OTL logfile created on: 2012-07-04 17:22:01 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Robert\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,49 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 77,80% Memory free 4,98 Gb Paging File | 4,45 Gb Available in Paging File | 89,27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 111,79 Gb Total Space | 47,10 Gb Free Space | 42,13% Space Free | Partition Type: NTFS Computer Name: MAGDA-LAP | User Name: Robert | NOT logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-04 14:32:38 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe PRC - [2010-11-20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-11-04 18:18:10 | 000,033,584 | ---- | M] (ESET) [On_Demand | Unknown] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-11-04 18:15:50 | 000,810,144 | ---- | M] (ESET) [Auto | Unknown] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2010-08-19 10:52:04 | 000,229,376 | ---- | M] () [Auto | Unknown] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe) SRV - [2010-05-31 09:27:21 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\ZTEusbnmeaext.sys -- (ZTEusbnmeaext) DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev) DRV - File not found [Kernel | On_Demand | Unknown] -- system32\drivers\massfilter.sys -- (massfilter) DRV - [2012-05-11 07:34:08 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) DRV - [2012-05-11 07:34:06 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-09-03 07:13:46 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Unknown] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2010-07-29 13:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Unknown] -- C:\Windows\System32\drivers\epfw.sys -- (epfw) DRV - [2010-07-29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Unknown] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-07-29 13:31:26 | 000,041,336 | ---- | M] (ESET) [Kernel | Auto | Unknown] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp) DRV - [2010-07-29 13:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2010-04-09 15:24:18 | 000,069,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV - [2010-04-09 15:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2010-03-20 11:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009-07-14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2009-07-14 00:02:49 | 000,046,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2009-04-20 15:38:54 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [2005-10-19 15:37:14 | 000,077,056 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\nwusbser.sys -- (NWUSBPort) DRV - [2005-10-19 15:37:14 | 000,077,056 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\nwusbmdm.sys -- (NWUSBModem) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-324620637-141995705-1787380512-1005\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-324620637-141995705-1787380512-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011-02-17 11:53:07 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Users\Robert\AppData\Local\Mozilla Firefox\components [2012-06-19 14:30:29 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Users\Robert\AppData\Local\Mozilla Firefox\plugins [2012-04-28 17:08:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\Extensions [2012-05-05 07:17:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\xqig223k.default\extensions [2012-04-26 15:14:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-04-17 20:57:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-04-17 20:57:29 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - Extension: YouTube = C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Szukaj w Google = C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: Gmail = C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2009-11-22 14:43:51 | 000,249,971 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.1001-search.info O1 - Hosts: 127.0.0.1 1001-search.info O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 127.0.0.1 www.139mm.com O1 - Hosts: 8709 more lines... O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] "C:\Program Files\OrangeBS\BEWInternet-PL-IEW\SessionManager\SessionManager.exe" File not found O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\blueconnect\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [EverioService] C:\Program Files\CyberLink\PCM4Everio\EverioService.exe (CyberLink Corp.) O4 - HKU\S-1-5-21-324620637-141995705-1787380512-1005..\Run: [HW_OPENEYE_OUC_blueconnect] C:\Program Files\blueconnect\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.) O4 - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-324620637-141995705-1787380512-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-324620637-141995705-1787380512-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-324620637-141995705-1787380512-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F27ECBB-7103-45DF-BD2F-3C1578794084}: NameServer = 10.0.