OTL.Txt

Nation Zoom ADWare – prośba o skrypt OTL do całkowitego usunięcia

Witam serdecznie Również jestem na etapie usuwanie tego *** Wykonałem pełne skanowanie MBAM po aktualizacji bazy wirusów i usunąłem wykryte zagrożenia. AdwCleaner przeszukałem i usunąłem Pozostało mi tylko wrzucenie skryptu OTL Tak że również prosiłbym o skrypt z OTL Z góry dzięki

OTL logfile created on: 2014-01-20 09:17:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Antonio\Desktop
Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,97 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 54,03% Memory free
5,93 Gb Paging File | 4,42 Gb Available in Paging File | 74,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 68,26 Gb Total Space | 33,44 Gb Free Space | 48,99% Space Free | Partition Type: NTFS
Drive D: | 78,12 Gb Total Space | 33,39 Gb Free Space | 42,74% Space Free | Partition Type: NTFS
Drive E: | 86,40 Gb Total Space | 24,46 Gb Free Space | 28,31% Space Free | Partition Type: NTFS

Computer Name: ANTONIO-KOMP | User Name: Antonio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014-01-20 00:50:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Antonio\Desktop\OTL.exe
PRC - [2014-01-11 11:29:23 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013-12-11 18:52:06 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013-12-11 18:52:04 | 001,564,528 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013-04-04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013-02-27 06:05:53 | 000,101,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
PRC - [2013-01-28 13:36:21 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-11-29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012-11-23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012-09-18 03:12:46 | 000,181,760 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Windows\System32\spool\drivers\w32x86\3\NetFaxServer.exe
PRC - [2012-02-20 22:22:48 | 000,344,064 | ---- | M] () -- C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-03-23 13:53:06 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010-03-23 13:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe
PRC - [2009-03-02 17:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014-01-18 21:44:46 | 014,972,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\642ba04dfd0cf6b5a4bd768ab404eb4f\Kies.Theme.ni.dll
MOD - [2014-01-18 21:44:45 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\9e97c3b33aa7fb9d900bca4f6d93ec9e\DummyStorePlugin.ni.dll
MOD - [2014-01-18 21:44:45 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceStoryAlbum\793cd2511f15f93f0666a53afec40168\DeviceStoryAlbum.ni.dll
MOD - [2014-01-18 21:44:44 | 000,616,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\3eb0df72e19c269e7ec4dc4a2c130521\DevicePodcast.ni.dll
MOD - [2014-01-18 21:44:42 | 000,301,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\1f0d8f012eae2b7353c8d594b2a06e9d\DeviceVideo.ni.dll
MOD - [2014-01-18 21:44:41 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\0cb1ca6d0bc2fbc4225ec8b991eecd07\DevicePhoto.ni.dll
MOD - [2014-01-18 21:44:40 | 000,308,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\37d6d6311fb793f9f062b8e7791acbfa\DeviceMusic.ni.dll
MOD - [2014-01-18 21:44:39 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\d10403d9058391eeeb3f4f55e30c5176\VideoManager.ni.dll
MOD - [2014-01-18 21:44:37 | 000,807,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\e5ea355a326484afc2301e192a92d588\PhotoManager.ni.dll
MOD - [2014-01-18 21:44:35 | 001,993,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\180dbdac8e27e15b69df3444d78fd03f\Phonebook.ni.dll
MOD - [2014-01-18 21:44:30 | 000,207,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\StoryAlbumManager\e59c0c8b0d38d7fe9dd812a9766a3eca\StoryAlbumManager.ni.dll
MOD - [2014-01-18 21:44:29 | 000,945,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\50e0b2c542f13677c797710cc4798c01\MusicManager.ni.dll
MOD - [2014-01-18 21:44:26 | 000,404,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\2cd3ab735bdeddcc09727d40c2c2d8a2\BATPlugin.ni.dll
MOD - [2014-01-18 21:44:21 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\6e02e15174282cb0ddd24edfe74eb58b\Kies.Common.StoreManager.ni.dll
MOD - [2014-01-18 21:44:20 | 000,534,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\da4a656f5af4ca1cb53934034314853e\Kies.Common.MediaDB.ni.dll
MOD - [2014-01-18 21:44:19 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\c5efe841e2998c266e0f5e29bed04b55\ASF_cSharpAPI.ni.dll
