OTL logfile created on: 2012-07-18 22:21:28 - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\euro\Downloads Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16443) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,99 Gb Total Physical Memory | 1,39 Gb Available Physical Memory | 69,87% Memory free 3,98 Gb Paging File | 3,45 Gb Available in Paging File | 86,66% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 100,00 Gb Total Space | 21,54 Gb Free Space | 21,54% Space Free | Partition Type: NTFS Drive D: | 183,07 Gb Total Space | 182,98 Gb Free Space | 99,95% Space Free | Partition Type: NTFS Drive E: | 3,76 Gb Total Space | 0,58 Gb Free Space | 15,37% Space Free | Partition Type: FAT32 Computer Name: EURO-KOMPUTER | User Name: euro | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-18 22:12:25 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\euro\Downloads\OTL.exe PRC - [2011-02-26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-07-10 06:09:00 | 000,438,296 | ---- | M] () -- C:\Users\euro\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll MOD - [2012-07-10 06:08:59 | 003,972,120 | ---- | M] () -- C:\Users\euro\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll MOD - [2012-07-10 06:07:22 | 000,140,328 | ---- | M] () -- C:\Users\euro\AppData\Local\Google\Chrome\Application\20.0.1132.57\avutil-51.dll MOD - [2012-07-10 06:07:21 | 000,262,184 | ---- | M] () -- C:\Users\euro\AppData\Local\Google\Chrome\Application\20.0.1132.57\avformat-54.dll MOD - [2012-07-10 06:07:19 | 002,386,984 | ---- | M] () -- C:\Users\euro\AppData\Local\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll MOD - [2012-06-18 23:31:54 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3eaec5bc57c67c3b24ca2bb281ca249d\Microsoft.VisualBasic.ni.dll MOD - [2012-06-18 11:17:13 | 012,433,920 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll MOD - [2012-06-18 11:16:29 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll MOD - [2012-05-18 18:14:30 | 000,628,224 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\558fa6c6131f14af258f94291a5d19d6\System.EnterpriseServices.ni.dll MOD - [2012-05-18 18:14:27 | 000,627,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\61fbbd8bc7d76972115b292b132ff2d1\System.Transactions.ni.dll MOD - [2012-05-18 18:14:24 | 006,618,624 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\294d439cfe959b5528ca81d37d3d502f\System.Data.ni.dll MOD - [2012-05-18 18:05:51 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll MOD - [2012-05-18 18:05:28 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll MOD - [2012-05-18 18:05:24 | 007,952,384 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll MOD - [2012-05-18 18:04:51 | 011,490,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll MOD - [2010-12-30 04:12:00 | 000,030,032 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\SqliteShared\2.2.0.21078__0d0f4b69e50e559b\SqliteShared.dll MOD - [2010-12-30 04:11:57 | 000,839,680 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll MOD - [2010-09-01 05:51:14 | 000,124,240 | ---- | M] () -- C:\Program Files\ASUS\ASUS WebStorage\2.2.56.108\AsusWSShellExt.dll MOD - [2009-06-10 23:23:19 | 000,261,632 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MOD - [2009-06-10 23:23:17 | 002,933,248 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2009-02-27 22:56:34 | 000,016,768 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp) SRV - [2012-04-13 17:44:13 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011-10-21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011-10-13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate) SRV - [2011-10-01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011-10-01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2010-05-21 23:42:48 | 000,652,576 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009-08-19 03:35:56 | 000,219,136 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\AsusService.exe -- (AsusService) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\euro\AppData\Local\Temp\catchme.sys -- (catchme) DRV - [2011-10-01 08:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol) DRV - [2011-10-01 08:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir) DRV - [2011-10-01 08:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay) DRV - [2011-10-01 08:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs) DRV - [2010-07-29 07:25:03 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) DRV - [2010-07-23 17:57:00 | 000,058,448 