OTL logfile created on: 6/23/2013 5:31:13 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Test\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4.00 Gb Total Physical Memory | 2.95 Gb Available Physical Memory | 73.85% Memory free 8.00 Gb Paging File | 6.80 Gb Available in Paging File | 85.05% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 116.44 Gb Total Space | 10.53 Gb Free Space | 9.05% Space Free | Partition Type: NTFS Drive D: | 334.67 Gb Total Space | 6.22 Gb Free Space | 1.86% Space Free | Partition Type: NTFS Computer Name: KUBA-KOMPUTER | User Name: Test | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/06/23 17:11:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Test\Desktop\OTL.exe PRC - [2012/09/23 21:43:40 | 000,040,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe PRC - [2012/09/10 04:03:42 | 000,070,512 | ---- | M] (ZTE) -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\mcserver.exe PRC - [2012/09/10 04:03:40 | 000,221,552 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe PRC - [2012/09/10 04:03:40 | 000,037,232 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\db_daemon.exe PRC - [2012/09/07 08:28:02 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\remcserver.exe PRC - [2010/11/20 14:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe PRC - [2010/01/14 00:44:52 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- D:\Program Files (x86)\Winamp\winampa.exe PRC - [2009/09/24 23:50:02 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe PRC - [2009/07/24 20:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2009/07/16 20:07:54 | 000,178,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe PRC - [2009/07/07 21:20:56 | 008,493,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe PRC - [2009/07/02 04:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe PRC - [2009/06/19 20:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe PRC - [2009/06/19 20:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe PRC - [2009/06/16 03:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe PRC - [2009/05/19 01:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe PRC - [2009/04/28 06:41:58 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe PRC - [2009/04/21 15:27:30 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\QPrinter Bookmaker\qprintmon.exe PRC - [2009/04/20 21:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe PRC - [2008/12/23 03:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe PRC - [2008/08/14 07:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe PRC - [2008/08/14 06:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe PRC - [2008/03/31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe PRC - [2007/11/30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe PRC - [2007/08/08 10:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012/09/10 04:03:40 | 000,221,552 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe MOD - [2012/09/10 04:03:40 | 000,037,232 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\db_daemon.exe MOD - [2012/09/10 03:42:52 | 000,099,840 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\itapi.dll MOD - [2012/09/10 03:42:46 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\audio.dll MOD - [2012/09/10 03:42:38 | 000,058,880 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\coder.dll MOD - [2012/09/10 03:42:38 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libConfig.dll MOD - [2012/09/10 03:42:34 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\log.dll MOD - [2012/09/10 03:39:48 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libctlsvr.dll MOD - [2012/09/07 08:28:02 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\remcserver.exe MOD - [2011/12/26 09:41:00 | 000,090,624 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\CaptureCrash.dll MOD - [2011/05/06 05:03:32 | 000,594,944 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-1.dll MOD - [2011/05/06 05:02:40 | 000,341,504 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\sqlite3.dll MOD - [2010/10/14 11:37:52 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libxml2.dll MOD - [2010/10/14 11:37:52 | 000,080,688 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\zlib1.dll MOD - [2009/09/24 23:50:02 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe MOD - [2009/07/24 20:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe MOD - [2009/04/21 15:27:30 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\QPrinter Bookmaker\qprintmon.exe MOD - [2009/03/20 17:15:30 | 010,403,328 | ---- | M] () -- C:\Program Files (x86)\QPrinter Bookmaker\QtGui4.dll MOD - [2009/03/20 17:15:30 | 002,123,776 | ---- | M] () -- C:\Program Files (x86)\QPrinter Bookmaker\QtNetwork4.dll MOD - [2009/03/20 17:15:30 | 000,411,136 | ---- | M] () -- C:\Program Files (x86)\QPrinter Bookmaker\QtSvg4.dll MOD - [2009/03/20 17:15:28 | 002,653,696 | ---- | M] () -- C:\Program Files (x86)\QPrinter Bookmaker\QtCore4.dll MOD - [2009/03/20 17:15:26 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\QPrinter Bookmaker\imageformats\qjpeg4.dll MOD - [2009/03/20 17:15:26 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\QPrinter Bookmaker\imageformats\qgif4.dll MOD - [2009/03/20 17:15:26 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\QPrinter Bookmaker\imageformats\qsvg4.dll MOD - [2009/01/28 07:37:20 | 007,331,840 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll MOD - [2009/01/28 07:37:20 | 002,023,424 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll MOD - [2009/01/28 07:37:10 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2007/12/27 18:23:34 | 000,015,964 | ---- | M] () -- C:\Program Files (x86)\QPrinter Bookmaker\mingwm10.dll MOD - [2007/11/30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe MOD - [2007/09/09 17:07:00 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libexpat.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009/09/17 21:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV:[b]64bit:[/b] - [2009/07/02 04:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b]64bit:[/b] - [2007/08/08 10:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/09/15 03:03:42 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService) SRV - [2009/06/16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/03/31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011/08/10 12:56:46 | 000,079,872 | ---- | M] (ZTE) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zte_cdc_acm.sys -- (zte_cdc_acm) DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010/06/06 22:48:24 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2009/12/15 04:46:38 | 000,039,552 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tcpipBM.sys -- (tcpipBM) DRV:[b]64bit:[/b] - [2009/12/15 04:46:30 | 000,016,512 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BMLoad.sys -- (BMLoad) DRV:[b]64bit:[/b] - [2009/11/22 08:09:24 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm) DRV:[b]64bit:[/b] - [2009/08/12 07:45:29 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:[b]64bit:[/b] - [2009/07/20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/07/09 05:11:41 | 000,140,800 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:[b]64bit:[/b] - [2009/07/01 06:46:51 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2009/07/01 06:46:47 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2009/07/01 06:46:39 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2009/06/26 22:25:09 | 000,083,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2009/06/20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/06/05 12:16:29 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) DRV:[b]64bit:[/b] - [2009/06/04 12:54:35 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009/05/14 08:51:40 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (NETw5v64) DRV:[b]64bit:[/b] - [2009/05/13 03:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2009/04/27 16:25:58 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:[b]64bit:[/b] - [2009/04/07 09:33:07 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2008/12/08 18:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2008/09/26 18:02:36 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:[b]64bit:[/b] - [2008/05/24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV:[b]64bit:[/b] - [2007/07/24 21:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) DRV - [2009/12/15 04:46:38 | 000,039,552 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\tcpipBM.sys -- (tcpipBM) DRV - [2009/12/15 04:46:30 | 000,016,512 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\BMLoad.sys -- (BMLoad) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3585729520-1402192478-3682646337-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com IE - HKU\S-1-5-21-3585729520-1402192478-3682646337-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com IE - HKU\S-1-5-21-3585729520-1402192478-3682646337-1003\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} IE - HKU\S-1-5-21-3585729520-1402192478-3682646337-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\addon [2010/04/01 14:29:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/05/20 14:07:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/20 14:07:15 | 000,000,000 | ---D | M] [2013/05/20 14:07:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013/05/20 14:07:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2011/10/05 14:50:45 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010/01/14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - No CLSID value found. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe (ECAREME) O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe (CyberLink Corp.) O4 - HKLM..\Run: [QPrinter 2.0 monitor] C:\Program Files (x86)\QPrinter Bookmaker\qprintmon.exe () O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [WinampAgent] d:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{595EA2D8-6EC3-491A-8789-27AF7F779DE4}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9EA2A889-35F5-444B-937D-F34AC1F19C7D}: NameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\ipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/06/23 17:28:16 | 000,000,000 | ---D | C] -- C:\_OTL [2013/06/23 17:27:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Test\Desktop\OTL.exe [2013/06/23 16:34:35 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Roaming\WinRAR [2013/06/23 15:24:28 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Local\ElevatedDiagnostics [2013/06/23 15:09:14 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Local\Diagnostics [2013/06/23 13:35:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2013/06/20 12:03:07 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Roaming\Adobe [2013/06/20 12:00:34 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Local\SRS Labs [2013/06/20 12:00:34 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Roaming\Asus WebStorage [2013/06/20 12:00:31 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Local\Broadcom [2013/06/20 12:00:31 | 000,000,000 | ---D | C] -- C:\Users\Test\Documents\Bluetooth Exchange Folder [2013/06/20 11:58:57 | 000,000,000 | R--D | C] -- C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013/06/20 11:58:57 | 000,000,000 | R--D | C] -- C:\Users\Test\Searches [2013/06/20 11:58:57 | 000,000,000 | R--D | C] -- C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013/06/20 11:58:50 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Roaming\Identities [2013/06/20 11:58:48 | 000,000,000 | R--D | C] -- C:\Users\Test\Contacts [2013/06/20 11:58:46 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Local\VirtualStore [2013/06/20 11:58:13 | 000,000,000 | --SD | C] -- C:\Users\Test\AppData\Roaming\Microsoft [2013/06/20 11:58:13 | 000,000,000 | R--D | C] -- C:\Users\Test\Videos [2013/06/20 11:58:13 | 000,000,000 | R--D | C] -- C:\Users\Test\Saved Games [2013/06/20 11:58:13 | 000,000,000 | R--D | C] -- C:\Users\Test\Pictures [2013/06/20 11:58:13 | 000,000,000 | R--D | C] -- C:\Users\Test\Music [2013/06/20 11:58:13 | 000,000,000 | R--D | C] -- C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013/06/20 11:58:13 | 000,000,000 | R--D | C] -- C:\Users\Test\Links [2013/06/20 11:58:13 | 000,000,000 | R--D | C] -- C:\Users\Test\Favorites [2013/06/20 11:58:13 | 000,000,000 | R--D | C] -- C:\Users\Test\Downloads [2013/06/20 11:58:13 | 000,000,000 | R--D | C] -- C:\Users\Test\Documents [2013/06/20 11:58:13 | 000,000,000 | R--D | C] -- C:\Users\Test\Desktop [2013/06/20 11:58:13 | 000,000,000 | R--D | C] -- C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\Ustawienia lokalne [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\AppData\Local\Temporary Internet Files [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\Szablony [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\SendTo [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\Recent [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\PrintHood [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\NetHood [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\Documents\Moje wideo [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\Documents\Moje obrazy [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\Moje dokumenty [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\Documents\Moja muzyka [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\Menu Start [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\AppData\Local\Historia [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\Dane aplikacji [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\AppData\Local\Dane aplikacji [2013/06/20 11:58:13 | 000,000,000 | -HSD | C] -- C:\Users\Test\Cookies [2013/06/20 11:58:13 | 000,000,000 | -H-D | C] -- C:\Users\Test\AppData [2013/06/20 11:58:13 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Local\Temp [2013/06/20 11:58:13 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Local\Power2Go [2013/06/20 11:58:13 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Local\Microsoft Help [2013/06/20 11:58:13 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Local\Microsoft [2013/06/20 11:58:13 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Roaming\Media Center Programs [2013/06/20 11:58:13 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Roaming\Macromedia [2013/06/20 11:58:13 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite [2013/06/20 11:58:13 | 000,000,000 | ---D | C] -- C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic [2013/06/16 18:16:48 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2013/06/16 16:24:55 | 005,435,904 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\NETw5v64.sys [2013/06/16 16:22:28 | 000,057,344 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys [2013/06/16 14:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013/06/10 23:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/06/23 17:30:22 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cb0c8ddda3b372.job [2013/06/23 17:30:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/06/23 17:29:54 | 3220,525,056 | -HS- | M] () -- C:\hiberfil.sys [2013/06/23 17:29:13 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/06/23 17:29:13 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/06/23 17:15:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/06/23 17:11:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Test\Desktop\OTL.exe [2013/06/23 16:45:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/06/23 16:35:35 | 394,633,262 | ---- | M] () -- C:\Users\Test\Desktop\kopia.reg [2013/06/23 15:37:43 | 001,549,932 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/06/23 15:37:43 | 000,698,146 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013/06/23 15:37:43 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/06/23 15:37:43 | 000,135,224 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013/06/23 15:37:43 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/06/23 13:45:37 | 000,427,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/06/23 13:27:13 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll [2013/06/23 13:27:13 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll [2013/06/20 12:00:32 | 000,001,174 | ---- | M] () -- C:\Users\Test\Desktop\ASUS Video Magic.lnk [2013/06/16 16:20:50 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe [2013/06/16 15:08:23 | 000,001,689 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini [2013/06/16 14:51:10 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/06/23 16:35:17 | 394,633,262 | ---- | C] () -- C:\Users\Test\Desktop\kopia.reg [2013/06/23 16:34:59 | 000,006,396 | ---- | C] () -- C:\Users\Test\Desktop\MpsSvc.reg [2013/06/23 16:34:47 | 000,346,950 | ---- | C] () -- C:\Users\Test\Desktop\SharedAccess.reg [2013/06/23 16:34:35 | 000,176,940 | ---- | C] () -- C:\Users\Test\Desktop\BFE.reg [2013/06/20 11:59:46 | 000,001,423 | ---- | C] () -- C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2013/06/20 11:59:03 | 000,001,417 | ---- | C] () -- C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013/06/20 11:58:13 | 000,001,174 | ---- | C] () -- C:\Users\Test\Desktop\ASUS Video Magic.lnk [2013/06/16 14:51:10 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013/02/24 21:33:02 | 000,116,224 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll [2013/02/24 21:33:02 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\unredmon.exe [2013/02/24 21:28:57 | 000,193,664 | ---- | C] () -- C:\Windows\SysWow64\bmsdk.exe [2013/02/24 21:28:57 | 000,002,960 | ---- | C] () -- C:\Windows\SysWow64\boc.ini [2013/02/24 21:28:57 | 000,000,519 | ---- | C] () -- C:\Windows\SysWow64\bocinstall.ini [2013/02/03 19:42:03 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2012/03/12 19:27:32 | 000,072,192 | R--- | C] () -- C:\Windows\SysWow64\changeAcl.exe [2012/01/02 18:30:01 | 000,010,470 | -HS- | C] () -- C:\ProgramData\xs8by84iid75555by4v67e6b411l1n784530r2g6q5boc [2009/11/22 07:44:44 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report >