MOD - [2014-01-18 21:44:18 | 000,063,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\2c2dbe86884ed4a0f6ad598beae9699f\Kies.Common.AllShare.ni.dll
MOD - [2014-01-18 21:44:17 | 000,066,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\c3d1340662ee751e8d733de79da14ebd\Kies.Common.DBManager.ni.dll
MOD - [2014-01-18 21:44:16 | 000,110,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\6b1bd95506210a735156fd15f42262fa\Kies.Common.CRMManager.ni.dll
MOD - [2014-01-18 21:44:15 | 001,150,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\9fa2c7fb630469701fe7c55cdcb555c4\Podcaster.ni.dll
MOD - [2014-01-18 21:44:12 | 000,283,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\41300d1a88acc0cbee2c4b1a2c3c482f\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2014-01-18 21:44:11 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\7e9f50fd0eb97b097749992c9f15f1a1\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2014-01-18 21:44:10 | 000,581,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\42ab5ed8c70495af14fc9a8e38e5383a\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2014-01-18 21:44:10 | 000,178,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\ee78a3163ef4b690785fb1c631b33aeb\Interop.DevFileServiceLib.ni.dll
MOD - [2014-01-18 21:44:08 | 001,226,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\9d845f9223fee53541f8ccfb8f81ef19\Kies.Common.DeviceService.ni.dll
MOD - [2014-01-18 21:44:05 | 001,002,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\06251528bbadcb3da726d324a41e710f\DeviceCommonLib.ni.dll
MOD - [2014-01-18 21:44:03 | 000,750,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\bd11024449dffad070bfc4783b93b7d3\Kies.Plugin.ContentsManagerLib.ni.dll
MOD - [2014-01-18 21:44:00 | 000,206,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\25bfc8f9251c5d14e0deeca8cb047efe\Kies.Common.MainUI.ni.dll
MOD - [2014-01-18 21:43:33 | 000,046,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\fb36527133c6a9e51f53aab9ca2faabe\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2014-01-18 21:43:32 | 000,940,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\58280726ef173a1ef513efc6f91d1428\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2014-01-18 21:43:30 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\a474771ad225ef2b83d38a86a160ed53\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2014-01-18 21:43:30 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\be9d4a331a41a83465c56b735845c86b\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2014-01-18 21:43:30 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\0cd09e4839a2bfe65311191d2e61c698\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2014-01-18 21:43:30 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\97feb913f82b178f436c759ba72a827f\Interop.PRPLAYERCORELib.ni.dll
MOD - [2014-01-18 21:43:27 | 002,221,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\38aa59acafca02f45ea4a74f287bb68a\Kies.Common.Multimedia.ni.dll
MOD - [2014-01-18 21:43:23 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\891822cfc054262435c02192bb220192\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2014-01-18 21:43:22 | 000,640,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3623faeb61837e71a9edbe9e2227888b\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2014-01-18 21:43:14 | 007,191,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\fa5fab8e07ac99ad74450e696bb6c029\DeviceHost.ni.dll
MOD - [2014-01-18 21:43:03 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\abebd90a3673cde0cd3a1b81a9f18f86\CabLib.ni.dll
MOD - [2014-01-18 21:43:02 | 000,315,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\2bcad8b67324e46ce281141cf9bb8043\Kies.Common.Util.ni.dll
MOD - [2014-01-18 21:43:00 | 001,734,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c00186c7088636f481c1a2ec57faade5\Kies.Locale.ni.dll
MOD - [2014-01-18 21:43:00 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\4f6bd7ba777dc7eac0d9b77e137d328f\Interop.DeviceSearchLib.ni.dll
MOD - [2014-01-18 21:42:59 | 000,079,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\6f25a20174765872519f821c6c68bfda\Kies.MVVM.ni.dll
MOD - [2014-01-18 21:42:58 | 001,952,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\abbba0f399508efdbeaf78b2e2fa7b03\Kies.UI.ni.dll
MOD - [2014-01-18 21:42:54 | 000,160,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\6cfb6056dfe610b88af47c21a80026b7\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2014-01-18 21:42:48 | 001,288,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\12c56c6f281e94ee5ff88ecd3b72b8d5\Kies.Interface.ni.dll