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon) DRV - [2010-07-23 17:56:00 | 000,169,552 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm) DRV - [2010-07-23 17:56:00 | 000,053,840 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr) DRV - [2010-03-31 03:40:20 | 000,011,520 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO) DRV - [2009-11-23 12:42:56 | 000,083,344 | ---- | M] (Trend Micro Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi) DRV - [2009-07-20 11:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009-07-14 00:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008-03-11 23:36:24 | 000,006,144 | ---- | M] (ELANTECH Devices Corp.) [Kernel | On_Demand | Stopped] -- C:\Program Files\ASUS\LiveUpdate\DETECTSYS.sys -- (DETECT) DRV - [2001-06-22 05:39:02 | 000,073,728 | ---- | M] (Rainbow Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\sentinel.sys -- (Sentinel) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.v9.com/?utm_source=b&utm_medium=ins IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.v9.com/?utm_source=b&utm_medium=ins IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\euro\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\euro\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://asus.msn.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}, CHR - homepage: http://asus.msn.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\euro\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\euro\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\euro\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\euro\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\euro\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: Dysk Google = C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6_0\ CHR - Extension: YouTube = C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: AdBlock = C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.38_0\ CHR - Extension: Gmail = C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012-07-18 21:56:25 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\aprp.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\2.2.56.108\ASUSWSDashBoard.exe (eCareme) O4 - HKLM..\Run: [CapsHook] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe () O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated) O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe (Trend Micro Inc.) O4 - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\VizorHtmlDialog.exe (Trend Micro Inc.) O4 - HKCU..\Run: [BOS] C:\BOS\bos.exe () O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - Startup: C:\Users\euro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{241798C1-7BD0-47FC-9C56-9036B13AB345}: DhcpNameServer = 194.153.119.3 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED94C9C6-6618-4D4C-A76A-053195B8FAE1}: DhcpNameServer = 62.179.1.63 62.179.1.62 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-18 21:59:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012-07-18 21:59:32 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Local\temp [2012-07-18 21:56:11 | 000,000,000 | ---D | C] -- C:\windows\temp [2012-07-18 21:42:26 | 000,000,000 | ---D | C] -- C:\windows\erdnt [2012-07-18 18:25:00 | 000,000,000 | ---D | C] -- C:\BOS [2012-07-16 20:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications [2012-07-11 21:25:22 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Local\SoftGrid Client [2012-07-11 21:25:18 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\SoftGrid Client [2012-07-11 21:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Polski) [2012-07-08 11:46:30 | 000,000,000 | ---D | C] -- C:\Program Files\Rainbow Technologies [2012-07-08 11:46:30 | 000,000,000 | ---D | C] -- C:\Program Files\Gene Codes [2012-07-08 11:46:29 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gene Codes [2012-07-06 16:12:39 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\sequencher [2012-06-27 14:09:26 | 000,000,000 | ---D | C] -- C:\CMHome [2012-06-27 14:08:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clone Manager [2012-06-27 14:07:57 | 000,000,000 | ---D | C] -- C:\Program Files\SciEd8 [2012-06-27 14:05:18 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\Nowy folder [2012-06-27 14:03:35 | 000,000,000 | ---D | C] -- C:\Users\euro\Desktop\dok rekrutacyjne [2012-06-21 15:34:52 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Local\Microsoft Games [1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-18 22:09:32 