OTL logfile created on: 2012-11-01 21:48:57 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Pobieranie
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,25 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 63,25% Memory free
6,50 Gb Paging File | 5,30 Gb Available in Paging File | 81,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,03 Gb Total Space | 36,86 Gb Free Space | 47,24% Space Free | Partition Type: NTFS
Drive D: | 387,63 Gb Total Space | 249,91 Gb Free Space | 64,47% Space Free | Partition Type: NTFS
Drive G: | 100,00 Mb Total Space | 31,59 Mb Free Space | 31,59% Space Free | Partition Type: NTFS
 
Computer Name: MARCIN-KOMPUTER | User Name: Marcin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-11-01 21:45:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Pobieranie\OTL.exe
PRC - [2012-11-01 16:46:50 | 002,169,856 | -HS- | M] () -- C:\Windows\System32\hale.exe
PRC - [2012-10-23 19:34:30 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012-10-23 19:34:30 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
PRC - [2012-10-18 14:32:19 | 003,422,344 | ---- | M] (GG Network S.A.) -- C:\Users\Marcin\AppData\Local\GG\Application\gghub.exe
PRC - [2012-10-18 14:32:18 | 003,664,008 | ---- | M] (GG Network S.A.) -- C:\Users\Marcin\AppData\Local\GG\Application\ggdrive\ggdrive.exe
PRC - [2012-10-18 14:32:18 | 000,153,736 | ---- | M] (GG Network S.A.) -- C:\Users\Marcin\AppData\Local\GG\Application\ggapp.exe
PRC - [2012-09-28 15:42:26 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2012-07-02 15:15:14 | 000,380,328 | R--- | M] (cFos Software GmbH) -- C:\Program Files\cFosSpeed\spd.exe
PRC - [2011-06-17 18:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2011-03-24 05:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
PRC - [2011-03-22 09:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
PRC - [2010-11-15 12:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
PRC - [2010-11-15 12:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe
PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-07-14 02:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2009-07-14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009-07-14 02:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-11-01 16:46:50 | 002,169,856 | -HS- | M] () -- C:\Windows\System32\hale.exe
MOD - [2012-10-23 19:34:30 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012-10-23 19:34:30 | 000,566,728 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll
MOD - [2012-10-23 19:34:30 | 000,134,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll
MOD - [2012-10-18 14:32:19 | 001,945,600 | ---- | M] () -- C:\Users\Marcin\AppData\Local\GG\Application\xulrunner\mozjs.dll
MOD - [2012-10-10 11:06:15 | 000,460,312 | ---- | M] () -- C:\Users\Marcin\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
MOD - [2012-10-10 11:06:13 | 012,435,992 | ---- | M] () -- C:\Users\Marcin\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
MOD - [2012-10-10 11:06:12 | 004,005,912 | ---- | M] () -- C:\Users\Marcin\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
MOD - [2012-10-10 11:04:57 | 000,578,072 | ---- | M] () -- C:\Users\Marcin\AppData\Local\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
MOD - [2012-10-10 11:04:55 | 000,123,928 | ---- | M] () -- C:\Users\Marcin\AppData\Local\Google\Chrome\Application\22.0.1229.94\libegl.dll
MOD - [2012-10-10 11:04:44 | 000,156,712 | ---- | M] () -- C:\Users\Marcin\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
MOD - [2012-10-10 11:04:43 | 000,275,496 | ---- | M] () -- C:\Users\Marcin\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
MOD - [2012-10-10 11:04:42 | 002,168,360 | ---- | M] () -- C:\Users\Marcin\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
MOD - [2012-09-12 09:21:52 | 000,135,168 | ---- | M] () -- C:\Users\Marcin\AppData\Local\GG\Application\ggdrive\zlib1.dll
MOD - [2012-09-12 09:21:50 | 009,813,408 | ---- | M] () -- C:\Users\Marcin\AppData\Local\GG\Application\FMSBWChecker\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
MOD - [2010-07-04 22:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2012-10-23 19:34:30 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012-09-28 15:42:26 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012-07-02 15:15:14 | 000,380,328 | R--- | M] (cFos Software GmbH) [Auto | Running] -- C:\Program Files\cFosSpeed\spd.exe -- (cFosSpeedS)
SRV - [2011-06-17 18:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2011-03-24 05:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe -- (WCUService_STC_FF)
SRV - [2011-03-22 09:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE)
SRV - [2010-11-15 12:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService)
SRV - [2010-04-06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012-11-01 17:45:07 | 000,013,024 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2012-10-23 19:34:30 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012-09-21 21:20:45 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-08-18 02:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012-07-02 15:15:18 | 000,975,272 | ---- | M] (cFos Software GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\cfosspeed6.sys -- (cFosSpeed)
DRV - [2012-05-14 07:12:28 | 000,086,656 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2012-04-09 10:13:58 | 000,048,256 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.2)
DRV - [2012-03-21 16:05:52 | 000,296,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2012-03-21 15:59:48 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2011-03-18 17:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2011-01-10 17:16:16 | 000,018,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010-11-01 05:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2010-07-04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009-07-13 23:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009-07-13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=395049983_1052515_24D2D87E&ts=1350084548
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=1352f520-1d4c-11e2-a30b-50e5499fa335
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=1352f520-1d4c-11e2-a30b-50e5499fa335&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=395049983_1052515_24D2D87E&ts=1350084548
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=1352f520-1d4c-11e2-a30b-50e5499fa335
IE - HKCU\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKCU\..\SearchScopes\{2572A7F1-DC2B-4A78-BE89-701D23EDEE7A}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKCU\..\SearchScopes\{2A9E9F4A-CEA5-44a6-BED6-A4D5643FB2B9}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=1352f520-1d4c-11e2-a30b-50e5499fa335&q={searchTerms}
IE - HKCU\..\SearchScopes\{8B983670-262E-4500-BDC6-4F4DFADC9456}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={EAD88EF6-0576-483F-9759-9B845E6C9850}&mid=bd942877351e47daa219ffa467335db0-6bee379a71ff3f641df646874bc4c34bda25c2ac&lang=pl&ds=xn011&pr=sa&d=2012-10-23 20:34:47&v=13.2.0.3&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{DEED20C3-9314-4b80-B83D-F57DE21D013B}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Marcin\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Marcin\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2012-09-21 19:22:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2012-09-21 19:22:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2012-09-21 19:22:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_12_1
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.3 [2012-10-23 19:34:50 | 000,000,000 | ---D | M]
 
[2012-11-01 17:44:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcin\AppData\Roaming\mozilla\Extensions
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=395049983_1052515_24D2D87E&ts=1350084548
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=395049983_1052515_24D2D87E&ts=1350084548
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Marcin\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Marcin\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Marcin\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Marcin\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Marcin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: StartSearch Video plug-in = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj\1.3_0\
CHR - Extension: AdBlock = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.46_0\
CHR - Extension: Assassin's Creed Revelations = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkfepmkmmmkfefiijaoledbhobjcfea\1.1_0\
CHR - Extension: AVG Secure Search = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.3_0\
CHR - Extension: Bitdefender QuickScan = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\
CHR - Extension: StartSearch Video plug-in = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj\1.3_0\
CHR - Extension: AdBlock = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.46_0\
CHR - Extension: Assassin's Creed Revelations = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkfepmkmmmkfefiijaoledbhobjcfea\1.1_0\
CHR - Extension: AVG Secure Search = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.3_0\
CHR - Extension: Bitdefender QuickScan = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\
 
O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll ()
O4 - HKLM..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH)
O4 - HKLM..\Run: [Chew7Hale] C:\Windows\System32\hale.exe ()
O4 - HKLM..\Run: [ROC_roc_ssl_v12] C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe ()
O4 - HKLM..\Run: [STCAgent] C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKCU..\Run: [AdobeUpdate] wscript "C:\Users\Marcin\AppData\Roaming\Adobe32\invis.vbs" "C:\Users\Marcin\AppData\Roaming\Adobe32\bat.bat" File not found
O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 87.204.204.204 192.168.7.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A100DB65-14EE-489E-B199-1A85C2C31EF9}: DhcpNameServer = 87.204.204.204 192.168.7.1
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{d132db33-0419-11e2-919c-50e5499fa335}\Shell - "" = AutoRun
O33 - MountPoints2\{d132db33-0419-11e2-919c-50e5499fa335}\Shell\AutoRun\command - "" = F:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-11-01 21:09:57 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2012-11-01 18:43:51 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2012-11-01 18:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2012-11-01 18:01:14 | 000,485,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE
[2012-11-01 17:44:23 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Adobe
[2012-11-01 17:17:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-11-01 15:36:16 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\NPE
[2012-11-01 12:28:05 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\SlimWare Utilities Inc
[2012-11-01 12:27:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
[2012-11-01 12:27:59 | 000,000,000 | ---D | C] -- C:\Program Files\SlimDrivers
[2012-11-01 12:27:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2012-10-31 18:49:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2012-10-31 18:49:37 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012-10-31 18:49:36 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2012-10-31 18:49:36 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012-10-31 18:49:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2012-10-31 18:48:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2012-10-31 18:48:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Chart Controls
[2012-10-31 18:48:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulletstorm
[2012-10-31 07:04:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012-10-30 22:07:31 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012-10-30 22:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-10-30 22:06:44 | 000,086,656 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys
[2012-10-30 22:06:44 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012-10-30 22:06:24 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012-10-30 20:57:39 | 000,000,000 | ---D | C] -- C:\AMD
[2012-10-28 14:37:16 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\BANDISOFT
[2012-10-28 14:37:10 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\Bandicam
[2012-10-28 14:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
[2012-10-28 14:36:39 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[2012-10-28 14:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012-10-28 14:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2012-10-28 14:35:26 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Programs
[2012-10-28 07:53:39 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\RoboForm
[2012-10-28 07:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm
[2012-10-28 07:52:48 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\My Avast EasyPass Data
[2012-10-28 07:48:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012-10-28 07:23:17 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\QuickScan
[2012-10-24 17:30:16 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\SKIDROW
[2012-10-24 17:30:16 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Darksiders2
[2012-10-24 17:29:16 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll
[2012-10-24 17:18:47 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll
[2012-10-24 17:18:33 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\dll-files.com
[2012-10-24 17:16:57 | 003,799,904 | ---- | C] (Dll-Files.com                                               ) -- C:\Windows\System32\dffsetup-msvcr100.exe
[2012-10-24 17:03:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2012-10-23 20:59:44 | 000,000,000 | ---D | C] -- C:\Program Files\StartSearch plugin
[2012-10-23 19:34:55 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\AVG Secure Search
[2012-10-23 19:34:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012-10-23 19:34:46 | 000,026,984 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012-10-23 19:34:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012-10-23 19:34:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012-10-23 19:34:41 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012-10-20 09:58:55 | 002,613,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.Back
[2012-10-19 17:39:20 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012-10-19 17:39:20 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012-10-19 17:39:20 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012-10-17 15:03:58 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Thinstall
[2012-10-16 22:24:56 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\MicrosoftStore
[2012-10-16 22:14:46 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2012-10-15 12:59:43 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Mikrotik
[2012-10-14 17:51:56 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012-10-13 10:40:03 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Skyrim
[2012-10-13 10:40:03 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\My Games
[2012-10-13 00:27:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkaWit
[2012-10-13 00:27:36 | 000,000,000 | ---D | C] -- C:\Program Files\SkaWit
[2012-10-12 22:41:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012-10-12 22:41:46 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012-10-12 22:41:45 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2012-10-12 22:41:45 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012-10-12 22:41:45 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012-10-12 22:41:45 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012-10-12 22:41:45 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012-10-12 22:41:44 | 002,417,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2012-10-12 22:41:44 | 000,087,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll
[2012-10-12 22:41:44 | 000,013,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoLDR.dll
[2012-10-12 22:41:43 | 003,173,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2012-10-12 22:41:43 | 000,645,776 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2012-10-12 22:41:43 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012-10-12 22:41:43 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012-10-12 22:41:43 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012-10-12 22:41:43 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012-10-12 22:41:43 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012-10-12 22:41:43 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012-10-12 22:41:42 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012-10-12 22:41:42 | 000,753,280 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBAPO32.dll
[2012-10-12 22:41:42 | 000,709,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll
[2012-10-12 22:41:42 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012-10-12 22:41:42 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012-10-12 22:41:42 | 000,071,808 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBWrp32.dll
[2012-10-12 22:41:42 | 000,054,360 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBppld32.dll
[2012-10-12 22:41:42 | 000,050,776 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBPPCn32.dll
[2012-10-12 22:41:40 | 002,193,472 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012-10-12 22:41:39 | 000,176,736 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2012-10-12 22:41:39 | 000,095,840 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2012-10-12 19:41:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
[2012-10-12 19:41:52 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012-10-12 19:41:52 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2012-10-12 10:11:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aero Enabler
[2012-10-09 15:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012-10-09 15:40:01 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2012-10-09 15:40:01 | 000,000,000 | ---D | C] -- C:\Fraps
[2012-10-09 10:15:45 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\PunkBuster
[2012-10-09 10:15:09 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\Ubisoft
[2012-10-07 08:34:25 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\WB Games
[2012-10-07 08:32:43 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\ALI213
[2012-10-07 08:28:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2012-10-07 08:28:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Witn
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-11-01 21:50:00 | 041,116,317 | ---- | M] () -- C:\Windows\System32\cwlog.dtl
[2012-11-01 21:27:39 | 000,687,590 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-11-01 21:27:39 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-11-01 21:27:39 | 000,131,176 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-11-01 21:27:39 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-11-01 21:21:09 | 000,269,312 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-11-01 21:20:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-01 21:20:52 | 2616,037,376 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-01 21:19:47 | 000,001,890 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012-11-01 21:19:47 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2012-11-01 21:19:04 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2012-11-01 21:03:01 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3620533771-2778318329-2324861843-1000UA.job
[2012-11-01 20:00:25 | 000,009,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-01 20:00:25 | 000,009,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-01 17:45:07 | 000,013,024 | ---- | M] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2012-11-01 16:46:50 | 002,169,856 | -HS- | M] () -- C:\Windows\System32\hale.exe
[2012-11-01 16:26:13 | 000,003,390 | ---- | M] () -- C:\Users\Marcin\Documents\s.reg
[2012-11-01 12:03:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3620533771-2778318329-2324861843-1000Core.job
[2012-10-31 18:48:41 | 000,001,030 | ---- | M] () -- C:\Users\Marcin\Desktop\Bulletstorm.lnk
[2012-10-31 14:02:57 | 000,139,848 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012-10-31 14:02:50 | 000,282,696 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012-10-31 06:01:11 | 000,000,226 | ---- | M] () -- C:\Windows\AWS.ini
[2012-10-30 21:29:18 | 000,282,696 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2012-10-28 07:50:08 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012-10-24 17:21:30 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll
[2012-10-24 17:16:04 | 003,799,904 | ---- | M] (Dll-Files.com                                               ) -- C:\Windows\System32\dffsetup-msvcr100.exe
[2012-10-24 12:10:26 | 000,024,944 | ---- | M] () -- C:\Windows\System32\drivers\GVTDrv.sys
[2012-10-23 19:34:45 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2012-10-23 19:34:30 | 000,026,984 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012-10-13 17:06:59 | 000,000,927 | ---- | M] () -- C:\Users\Marcin\Desktop\Skrim.lnk
[2012-10-12 19:41:53 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012-10-11 11:05:24 | 000,002,454 | ---- | M] () -- C:\Users\Marcin\Desktop\Google Chrome.lnk
[2012-10-09 15:40:01 | 000,000,562 | ---- | M] () -- C:\Users\Marcin\Desktop\Fraps.lnk
[2012-10-09 10:47:19 | 000,000,676 | ---- | M] () -- C:\Users\Marcin\Desktop\Future Soldier.lnk
[2012-10-09 10:10:44 | 000,138,904 | ---- | M] () -- C:\Users\Marcin\AppData\Roaming\PnkBstrK.sys
[2012-10-07 22:28:08 | 000,046,704 | ---- | M] () -- C:\Users\Marcin\Documents\cc_20121007_232757.reg
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-11-01 21:20:54 | 000,269,312 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-11-01 21:19:40 | 000,001,890 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012-11-01 21:19:40 | 000,001,890 | ---- | C] () -- C:\Windows\diagerr.xml
[2012-11-01 16:46:56 | 041,088,141 | ---- | C] () -- C:\Windows\System32\cwlog.dtl
[2012-11-01 16:46:50 | 002,169,856 | -HS- | C] () -- C:\Windows\System32\hale.exe
[2012-11-01 16:26:13 | 000,003,390 | ---- | C] () -- C:\Users\Marcin\Documents\s.reg
[2012-11-01 12:28:07 | 000,013,024 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2012-10-31 18:48:41 | 000,001,030 | ---- | C] () -- C:\Users\Marcin\Desktop\Bulletstorm.lnk
[2012-10-28 14:36:07 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012-10-23 19:34:34 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo
[2012-10-13 17:07:04 | 000,000,927 | ---- | C] () -- C:\Users\Marcin\Desktop\Skrim.lnk
[2012-10-13 00:28:17 | 000,000,226 | ---- | C] () -- C:\Windows\AWS.ini
[2012-10-12 22:41:43 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012-10-12 19:41:53 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012-10-09 15:40:01 | 000,000,562 | ---- | C] () -- C:\Users\Marcin\Desktop\Fraps.lnk
[2012-10-09 10:47:19 | 000,000,676 | ---- | C] () -- C:\Users\Marcin\Desktop\Future Soldier.lnk
[2012-10-09 10:15:50 | 000,282,696 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2012-10-09 10:10:56 | 000,139,848 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012-10-09 10:10:44 | 000,138,904 | ---- | C] () -- C:\Users\Marcin\AppData\Roaming\PnkBstrK.sys
[2012-10-09 10:10:21 | 000,282,696 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012-10-09 10:10:21 | 000,282,696 | ---- | C] () -- C:\Windows\System32\PnkBstrB.ex0
[2012-10-09 10:10:20 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012-10-07 22:27:59 | 000,046,704 | ---- | C] () -- C:\Users\Marcin\Documents\cc_20121007_232757.reg
[2012-09-28 15:36:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012-09-22 10:24:59 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys
[2012-09-21 19:27:08 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe
[2012-09-21 19:27:08 | 000,018,544 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys
[2012-09-21 19:22:43 | 000,010,084 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2012-09-21 19:21:10 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012-09-21 19:04:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-09-21 19:04:17 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012-06-21 09:37:14 | 003,166,792 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2012-03-21 16:11:32 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe
[2011-09-19 08:07:46 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2011-09-19 08:07:32 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 08:27:10 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >