OTL logfile created on: 2012-09-22 14:21:36 - Run 3 OTL by OldTimer - Version 3.2.61.5 Folder = D:\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1014,18 Mb Total Physical Memory | 262,03 Mb Available Physical Memory | 25,84% Memory free 1,99 Gb Paging File | 1,13 Gb Available in Paging File | 56,52% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 30,00 Gb Total Space | 8,94 Gb Free Space | 29,81% Space Free | Partition Type: NTFS Drive D: | 202,87 Gb Total Space | 73,47 Gb Free Space | 36,22% Space Free | Partition Type: NTFS Drive G: | 921,75 Mb Total Space | 5,75 Mb Free Space | 0,62% Space Free | Partition Type: FAT Computer Name: SKITEK-ASUS | User Name: Szymon | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-09-16 20:30:16 | 000,600,064 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe PRC - [2012-03-26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2012-03-26 17:03:40 | 000,258,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MpCmdRun.exe PRC - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe PRC - [2011-06-24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-11-16 15:37:38 | 000,264,704 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe PRC - [2010-11-16 15:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2010-10-25 11:03:52 | 000,217,088 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe PRC - [2009-10-26 14:30:00 | 000,413,688 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\SHE\SuperHybridEngine.exe PRC - [2009-10-16 22:43:28 | 001,021,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe PRC - [2009-09-11 12:41:02 | 000,100,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe PRC - [2009-08-18 18:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-02-20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012-02-20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012-03-26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2010-11-16 15:37:38 | 000,264,704 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe) SRV - [2010-10-25 11:03:52 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2010-05-27 16:44:21 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009-08-18 18:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService) SRV - [2009-07-14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2007-05-31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | Auto | Stopped] -- G:\VirtualBox\Portable-VirtualBox\app32\drivers\USB\filter\VBoxUSBMon.sys -- (VBoxUSBMon) DRV - File not found [Kernel | Auto | Stopped] -- G:\VirtualBox\Portable-VirtualBox\app32\drivers\VBoxDrv\VBoxDrv.sys -- (VBoxDRV) DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{00518985-97EB-481F-83E6-DECF7EFFCB02}\MpKsl3f4ec630.sys -- (MpKsl3f4ec630) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbfake.sys -- (hwusbfake) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv) DRV - [2012-03-20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2011-06-27 01:37:12 | 002,191,872 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2011-02-18 07:40:06 | 000,015,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudnflt.sys -- (ssudnflt) DRV - [2011-02-09 16:03:00 | 000,011,832 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO) DRV - [2011-01-03 10:38:36 | 000,136,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2011-01-03 10:38:36 | 000,121,192 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) DRV - [2011-01-03 10:38:36 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) DRV - [2010-12-21 07:55:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2010-12-21 07:55:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) DRV - [2010-12-21 07:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb) DRV - [2010-12-21 07:55:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-10-25 11:03:52 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010-10-09 14:48:36 | 000,072,576 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2010-08-31 18:09:00 | 000,208,896 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2010-08-07 17:48:42 | 000,106,880 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2010-07-27 09:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2010-01-15 12:21:16 | 000,385,544 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM) DRV - [2010-01-15 12:21:16 | 000,034,392 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus) DRV - [2009-11-13 09:47:50 | 000,058,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4180017802-2292323992-3731856309-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-4180017802-2292323992-3731856309-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-4180017802-2292323992-3731856309-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-4180017802-2292323992-3731856309-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-4180017802-2292323992-3731856309-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-4180017802-2292323992-3731856309-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-4180017802-2292323992-3731856309-1001\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found IE - HKU\S-1-5-21-4180017802-2292323992-3731856309-1001\..