MOD - [2014-01-18 21:42:26 | 000,770,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\f17c7bc239be0eb7661cbcd3cff1ea16\System.Runtime.Remoting.ni.dll
MOD - [2014-01-18 21:42:24 | 002,183,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\5f712dcfc5bfd337d9afaab96a6b5736\Kies.ni.exe
MOD - [2014-01-11 11:29:21 | 000,399,640 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppgooglenaclpluginchrome.dll
MOD - [2014-01-11 11:29:19 | 013,615,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
MOD - [2014-01-11 11:29:17 | 004,055,320 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll
MOD - [2014-01-11 11:28:15 | 000,715,544 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
MOD - [2014-01-11 11:28:14 | 000,100,120 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\libegl.dll
MOD - [2014-01-11 11:28:11 | 001,634,584 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
MOD - [2013-10-10 09:59:04 | 018,022,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e9147e4c70d4e387dc4aea59ce0a219a\PresentationFramework.ni.dll
MOD - [2013-10-10 09:58:48 | 011,527,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\99bbd3424207d205e9e680fa712dba04\PresentationCore.ni.dll
MOD - [2013-10-10 09:58:44 | 001,014,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\85a501f8b0cb271f1bfab6532523ac3c\System.Configuration.ni.dll
MOD - [2013-10-10 09:58:40 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\55c245966c0b23a47587c18681457e48\System.Core.ni.dll
MOD - [2013-10-10 09:58:36 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b1ff5e4a64c0bb0a9b039aaefcde5ea7\WindowsBase.ni.dll
MOD - [2013-08-16 11:40:27 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d8f4106eee38420ac5eda7d630dc53fc\System.ServiceProcess.ni.dll
MOD - [2013-08-16 09:05:51 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\c8648331484537c338fe2b606a9db8b7\System.Xaml.ni.dll
MOD - [2013-08-16 08:46:39 | 005,628,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b7285e9f3d19a05d5cc2c049e451685d\System.Xml.ni.dll
MOD - [2013-08-16 08:46:15 | 009,100,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\08c630893416f3379c9455870908ad6c\System.ni.dll
MOD - [2013-07-11 18:36:03 | 014,418,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a01e07e47ecdd94ae099e8c4bf650516\mscorlib.ni.dll
MOD - [2012-02-20 22:22:52 | 000,050,688 | ---- | M] () -- C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
MOD - [2012-02-20 22:22:48 | 000,344,064 | ---- | M] () -- C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MOD - [2011-09-27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011-09-27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- C:\Users\Antonio\AppData\Local\Temp\7zS4E72\hpslpsvc32.dll -- (HPSLPSVC)
SRV - [2013-12-11 18:27:18 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-11-26 09:29:52 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013-10-23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-05-27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-11-29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012-09-18 03:12:46 | 000,181,760 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Windows\System32\spool\drivers\w32x86\3\NetFaxServer.exe -- (Samsung Network Fax Server)
SRV - [2010-05-21 17:59:10 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-03-23 13:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe -- (STacSV)
SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-03-02 17:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe -- (AESTFilters)
SRV - [2007-05-31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | Disabled | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | Disabled | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\avnetflt.sys -- (avnetflt)
DRV - [2014-01-20 09:01:49 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2014-01-18 16:33:19 | 000,042,592 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2013-04-04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013-02-27 12:52:10 | 008,913,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012-08-23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012-08-23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012-06-20 08:43:02 | 002,957,312 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2012-06-04 08:59:20 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012-06-04 08:59:20 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012-02-15 14:16:48 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.sys -- (SSPORT)
