Ania1995
Wdrażany
Liczba postów: 17
|
RE: Penny Bee( oraz inne wirusy) Proszę o pomoc !
Dziękuję serdecznie za zainteresowanie 
Zatrzymałam się na >oczyszczanie dysku , nie mogę znaleźć tych ''więcej opcj'' ;P tak to wygląda u mnie , może coś pominęłam ? http://vlep.pl/obrazek/hm8bgv.png
To chyba ten log z OTL
Kod:
OTL logfile created on: 2015-03-25 08: 48: 29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C: \Users\WIN7\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
7,91 Gb Total Physical Memory | 5,60 Gb Available Physical Memory | 70,80% Memory free
15,82 Gb Paging File | 13,41 Gb Available in Paging File | 84,78% Paging File free
Paging file location(s): ?: \pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C: \Windows | %ProgramFiles% = C: \Program Files (x86)
Drive C: | 107,89 Gb Total Space | 31,26 Gb Free Space | 28,97% Space Free | Partition Type: NTFS
Drive D: | 195,21 Gb Total Space | 161,96 Gb Free Space | 82,96% Space Free | Partition Type: NTFS
Drive E: | 292,97 Gb Total Space | 247,03 Gb Free Space | 84,32% Space Free | Partition Type: NTFS
Computer Name: WIN7-KOMPUTER | User Name: WIN7 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2015-03-25 08: 43: 58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C: \Users\WIN7\Downloads\OTL.exe
PRC - [2015-03-14 11: 12: 39 | 000,809,288 | ---- | M] (Google Inc.) -- C: \Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015-03-13 16: 38: 38 | 000,410,768 | ---- | M] (NVIDIA Corporation) -- C: \Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2015-02-08 18: 46: 27 | 000,232,264 | ---- | M] (Google Inc.) -- C: \Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
PRC - [2015-01-14 23: 06: 49 | 000,076,888 | ---- | M] () -- C: \Windows\SysWOW64\PnkBstrA.exe
PRC - [2014-12-13 01: 13: 07 | 002,531,472 | ---- | M] (NVIDIA Corporation) -- C: \Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014-12-13 01: 13: 04 | 001,701,520 | ---- | M] (NVIDIA Corporation) -- C: \Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013-09-27 10: 45: 20 | 000,287,592 | ---- | M] (Intel Corporation) -- C: \Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013-09-27 10: 45: 20 | 000,015,720 | ---- | M] (Intel Corporation) -- C: \Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013-08-28 02: 02: 58 | 000,390,616 | ---- | M] (Intel Corporation) -- C: \Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013-08-28 02: 02: 56 | 000,169,432 | ---- | M] (Intel Corporation) -- C: \Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012-04-24 14: 37: 56 | 000,169,752 | ---- | M] (Intel Corporation) -- C: \Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
PRC - [2009-06-10 22: 23: 09 | 000,066,384 | ---- | M] (Microsoft Corporation) -- C: \Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2015-03-14 11: 12: 37 | 014,974,280 | ---- | M] () -- C: \Program Files (x86)\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll
MOD - [2015-03-14 11: 12: 35 | 009,278,792 | ---- | M] () -- C: \Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll
MOD - [2015-03-14 11: 12: 30 | 001,174,856 | ---- | M] () -- C: \Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
MOD - [2015-03-14 11: 12: 28 | 000,080,200 | ---- | M] () -- C: \Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
MOD - [2015-03-13 20: 41: 47 | 000,011,920 | ---- | M] () -- C: \Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2013-11-30 13: 15: 34 | 011,490,304 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2011-02-04 18: 19: 17 | 000,483,328 | ---- | M] () -- C: \Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_pl_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2011-02-04 18: 19: 01 | 000,311,296 | ---- | M] () -- C: \Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010-11-21 04: 52: 47 | 001,358,336 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\f0f10d0591d11a36ee2aa8ee2fbdb2bf\System.WorkflowServices.ni.dll
MOD - [2010-11-21 04: 52: 31 | 001,707,008 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\4782a5d2bc7d86895faf404a3470aacb\System.ServiceModel.Web.ni.dll
MOD - [2010-11-21 04: 51: 14 | 001,083,392 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\b4c60dd01be760ee0452df2c040de8fc\System.IdentityModel.ni.dll
MOD - [2010-11-21 04: 51: 12 | 017,478,656 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e2642bff810609f64343e53dddb6b59c\System.ServiceModel.ni.dll
MOD - [2010-11-21 04: 49: 37 | 002,347,008 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\4a984a9ad59d14063bc6ae64a0c8f62a\System.Runtime.Serialization.ni.dll
MOD - [2010-11-21 04: 49: 37 | 000,256,000 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8218dc4808b77f3585fb048c61597af1\SMDiagnostics.ni.dll
MOD - [2010-11-21 04: 49: 18 | 011,819,520 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.Web\da5da08245467818759aa44c4eb948e1\System.Web.ni.dll