\SearchScopes,DefaultScope = {003BB908-A229-4820-B8F2-1CA95782BB26} IE - HKU\S-1-5-21-4180017802-2292323992-3731856309-1001\..\SearchScopes\{003BB908-A229-4820-B8F2-1CA95782BB26}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE - HKU\S-1-5-21-4180017802-2292323992-3731856309-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-4180017802-2292323992-3731856309-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4180017802-2292323992-3731856309-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Szymon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Szymon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) [2012-09-20 19:00:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Szymon\AppData\Roaming\mozilla\Extensions [2011-01-24 00:47:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Szymon\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012-09-16 21:07:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Szymon\AppData\Roaming\mozilla\Firefox\Profiles\xr4i6l8d.default\extensions [2012-09-20 19:00:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Szymon\AppData\Roaming\mozilla\Firefox\Profiles\xr4i6l8d.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2012-09-20 19:00:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Szymon\AppData\Roaming\mozilla\Firefox\Profiles\xr4i6l8d.default\extensions\{21cfaec0-dbb3-11dc-95ff-0800200c9a66} [2012-09-20 19:00:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Szymon\AppData\Roaming\mozilla\Firefox\Profiles\xr4i6l8d.default\extensions\ALone-live@ya.ru [2012-09-20 19:00:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Szymon\AppData\Roaming\mozilla\Firefox\Profiles\xr4i6l8d.default\extensions\en-GB@dictionaries.addons.mozilla.org [2012-09-20 19:00:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Szymon\AppData\Roaming\mozilla\Firefox\Profiles\xr4i6l8d.default\extensions\foxmarks@kei.com [2012-09-20 19:00:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-06-25 18:32:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-09-07 20:33:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} CHR - default_search_provider: suggest_url = CHR - homepage: http://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Szymon\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Szymon\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Szymon\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Szymon\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - Extension: AdBlock = C:\Users\Szymon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.44_0\ CHR - Extension: AdBlock = C:\Users\Szymon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.45_0\ CHR - Extension: Jolicloud = C:\Users\Szymon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfakdllpdfjjbfommlcnfkedmbigkfdo\1.0.8_0\ O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [HotkeyMon] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [HotkeyService] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [LiveUpdate] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [SuperHybridEngine] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe File not found O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-4180017802-2292323992-3731856309-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4180017802-2292323992-3731856309-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000055 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000056 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000057 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000060 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000061 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000062 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000063 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{109707C6-6984-463B-B0EB-716BCE896097}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A6E3E78-FB67-4C6D-AE92-01A6BD6CE1CA}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F0A3424-2ED2-4E36-AC36-A99284CC1F34}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E340806-1824-4B76-9DBF-EE76B4CB93AC}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A540D56D-C940-440F-ABDC-EAEF08D02744}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC2782A5-817E-4432-8EFC-E6C18489950A}: NameServer = 192.168.134.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7E12CC0-DD0F-4D26-B634-45D81252037D}: DhcpNameServer = 192.168.20.1 194.204.159.