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{94ab8878-9ecc-11e1-aea5-0017a4e1afb3}\Shell - "" = AutoRun O33 - MountPoints2\{94ab8878-9ecc-11e1-aea5-0017a4e1afb3}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{df9638e4-9140-11e1-b694-0017a4e1afb3}\Shell - "" = AutoRun O33 - MountPoints2\{df9638e4-9140-11e1-b694-0017a4e1afb3}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-04 17:03:10 | 000,000,000 | ---D | C] -- C:\_OTL [2012-07-04 17:02:32 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe [2012-07-03 23:17:10 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\Nowy folder [2012-07-03 06:26:12 | 000,000,000 | ---D | C] -- C:\ProgramData\F4D55EDB000485B200211986B4EB23C1 [2012-06-24 12:48:10 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\JVC [2012-06-22 17:25:07 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2012-06-22 17:25:07 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2012-06-22 17:24:43 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2012-06-22 17:24:43 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2012-06-22 17:24:43 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2012-06-22 17:24:19 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2012-06-22 17:24:19 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2012-06-18 15:35:56 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\skypePM [2012-06-18 15:35:17 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Skype [2012-06-18 15:34:36 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Skype [2012-06-17 09:45:16 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012-06-17 09:45:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012-06-17 09:45:14 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012-06-17 09:45:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012-06-17 09:45:13 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-06-17 09:45:13 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012-06-17 09:45:11 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012-06-14 12:51:34 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012-06-14 12:51:33 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll [2012-06-14 12:51:33 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll [2012-06-14 12:51:32 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe [2012-06-10 18:41:29 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\WinRAR [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-04 17:20:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-07-04 17:20:41 | 2006,523,904 | -HS- | M] () -- C:\hiberfil.sys [2012-07-04 14:34:29 | 000,690,938 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-07-04 14:34:29 | 000,609,896 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-07-04 14:34:29 | 000,132,432 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-07-04 14:34:29 | 000,104,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-07-04 14:32:38 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe [2012-07-04 14:08:58 | 000,014,928 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-07-04 14:08:58 | 000,014,928 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-07-02 05:47:07 | 000,002,286 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012-06-29 17:54:09 | 204,500,187 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012-06-23 10:51:18 | 000,089,007 | ---- | M] () -- C:\Users\Robert\Documents\specyfikacja.pdf [2012-06-23 10:50:31 | 000,067,233 | ---- | M] () -- C:\Users\Robert\Documents\umowa sprowadeznia auta.pdf [2012-06-21 12:27:35 | 000,000,362 | ---- | M] () -- C:\Windows\tasks\{3DAEF033-8985-4C66-BC76-F1F025980FDE}.job [2012-06-18 15:35:21 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012-06-18 15:35:09 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\{08C28155-5423-4FFC-9A83-ABC7F382013D}.job [2012-06-18 15:34:45 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\{2B7D5C43-5243-4804-9242-AD26A06FD91D}.job [2012-06-17 09:56:36 | 000,417,008 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-06-23 10:51:18 | 000,089,007 | ---- | C] () -- C:\Users\Robert\Documents\specyfikacja.pdf [2012-06-23 10:50:31 | 000,067,233 | ---- | C] () -- C:\Users\Robert\Documents\umowa sprowadeznia auta.pdf [2012-06-21 12:27:35 | 000,000,362 | ---- | C] () -- C:\Windows\tasks\{3DAEF033-8985-4C66-BC76-F1F025980FDE}.job [2012-06-18 15:35:09 | 000,000,446 | ---- | C] () -- C:\Windows\tasks\{08C28155-5423-4FFC-9A83-ABC7F382013D}.job [2012-06-18 15:34:45 | 000,000,446 | ---- | C] () -- C:\Windows\tasks\{2B7D5C43-5243-4804-9242-AD26A06FD91D}.job [2012-04-26 22:22:10 | 000,000,640 | RHS- | C] () -- C:\Users\Robert\ntuser.pol [2012-04-26 15:28:21 | 000,000,094 | ---- | C] () -- C:\Windows\family.ini [2011-03-25 15:44:36 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010-09-01 14:07:43 | 000,000,038 | ---- | C] () -- C:\Windows\ChssBase.ini [color=#E56717]========== LOP Check ==========[/color] [2012-05-14 15:55:24 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\blueconnect [2012-04-26 22:23:14 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\ESET [2010-03-08 23:10:52 | 000,000,214 | ---- | M] () -- C:\Windows\Tasks\CreateChoiceProcessTask.job [2009-07-14 06:53:46 | 000,000,908 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012-06-18 15:35:09 | 000,000,446 | ---- | M] () -- C:\Windows\Tasks\{08C28155-5423-4FFC-9A83-ABC7F382013D}.job [2012-04-26 15:23:00 | 000,000,716 | ---- | M] () -- C:\Windows\Tasks\{161C5E92-7AF0-4BB8-825B-9D700544FA52}.job [2012-04-26 14:47:37 | 000,000,316 | ---- | M] () -- C:\Windows\Tasks\{28DA2C2D-0BE5-4417-A5D2-43BAB6A93356}.job [2012-06-18 15:34:45 | 000,000,446 | ---- | M] () -- C:\Windows\Tasks\{2B7D5C43-5243-4804-9242-AD26A06FD91D}.job [2012-04-26 14:43:54 | 000,000,716 | ---- | M] () -- C:\Windows\Tasks\{2E1AAA3C-35D0-4155-9ADB-7FDB3F5C8AAD}.job [2012-04-26 15:22:12 | 000,000,716 | ---- | M] () -- C:\Windows\Tasks\{35EDBBF5-14C2-494B-8C38-13275A984270}.job [2012-06-21 12:27:35 | 000,000,362 | ---- | M] () -- C:\Windows\Tasks\{3DAEF033-8985-4C66-BC76-F1F025980FDE}.job [2011-03-25 15:34:16 | 000,000,194 | ---- | M] () -- C:\Windows\Tasks\{4B53187C-0CAE-441E-8D15-A3B27E4CEEB0}.job [2011-03-25 15:41:01 | 000,000,186 | ---- | M] () -- C:\Windows\Tasks\{86C8D0BB-D595-4641-AF82-355583FD8A53}.job [2012-04-26 15:17:39 | 000,000,716 | ---- | M] () -- C:\Windows\Tasks\{AC7D8B23-349C-41C7-BEA1-D672F5198828}.job [2012-04-26 14:44:50 | 000,000,716 | ---- | M] () -- C:\Windows\Tasks\{E1F8700E-468E-4B77-A4D8-ABD8EA3ADD28}.job [2012-04-26 15:16:36 | 000,000,716 | ---- | M] () -- C:\Windows\Tasks\{ECC75F20-FE5C-4FA7-AA43-505B7FDA37EA}.job [color=#E56717]========== Purity Check ==========[/color] < End of report >