OTL logfile created on: 2012-08-14 19:40:22 - Run 4 OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\hogan\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,75 Gb Total Physical Memory | 0,55 Gb Available Physical Memory | 31,47% Memory free 6,63 Gb Paging File | 5,33 Gb Available in Paging File | 80,37% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 119,76 Gb Total Space | 5,62 Gb Free Space | 4,69% Space Free | Partition Type: NTFS Drive D: | 811,74 Gb Total Space | 3,91 Gb Free Space | 0,48% Space Free | Partition Type: NTFS Drive E: | 14,65 Gb Total Space | 5,45 Gb Free Space | 37,21% Space Free | Partition Type: NTFS Drive F: | 20,51 Gb Total Space | 0,62 Gb Free Space | 3,00% Space Free | Partition Type: NTFS Drive G: | 2,86 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 20,74 Gb Total Space | 0,43 Gb Free Space | 2,05% Space Free | Partition Type: NTFS Drive I: | 3,84 Gb Total Space | 2,33 Gb Free Space | 60,87% Space Free | Partition Type: FAT32 Computer Name: HOGAN-KOMPUTER | User Name: hogan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-08-14 13:54:50 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\hogan\Desktop\OTL.exe PRC - [2012-07-19 09:40:52 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012-07-08 07:37:22 | 000,026,008 | ---- | M] (Uniblue Systems Ltd) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe PRC - [2012-07-08 07:37:18 | 000,056,712 | ---- | M] (Uniblue Systems Ltd) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe PRC - [2012-07-05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-05-31 15:00:22 | 000,445,624 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe PRC - [2012-05-31 14:33:56 | 000,385,416 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe PRC - [2012-05-18 17:47:14 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe PRC - [2012-04-30 11:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe PRC - [2012-04-03 12:44:04 | 003,487,128 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe PRC - [2012-01-12 15:52:57 | 000,296,232 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe PRC - [2012-01-12 15:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe PRC - [2012-01-12 15:52:55 | 000,075,048 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe PRC - [2012-01-12 14:58:47 | 000,371,256 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe PRC - [2012-01-02 04:21:22 | 000,501,544 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe PRC - [2011-12-09 12:35:37 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\5Fantastic\OneWay\OneWay.exe PRC - [2011-12-07 17:57:08 | 000,731,408 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\17.5.0.127\InstStub.exe PRC - [2011-10-25 14:44:42 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe PRC - [2011-10-25 14:44:42 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe PRC - [2011-08-31 19:53:14 | 000,986,208 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe PRC - [2011-06-27 15:20:36 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe PRC - [2011-04-20 05:56:48 | 000,234,792 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe PRC - [2011-04-20 05:56:47 | 000,083,240 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe PRC - [2011-03-31 15:37:11 | 000,312,616 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe PRC - [2011-03-31 15:37:06 | 000,070,952 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe PRC - [2010-11-20 14:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe PRC - [2010-05-25 14:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe PRC - [2010-03-05 11:15:12 | 000,235,752 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe PRC - [2010-03-05 11:15:04 | 000,411,864 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe PRC - [2010-02-03 17:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe PRC - [2010-01-15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009-12-09 11:05:51 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-07-19 09:40:51 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012-07-08 07:37:16 | 000,136,072 | ---- | M] () -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\locale\en\en.dll MOD - [2012-07-08 07:37:16 | 000,114,056 | ---- | M] () -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\InstallerExtensions.dll MOD - [2012-07-08 07:37:16 | 000,018,824 | ---- | M] () -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\cwebpage.dll MOD - [2012-06-17 11:04:43 | 004,772,768 | ---- | M] () -- c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll MOD - [2012-05-24 11:50:32 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll MOD - [2012-04-30 11:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe MOD - [2012-04-30 11:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll MOD - [2012-01-12 14:55:29 | 000,075,048 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\DLNA\DMS\_PyDMSCtrl.pyd MOD - [2012-01-02 04:21:17 | 000,374,056 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\CLNetMediaDMA.dll MOD - [2011-12-09 12:35:37 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\5Fantastic\OneWay\OneWay.exe MOD - [2011-08-24 04:39:11 | 000,655,360 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ssl.pyd MOD - [2011-08-24 04:39:11 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\koan\_ctypes.pyd MOD - [2011-08-24 04:39:11 