MOD - [2010-11-21 04: 48: 49 | 012,432,896 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2010-11-21 04: 48: 42 | 001,587,200 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2010-11-21 04: 48: 25 | 005,453,312 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2010-11-21 04: 48: 22 | 000,971,264 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2010-11-21 04: 48: 21 | 007,963,136 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV: [b]64bit: [/b] - [2014-12-13 01: 13: 04 | 001,148,560 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C: \Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV: [b]64bit: [/b] - [2014-12-13 01: 13: 03 | 019,823,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C: \Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV: [b]64bit: [/b] - [2013-09-27 10: 45: 20 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C: \Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV: [b]64bit: [/b] - [2013-05-11 17: 45: 54 | 000,822,232 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C: \Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV: [b]64bit: [/b] - [2013-05-11 17: 45: 38 | 000,733,696 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C: \Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV: [b]64bit: [/b] - [2009-07-14 02: 41: 27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C: \Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2015-03-17 06: 14: 08 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C: \Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015-03-13 16: 38: 38 | 000,410,768 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C: \Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2015-02-23 11: 50: 03 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C: \Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015-01-14 23: 06: 49 | 000,076,888 | ---- | M] () [Auto | Running] -- C: \Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014-12-13 01: 13: 04 | 001,701,520 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C: \Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014-12-11 10: 30: 48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C: \Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-11-15 15: 40: 58 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C: \Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013-09-07 01: 52: 20 | 000,312,448 | ---- | M] (Windows (R) Win 7 DDK provider) [Auto | Running] -- C: \Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2013-08-28 02: 02: 58 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C: \Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013-08-28 02: 02: 56 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C: \Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-04-24 14: 37: 56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C: \Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2009-06-10 22: 23: 09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C: \Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV: [b]64bit: [/b] - [2015-03-17 06: 15: 38 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV: [b]64bit: [/b] - [2015-03-17 06: 15: 24 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C: \Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV: [b]64bit: [/b] - [2015-03-13 20: 41: 47 | 000,299,664 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C: \Windows\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV: [b]64bit: [/b] - [2015-03-13 20: 41: 47 | 000,032,456 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV: [b]64bit: [/b] - [2014-12-13 01: 13: 03 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C: \Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV: [b]64bit: [/b] - [2014-11-22 11: 46: 30 | 000,038,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV: [b]64bit: [/b] - [2014-05-17 01: 42: 38 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV: [b]64bit: [/b] - [2013-10-31 10: 28: 30 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV: [b]64bit: [/b] - [2013-09-27 10: 45: 00 | 000,630,632 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV: [b]64bit: [/b] - [2013-09-27 10: 45: 00 | 000,028,008 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV: [b]64bit: [/b] - [2013-09-07 01: 29: 12 | 000,590,024 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV: [b]64bit: [/b] - [2013-09-07 01: 29: 12 | 000,338,120 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV: [b]64bit: [/b] - [2013-09-07 01: 29: 12 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV: [b]64bit: [/b] - [2013-09-07 01: 29: 12 | 000,137,928 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV: [b]64bit: [/b] - [2013-09-07 01: 29: 12 | 000,116,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV: [b]64bit: [/b] - [2013-09-07 01: 29: 12 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV: [b]64bit: [/b] - [2013-09-07 01: 29: 12 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV: [b]64bit: [/b] - [2013-09-07 01: 29: 12 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV: [b]64bit: [/b] - [2013-08-28 02: 02: 56 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV: [b]64bit: [/b] - [2013-08-16 15: 37: 12 | 000,424,192 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV: [b]64bit: [/b] - [2013-08-16 15: 37: 12 | 000,140,032 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV: [b]64bit: [/b] - [2013-07-18 13: 54: 52 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV: [b]64bit: [/b] - [2013-06-24 22: 56: 16 | 003,979,776 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\athrx.sys -- (athr)
DRV: [b]64bit: [/b] - [2013-02-21 14: 20: 36 | 000,081,408 | ---- | M] (MediaTek Inc.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\usb2ser.sys -- (wdf_usb)
DRV: [b]64bit: [/b] - [2012-12-13 02: 49: 54 | 000,208,896 | ---- | M] (MediaTek Inc.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\mtkmbim7_x64.sys -- (mtkmbim)
DRV: [b]64bit: [/b] - [2011-09-09 14: 45: 30 | 001,660,480 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV: [b]64bit: [/b] - [2010-11-21 04: 24: 33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV: [b]64bit: [/b] - [2010-11-21 04: 23: 47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV: [b]64bit: [/b] - [2010-11-21 04: 23: 47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV: [b]64bit: [/b] - [2010-11-21 04: 23: 47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV: [b]64bit: [/b] - [2010-11-21 04: 23: 47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV: [b]64bit: [/b] - [2009-07-20 17: 29: 40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV: [b]64bit: [/b] - [2009-07-14 02: 52: 20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV: [b]64bit: [/b] - [2009-07-14 02: 48: 04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV: [b]64bit: [/b] - [2009-07-14 02: 47: 48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C: \Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV: [b]64bit: [/b] - [2009-07-14 02: 45: 55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV: [b]64bit: [/b] - [2009-06-10 21: 34: 33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV: [b]64bit: [/b] - [2009-06-10 21: 34: 28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV: [b]64bit: [/b] - [2009-06-10 21: 34: 23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV: [b]64bit: [/b] - [2009-06-10 21: 31: 59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV: [b]64bit: [/b] - [2008-09-26 18: 02: 36 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009-07-14 02: 19: 10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C: \Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE: [b]64bit: [/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE: [b]64bit: [/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE: [b]64bit: [/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE: [b]64bit: [/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http: //www.gazeta.pl/0,0.html?p=181&d=20140928
IE: [b]64bit: [/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE: [b]64bit: [/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http: //www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C: \Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http: //www.gazeta.pl/0,0.html?p=181&d=20140928
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http: //www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http: //www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{C3330D77-BFC9-47AB-94E2-2522AA8B73E6}: "URL" = http: //rts.dsrlte.com/?affID=na&q={searchTerms}&r=651
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.countryCode: "PL"
FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.region: "PL"
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D: 2.0.18
FF - prefs.js..extensions.enabledAddons: tb%40pennybee.com: 2.0.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D: 36.0
FF - prefs.js..keyword.URL: ""
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C: \Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C: \Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C: \Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C: \Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C: \Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C: \Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C: \Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C: \Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C: \Users\WIN7\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0\extensions\\Components: C: \Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0\extensions\\Plugins: C: \Program Files (x86)\Mozilla Firefox\plugins
[2013-12-06 14: 58: 16 | 000,000,000 | ---D | M] (No name found) -- C: \Users\WIN7\AppData\Roaming\mozilla\Extensions
[2015-03-05 22: 20: 16 | 000,000,000 | ---D | M] (No name found) -- C: \Users\WIN7\AppData\Roaming\mozilla\Firefox\Profiles\ucsqaq9d.default\extensions
[2014-02-22 17: 27: 04 | 000,000,000 | ---D | M] ("Quick Start") -- C: \Users\WIN7\AppData\Roaming\mozilla\Firefox\Profiles\ucsqaq9d.default\extensions\1393086424_xpi
[2014-10-22 22: 12: 21 | 000,000,000 | ---D | M] (Penny Bee) -- C: \Users\WIN7\AppData\Roaming\mozilla\Firefox\Profiles\ucsqaq9d.default\extensions\tb@pennybee.com
[2015-03-01 00: 28: 01 | 000,019,096 | ---- | M] () (No name found) -- C: \Users\WIN7\AppData\Roaming\mozilla\firefox\profiles\ucsqaq9d.default\extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi
[2015-03-05 22: 20: 16 | 000,732,089 | ---- | M] () (No name found) -- C: \Users\WIN7\AppData\Roaming\mozilla\firefox\profiles\ucsqaq9d.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2015-03-05 18: 18: 22 | 000,000,013 | ---- | M] () (No name found) -- C: \Users\WIN7\AppData\Roaming\mozilla\firefox\profiles\ucsqaq9d.default\extensions\tb@pennybee.com\chrome\content\cache\587d4a956183fe3b8d82ff71109000d9_expire
[2015-03-01 00: 10: 16 | 000,000,013 | ---- | M] () (No name found) -- C: \Users\WIN7\AppData\Roaming\mozilla\firefox\profiles\ucsqaq9d.default\extensions\tb@pennybee.com\chrome\content\cache\7c0022298b948a99e406a6310bffea7f_expire
[2015-03-05 22: 18: 50 | 000,000,013 | ---- | M] () (No name found) -- C: \Users\WIN7\AppData\Roaming\mozilla\firefox\profiles\ucsqaq9d.default\extensions\tb@pennybee.com\chrome\content\cache\8f43b50088266b9870b42ce6ef7ffbde_expire
[color=#E56717]========== Chrome ==========[/color]
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.21_0\
CHR - Extension: No name found = C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
CHR - Extension: No name found = C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8_0\
O1 HOSTS File: ([2009-06-10 22: 00: 26 | 000,000,824 | ---- | M]) - C: \Windows\SysNative\drivers\etc\hosts
O2: [b]64bit: [/b] - BHO: (no name) - {7F96F190-09C4-4BEC-B7FB-A9E26151EAB0}} - No CLSID value found.
O2 - BHO: (no name) - {7F96F190-09C4-4BEC-B7FB-A9E26151EAB0}} - No CLSID value found.