DRV - [2010-11-20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-03-23 13:53:06 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009-11-12 05:14:28 | 000,066,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009-10-22 14:11:14 | 000,057,800 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009-10-22 14:09:34 | 000,072,520 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2009-07-14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3048211621-2605900154-3419174039-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-3048211621-2605900154-3419174039-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3048211621-2605900154-3419174039-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3048211621-2605900154-3419174039-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & src=IE-SearchBox & FORM=IE11SR
IE - HKU\S-1-5-21-3048211621-2605900154-3419174039-1000\..\SearchScopes\{8066D9F4-74AB-441C-AEB7-CA77F05AD05A}: " URL " = http://search.yahoo.com/search?fr=chr-greentree_ie & ei=utf-8 & type=302398 & p={searchTerms}
IE - HKU\S-1-5-21-3048211621-2605900154-3419174039-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0
IE - HKU\S-1-5-21-3048211621-2605900154-3419174039-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyOverride " = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaulturl: " "
FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.47
FF - prefs.js..extensions.enabledAddons: lightningnewtab%40gmail.com:1.0.5.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Windows\system32\C2MP\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Antonio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-01-28 13:37:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-28 13:37:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\lightningnewtab@gmail.com: C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\vfp9yat9.default\extensions\lightningnewtab@gmail.com.xpi [2014-01-01 19:59:02 | 000,426,126 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-12-22 18:47:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-12-22 18:47:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2011-02-27 19:11:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Antonio\AppData\Roaming\mozilla\Extensions
[2014-01-19 20:53:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Antonio\AppData\Roaming\mozilla\Firefox\Profiles\vfp9yat9.default\extensions
[2014-01-13 15:03:56 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Antonio\AppData\Roaming\mozilla\Firefox\Profiles\vfp9yat9.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2014-01-16 19:54:04 | 000,150,528 | ---- | M] () (No name found) -- C:\Users\Antonio\AppData\Roaming\mozilla\firefox\profiles\vfp9yat9.default\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi
[2014-01-14 00:21:10 | 000,270,342 | ---- | M] () (No name found) -- C:\Users\Antonio\AppData\Roaming\mozilla\firefox\profiles\vfp9yat9.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack.xpi
[2014-01-01 19:59:02 | 000,426,126 | ---- | M] () (No name found) -- C:\Users\Antonio\AppData\Roaming\mozilla\firefox\profiles\vfp9yat9.default\extensions\lightningnewtab@gmail.com.xpi
[2014-01-16 19:54:07 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Antonio\AppData\Roaming\mozilla\firefox\profiles\vfp9yat9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-12-22 18:47:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-12-22 18:47:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-12-22 18:47:52 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013-01-28 13:36:28 | 000,124,056 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2010-01-13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms} & {google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient} & xssi=t & q={searchTerms} & {google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.google.pl/
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.450.18 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U45 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Antonio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Windows\system32\C2MP\npdivx32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
CHR - Extension: Dokumenty Google = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: WyszukiwarkaMP3.eu = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nicoginedhfanjlpoopdhiijgkogabfj\2.0.1_0\
CHR - Extension: Google Wallet = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe ()
