000,013,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-01-19 23:00:01 | 000,697,912 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014-01-19 23:00:01 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-01-19 23:00:01 | 000,134,990 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014-01-19 23:00:01 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-01-19 22:40:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\nadusia\Desktop\OTL.exe
[2014-01-19 22:37:50 | 001,236,282 | ---- | M] () -- C:\Users\nadusia\Desktop\AdwCleaner.exe
[2014-01-19 22:37:40 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-01-16 11:30:47 | 004,282,736 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014-01-15 17:27:45 | 000,001,608 | ---- | M] () -- C:\Users\nadusia\Desktop\Adobe InDesign CS6.lnk
[2014-01-08 17:47:25 | 000,265,072 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswndisflt.sys
[2014-01-08 09:20:30 | 000,064,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014-01-07 17:46:42 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014-01-07 17:46:42 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014-01-07 17:46:42 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014-01-07 17:46:42 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014-01-07 17:46:42 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014-01-07 17:46:41 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014-01-07 17:46:40 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014-01-07 17:46:40 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014-01-07 17:46:24 | 000,026,136 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2014-01-07 17:39:48 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2014-01-05 01:04:16 | 000,019,411 | ---- | M] () -- C:\Users\nadusia\Documents\przepisy.odt
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2014-01-19 22:42:17 | 001,236,282 | ---- | C] () -- C:\Users\nadusia\Desktop\AdwCleaner.exe
[2014-01-15 17:27:45 | 000,001,608 | ---- | C] () -- C:\Users\nadusia\Desktop\Adobe InDesign CS6.lnk
[2014-01-04 21:18:17 | 000,019,411 | ---- | C] () -- C:\Users\nadusia\Documents\przepisy.odt
[2013-10-30 12:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013-10-30 12:06:54 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013-10-30 12:06:54 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013-10-30 12:06:54 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013-10-30 12:06:54 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2013-10-17 12:03:31 | 006,902,432 | ---- | C] () -- C:\Users\nadusia\77 bombay street-forgotten your name.mp3
[2013-10-17 12:03:27 | 006,542,472 | ---- | C] () -- C:\Users\nadusia\12-77_bombay_street-get_away-kopie.mp3
[2013-10-17 12:03:23 | 007,155,115 | ---- | C] () -- C:\Users\nadusia\05-77_bombay_street-miss_you_girl-kopie.mp3
[2013-10-17 12:02:57 | 008,283,845 | ---- | C] () -- C:\Users\nadusia\10-77_bombay_street-waiting_for_tomorrow-kopie.mp3
[2013-10-17 12:02:52 | 007,299,961 | ---- | C] () -- C:\Users\nadusia\01-77_bombay_street-47_millionaires-kopie.mp3
[2013-10-17 12:02:35 | 006,958,189 | ---- | C] () -- C:\Users\nadusia\77 bombay street - long way.mp3
[2013-10-17 12:02:29 | 006,212,435 | ---- | C] () -- C:\Users\nadusia\77 bombay street number.mp3
[2013-10-17 12:02:25 | 007,840,012 | ---- | C] () -- C:\Users\nadusia\77 bombay street-hero.mp3
[2013-10-17 12:02:15 | 007,879,578 | ---- | C] () -- C:\Users\nadusia\02-77_bombay_street-up_in_the_sky-kopie.mp3
[2013-08-11 19:48:22 | 000,003,584 | ---- | C] () -- C:\Users\nadusia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-07-02 22:09:18 | 000,000,600 | ---- | C] () -- C:\Users\nadusia\AppData\Roaming\winscp.rnd
[2013-06-28 11:24:09 | 000,000,005 | ---- | C] () -- C:\Users\nadusia\AppData\Roaming\WBPU-Q2-TTL.DAT
[2013-06-28 11:10:19 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013-06-25 11:24:14 | 000,000,005 | ---- | C] () -- C:\Users\nadusia\AppData\Roaming\WBPU-TTL.DAT
[2013-06-24 20:24:27 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2013-06-24 20:04:14 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013-06-24 20:04:14 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
" " = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
" " = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
" " = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Both
[color=#E56717]========== LOP Check ==========[/color]
[2014-01-08 09:17:55 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\AVAST Software
[2014-01-17 23:32:58 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\BitTorrent
[2013-06-27 20:41:07 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\IrfanView
[2013-07-26 23:39:31 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\NapiProjekt
[2013-08-03 22:09:56 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\Nokia
[2013-08-03 22:09:58 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\Nokia Suite
[2013-08-05 21:11:03 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\OpenOffice.org
[2013-08-03 21:13:35 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\PC Suite
[2013-11-08 11:38:07 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\PDAppFlex
[2013-07-26 21:08:31 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\Python-Eggs
[2013-11-09 23:02:22 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\Samsung
[2014-01-17 23:29:40 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\Spotify
[2013-08-09 11:07:57 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013-08-08 20:44:21 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\TeamViewer
[2013-08-03 21:40:26 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\Thunderbird
[2013-07-10 16:49:38 | 000,000,000 | ---D | M] -- C:\Users\nadusia\AppData\Roaming\TuneUp Software
[color=#E56717]========== Purity Check ==========[/color]
& lt; End of report & gt;