O4: [b]64bit: [/b] - HKLM..\Run: [HotKeysCmds] C: \Windows\SysNative\hkcmd.exe (Intel Corporation)
O4: [b]64bit: [/b] - HKLM..\Run: [IAStorIcon] C: \Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4: [b]64bit: [/b] - HKLM..\Run: [IgfxTray] C: \Windows\SysNative\igfxtray.exe (Intel Corporation)
O4: [b]64bit: [/b] - HKLM..\Run: [NvBackend] C: \Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4: [b]64bit: [/b] - HKLM..\Run: [Persistence] C: \Windows\SysNative\igfxpers.exe (Intel Corporation)
O4: [b]64bit: [/b] - HKLM..\Run: [RtHDVBg] C: \Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4: [b]64bit: [/b] - HKLM..\Run: [RtHDVCpl] C: \Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4: [b]64bit: [/b] - HKLM..\Run: [ShadowPlay] C: \Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Driver Genius] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C: \Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Atheros Communications)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13[b]64bit: [/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.231.1.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{400B0EE8-AAEA-4885-97E8-5202898BF3EF}: NameServer = 194.204.152.34 194.204.159.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{988A912D-4395-450F-9662-60B21C8AC345}: DhcpNameServer = 217.172.224.160 89.231.1.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E430AD95-C34F-4156-9682-C005A296E576}: DhcpNameServer = 10.0.0.1
O20: [b]64bit: [/b] - AppInit_DLLs: (C: \Windows\system32\nvinitx.dll) - C: \Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C: \Windows\SysWOW64\nvinit.dll) - C: \Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20: [b]64bit: [/b] - HKLM Winlogon: Shell - (explorer.exe) - C: \Windows\explorer.exe (Microsoft Corporation)
O20: [b]64bit: [/b] - HKLM Winlogon: UserInit - (C: \Windows\system32\userinit.exe) - C: \Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C: \Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C: \Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20: [b]64bit: [/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C: \Windows\SysNative\igfxdev.dll (Intel Corporation)
O21: [b]64bit: [/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015-03-24 19: 47: 48 | 000,000,000 | ---- | M] () - C: \autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0d8fb1a3-2d72-11e4-bb0a-dc85de89f6d4}\Shell - "" = AutoRun
O33 - MountPoints2\{0d8fb1a3-2d72-11e4-bb0a-dc85de89f6d4}\Shell\AutoRun\command - "" = G: \AutoRun.exe
O33 - MountPoints2\{3445ca68-98ad-11e3-a777-dc85de89f6d4}\Shell - "" = AutoRun
O33 - MountPoints2\{3445ca68-98ad-11e3-a777-dc85de89f6d4}\Shell\AutoRun\command - "" = G: \AutoRun.exe
O33 - MountPoints2\{60b8bf48-98ac-11e3-91e2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{60b8bf48-98ac-11e3-91e2-806e6f6e6963}\Shell\AutoRun\command - "" = G: \AutoRun.exe
O33 - MountPoints2\{60b8bf5e-98ac-11e3-91e2-dc85de89f6d4}\Shell - "" = AutoRun
O33 - MountPoints2\{60b8bf5e-98ac-11e3-91e2-dc85de89f6d4}\Shell\AutoRun\command - "" = G: \AutoRun.exe
O33 - MountPoints2\{9ab097c9-9e55-11e3-88e2-dc85de89f6d4}\Shell - "" = AutoRun
O33 - MountPoints2\{9ab097c9-9e55-11e3-88e2-dc85de89f6d4}\Shell\AutoRun\command - "" = G: \AutoRun.exe
O33 - MountPoints2\{c3debba2-ba9e-11e3-8199-dc85de89f6d4}\Shell - "" = AutoRun
O33 - MountPoints2\{c3debba2-ba9e-11e3-8199-dc85de89f6d4}\Shell\AutoRun\command - "" = G: \AutoRun.exe
O33 - MountPoints2\{c996e714-bbed-11e3-aa16-dc85de89f6d4}\Shell - "" = AutoRun
O33 - MountPoints2\{c996e714-bbed-11e3-aa16-dc85de89f6d4}\Shell\AutoRun\command - "" = G: \.\StartModem.exe
O33 - MountPoints2\{cc82665f-59b7-11e3-adf9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cc82665f-59b7-11e3-adf9-806e6f6e6963}\Shell\AutoRun\command - "" = F: \Pentagram.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G: \AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35: [b]64bit: [/b] - HKLM\..comfile [open] -- "%1" %*
O35: [b]64bit: [/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37: [b]64bit: [/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37: [b]64bit: [/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv: UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv: ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2015-03-25 08: 26: 56 | 000,000,000 | R--D | C] -- C: \Users\WIN7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2015-03-25 05: 50: 56 | 000,000,000 | -HSD | C] -- C: \Config.Msi
[2015-03-24 22: 55: 09 | 000,136,408 | ---- | C] (Malwarebytes Corporation) -- C: \Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015-03-24 22: 54: 34 | 000,000,000 | ---D | C] -- C: \AdwCleaner
[2015-03-24 22: 54: 27 | 000,000,000 | ---D | C] -- C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015-03-24 22: 54: 21 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C: \Windows\SysNative\drivers\mbamchameleon.sys
[2015-03-24 22: 54: 21 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C: \Windows\SysNative\drivers\mwac.sys
[2015-03-24 22: 54: 21 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C: \Windows\SysNative\drivers\mbam.sys
[2015-03-24 22: 54: 20 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Malwarebytes Anti-Malware
[2015-03-24 22: 54: 20 | 000,000,000 | ---D | C] -- C: \ProgramData\Malwarebytes
[2015-03-24 22: 12: 41 | 000,000,000 | ---D | C] -- C: \Windows\SysNative\log
[2015-03-24 22: 12: 15 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Elex-tech
[2015-03-24 22: 08: 34 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\AGEIA Technologies
[2015-03-24 22: 07: 55 | 000,000,000 | ---D | C] -- C: \Windows\SysWow64\NV
[2015-03-24 22: 07: 55 | 000,000,000 | ---D | C] -- C: \Windows\SysNative\NV
[2015-03-24 22: 07: 54 | 000,622,224 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvStreaming.exe
[2015-03-24 22: 02: 48 | 032,114,888 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\nvoglv64.dll
[2015-03-24 22: 02: 48 | 024,775,368 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvoglv32.dll
[2015-03-24 22: 02: 48 | 018,580,512 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\nvwgf2umx.dll
[2015-03-24 22: 02: 48 | 016,022,016 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvwgf2um.dll
[2015-03-24 22: 02: 48 | 013,297,144 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\nvopencl.dll
[2015-03-24 22: 02: 48 | 010,775,080 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvopencl.dll
[2015-03-24 22: 02: 48 | 000,354,112 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\nvoglshim64.dll
[2015-03-24 22: 02: 48 | 000,306,208 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvoglshim32.dll
[2015-03-24 22: 02: 48 | 000,032,456 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\drivers\nvpciflt.sys
[2015-03-24 22: 02: 47 | 017,258,024 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\nvd3dumx.dll
[2015-03-24 22: 02: 47 | 013,210,080 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\nvcuda.dll
[2015-03-24 22: 02: 47 | 010,715,864 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvcuda.dll
[2015-03-24 22: 02: 47 | 003,611,792 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\nvcuvid.dll
[2015-03-24 22: 02: 47 | 003,249,352 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvcuvid.dll
[2015-03-24 22: 02: 47 | 001,896,136 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\nvdispco6434788.dll
[2015-03-24 22: 02: 47 | 001,557,648 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\nvdispgenco6434788.dll
[2015-03-24 22: 02: 47 | 000,970,384 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\NvIFR64.dll
[2015-03-24 22: 02: 47 | 000,944,784 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\NvFBC64.dll
[2015-03-24 22: 02: 47 | 000,930,448 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysWow64\NvIFR.dll
[2015-03-24 22: 02: 47 | 000,909,512 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysWow64\NvFBC.dll
[2015-03-24 22: 02: 47 | 000,299,664 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\drivers\nvkflt.sys
[2015-03-24 22: 02: 46 | 025,460,880 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\nvcompiler.dll
[2015-03-24 22: 02: 46 | 020,466,376 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvcompiler.dll
[2015-03-24 22: 02: 46 | 002,906,928 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvapi.dll
[2015-03-24 21: 51: 32 | 001,715,224 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\nvspbridge64.dll
[2015-03-24 21: 51: 32 | 001,291,464 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvspbridge.dll
[2015-03-24 21: 51: 05 | 000,038,032 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysNative\drivers\nvvad64v.sys
[2015-03-24 21: 51: 05 | 000,032,400 | ---- | C] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvaudcap32v.dll
[2015-03-24 20: 41: 02 | 000,000,000 | ---D | C] -- C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015-03-24 19: 47: 16 | 000,000,000 | ---D | C] -- C: \Users\WIN7\AppData\Roaming\Enigma Software Group
[2015-03-24 19: 47: 03 | 000,000,000 | ---D | C] -- C: \sh4ldr
[2015-03-24 19: 46: 26 | 000,000,000 | ---D | C] -- C: \Program Files\Enigma Software Group
[2015-03-20 19: 37: 09 | 000,000,000 | ---D | C] -- C: \Program Files\Microsoft Silverlight
[2015-03-20 19: 37: 09 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Microsoft Silverlight
[2015-03-20 18: 55: 53 | 000,000,000 | ---D | C] -- C: \Users\WIN7\Desktop\na mp3
[2015-03-20 13: 29: 46 | 000,000,000 | ---D | C] -- C: \Users\WIN7\Desktop\mp3
[2015-03-09 20: 07: 05 | 000,000,000 | ---D | C] -- C: \Users\WIN7\AppData\Roaming\Wargaming.net
[2015-03-09 15: 42: 20 | 000,000,000 | ---D | C] -- C: \Users\WIN7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
[2015-03-09 15: 42: 18 | 000,000,000 | ---D | C] -- C: \WarThunder
[2015-03-09 15: 42: 18 | 000,000,000 | ---D | C] -- C: \Users\WIN7\Documents\My Games
[2015-03-05 22: 18: 33 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Mozilla Maintenance Service
[2015-03-05 22: 18: 30 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Mozilla Firefox
[2015-03-01 22: 28: 20 | 000,000,000 | ---D | C] -- C: \Users\WIN7\Desktop\FILMY
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2015-03-25 08: 51: 00 | 000,001,048 | ---- | M] () -- C: \Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015-03-25 08: 41: 36 | 000,028,736 | -H-- | M] () -- C: \Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015-03-25 08: 41: 36 | 000,028,736 | -H-- | M] () -- C: \Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015-03-25 08: 40: 59 | 000,287,053 | ---- | M] () -- C: \Users\WIN7\Desktop\sss.png
[2015-03-25 08: 26: 48 | 000,001,044 | ---- | M] () -- C: \Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015-03-25 08: 26: 24 | 000,067,584 | --S- | M] () -- C: \Windows\bootstat.dat
[2015-03-25 08: 26: 19 | 2076,749,823 | -HS- | M] () -- C: \hiberfil.sys
[2015-03-25 06: 01: 05 | 000,687,124 | ---- | M] () -- C: \Windows\SysNative\perfh015.dat
[2015-03-25 06: 01: 05 | 000,606,380 | ---- | M] () -- C: \Windows\SysNative\perfh009.dat
[2015-03-25 06: 01: 05 | 000,130,862 | ---- | M] () -- C: \Windows\SysNative\perfc015.dat
[2015-03-25 06: 01: 05 | 000,103,118 | ---- | M] () -- C: \Windows\SysNative\perfc009.dat
[2015-03-25 06: 00: 12 | 000,008,354 | ---- | M] () -- C: \Users\WIN7\Desktop\Kopia Zapasowa.reg
[2015-03-25 05: 24: 15 | 000,000,430 | ---- | M] () -- C: \Windows\tasks\Tempo Runner pennybeeproL64.job
[2015-03-24 22: 55: 18 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C: \Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015-03-24 22: 54: 27 | 000,001,102 | ---- | M] () -- C: \Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015-03-24 20: 41: 02 | 000,002,261 | ---- | M] () -- C: \Users\Public\Desktop\Google Chrome.lnk
[2015-03-24 19: 47: 48 | 000,000,000 | ---- | M] () -- C: \autoexec.bat
[2015-03-20 07: 12: 10 | 040,253,645 | ---- | M] () -- C: \Users\WIN7\Desktop\Wojciech Cejrowski Najlepsze Wypowiedzi.mp3
[2015-03-19 22: 21: 44 | 003,529,821 | ---- | M] () -- C: \Users\WIN7\Desktop\Smerfy - Tak miło było 01 (6. Album)(Polish).mp3
[2015-03-19 22: 16: 04 | 010,071,876 | ---- | M] () -- C: \Users\WIN7\Desktop\Mike Tyson Knockouts Collection.mp3
[2015-03-19 15: 50: 31 | 000,613,889 | ---- | M] () -- C: \Users\WIN7\Desktop\xd.png
[2015-03-18 16: 32: 31 | 001,035,396 | ---- | M] () -- C: \Users\WIN7\Desktop\pulpit 3.png
[2015-03-18 16: 20: 06 | 000,628,098 | ---- | M] () -- C: \Users\WIN7\Desktop\pulpit 2.png
[2015-03-18 16: 18: 09 | 000,910,473 | ---- | M] () -- C: \Users\WIN7\Desktop\pulpit 1.png
[2015-03-17 06: 15: 38 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C: \Windows\SysNative\drivers\mwac.sys
[2015-03-17 06: 15: 28 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C: \Windows\SysNative\drivers\mbamchameleon.sys
[2015-03-17 06: 15: 24 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C: \Windows\SysNative\drivers\mbam.sys
[2015-03-15 08: 57: 36 | 000,945,997 | ---- | M] () -- C: \Users\WIN7\Desktop\Kaźmirz - KrUL wiejskiego underGruntu xD (2015 Amarena).mp3
[2015-03-14 02: 23: 39 | 002,683,363 | ---- | M] () -- C: \Users\WIN7\Desktop\3 debili.png
[2015-03-13 20: 41: 47 | 032,114,888 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvoglv64.dll
[2015-03-13 20: 41: 47 | 025,460,880 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvcompiler.dll
[2015-03-13 20: 41: 47 | 024,775,368 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvoglv32.dll
[2015-03-13 20: 41: 47 | 020,466,376 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvcompiler.dll
[2015-03-13 20: 41: 47 | 018,580,512 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvwgf2umx.dll
[2015-03-13 20: 41: 47 | 017,258,024 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvd3dumx.dll
[2015-03-13 20: 41: 47 | 016,022,016 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvwgf2um.dll
[2015-03-13 20: 41: 47 | 014,121,624 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvd3dum.dll
[2015-03-13 20: 41: 47 | 013,297,144 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvopencl.dll
[2015-03-13 20: 41: 47 | 013,210,080 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvcuda.dll
[2015-03-13 20: 41: 47 | 010,775,080 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvopencl.dll
[2015-03-13 20: 41: 47 | 010,715,864 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvcuda.dll
[2015-03-13 20: 41: 47 | 003,611,792 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvcuvid.dll
[2015-03-13 20: 41: 47 | 003,303,448 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvapi64.dll
[2015-03-13 20: 41: 47 | 003,249,352 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvcuvid.dll
[2015-03-13 20: 41: 47 | 002,906,928 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvapi.dll
[2015-03-13 20: 41: 47 | 001,896,136 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvdispco6434788.dll
[2015-03-13 20: 41: 47 | 001,557,648 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvdispgenco6434788.dll
[2015-03-13 20: 41: 47 | 000,997,856 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvumdshimx.dll
[2015-03-13 20: 41: 47 | 000,970,384 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\NvIFR64.dll
[2015-03-13 20: 41: 47 | 000,944,784 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\NvFBC64.dll
[2015-03-13 20: 41: 47 | 000,930,448 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysWow64\NvIFR.dll
[2015-03-13 20: 41: 47 | 000,909,512 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysWow64\NvFBC.dll
[2015-03-13 20: 41: 47 | 000,878,328 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvumdshim.dll
[2015-03-13 20: 41: 47 | 000,354,112 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvoglshim64.dll
[2015-03-13 20: 41: 47 | 000,306,208 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvoglshim32.dll
[2015-03-13 20: 41: 47 | 000,299,664 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\drivers\nvkflt.sys
[2015-03-13 20: 41: 47 | 000,178,512 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvinitx.dll
[2015-03-13 20: 41: 47 | 000,164,568 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvinit.dll
[2015-03-13 20: 41: 47 | 000,032,456 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\drivers\nvpciflt.sys
[2015-03-13 20: 41: 47 | 000,027,441 | ---- | M] () -- C: \Windows\SysNative\nvinfo.pb
[2015-03-13 17: 16: 47 | 006,861,968 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvcpl.dll
[2015-03-13 17: 16: 47 | 003,526,856 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvsvc64.dll
[2015-03-13 17: 16: 45 | 002,559,808 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvsvcr.dll
[2015-03-13 17: 16: 45 | 001,099,408 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nv3dappshext.dll
[2015-03-13 17: 16: 45 | 000,386,248 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvmctray.dll
[2015-03-13 17: 16: 45 | 000,075,976 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nv3dappshextr.dll
[2015-03-13 17: 16: 45 | 000,062,608 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysNative\nvshext.dll
[2015-03-13 16: 38: 39 | 000,622,224 | ---- | M] (NVIDIA Corporation) -- C: \Windows\SysWow64\nvStreaming.exe
[2015-03-11 14: 10: 00 | 004,246,327 | ---- | M] () -- C: \Windows\SysNative\nvcoproc.bin
[2015-03-09 15: 42: 20 | 000,001,454 | ---- | M] () -- C: \Users\Public\Desktop\WarThunder.lnk
[2015-03-05 22: 18: 36 | 000,001,147 | ---- | M] () -- C: \Users\Public\Desktop\Mozilla Firefox.lnk
[2015-03-05 18: 14: 14 | 000,935,704 | ---- | M] () -- C: \Users\WIN7\Desktop\dod 2.png
[2015-03-05 18: 13: 54 | 000,949,169 | ---- | M] () -- C: \Users\WIN7\Desktop\dod 1.png
[2015-03-02 18: 33: 35 | 000,718,257 | ---- | M] () -- C: \Users\WIN7\Desktop\200.png
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2015-03-25 08: 40: 58 | 000,287,053 | ---- | C] () -- C: \Users\WIN7\Desktop\sss.png
[2015-03-25 05: 24: 06 | 000,000,430 | ---- | C] () -- C: \Windows\tasks\Tempo Runner pennybeeproL64.job
[2015-03-24 22: 54: 27 | 000,001,102 | ---- | C] () -- C: \Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015-03-24 20: 49: 22 | 000,008,354 | ---- | C] () -- C: \Users\WIN7\Desktop\Kopia Zapasowa.reg
[2015-03-24 20: 41: 02 | 000,002,261 | ---- | C] () -- C: \Users\Public\Desktop\Google Chrome.lnk
[2015-03-24 19: 47: 48 | 000,000,000 | ---- | C] () -- C: \autoexec.bat
[2015-03-20 13: 19: 25 | 010,071,876 | ---- | C] () -- C: \Users\WIN7\Desktop\Mike Tyson Knockouts Collection.mp3
[2015-03-20 13: 19: 12 | 003,529,821 | ---- | C] () -- C: \Users\WIN7\Desktop\Smerfy - Tak miło było 01 (6. Album)(Polish).mp3
[2015-03-20 13: 18: 59 | 040,253,645 | ---- | C] () -- C: \Users\WIN7\Desktop\Wojciech Cejrowski Najlepsze Wypowiedzi.mp3
[2015-03-19 15: 50: 30 | 000,613,889 | ---- | C] () -- C: \Users\WIN7\Desktop\xd.png
[2015-03-18 16: 32: 31 | 001,035,396 | ---- | C] () -- C: \Users\WIN7\Desktop\pulpit 3.png
[2015-03-18 16: 20: 06 | 000,628,098 | ---- | C] () -- C: \Users\WIN7\Desktop\pulpit 2.png
[2015-03-18 16: 13: 25 | 000,910,473 | ---- | C] () -- C: \Users\WIN7\Desktop\pulpit 1.png
[2015-03-15 08: 57: 42 | 000,945,997 | ---- | C] () -- C: \Users\WIN7\Desktop\Kaźmirz - KrUL wiejskiego underGruntu xD (2015 Amarena).mp3
[2015-03-14 02: 23: 38 | 002,683,363 | ---- | C] () -- C: \Users\WIN7\Desktop\3 debili.png
[2015-03-13 13: 25: 47 | 001,314,944 | ---- | C] () -- C: \Users\WIN7\Desktop\BOSS.mp3
[2015-03-09 15: 42: 20 | 000,001,454 | ---- | C] () -- C: \Users\Public\Desktop\WarThunder.lnk
[2015-03-05 22: 18: 36 | 000,001,159 | ---- | C] () -- C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015-03-05 22: 18: 36 | 000,001,147 | ---- | C] () -- C: \Users\Public\Desktop\Mozilla Firefox.lnk
[2015-03-05 18: 14: 14 | 000,935,704 | ---- | C] () -- C: \Users\WIN7\Desktop\dod 2.png
[2015-03-05 18: 13: 53 | 000,949,169 | ---- | C] () -- C: \Users\WIN7\Desktop\dod 1.png
[2015-03-02 18: 33: 35 | 000,718,257 | ---- | C] () -- C: \Users\WIN7\Desktop\200.png
[2015-01-14 22: 55: 17 | 000,282,104 | ---- | C] () -- C: \Windows\SysWow64\PnkBstrB.exe
[2015-01-14 22: 55: 14 | 000,076,888 | ---- | C] () -- C: \Windows\SysWow64\PnkBstrA.exe
[2014-09-17 14: 43: 27 | 000,000,266 | RHS- | C] () -- C: \ProgramData\ntuser.pol
[2013-12-02 13: 02: 41 | 001,640,920 | ---- | C] () -- C: \Windows\SysWow64\PerfStringBackup.INI
[2013-12-02 12: 16: 02 | 000,014,119 | ---- | C] () -- C: \Windows\SysWow64\RaCoInst.dat
[2013-12-02 12: 04: 26 | 000,217,176 | ---- | C] () -- C: \Windows\SysWow64\unrar.dll
[2013-10-31 19: 28: 19 | 000,077,312 | ---- | C] () -- C: \Windows\SysWow64\igdde32.dll
[2013-10-31 19: 24: 21 | 000,963,452 | ---- | C] () -- C: \Windows\SysWow64\igcodeckrng600.bin
[2013-10-31 19: 24: 21 | 000,272,928 | ---- | C] () -- C: \Windows\SysWow64\igvpkrng600.bin
[2013-05-11 17: 17: 52 | 000,001,536 | ---- | C] () -- C: \Windows\SysWow64\IusEventLog.dll
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009-07-14 05: 55: 00 | 000,000,227 | RHS- | M] () -- C: \Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C: \Windows\SysNative\shell32.dll -- [2010-11-21 04: 23: 55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010-11-21 04: 24: 02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C: \Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02: 40: 51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04: 24: 25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C: \Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02: 41: 56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
[color=#E56717]========== LOP Check ==========[/color]
[2014-08-07 20: 04: 12 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\BRT
[2014-10-22 22: 12: 18 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\dgTemp
[2015-03-24 20: 25: 05 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\Enigma Software Group
[2015-01-16 22: 11: 38 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\FMRL_Monitor
[2015-03-24 20: 25: 59 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\GG
[2013-12-19 11: 11: 59 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\LolClient
[2013-12-06 16: 36: 30 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\MPC-HC
[2014-12-15 00: 29: 09 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\OpenFM
[2014-07-04 12: 28: 17 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\Opera Software
[2015-02-14 18: 08: 17 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\Origin
[2014-06-21 03: 01: 42 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\SFBot
[2014-10-06 11: 57: 00 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\Systweak
[2014-08-10 21: 07: 11 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\Unity
[2014-07-12 16: 07: 35 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\unpacked19343
[2014-07-17 06: 21: 58 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\unpacked4610
[2015-03-09 20: 07: 05 | 000,000,000 | ---D | M] -- C: \Users\WIN7\AppData\Roaming\Wargaming.net
[color=#E56717]========== Purity Check ==========[/color]
< End of report >
(Ten post był ostatnio modyfikowany: 25.03.2015 09:07 przez Ania1995.)
25.03.2015 08:42
|
Post: #5