O4 - HKLM..\Run: [Corel Graphics Suite 1117] C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe /title= " Corel Graphics Suite 11 " /date=051410 serial=DR11CTD-9999999-KHM File not found
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-3048211621-2605900154-3419174039-1000..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-3048211621-2605900154-3419174039-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] " C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe " File not found
O4 - HKU\S-1-5-21-3048211621-2605900154-3419174039-1000..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe File not found
O4 - HKU\S-1-5-21-3048211621-2605900154-3419174039-1000..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-3048211621-2605900154-3419174039-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-3048211621-2605900154-3419174039-1000..\Run: [Mercora] " C:\Program Files\Mercora\MercoraClient.exe " -min File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: Add to Google Photos Screensa & ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.62 62.179.1.63
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A4961A56-8812-41A1-A55C-F583EBDB63E0}: DhcpNameServer = 62.179.1.62 62.179.1.63
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3E70BBD-AE85-4BEA-84B2-F2E11E79CAD5}: DhcpNameServer = 62.179.1.62 62.179.1.63
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013-10-13 13:28:28 | 002,919,480 | ---- | M] () - E:\AutoRuns.arn -- [ NTFS ]
O32 - AutoRun File - [2013-10-23 00:40:36 | 000,540,921 | ---- | M] () - E:\Autoruns.zip -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- " %1 " %*
O35 - HKLM\..exefile [open] -- " %1 " %*
O37 - HKLM\...com [@ = comfile] -- " %1 " %*
O37 - HKLM\...exe [@ = exefile] -- " %1 " %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014-01-20 09:05:47 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-01-20 09:01:49 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2014-01-20 00:50:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Antonio\Desktop\OTL.exe
[2014-01-20 00:05:40 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Roaming\Malwarebytes
[2014-01-20 00:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014-01-20 00:05:31 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014-01-20 00:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014-01-19 14:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginService
[2014-01-19 14:28:08 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
[2014-01-18 21:39:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2014-01-18 21:39:22 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
[2014-01-18 21:25:34 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2014-01-18 21:25:29 | 000,000,000 | ---D | C] -- C:\Users\Antonio\Documents\SelfMV
[2014-01-18 21:25:11 | 000,000,000 | ---D | C] -- C:\Users\Antonio\Documents\samsung
[2014-01-18 21:22:21 | 000,181,432 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2014-01-18 21:22:21 | 000,080,824 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2014-01-18 21:17:51 | 000,000,000 | ---D | C] -- C:\Users\Antonio\.android
[2014-01-18 17:34:25 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Roaming\ODIN
[2014-01-18 16:33:19 | 000,067,680 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusb0.dll
[2014-01-18 16:33:19 | 000,042,592 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\drivers\libusb0.sys
[2014-01-18 16:31:09 | 000,851,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinUSBCoInstaller2.dll
[2014-01-18 16:30:45 | 000,000,000 | ---D | C] -- C:\usb_driver
[2014-01-18 15:37:56 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2014-01-18 15:37:56 | 000,581,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WinUSBCoInstaller.dll
[2014-01-18 15:37:06 | 000,000,000 | ---D | C] -- C:\Users\Antonio\cminstaller
[2014-01-15 21:05:09 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014-01-15 21:03:15 | 000,240,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014-01-15 21:03:01 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2014-01-15 21:03:01 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2014-01-14 18:29:36 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Local\MetaGeek,_LLC
[2014-01-06 20:23:36 | 004,558,848 | ---- | C] (Google Inc.) -- C:\Windows\System32\GPhotos.scr
[2014-01-01 21:37:01 | 000,000,000 | ---D | C] -- C:\Users\Antonio\SystemRequirementsLab
[2013-12-22 22:50:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2013-12-22 18:47:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013-12-22 18:47:17 | 025,260,518 | ---- | C] (Nowa Era) -- C:\Users\Antonio\Desktop\prosto_do_matury_p1.exe
[1 C:\Users\Antonio\Documents\*.tmp files - & gt; C:\Users\Antonio\Documents\*.tmp - & gt; ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014-01-20 09:18:44 | 000,016,448 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-01-20 09:18:44 | 000,016,448 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-01-20 09:15:42 | 000,716,254 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014-01-20 09:15:42 | 000,634,350 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-01-20 09:15:42 | 000,142,948 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014-01-20 09:15:42 | 000,114,346 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-01-20 09:11:31 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-01-20 09:11:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-01-20 09:11:16 | 2389,905,408 | -HS- | M] () -- C:\hiberfil.sys
[2014-01-20 09:07:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-01-20 09:01:49 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2014-01-20 08:39:25 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-01-20 01:02:31 | 012,943,931 | ---- | M] () -- C:\Users\Antonio\Desktop\Next Launcher 3D 2.02.apk
[2014-01-20 00:50:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Antonio\Desktop\OTL.exe
[2014-01-20 00:10:46 | 001,236,282 | ---- | M] () -- C:\Users\Antonio\Desktop\AdwCleaner.exe
[2014-01-20 00:05:33 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-01-19 23:02:50 | 053,557,248 | ---- | M] () -- C:\Users\Antonio\Desktop\eea_nt32_plk.msi
[2014-01-19 15:04:17 | 094,356,472 | ---- | M] () -- C:\Users\Antonio\Desktop\gapps-jb-20121212-signed.zip
[2014-01-19 14:26:45 | 006,195,200 | ---- | M] () -- C:\Users\Antonio\Desktop\GT-I9100_JB_ClockworkMod-Recovery_6.0.2.9.tar
[2014-01-18 21:10:51 | 000,415,694 | ---- | M] () -- C:\Users\Antonio\Desktop\Odin3_v3.04.rar
[2014-01-18 17:41:49 | 000,203,192 | ---- | M] () -- C:\Users\Antonio\Desktop\Odin3-v1.85.zip
[2014-01-18 16:37:33 | 000,000,554 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014-01-18 16:33:19 | 000,067,680 | ---- | M] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusb0.dll
[2014-01-18 16:33:19 | 000,042,592 | ---- | M] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\drivers\libusb0.sys
[2014-01-18 16:31:14 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2014-01-18 16:31:09 | 000,851,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinUSBCoInstaller2.dll
[2014-01-18 15:37:56 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2014-01-18 15:37:56 | 000,581,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WinUSBCoInstaller.dll
[2014-01-17 23:46:19 | 1464,583,530 | ---- | M] () -- C:\Users\Antonio\Desktop\Were_the_Millers_(2013)_PL.BRRip.XviD.AC3-sav.avi
[2014-01-16 14:00:17 | 003,726,024 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014-01-14 00:34:37 | 000,897,885 | ---- | M] () -- C:\Users\Antonio\Desktop\SCAN_20140114_003321429.pdf
[2014-01-06 20:23:36 | 004,558,848 | ---- | M] (Google Inc.) -- C:\Windows\System32\GPhotos.scr
[2014-01-06 01:56:09 | 788,643,202 | ---- | M] () -- C:\Users\Antonio\Desktop\Iluzja.2013.PL.THEATRiCAL.BRRip.XViD-MORS.avi
[2014-01-03 22:38:49 | 001,993,274 | ---- | M] () -- C:\Users\Antonio\Desktop\Instrukcja-obs-ugi-do-Parrot-CK3100_PL_(videotesty.pl).pdf
[2013-12-22 18:47:18 | 025,260,518 | ---- | M] (Nowa Era) -- C:\Users\Antonio\Desktop\prosto_do_matury_p1.exe
[1 C:\Users\Antonio\Documents\*.tmp files - & gt; C:\Users\Antonio\Documents\*.tmp - & gt; ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014-01-20 01:02:16 | 012,943,931 | ---- | C] () -- C:\Users\Antonio\Desktop\Next Launcher 3D 2.02.apk
[2014-01-20 00:10:24 | 001,236,282 | ---- | C] () -- C:\Users\Antonio\Desktop\AdwCleaner.exe
[2014-01-20 00:05:33 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-01-19 22:46:31 | 053,557,248 | ---- | C] () -- C:\Users\Antonio\Desktop\eea_nt32_plk.msi
[2014-01-19 15:02:53 | 094,356,472 | ---- | C] () -- C:\Users\Antonio\Desktop\gapps-jb-20121212-signed.zip
[2014-01-19 14:26:25 | 006,195,200 | ---- | C] () -- C:\Users\Antonio\Desktop\GT-I9100_JB_ClockworkMod-Recovery_6.0.2.9.tar
[2014-01-18 21:10:50 | 000,415,694 | ---- | C] () -- C:\Users\Antonio\Desktop\Odin3_v3.04.rar
[2014-01-18 17:41:47 | 000,203,192 | ---- | C] () -- C:\Users\Antonio\Desktop\Odin3-v1.85.zip
[2014-01-18 16:31:14 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2014-01-17 19:47:35 | 1464,583,530 | ---- | C] () -- C:\Users\Antonio\Desktop\Were_the_Millers_(2013)_PL.BRRip.XviD.AC3-sav.avi
[2014-01-14 00:34:37 | 000,897,885 | ---- | C] () -- C:\Users\Antonio\Desktop\SCAN_20140114_003321429.pdf
[2014-01-05 21:37:11 | 788,643,202 | ---- | C] () -- C:\Users\Antonio\Desktop\Iluzja.2013.PL.THEATRiCAL.BRRip.XViD-MORS.avi
[2014-01-03 22:38:49 | 001,993,274 | ---- | C] () -- C:\Users\Antonio\Desktop\Instrukcja-obs-ugi-do-Parrot-CK3100_PL_(videotesty.pl).pdf
[2013-10-30 12:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013-10-24 12:58:59 | 000,124,832 | R--- | C] () -- C:\Windows\Wiainst.exe
[2013-10-24 12:58:23 | 001,554,336 | ---- | C] () -- C:\Windows\TotalUninstaller.exe
[2013-10-24 12:58:22 | 000,212,600 | ---- | C] () -- C:\Windows\System32\SBuySupplies.exe
[2013-06-21 12:52:16 | 000,024,064 | ---- | C] () -- C:\Windows\System32\sst7clm.dll
[2013-03-27 22:07:02 | 000,707,504 | ---- | C] () -- C:\Users\Antonio\AppData\Local\unins000.exe
[2013-03-27 22:07:02 | 000,011,761 | ---- | C] () -- C:\Users\Antonio\AppData\Local\unins000.msg
[2013-03-27 22:07:02 | 000,002,395 | ---- | C] () -- C:\Users\Antonio\AppData\Local\unins000.dat
[2012-03-26 23:10:56 | 000,274,432 | ---- | C] () -- C:\Windows\System32\SaMinDrv.dll
[2012-03-26 23:10:54 | 000,106,496 | ---- | C] () -- C:\Windows\System32\SaImgFlt.dll
[2012-03-26 23:10:54 | 000,061,440 | ---- | C] () -- C:\Windows\System32\SaErHdlr.dll
[2012-02-20 22:22:26 | 000,064,000 | ---- | C] () -- C:\Windows\System32\CDASpl.dll
[2011-05-21 12:00:52 | 000,000,000 | ---- | C] () -- C:\Users\Antonio\AppData\Local\{03C755BA-468D-46CE-99E2-928B007EBFB3}
[2011-01-12 23:27:40 | 000,000,554 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010-04-07 06:57:52 | 000,034,816 | ---- | C] () -- C:\Users\Antonio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-01-22 23:09:49 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
" " = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
" " = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
" " = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Both

[color=#E56717]========== LOP Check ==========[/color]

[2010-01-13 20:09:31 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\ACD Systems
[2012-03-09 15:45:47 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1
[2013-09-28 18:43:07 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\ESET
[2011-11-10 21:04:47 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\foobar2000
[2014-01-02 15:47:00 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\Foxit Software
[2012-10-16 16:34:44 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\Gadu-Gadu 10
[2014-01-19 21:02:17 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\GG
[2010-08-11 19:47:54 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\GHISLER
[2010-04-29 15:14:14 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\IrfanView
[2011-11-10 19:30:37 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\Mercora
[2010-07-08 09:13:29 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\Nvu
[2014-01-18 17:34:34 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\ODIN
[2010-05-06 18:02:50 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\OpenFM
[2012-07-18 21:00:40 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\PhotoScape
[2013-02-18 21:59:33 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\Podatnik.info
[2010-12-22 00:19:17 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\REAPER
[2014-01-18 21:25:12 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\Samsung
[2013-10-15 18:06:00 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\sierant.nowaEra.SprawdzianyProstoDoMatury
[2012-04-06 21:39:42 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\Temp
[2010-04-29 17:17:02 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\ThumbsPlus
[2011-06-03 12:17:23 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\TightVNC
[2010-04-29 16:45:10 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\Uniblue

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2013-10-31 21:12:25 | 104,433,978 | ---- | M] ()(C:\Windows\System32\???k) -- C:\Windows\System32\嵢ᰤk
[2013-10-31 21:12:25 | 104,433,978 | ---- | C] ()(C:\Windows\System32\???k) -- C:\Windows\System32\嵢ᰤk
[2013-10-26 18:59:55 | 103,214,166 | ---- | M] ()(C:\Windows\System32\???^) -- C:\Windows\System32\靂उᰤ^
[2013-10-26 18:59:55 | 103,214,166 | ---- | C] ()(C:\Windows\System32\???^) -- C:\Windows\System32\靂उᰤ^

& lt; End of report & gt;