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012-07-18 22:09:20 | 1602,838,528 | -HS- | M] () -- C:\hiberfil.sys [2012-07-18 21:56:25 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts [2012-07-18 21:28:01 | 000,001,054 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1877440365-1569326356-2487961928-1000UA.job [2012-07-18 10:42:15 | 000,001,002 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1877440365-1569326356-2487961928-1000Core.job [2012-07-16 23:46:32 | 000,698,356 | ---- | M] () -- C:\windows\System32\perfh015.dat [2012-07-16 23:46:32 | 000,616,452 | ---- | M] () -- C:\windows\System32\perfh009.dat [2012-07-16 23:46:32 | 000,135,176 | ---- | M] () -- C:\windows\System32\perfc015.dat [2012-07-16 23:46:32 | 000,106,574 | ---- | M] () -- C:\windows\System32\perfc009.dat [2012-07-16 21:44:46 | 001,061,968 | ---- | M] () -- C:\Users\euro\Desktop\licencjat!.odt [2012-07-16 21:44:39 | 000,000,109 | -H-- | M] () -- C:\Users\euro\Desktop\.~lock.licencjat!.odt# [2012-07-16 20:10:19 | 367,403,048 | ---- | M] () -- C:\Users\euro\Desktop\Gossip.Girl.S05E04.HDTV.XviD-2HD.[VTV].avi [2012-07-16 09:31:24 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-07-16 09:31:24 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-07-16 09:21:06 | 000,295,952 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2012-07-12 10:19:25 | 000,683,544 | ---- | M] () -- C:\Users\euro\Desktop\polG.odp [2012-07-11 23:23:42 | 000,002,401 | ---- | M] () -- C:\Users\euro\Desktop\Google Chrome.lnk [2012-07-11 21:24:02 | 366,363,008 | ---- | M] () -- C:\Users\euro\Desktop\Gossip.Girl.S05E03.HDTV.XviD-2HD.[VTV].avi [2012-07-11 17:39:19 | 367,004,418 | ---- | M] () -- C:\Users\euro\Desktop\Gossip.Girl.S05E02.HDTV.XviD-ASAP.[VTV].avi [2012-06-27 14:08:06 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\Clone Manager.lnk [1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-16 20:06:10 | 367,403,048 | ---- | C] () -- C:\Users\euro\Desktop\Gossip.Girl.S05E04.HDTV.XviD-2HD.[VTV].avi [2012-07-11 21:20:08 | 366,363,008 | ---- | C] () -- C:\Users\euro\Desktop\Gossip.Girl.S05E03.HDTV.XviD-2HD.[VTV].avi [2012-07-11 17:35:51 | 367,004,418 | ---- | C] () -- C:\Users\euro\Desktop\Gossip.Girl.S05E02.HDTV.XviD-ASAP.[VTV].avi [2012-07-08 17:27:33 | 000,000,109 | -H-- | C] () -- C:\Users\euro\Desktop\.~lock.licencjat!.odt# [2012-06-27 14:08:06 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\Clone Manager.lnk [2012-05-26 13:18:27 | 000,000,783 | ---- | C] () -- C:\Users\euro\.jalview_properties [2012-04-11 22:14:28 | 000,006,144 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS [2012-01-02 22:35:45 | 000,005,576 | ---- | C] () -- C:\windows\Language.ini [2010-12-30 04:00:45 | 000,219,136 | ---- | C] () -- C:\windows\System32\AsusService.exe [2010-12-30 04:00:44 | 000,025,616 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini [2010-12-30 03:56:41 | 000,011,520 | ---- | C] () -- C:\windows\System32\drivers\AsUpIO.sys [2010-12-30 03:55:56 | 000,000,852 | ---- | C] () -- C:\windows\System32\drivers\RTKHDRC.dat [2010-12-30 03:55:56 | 000,000,520 | ---- | C] () -- C:\windows\System32\drivers\RTEQEX0.dat [2010-12-30 03:55:54 | 000,000,399 | ---- | C] () -- C:\windows\Reboot.ini [2010-12-30 03:48:55 | 000,013,931 | ---- | C] () -- C:\windows\System32\RaCoInst.dat [2010-12-30 03:45:20 | 000,004,692 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat [2010-12-30 03:45:20 | 000,000,008 | ---- | C] () -- C:\windows\System32\drivers\rtkhdaud.dat [2010-07-29 09:43:10 | 000,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys [color=#E56717]========== LOP Check ==========[/color] [2012-06-01 13:06:44 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\.chimera [2010-12-30 04:16:42 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\ASUS WebStorage [2012-05-31 00:50:02 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010-12-30 03:59:09 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\E-Cam [2012-04-19 18:08:21 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\OpenOffice.org [2012-05-29 22:16:34 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Python [2012-07-16 22:40:13 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\SoftGrid Client [2012-05-31 00:57:31 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\Softland [2012-07-11 21:25:54 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\TP [2012-07-18 22:03:42 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\uTorrent [2009-07-14 06:53:46 | 000,012,670 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >