OTL.Txt

Konkretna strona całkowicie źle się wyświetla.

Witam, mam dość dziwny problem, a mianowicie strona www.cda.pl nie wyświetla mi się tak jak powinna. Dodałem screena jak to wygląda. Wygląda to tak samo na przeglądarkach: Google Chrome oraz Mozilla. Reinstalacja przeglądarki Chrome nie pomogła. Usunięcie historii wraz z plikami cookies, cała pamięc podręczna także nie przyniosło to efektu. Użycie programu AdwCleaner również nie pomogło. Aktualizacja Flasha (jego reinstalacja) także bez skutku. Na innych stronach wszystko działa jak należy. Dodam jeszcze, że filmy na cda działają poprawnie oraz bez jakichkolwiek dodatków (wtyczek typu adblock) problem również występuje. Błąd ten występuje od wczoraj lub od dziś rano. Używam Windows 7 Home Premium 32bit. W załączniku screen z wyglądu strony oraz logi otl.


OTL logfile created on: 2016-05-24 21:05:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Users\Piotrek\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,25 Gb Total Physical Memory | 2,15 Gb Available Physical Memory | 66,16% Memory free
6,50 Gb Paging File | 5,09 Gb Available in Paging File | 78,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files
Drive C: | 106,45 Gb Total Space | 26,35 Gb Free Space | 24,76% Space Free | Partition Type: NTFS
Drive D: | 244,14 Gb Total Space | 111,88 Gb Free Space | 45,83% Space Free | Partition Type: NTFS
Drive E: | 245,57 Gb Total Space | 13,71 Gb Free Space | 5,58% Space Free | Partition Type: NTFS
Drive H: | 1,50 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PIOTREK-PC | User Name: Piotrek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2016-05-24 21:05:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\Piotrek\Desktop\OTL.exe
PRC - [2016-05-20 12:24:42 | 000,387,072 | ---- | M] (BitTorrent Inc.) -- E:\Users\Piotrek\AppData\Roaming\BitTorrent\updates\7.9.7_42331\utorrentie.exe
PRC - [2016-05-20 12:09:56 | 001,972,232 | ---- | M] (BitTorrent Inc.) -- E:\Users\Piotrek\AppData\Roaming\BitTorrent\BitTorrent.exe
PRC - [2015-08-03 14:40:21 | 000,376,944 | ---- | M] (Mozilla Corporation) -- E:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014-12-01 18:00:16 | 000,486,104 | ---- | M] (VMware, Inc.) -- E:\Program Files\VMware\VMware Horizon View Client\wsnm\wsnm.exe
PRC - [2014-11-21 16:42:38 | 000,228,024 | ---- | M] (VMware) -- E:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
PRC - [2014-11-20 10:24:12 | 003,649,720 | ---- | M] () -- E:\Program Files\VMware\ScannerRedirection\ftscanmgr.exe
PRC - [2014-11-20 09:34:54 | 000,176,824 | ---- | M] () -- E:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
PRC - [2014-11-18 01:48:24 | 001,979,608 | ---- | M] (VMware, Inc.) -- E:\Program Files\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe
PRC - [2014-11-18 01:21:32 | 000,725,696 | ---- | M] (VMware, Inc.) -- E:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2014-04-14 16:41:38 | 000,359,128 | ---- | M] (VMware, Inc.) -- E:\Windows\System32\vmnetdhcp.exe
PRC - [2014-04-14 16:41:30 | 000,437,976 | ---- | M] (VMware, Inc.) -- E:\Windows\System32\vmnat.exe
PRC - [2014-04-14 15:44:50 | 000,086,744 | ---- | M] (VMware, Inc.) -- E:\Program Files\VMware\VMware Player\vmware-authd.exe
PRC - [2013-09-04 18:52:14 | 001,685,200 | ---- | M] (Microsoft Corporation) -- e:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
PRC - [2013-09-04 18:52:14 | 001,105,616 | ---- | M] (Microsoft Corporation) -- e:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
PRC - [2012-11-16 22:45:20 | 000,453,632 | ---- | M] (AMD) -- E:\Windows\System32\atieclxx.exe
PRC - [2012-11-16 22:44:46 | 000,217,088 | ---- | M] (AMD) -- E:\Windows\System32\atiesrxx.exe
PRC - [2012-11-16 15:26:10 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2012-10-01 20:32:30 | 000,448,136 | ---- | M] (Microsoft Corporation) -- E:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
PRC - [2012-01-25 15:23:54 | 000,192,792 | ---- | M] (Microsoft Corporation.) -- E:\Program Files\Microsoft\BingBar\7.1.355.0\BBSvc.EXE
PRC - [2011-08-02 09:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- E:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- E:\Windows\System32\FsUsbExService.Exe
PRC - [2010-05-20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- E:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009-07-20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) -- E:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009-07-14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\taskhost.exe
PRC - [2009-07-14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- E:\Windows\explorer.exe
PRC - [2009-07-14 03:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\audiodg.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013-06-02 10:47:25 | 000,249,856 | ---- | M] () -- E:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_pl_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2013-06-02 10:47:20 | 000,425,984 | ---- | M] () -- E:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_pl_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2013-06-02 10:47:17 | 000,204,800 | ---- | M] () -- E:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pl_b77a5c561934e089\System.resources.dll
MOD - [2013-06-02 10:47:16 | 000,311,296 | ---- | M] () -- E:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012-11-16 15:26:16 | 000,095,232 | ---- | M] () -- E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2012-11-16 15:09:18 | 000,369,152 | ---- | M] () -- E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2009-07-14 06:55:43 | 000,240,128 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\de8525cc2e6327337e1c6917352bfe16\WindowsFormsIntegration.ni.dll
MOD - [2009-07-14 06:43:48 | 002,295,296 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\1762137638019a091020b3baf52f6de3\System.Core.ni.dll
MOD - [2009-07-14 06:43:44 | 000,368,128 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\39f5a71b5185d267b0f55cd4cea26d6b\PresentationFramework.Aero.ni.dll
MOD - [2009-07-14 06:43:36 | 011,804,160 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\3871fc2b96345aa6f3be81d9e3c97160\System.Web.ni.dll
MOD - [2009-07-14 06:43:30 | 000,771,584 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4bdeb88758dccd625f4703ed77aaf348\System.Runtime.Remoting.ni.dll
MOD - [2009-07-14 06:43:20 | 014,318,592 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\68e5eeb3c6ef18ba2dc1ad70eb74aeee\PresentationFramework.ni.dll
MOD - [2009-07-14 06:43:04 | 012,430,848 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll
MOD - [2009-07-14 06:42:57 | 001,586,688 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll
MOD - [2009-07-14 06:42:56 | 000,060,928 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\7ce9d463a5d343fe74d6f181f9226cab\UIAutomationProvider.ni.dll
MOD - [2009-07-14 06:42:55 | 012,216,320 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b459c5815af8123e4bf30d4e05bba65\PresentationCore.ni.dll
MOD - [2009-07-14 06:42:45 | 003,313,664 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c2f9dd7db911053edcaaadf5fefc500a\WindowsBase.ni.dll
MOD - [2009-07-14 06:42:40 | 005,452,800 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll
MOD - [2009-07-14 06:42:37 | 000,971,264 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll
MOD - [2009-07-14 06:42:36 | 007,949,312 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll
MOD - [2009-07-14 06:42:30 | 011,490,816 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2015-08-03 14:40:20 | 000,148,080 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015-05-05 09:14:00 | 003,305,824 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- E:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2014-12-01 18:00:16 | 000,486,104 | ---- | M] (VMware, Inc.) [Auto | Running] -- E:\Program Files\VMware\VMware Horizon View Client\wsnm\wsnm.exe -- (wsnm)
SRV - [2014-11-21 16:42:38 | 000,228,024 | ---- | M] (VMware) [Auto | Running] -- E:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe -- (vmwsprrdpwks)
SRV - [2014-11-20 10:24:12 | 003,649,720 | ---- | M] () [Auto | Running] -- E:\Program Files\VMware\ScannerRedirection\ftscanmgr.exe -- (ftscanmgr)
SRV - [2014-11-20 09:34:54 | 000,176,824 | ---- | M] () [Auto | Running] -- E:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe -- (ftnlsv3hv)
SRV - [2014-11-18 01:48:24 | 001,979,608 | ---- | M] (VMware, Inc.) [Auto | Running] -- E:\Program Files\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe -- (vmware-view-usbd)
SRV - [2014-11-18 01:21:32 | 000,725,696 | ---- | M] (VMware, Inc.) [Auto | Running] -- E:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2014-05-29 19:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- E:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014-04-14 16:41:38 | 000,359,128 | ---- | M] (VMware, Inc.) [Auto | Running] -- E:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2014-04-14 16:41:30 | 000,437,976 | ---- | M] (VMware, Inc.) [Auto | Running] -- E:\Windows\System32\vmnat.exe -- (VMware NAT Service)
SRV - [2014-04-14 15:44:50 | 000,086,744 | ---- | M] (VMware, Inc.) [Auto | Running] -- E:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2014-04-03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- E:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014-03-19 03:27:24 | 000,728,328 | ---- | M] (DEVGURU Co., LTD.) [Disabled | Stopped] -- E:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe -- (ss_conn_service)
SRV - [2012-11-16 22:44:46 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- E:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012-11-16 15:26:10 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012-01-25 15:23:54 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- E:\Program Files\Microsoft\BingBar\7.1.355.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012-01-25 15:23:54 | 000,192,792 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- E:\Program Files\Microsoft\BingBar\7.1.355.0\BBSvc.EXE -- (BBSvc)
SRV - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- E:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010-05-20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- E:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2009-07-20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- E:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-04-18 11:30:43 | 000,204,800 | ---- | M] () [Disabled | Stopped] -- E:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater)
SRV - [2008-04-09 01:15:12 | 000,648,504 | ---- | M] (Pure Networks, Inc.) [Disabled | Stopped] -- E:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - File not found [Kernel | Auto | Stopped] -- E:\Users\Piotrek\Desktop\cms\cms\windows\ioperm.sys -- (ioperm)
DRV - [2015-05-13 17:31:26 | 000,749,664 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- E:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2015-05-13 17:29:54 | 000,115,672 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2015-05-13 17:29:54 | 000,104,896 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- E:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2015-04-04 18:22:27 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2014-11-18 01:21:34 | 000,045,632 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- E:\Windows\System32\drivers\hcmon.sys -- (hcmon)
DRV - [2014-04-14 16:41:42 | 000,026,968 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- E:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2014-04-14 16:41:00 | 000,024,920 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- E:\Windows\System32\drivers\vmparport.sys -- (VMparport)
DRV - [2014-04-14 16:40:58 | 000,066,136 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- E:\Windows\System32\drivers\vmx86.sys -- (vmx86)
DRV - [2014-04-14 16:40:42 | 000,026,456 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- E:\Windows\System32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2014-04-14 16:40:42 | 000,017,104 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- E:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2013-10-08 18:20:56 | 000,063,824 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- E:\Windows\System32\drivers\vsock.sys -- (vsock)
DRV - [2013-10-08 18:20:50 | 000,071,888 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- E:\Windows\System32\drivers\vmci.sys -- (vmci)
DRV - [2013-06-01 13:54:15 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- E:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-11-16 23:07:06 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- E:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012-11-16 21:38:48 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- E:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012-03-05 15:04:30 | 000,045,184 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- E:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.1)
DRV - [2012-02-23 14:31:58 | 000,086,544 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- E:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011-10-27 03:25:54 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- E:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2011-10-27 03:25:54 | 000,078,136 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- E:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- E:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010-05-20 15:27:26 | 001,961,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- E:\Windows\System32\drivers\VX3000.sys -- (VX3000)
DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- E:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-03-30 03:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- E:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2008-04-09 01:14:02 | 000,024,888 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- E:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2008-04-09 01:14:00 | 000,026,424 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- E:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2007-06-29 15:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- E:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-4192621813-1949167293-3875398404-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-4192621813-1949167293-3875398404-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-4192621813-1949167293-3875398404-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4192621813-1949167293-3875398404-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & src=IE-SearchBox & FORM=IE8SRC
IE - HKU\S-1-5-21-4192621813-1949167293-3875398404-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: " URL " = http://www.bing.com/search?q={searchTerms} & FORM=IE8SRC
IE - HKU\S-1-5-21-4192621813-1949167293-3875398404-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: " PL "
FF - prefs.js..browser.search.highlightCount: 3
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: " PL "
FF - prefs.js..browser.search.update: false
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:36.0.4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: E:\Windows\system32\Adobe\Director\np32dsw_1217157.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: E:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: E:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: E:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: E:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: e:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: E:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: E:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0.4\extensions\\Components: E:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0.4\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2015-01-26 17:56:14 | 000,000,000 | ---D | M]

[2013-08-16 10:09:18 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Piotrek\AppData\Roaming\mozilla\Extensions
[2013-08-16 10:09:18 | 000,000,000 | ---D | M] (Speed Analysis 2) -- E:\Users\Piotrek\AppData\Roaming\mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
[2015-01-10 16:43:26 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Piotrek\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2016-02-01 13:11:41 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Piotrek\AppData\Roaming\mozilla\Firefox\Profiles\37pqjial.default\extensions
[2016-02-01 13:11:41 | 005,378,501 | ---- | M] () (No name found) -- E:\Users\Piotrek\AppData\Roaming\mozilla\firefox\profiles\37pqjial.default\extensions\firefox@mega.co.nz.xpi
[2015-11-26 18:33:22 | 000,977,746 | ---- | M] () (No name found) -- E:\Users\Piotrek\AppData\Roaming\mozilla\firefox\profiles\37pqjial.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015-07-25 15:08:16 | 000,349,849 | ---- | M] () (No name found) -- E:\Users\Piotrek\AppData\Roaming\mozilla\firefox\profiles\37pqjial.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2015-01-26 17:56:12 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files\Mozilla Firefox\browser\extensions
[2015-08-03 14:40:23 | 000,000,000 | ---D | M] (Default) -- E:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012-10-01 20:33:44 | 000,034,016 | ---- | M] (Microsoft Corporation) -- E:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Widevine Content Decryption Module (Enabled) = E:\Users\Piotrek\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = E:\Program Files\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = E:\Program Files\Google\Chrome\Application\39.0.2171.99\internal-nacl-plugin
CHR - plugin: Chrome PDF Viewer (Enabled) = E:\Program Files\Google\Chrome\Application\39.0.2171.99\pdf.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = E:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL
CHR - plugin: Adobe Acrobat (Enabled) = E:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
CHR - plugin: Google Update (Enabled) = E:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.670.1 (Enabled) = E:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U67 (Enabled) = E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = E:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = E:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
CHR - plugin: Shockwave Flash (Enabled) = E:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll
CHR - Extension: No name found = E:\Users\Piotrek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = E:\Users\Piotrek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = E:\Users\Piotrek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = E:\Users\Piotrek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.9_0\
CHR - Extension: No name found = E:\Users\Piotrek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = E:\Users\Piotrek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = E:\Users\Piotrek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2016-03-03 22:34:53 | 000,000,829 | --S- | M]) - E:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - E:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [amd_dc_opt] E:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [LifeCam] E:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VMware Netlink 3 HV Install Utility] E:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe ()
O4 - HKU\S-1-5-21-4192621813-1949167293-3875398404-1000..\Run: [BitTorrent] E:\Users\Piotrek\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-21-4192621813-1949167293-3875398404-1000..\Run: [DAEMON Tools Lite] E:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4192621813-1949167293-3875398404-1000..\Run: [RMF FM Miasto Muzyki] File not found
O4 - HKU\S-1-5-21-4192621813-1949167293-3875398404-1000..\Run: [RMFon] File not found
O4 - HKU\S-1-5-21-4192621813-1949167293-3875398404-1000..\Run: [Wondershare Helper Compact.exe] " E:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe " File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E & ksportuj do programu Microsoft Excel - E:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij & do programu OneNote - E:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij & do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync -- kliknij, aby połączyć - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync -- kliknij, aby połączyć - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: & Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : & Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab (Java Plug-in 11.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab (Java Plug-in 11.45.2)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2E97A7B7-6259-40E8-8FF3-522827149BD1}: DhcpNameServer = 192.168.10.254 194.204.159.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0670944-13C7-41B1-8EAC-74B67A25D843}: NameServer = 37.8.214.2 31.11.202.254
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - E:\Program Files\Common Files\Pure Networks Shared\Platform\puresp3.dll (Pure Networks, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (E:\Windows\system32\userinit.exe) - E:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (wsauth) - E:\Windows\System32\wsauth.dll (VMware, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-04-18 16:59:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7ee67be8-13d7-11e4-8154-00241d2b6a1e}\Shell - " " = AutoRun
O33 - MountPoints2\{7ee67be8-13d7-11e4-8154-00241d2b6a1e}\Shell\AutoRun\command - " " = G:\LaunchU3.exe
O33 - MountPoints2\{d053681e-90fe-11e5-83f8-00241d2b6a1e}\Shell - " " = AutoRun
O33 - MountPoints2\{d053681e-90fe-11e5-83f8-00241d2b6a1e}\Shell\AutoRun\command - " " = G:\start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- " %1 " %*
O35 - HKLM\..exefile [open] -- " %1 " %*
O37 - HKLM\...com [@ = comfile] -- " %1 " %*
O37 - HKLM\...exe [@ = exefile] -- " %1 " %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2016-05-24 21:05:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- E:\Users\Piotrek\Desktop\OTL.exe
[2016-04-19 18:45:57 | 000,000,000 | ---D | C] -- E:\Users\Piotrek\Desktop\rz
[2016-04-12 17:32:03 | 000,000,000 | ---D | C] -- E:\websymbols
[1 E:\Windows\*.tmp files - & gt; E:\Windows\*.tmp - & gt; ]
[1 E:\*.tmp files - & gt; E:\*.tmp - & gt; ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2016-05-24 21:05:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\Piotrek\Desktop\OTL.exe
[2016-05-24 21:02:05 | 000,001,032 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016-05-24 21:02:01 | 000,065,536 | ---- | M] () -- E:\Windows\System32\Ikeext.etl
[2016-05-24 21:01:58 | 000,000,992 | ---- | M] () -- E:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job
[2016-05-24 21:01:56 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
[2016-05-24 21:01:53 | 2616,057,856 | -HS- | M] () -- E:\hiberfil.sys
[2016-05-24 21:00:02 | 000,015,472 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016-05-24 21:00:02 | 000,015,472 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016-05-24 20:59:00 | 000,001,036 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016-05-24 20:57:22 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\System32\FlashPlayerApp.exe
[2016-05-24 20:57:22 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\System32\FlashPlayerCPLApp.cpl
[2016-05-24 20:54:35 | 003,651,136 | ---- | M] () -- E:\Users\Piotrek\Desktop\adwcleaner.pl 5.117.exe
[2016-05-24 11:11:04 | 000,807,690 | ---- | M] () -- E:\Windows\System32\perfh015.dat
[2016-05-24 11:11:04 | 000,721,522 | ---- | M] () -- E:\Windows\System32\perfh009.dat
[2016-05-24 11:11:04 | 000,180,880 | ---- | M] () -- E:\Windows\System32\perfc015.dat
[2016-05-24 11:11:04 | 000,147,010 | ---- | M] () -- E:\Windows\System32\perfc009.dat
[2016-05-13 11:01:50 | 000,002,135 | ---- | M] () -- E:\Users\Public\Desktop\Google Chrome.lnk
[2016-05-03 16:07:16 | 000,214,957 | ---- | M] () -- E:\Users\Piotrek\Desktop\Bez tytułu.png
[2016-04-19 18:45:53 | 000,183,195 | ---- | M] () -- E:\Users\Piotrek\Desktop\rz.rar
[2016-04-13 20:55:50 | 000,000,894 | ---- | M] () -- E:\Users\Piotrek\AppData\Local\recently-used.xbel
[1 E:\Windows\*.tmp files - & gt; E:\Windows\*.tmp - & gt; ]
[1 E:\*.tmp files - & gt; E:\*.tmp - & gt; ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016-05-24 20:54:35 | 003,651,136 | ---- | C] () -- E:\Users\Piotrek\Desktop\adwcleaner.pl 5.117.exe
[2016-05-24 19:50:03 | 000,000,992 | ---- | C] () -- E:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job
[2016-04-19 18:45:52 | 000,183,195 | ---- | C] () -- E:\Users\Piotrek\Desktop\rz.rar
[2016-04-13 20:55:50 | 000,000,894 | ---- | C] () -- E:\Users\Piotrek\AppData\Local\recently-used.xbel
[2015-06-20 14:09:14 | 000,000,180 | ---- | C] () -- E:\Users\Piotrek\.packettracer
[2015-04-25 15:30:55 | 000,001,466 | ---- | C] () -- E:\Windows\X3D.INI
[2014-12-31 19:10:03 | 000,000,095 | ---- | C] () -- E:\Users\Piotrek\AppData\Roaming\WB.CFG
[2014-11-02 22:22:54 | 000,000,000 | ---- | C] () -- E:\Users\Piotrek\enable
[2014-09-21 12:06:27 | 030,989,593 | ---- | C] () -- E:\Users\Piotrek\Tablice_Informatyczne_C_.pdf
[2014-09-02 16:40:38 | 021,154,344 | ---- | C] () -- E:\Users\Piotrek\Podkowa - matematyka w otaczającym świecie - zbiór zadań dla klas 1 LO - poziom podstawowy.pdf
[2014-09-02 16:34:25 | 021,154,344 | ---- | C] () -- E:\Users\Piotrek\Matematyka w otaczającym nas świecie 1.pdf
[2014-08-23 12:15:45 | 1615,902,720 | ---- | C] () -- E:\Users\Piotrek\Microsoft.Office.Professional.2013.PL.iso
[2014-08-19 19:13:04 | 000,000,057 | ---- | C] () -- E:\ProgramData\Ament.ini
[2014-08-18 16:59:40 | 000,578,239 | ---- | C] () -- E:\Users\Piotrek\Pattern_Password_disable.zip
[2014-08-05 14:06:35 | 001,170,432 | ---- | C] () -- E:\Windows\System32\dvttrn.dll
[2014-07-17 19:09:02 | 000,020,707 | ---- | C] () -- E:\Users\Piotrek\[www.tnt24.info] Diablo 2 LOD PL 1.12a DVD.ISO.torrent
[2014-07-14 12:52:46 | 027,035,584 | ---- | C] () -- E:\Users\Piotrek\R-Studio.5.2.Build.130695.Network.Edition.with.Serial.7z
[2014-07-12 20:49:21 | 000,000,893 | ---- | C] () -- E:\Users\Piotrek\Tasker.lnk
[2014-06-27 17:43:20 | 000,082,072 | ---- | C] () -- E:\Windows\cadkasdeinst01e.exe
[2014-05-16 20:30:16 | 000,002,528 | ---- | C] () -- E:\Users\Piotrek\AppData\Roaming\$_hpcst$.hpc
[2014-04-28 19:00:20 | 000,062,877 | ---- | C] () -- E:\Users\Piotrek\Counter-Strike 1.6ns.zip
[2013-06-28 22:34:17 | 000,262,236 | ---- | C] () -- E:\Users\Piotrek\20494328_ba2c90ec478c678c667ab9737853a2ded92fe35d.cab
[2013-06-03 15:54:23 | 000,007,663 | ---- | C] () -- E:\Users\Piotrek\AppData\Local\resmon.resmoncfg
[2013-06-01 14:12:07 | 000,001,163 | ---- | C] () -- E:\Users\Piotrek\Uplay.lnk

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- E:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
" " = %SystemRoot%\system32\shell32.dll -- [2009-07-14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
" " = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
" " = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Both

[color=#E56717]========== LOP Check ==========[/color]

[2016-03-16 20:35:19 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\.mono
[2014-09-29 23:17:35 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Audacity
[2016-01-27 17:40:44 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Awesomium
[2016-03-03 22:36:34 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Battle.net
[2016-05-24 21:12:40 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\BitTorrent
[2016-02-09 21:21:06 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\BoL
[2014-06-27 17:43:26 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\CAD-KAS
[2014-06-27 19:39:40 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013-06-01 14:09:23 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\DAEMON Tools Lite
[2014-08-04 16:06:13 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\DarkSoulsII
[2014-04-28 18:45:43 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\dclogs
[2014-10-04 20:17:53 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Dev-Cpp
[2015-07-25 11:48:32 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\DVDVideoSoft
[2014-06-27 19:29:10 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Foxit Software
[2014-07-04 18:30:06 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Gadu-Gadu 10
[2014-11-15 16:20:35 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\GHISLER
[2014-04-11 17:11:04 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\IDoser
[2015-10-03 17:20:31 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\LolClient
[2015-04-25 15:30:18 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\MAGIX
[2015-10-15 17:44:05 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\MPC-HC
[2015-10-15 17:51:05 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\NapiProjekt
[2014-10-04 18:54:28 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Notepad++
[2014-07-04 18:31:15 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\OpenFM
[2013-06-22 14:09:48 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Opera
[2015-01-31 20:43:34 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Opera Software
[2013-12-04 14:00:22 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Origin
[2015-01-21 20:32:02 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Outlast
[2015-10-09 16:49:30 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\rewsdf
[2014-05-16 20:11:53 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Samsung
[2016-02-01 13:31:02 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Steam
[2015-12-13 18:41:37 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\TeamViewer
[2013-12-04 13:53:49 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Theta
[2016-05-20 17:31:58 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\TS3Client
[2013-12-04 14:18:34 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\uTorrent
[2014-04-09 15:53:10 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Wargaming.net
[2015-06-10 15:35:37 | 000,000,000 | ---D | M] -- E:\Users\Piotrek\AppData\Roaming\Wondershare

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 231 bytes - & gt; E:\ProgramData\TEMP:6BE50C2B

& lt; End of report & gt;


Download file - link to post