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_socket.pyd MOD - [2011-06-27 15:20:00 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraPlk.dll MOD - [2010-01-11 16:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll MOD - [2009-09-30 05:33:08 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll MOD - [2009-07-31 22:39:08 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll MOD - [2009-03-25 17:53:14 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll MOD - [2009-03-19 23:35:52 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll MOD - [2009-03-19 23:35:50 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll MOD - [2009-01-15 15:55:10 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-07-28 12:06:26 | 002,648,952 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper) SRV:[b]64bit:[/b] - [2012-06-11 13:12:16 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:[b]64bit:[/b] - [2012-03-09 07:10:20 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2012-02-18 03:56:20 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-07-19 09:40:51 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-07-05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-07-03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-05-31 14:33:56 | 000,385,416 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc) SRV - [2012-05-31 14:33:10 | 000,397,704 | ---- | M] (BlueStack Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc) SRV - [2012-05-11 00:12:42 | 000,066,872 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWow64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012-01-18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2012-01-12 15:52:57 | 000,296,232 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service) SRV - [2012-01-12 15:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12) SRV - [2012-01-12 15:52:55 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service) SRV - [2011-10-25 14:44:42 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc) SRV - [2011-04-20 05:56:47 | 000,083,240 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe -- (CLHNServiceForPowerDVD) SRV - [2011-03-31 15:37:11 | 000,312,616 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe -- (CyberLink PowerDVD 11.0 Service) SRV - [2011-03-31 15:37:06 | 000,070,952 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 11.0 Monitor Service) SRV - [2010-06-25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-03-05 11:15:12 | 000,235,752 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService) SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009-12-09 11:05:51 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe -- (NIS) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-05-07 09:30:10 | 000,015,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon) DRV:[b]64bit:[/b] - [2012-04-23 13:26:26 | 000,154,272 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP) DRV:[b]64bit:[/b] - [2012-03-09 08:28:08 | 010,857,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2012-03-09 08:28:08 | 010,857,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2012-03-09 05:58:02 | 000,328,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2012-03-05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1) DRV:[b]64bit:[/b] - [2012-03-05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-18 03:56:14 | 002,187,888 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:[b]64bit:[/b] - [2012-02-16 13:42:00 | 000,676,968 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011-12-13 19:44:16 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:[b]64bit:[/b] - [2011-12-02 19:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:[b]64bit:[/b] - [2011-06-07 00:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-02-14 03:04:34 | 000,044,624 | ---- | M] (Diskeeper Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\DKRtWrt.sys -- (DKRtWrt) DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-06-25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:[b]64bit:[/b] - [2010-06-17 11:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) DRV:[b]64bit:[/b] - [2010-02-18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:[b]64bit:[/b] - [2009-12-30 12:21:24 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt) DRV:[b]64bit:[/b] - [2009-12-03 08:08:32 | 000,504,880 | R--- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1105000.07F\srtsp64.sys -- (SRTSP) DRV:[b]64bit:[/b] - [2009-12-03 08:08:32 | 000,032,304 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1105000.07F\srtspx64.sys -- (SRTSPX) DRV:[b]64bit:[/b] - [2009-07-16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2008-05-16 13:33:06 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdm.sys -- (s0016mdm) DRV:[b]64bit:[/b] - [2008-05-16 13:33:06 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016unic.sys -- (s0016unic) DRV:[b]64bit:[/b] - [2008-05-16 13:33:06 | 000,137,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mgmt.sys -- (s0016mgmt) DRV:[b]64bit:[/b] - [2008-05-16 13:33:06 | 000,136,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016obex.sys -- (s0016obex) DRV:[b]64bit:[/b] - [2008-05-16 13:33:06 | 000,034,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016nd5.sys -- (s0016nd5) DRV:[b]64bit:[/b] - [2008-05-16 13:33:04 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdfl.sys -- (s0016mdfl) DRV:[b]64bit:[/b] - [2008-05-16 13:32:56 | 000,115,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016bus.sys -- (s0016bus) DRV - [2012-05-31 14:33:50 | 000,075,144 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv) DRV - [2011-11-20 03:29:52 | 000,202,592 | ---- | M] (Oracle Corporation) [Kernel | Auto | Running] -- D:\EMULATOR ANDROID\YouWave_Android\vb\VBoxDrv.sys -- (VBoxDrv) DRV - [2011-10-27 08:18:45 | 000,082,928 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12) DRV - [2011-04-20 05:56:48 | 000,075,248 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys -- (ntk_PowerDVD) DRV - [2011-04-12 11:16:53 | 000,148,976 | ---- | M] (CyberLink Corp.) [2012/01/15 14:45:17] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) DRV - [2010-11-01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0) DRV - [2010-01-29 12:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0645D4C1-9B7A-4039-BB4F-615B6F50837C}: "URL" = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=pl&q={searchTerms} IE - HKCU\..\SearchScopes\{D3C30203-C739-422b-A525-A0B203D4B8BF}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-07-19 09:40:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-05-10 21:28:02 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\hogan\AppData\Roaming\IDM\idmmzcc5 [2012-06-01 17:45:14 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\hogan\AppData\Roaming\IDM\idmmzcc5 [2012-06-01 17:45:14 | 000,000,000 | ---D | M] [2012-05-09 12:28:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hogan\AppData\Roaming\mozilla\Extensions [2012-08-12 09:41:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hogan\AppData\Roaming\mozilla\Firefox\Profiles\zd4r91d7.default\extensions [2012-03-20 21:46:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012-07-24 19:35:08 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-12-17 10:45:30 | 000,027,405 | ---- | M] () (No name found) -- C:\USERS\HOGAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZD4R91D7.DEFAULT\EXTENSIONS\{40A1F5D7-AFC2-498F-B264-02668D616FF6}.XPI [2011-12-22 17:19:31 | 000,041,372 | ---- | M] () (No name found) -- C:\USERS\HOGAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZD4R91D7.DEFAULT\EXTENSIONS\{EA2B95C2-9BE8-48ED-BDD1-5FCD2AD0FF99}.XPI [2012-05-06 12:16:48 | 000,186,953 | ---- | M] () (No name found) -- C:\USERS\HOGAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZD4R91D7.DEFAULT\EXTENSIONS\ME@PAPRIKKA.PL.XPI [2012-07-19 09:40:53 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-03-09 22:47:19 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012-07-19 09:40:48 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-07-19 09:40:48 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-07-19 09:40:48 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-07-19 09:40:47 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-07-19 09:40:47 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-07-19 09:40:47 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Search the web (Babylon) (Enabled) CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}&affID=112842&tt=090812_bab_3212_6&babsrc=SP_ss&mntrId=36a6f25700000000000020cf308d9c7f CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\pdf.dll CHR - plugin: Skype Click to Call (Enabled) = C:\Users\hogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\npSkypeChromePlugin.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - Extension: Skype Click to Call = C:\Users\hogan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\ O1 HOSTS File: ([2012-08-14 12:00:02 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b]64bit:[/b] - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.) O2:[b]64bit:[/b] - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (Windows Live ID Sign-in Helper) - {29373CA8-089F-57E6-70B8-1C6F05D669CA} - Reg Error: Value error. File not found O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll (Symantec Corporation) O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll (Symantec Corporation) O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.) O4 - HKLM..\Run: [PowerDVD12DMREngine] C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink) O4 - HKLM..\Run: [RemoteControl11] C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools) O4 - HKCU..\Run: [FileUploader] C:\Users\hogan\Downloads\FileUploader.exe (z_o_o_m's corp.) O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD) O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony) O4 - HKCU..\Run: [SpeedUpMyPC] C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe (Uniblue Systems Ltd) O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - Startup: C:\Users\hogan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneWay.lnk = C:\Program Files (x86)\5Fantastic\OneWay\OneWay.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:[b]64bit:[/b] - Extra context menu item: Ściągaj z Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm () O8:[b]64bit:[/b] - Extra context menu item: Ściągnij przez IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8:[b]64bit:[/b] - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Ściągaj z Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm () O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O15 - HKCU\..Trusted Domains: rising.com.cn ([]http in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CAD5AFA-1489-446A-B2F6-E6FDFAB3CAFC}: NameServer = 213.199.225.14,192.168.200.1 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:[b]64bit:[/b] - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18:[b]64bit:[/b] - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O22:[b]64bit:[/b] - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-03-15 02:06:02 | 000,004,632 | ---- | M] () - D:\AutoSave -- [ NTFS ] O32 - AutoRun File - [2010-08-16 16:52:43 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2012-04-18 20:15:28 | 000,000,067 | R--- | M] () - G:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-08-14 19:27:57 | 000,000,000 | ---D | C] -- C:\_OTL [2012-08-14 15:23:57 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\hogan\Desktop\OTL.exe [2012-08-14 15:07:43 | 000,000,000 | ---D | C] -- C:\Users\hogan\Desktop\Nowy folder [2012-08-14 15:07:03 | 000,000,000 | ---D | C] -- C:\Users\hogan\Desktop\FixPolicies [2012-08-14 12:03:08 | 000,000,000 | ---D | C] -- C:\Users\hogan\AppData\Local\temp [2012-08-14 12:00:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012-08-14 11:58:19 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012-08-14 11:53:01 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012-08-14 11:53:01 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012-08-14 11:53:01 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012-08-14 11:52:56 | 000,000,000 | ---D | C] -- C:\ComboFix [2012-08-14 11:52:19 | 000,000,000 | ---D | C] -- C:\Qoobox [2012-08-13 15:53:33 | 000,000,000 | ---D | C] -- C:\Users\hogan\Documents\Salvation Prophecy [2012-08-13 15:53:33 | 000,000,000 | ---D | C] -- C:\Users\hogan\AppData\Local\Salvation Prophecy [2012-08-13 15:45:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Salvation Prophecy [2012-08-13 12:12:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3 [2012-08-13 12:12:49 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2012-08-13 12:12:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit [2012-08-13 11:45:26 | 000,000,000 | ---D | C] -- C:\Users\hogan\AppData\Roaming\Uniblue [2012-08-13 11:45:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue [2012-08-13 11:45:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue [2012-08-12 22:26:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDP Multimedia [2012-08-12 20:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS GPU Profile [2012-08-12 03:24:40 | 000,000,000 | ---D | C] -- C:\Users\hogan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony [2012-08-12 02:06:52 | 000,000,000 | ---D | C] -- C:\ProgramData\usriqdzymjaekku [2012-08-09 11:53:14 | 000,275,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DreamScene.dll [2012-08-09 11:53:00 | 000,275,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DreamScene.dll [2012-08-08 07:10:11 | 000,000,000 | ---D | C] -- C:\Diskeeper [2012-08-06 18:20:28 | 000,000,000 | ---D | C] -- C:\Users\hogan\AppData\Roaming\dvdcss [2012-08-06 14:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\Key Metric Software [2012-08-06 12:55:05 | 000,044,624 | ---- | C] (Diskeeper Corporation) -- C:\Windows\SysNative\drivers\DKRtWrt.sys [2012-08-06 12:54:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diskeeper Corporation [2012-08-06 12:54:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Diskeeper Corporation [2012-08-06 12:54:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Diskeeper Corporation [2012-08-06 12:54:55 | 000,000,000 | ---D | C] -- C:\Program Files\Diskeeper Corporation [2012-07-22 23:23:08 | 000,000,000 | ---D | C] -- C:\Users\hogan\AppData\Roaming\vlc [2012-07-22 07:11:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012-07-22 07:11:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2012-07-17 20:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva [2012-07-17 20:15:13 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-08-14 19:41:21 | 000,025,952 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-08-14 19:41:21 | 000,025,952 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-08-14 19:39:34 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync [2012-08-14 19:39:04 | 001,549,932 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-08-14 19:39:04 | 000,697,896 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-08-14 19:39:04 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-08-14 19:39:04 | 000,135,006 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-08-14 19:39:04 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-08-14 19:34:54 | 000,001,082 | ---- | M] () -- C:\Users\hogan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneWay.lnk [2012-08-14 19:34:17 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-08-14 19:33:45 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC.job [2012-08-14 19:33:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-08-14 19:33:02 | 1407,852,544 | -HS- | M] () -- C:\hiberfil.sys [2012-08-14 16:57:50 | 000,139,264 | ---- | M] () -- C:\Users\hogan\Desktop\SystemLook.exe [2012-08-14 15:02:11 | 000,185,065 | ---- | M] () -- C:\Users\hogan\Desktop\FixPolicies.exe [2012-08-14 13:54:50 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\hogan\Desktop\OTL.exe [2012-08-14 12:00:02 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012-08-14 00:16:01 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-08-13 12:12:53 | 000,001,186 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk [2012-08-13 12:12:52 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk [2012-08-13 11:45:24 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\SpeedUpMyPC.lnk [2012-08-13 03:47:02 | 000,019,968 | ---- | M] () -- C:\Users\hogan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-08-12 22:26:50 | 000,000,550 | ---- | M] () -- C:\Users\Public\Desktop\SDP Downloader.lnk [2012-08-12 03:25:03 | 000,000,564 | ---- | M] () -- C:\user.js [2012-08-12 03:24:41 | 000,000,999 | ---- | M] () -- C:\Users\hogan\Desktop\MiPony.lnk [2012-08-09 19:25:41 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012-08-06 14:00:39 | 002,244,054 | ---- | M] () -- C:\Users\hogan\Documents\HOGAN-KOMPUTER_Diskeeper Performance Report.bmp [2012-07-22 07:11:54 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012-07-18 16:29:18 | 000,126,083 | ---- | M] () -- C:\Users\hogan\final_bstSnapshot_63954.jpg [2012-07-18 16:29:08 | 000,126,117 | ---- | M] () -- C:\Users\hogan\final_bstSnapshot_68956.jpg [2012-07-17 20:15:15 | 000,001,658 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-14 16:57:49 | 000,139,264 | ---- | C] () -- C:\Users\hogan\Desktop\SystemLook.exe [2012-08-14 15:02:11 | 000,185,065 | ---- | C] () -- C:\Users\hogan\Desktop\FixPolicies.exe [2012-08-14 11:53:01 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012-08-14 11:53:01 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012-08-14 11:53:01 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012-08-14 11:53:01 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012-08-14 11:53:01 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012-08-14 00:04:19 | 000,000,000 | -HS- | C] () -- C:\DkHyperbootSync [2012-08-13 12:12:53 | 000,001,186 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk [2012-08-13 12:12:52 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk [2012-08-13 11:45:30 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\SpeedUpMyPC.job [2012-08-13 11:45:24 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\SpeedUpMyPC.lnk [2012-08-12 22:26:50 | 000,000,550 | ---- | C] () -- C:\Users\Public\Desktop\SDP Downloader.lnk [2012-08-12 20:45:07 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2012-08-12 20:45:07 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2012-08-06 12:57:41 | 002,244,054 | ---- | C] () -- C:\Users\hogan\Documents\HOGAN-KOMPUTER_Diskeeper Performance Report.bmp [2012-07-22 07:11:54 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012-07-18 16:29:18 | 000,126,083 | ---- | C] () -- C:\Users\hogan\final_bstSnapshot_63954.jpg [2012-07-18 16:29:08 | 000,126,117 | ---- | C] () -- C:\Users\hogan\final_bstSnapshot_68956.jpg [2012-07-17 20:15:15 | 000,001,658 | ---- | C] () -- C:\Users\Public\Desktop\Recuva.lnk [2012-07-12 09:55:34 | 004,503,728 | ---- | C] () -- C:\ProgramData\go_0molg.pad [2012-06-28 11:49:50 | 000,000,218 | ---- | C] () -- C:\Users\hogan\.recently-used.xbel [2012-06-15 20:19:21 | 000,136,216 | ---- | C] () -- C:\Users\hogan\final_bstSnapshot_62427.jpg [2012-06-14 20:51:16 | 000,060,373 | ---- | C] () -- C:\Users\hogan\final_bstSnapshot_36218.jpg [2012-05-11 00:12:45 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-05-11 00:12:42 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012-05-11 00:12:40 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2012-03-09 06:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012-03-09 06:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012-02-18 17:22:00 | 000,000,125 | ---- | C] () -- C:\Users\hogan\ping [2012-02-17 20:00:22 | 000,004,100 | ---- | C] () -- C:\Windows\SysWow64\hdvirffo.dll [2012-02-02 19:08:44 | 000,335,872 | ---- | C] () -- C:\Windows\Property.exe [2012-02-02 19:08:44 | 000,145,408 | ---- | C] () -- C:\Windows\setreg.exe [2012-02-02 19:08:43 | 000,291,840 | ---- | C] () -- C:\Windows\FCVAP64.dll [2012-02-02 19:08:43 | 000,155,712 | ---- | C] () -- C:\Windows\GetWinVer.exe [2012-02-02 19:08:43 | 000,086,016 | ---- | C] () -- C:\Windows\EZFRD64.dll [2012-01-31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012-01-07 22:37:26 | 000,000,298 | ---- | C] () -- C:\Windows\EReg072.dat [2011-12-18 20:58:55 | 000,019,968 | ---- | C] () -- C:\Users\hogan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-12-08 17:08:43 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\winver.exe [2011-12-07 22:55:02 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-12-07 17:58:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-12-07 17:51:50 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll [2011-12-07 17:51:50 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2011-12-07 17:48:49 | 000,047,144 | ---- | C] () -- C:\Windows\Ascd_log.ini [2011-12-07 17:48:09 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2011-12-07 17:48:04 | 000,036,551 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2011-10-25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll [2011-09-13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010-10-22 10:14:19 | 000,000,870 | ---- | C] () -- C:\Users\hogan\AppData\Roaming\smallwindows.cfg [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:D1B5B4F1 @Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:9A1DF130 < End of report > .