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - C:\Program Files\Stardock\ObjectDockFree\ODMenu.dll File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{072d3675-7cb0-11df-b5ed-1a4bd68063f0}\Shell - "" = AutoRun O33 - MountPoints2\{072d3675-7cb0-11df-b5ed-1a4bd68063f0}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{072d3683-7cb0-11df-b5ed-1a4bd68063f0}\Shell - "" = AutoRun O33 - MountPoints2\{072d3683-7cb0-11df-b5ed-1a4bd68063f0}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{285d52fe-cb14-11e0-aa66-a8432383ca07}\Shell - "" = AutoRun O33 - MountPoints2\{285d52fe-cb14-11e0-aa66-a8432383ca07}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{285d5334-cb14-11e0-aa66-001e101f7f74}\Shell - "" = AutoRun O33 - MountPoints2\{285d5334-cb14-11e0-aa66-001e101f7f74}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{3024fef2-c36b-11df-8b40-485b392643e9}\Shell - "" = AutoRun O33 - MountPoints2\{3024fef2-c36b-11df-8b40-485b392643e9}\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\{3b2183d9-cf34-11e0-b6d2-d5c1242ad10e}\Shell - "" = AutoRun O33 - MountPoints2\{3b2183d9-cf34-11e0-b6d2-d5c1242ad10e}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{3b2183ee-cf34-11e0-b6d2-a40414864441}\Shell - "" = AutoRun O33 - MountPoints2\{3b2183ee-cf34-11e0-b6d2-a40414864441}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{3b218537-cf34-11e0-b6d2-001e101f4e71}\Shell - "" = AutoRun O33 - MountPoints2\{3b218537-cf34-11e0-b6d2-001e101f4e71}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{3b2185c4-cf34-11e0-b6d2-001e101f4e71}\Shell - "" = AutoRun O33 - MountPoints2\{3b2185c4-cf34-11e0-b6d2-001e101f4e71}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{523186a1-c57d-11e0-ae28-001e101fdb29}\Shell - "" = AutoRun O33 - MountPoints2\{523186a1-c57d-11e0-ae28-001e101fdb29}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{523187ce-c57d-11e0-ae28-001e101fdb29}\Shell - "" = AutoRun O33 - MountPoints2\{523187ce-c57d-11e0-ae28-001e101fdb29}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{52318802-c57d-11e0-ae28-001e101fdb29}\Shell - "" = AutoRun O33 - MountPoints2\{52318802-c57d-11e0-ae28-001e101fdb29}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{6245c667-84d0-11df-8a3c-cd77d2582e08}\Shell - "" = AutoRun O33 - MountPoints2\{6245c667-84d0-11df-8a3c-cd77d2582e08}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{717e0510-93fd-11e0-83c0-485b392643e9}\Shell - "" = AutoRun O33 - MountPoints2\{717e0510-93fd-11e0-83c0-485b392643e9}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{717e0524-93fd-11e0-83c0-485b392643e9}\Shell - "" = AutoRun O33 - MountPoints2\{717e0524-93fd-11e0-83c0-485b392643e9}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{717e063e-93fd-11e0-83c0-001e101f36d9}\Shell - "" = AutoRun O33 - MountPoints2\{717e063e-93fd-11e0-83c0-001e101f36d9}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{ae21cdaf-d792-11df-8ccf-485b392643e9}\Shell - "" = AutoRun O33 - MountPoints2\{ae21cdaf-d792-11df-8ccf-485b392643e9}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{b4fd5bf4-c9c8-11e0-b78b-f921b88bce10}\Shell - "" = AutoRun O33 - MountPoints2\{b4fd5bf4-c9c8-11e0-b78b-f921b88bce10}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-09-22 12:16:04 | 000,454,056 | ---- | C] (Helge Klein) -- C:\Windows\SetACL.exe [2012-09-21 07:39:23 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012-09-21 07:39:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012-09-21 07:39:18 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012-09-21 07:39:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012-09-21 07:39:14 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-09-21 07:39:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012-09-21 07:39:07 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012-09-21 07:11:40 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2012-09-20 22:53:33 | 000,000,000 | ---D | C] -- C:\Users\Szymon\Desktop\skróty [2012-09-20 22:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2012-09-20 22:04:46 | 000,000,000 | ---D | C] -- C:\Users\Szymon\AppData\Roaming\Malwarebytes [2012-09-20 22:03:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-09-20 22:02:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-09-20 22:02:28 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012-09-20 22:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012-09-16 20:06:35 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput [2012-09-16 20:02:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage [2012-09-16 12:40:30 | 000,000,000 | ---D | C] -- C:\Users\Szymon\Desktop\FOTOTOTO [2012-09-08 11:51:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012-09-07 20:33:07 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012-09-07 20:33:06 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012-09-07 20:33:06 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012-09-05 19:58:53 | 000,696,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-09-03 21:57:11 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA% [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-09-22 14:15:51 | 000,027,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-09-22 14:15:51 | 000,027,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-09-22 14:12:40 | 000,703,622 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-09-22 14:12:40 | 000,621,274 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-09-22 14:12:40 | 000,137,508 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-09-22 14:12:40 | 000,108,494 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-09-22 14:10:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-09-22 14:07:40 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-09-22 14:07:10 | 797,581,312 | -HS- | M] () -- C:\hiberfil.sys [2012-09-22 12:03:01 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4180017802-2292323992-3731856309-1001UA.job [2012-09-22 12:03:01 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-09-21 19:03:01 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4180017802-2292323992-3731856309-1001Core.job [2012-09-21 18:11:46 | 000,000,672 | ---- | M] () -- C:\Windows\System32\.crusader [2012-09-21 07:50:09 | 000,407,760 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-09-20 22:44:56 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2012-09-20 21:15:17 | 000,000,036 | ---- | M] () -- C:\Users\Szymon\AppData\Local\housecall.guid.cache [2012-09-10 22:25:26 | 000,454,056 | ---- | M] (Helge Klein) -- C:\Windows\SetACL.exe [2012-09-07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012-09-05 19:58:54 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-09-05 19:58:53 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-08-28 20:24:56 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll [2012-08-28 20:24:53 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2012-08-28 20:10:12 | 000,157,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012-08-28 20:10:07 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012-08-28 20:09:57 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-09-21 18:11:46 | 000,000,672 | ---- | C] () -- C:\Windows\System32\.crusader [2012-09-20 22:44:43 | 000,001,875 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2012-09-20 21:15:17 | 000,000,036 | ---- | C] () -- C:\Users\Szymon\AppData\Local\housecall.guid.cache [2011-11-20 10:17:26 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsUpIO.sys [2011-11-13 11:14:22 | 000,021,864 | ---- | C] () -- C:\Windows\AsAcpiSvrLang.ini [2011-11-13 11:14:21 | 000,219,136 | ---- | C] () -- C:\Windows\System32\AsusService.exe [2011-08-30 23:50:24 | 000,000,185 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc [2011-07-18 11:34:01 | 000,003,584 | ---- | C] () -- C:\Users\Szymon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-05-16 14:31:44 | 000,008,592 | ---- | C] () -- C:\Windows\System32\ractrlkeyhook.dll [2011-05-08 22:36:34 | 000,002,528 | ---- | C] () -- C:\Users\Szymon\AppData\Roaming\$_hpcst$.hpc [2011-02-26 11:04:47 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011-02-26 11:04:46 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011-02-24 08:07:36 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011-01-29 18:00:22 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2011-01-29 18:00:22 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2011-01-29 18:00:22 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2011-01-29 18:00:22 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2011-01-16 14:55:28 | 000,026,624 | ---- | C] () -- C:\Windows\System32\spd__l.dll [2011-01-16 14:55:22 | 000,283,136 | ---- | C] () -- C:\Windows\System32\DscPnt.dll [2011-01-16 14:55:20 | 000,259,888 | ---- | C] () -- C:\Windows\SUPDRun.exe [2011-01-16 14:55:14 | 000,151,552 | ---- | C] () -- C:\Windows\System32\spd__ci.exe [2010-11-07 16:07:22 | 000,000,030 | ---- | C] () -- C:\Windows\USDL_GrandPrix_v1.6.4_VISTA.INI [2010-08-30 20:52:38 | 000,000,600 | ---- | C] () -- C:\Users\Szymon\AppData\Local\PUTTY.RND [color=#E56717]========== LOP Check ==========[/color] [2010-04-23 10:41:53 | 000,000,000 | ---D | M] -- C:\Users\Szymon\AppData\Roaming\.wtw [2011-01-09 16:50:33 | 000,000,000 | ---D | M] -- C:\Users\Szymon\AppData\Roaming\Azureus [2010-05-23 00:23:00 | 000,000,000 | ---D | M] -- C:\Users\Szymon\AppData\Roaming\BESTplayer [2012-04-13 18:59:23 | 000,000,000 | ---D | M] -- C:\Users\Szymon\AppData\Roaming\Dropbox [2011-05-08 22:16:43 | 000,000,000 | ---D | M] -- C:\Users\Szymon\AppData\Roaming\GoodSync [2011-05-03 22:11:29 | 000,000,000 | ---D | M] -- C:\Users\Szymon\AppData\Roaming\Intermedia Software [2010-10-18 21:44:18 | 000,000,000 | ---D | M] -- C:\Users\Szymon\AppData\Roaming\iPlus [2011-06-26 21:45:04 | 000,000,000 | ---D | M] -- C:\Users\Szymon\AppData\Roaming\PLAY ONLINE [2011-08-16 00:57:25 | 000,000,000 | ---D | M] -- C:\Users\Szymon\AppData\Roaming\Samsung [2012-06-26 23:22:28 | 000,000,000 | ---D | M] -- C:\Users\Szymon\AppData\Roaming\Stardock [2010-07-26 08:01:41 | 000,000,000 | ---D | M] -- C:\Users\Szymon\AppData\Roaming\TeraCopy [2011-05-08 22:35:58 | 000,000,000 | ---D | M] -- C:\Users\Szymon\AppData\Roaming\Thinstall [2011-01-24 00:47:50 | 000,000,000 | ---D | M] -- C:\Users\Szymon\AppData\Roaming\Thunderbird [2010-05-16 18:16:09 | 000,000,000 | ---D | M] -- C:\Users\Szymon\AppData\Roaming\ultrastardx [2012-09-21 19:03:31 | 000,000,000 | ---D | M] -- C:\Users\Szymon\AppData\Roaming\uTorrent [2011-02-11 23:36:41 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color] [C:\Windows\$NtUninstallKB24387$] -> Error: Cannot create file handle -> Unknown point type < End of report >