OTL logfile created on: 7/13/2013 11:31:21 PM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maka\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16635) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3.99 Gb Total Physical Memory | 2.65 Gb Available Physical Memory | 66.30% Memory free 7.97 Gb Paging File | 6.17 Gb Available in Paging File | 77.35% Paging File free Paging file location(s): c:\pagefile.sys 4083 6124 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 200.10 Gb Total Space | 1.52 Gb Free Space | 0.76% Space Free | Partition Type: NTFS Drive D: | 49.16 Gb Total Space | 2.08 Gb Free Space | 4.23% Space Free | Partition Type: NTFS Drive E: | 48.83 Gb Total Space | 8.57 Gb Free Space | 17.56% Space Free | Partition Type: NTFS Computer Name: MAKA-KOMPUTER | User Name: Maka | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Users\Maka\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\System Explorer\SystemExplorer.exe (Mister Group) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr) PRC - C:\Program Files (x86)\TimeLeft3\TimeLeft.exe (NesterSoft Inc.) PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe () [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll () MOD - C:\Program Files (x86)\Notepad++\plugins\NppExport.dll () MOD - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe () MOD - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll () MOD - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll () MOD - C:\Program Files (x86)\TimeLeft3\TrayClock.dll () [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - (gzserv) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe (Bitdefender) SRV:[b]64bit:[/b] - (HitmanProScheduler) -- C:\Program Files\HitmanPro\hmpsched.exe (SurfRight B.V.) SRV:[b]64bit:[/b] - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO) SRV:[b]64bit:[/b] - (cmdvirth) -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (COMODO) SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV:[b]64bit:[/b] - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe () SRV:[b]64bit:[/b] - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV:[b]64bit:[/b] - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.) SRV:[b]64bit:[/b] - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV:[b]64bit:[/b] - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe () SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs) SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (SystemExplorerHelpService) -- C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe (Mister Group) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - (cmderd) -- C:\Windows\SysNative\drivers\cmderd.sys (COMODO) DRV:[b]64bit:[/b] - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:[b]64bit:[/b] - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:[b]64bit:[/b] - (trufos) -- C:\Windows\SysNative\drivers\trufos.sys (BitDefender S.R.L.) DRV:[b]64bit:[/b] - (gzflt) -- C:\Windows\SysNative\drivers\gzflt.sys (BitDefender LLC) DRV:[b]64bit:[/b] - (bdfwfpf) -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys (Bitdefender SRL) DRV:[b]64bit:[/b] - (avckf) -- C:\Windows\SysNative\drivers\avckf.sys (BitDefender) DRV:[b]64bit:[/b] - (avc3) -- C:\Windows\SysNative\drivers\avc3.sys (BitDefender) DRV:[b]64bit:[/b] - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:[b]64bit:[/b] - (AsDsm) -- C:\Windows\SysNative\drivers\AsDsm.sys (ASUSTek Computer Inc) DRV:[b]64bit:[/b] - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG) DRV:[b]64bit:[/b] - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:[b]64bit:[/b] - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation) DRV:[b]64bit:[/b] - (iaStorF) -- C:\Windows\SysNative\drivers\iaStorF.sys (Intel Corporation) DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:[b]64bit:[/b] - (risdpcie) -- C:\Windows\SysNative\drivers\risdpe64.sys (REDC) DRV:[b]64bit:[/b] - (LgBttPort) -- C:\Windows\SysNative\drivers\lgbtpt64.sys (LG Electronics Inc.) DRV:[b]64bit:[/b] - (LGVMODEM) -- C:\Windows\SysNative\drivers\lgvmdm64.sys (LG Electronics Inc.) DRV:[b]64bit:[/b] - (lgbusenum) -- C:\Windows\SysNative\drivers\lgbtbs64.sys (LG Electronics Inc.) DRV:[b]64bit:[/b] - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:[b]64bit:[/b] - (NETw1v64) -- C:\Windows\SysNative\drivers\NETw1v64.sys (Intel Corporation) DRV:[b]64bit:[/b] - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:[b]64bit:[/b] - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( ) DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:[b]64bit:[/b] - (rixdpcie) -- C:\Windows\SysNative\drivers\rixdpe64.sys (REDC) DRV:[b]64bit:[/b] - (rimspci) -- C:\Windows\SysNative\drivers\rimspe64.sys (REDC) DRV:[b]64bit:[/b] - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:[b]64bit:[/b] - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:[b]64bit:[/b] - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:[b]64bit:[/b] - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:[b]64bit:[/b] - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.) DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:[b]64bit:[/b] - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys () DRV:[b]64bit:[/b] - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS) DRV:[b]64bit:[/b] - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:[b]64bit:[/b] - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ASMMAP64) -- C:\Program Files\ATKGFNEX\ASMMAP64.sys () DRV:[b]64bit:[/b] - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV - (IObitUnlocker) -- C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys () DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}: C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\ [2013-04-10 11:11:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-06-27 17:10:55 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-06-27 17:10:55 | 000,000,000 | ---D | M] [2013-03-27 12:07:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maka\AppData\Roaming\mozilla\Extensions [2013-07-07 01:12:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maka\AppData\Roaming\mozilla\Firefox\Profiles\538sp7j8.default\extensions [2013-06-08 21:27:26 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Maka\AppData\Roaming\mozilla\Firefox\Profiles\538sp7j8.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-07-07 01:12:16 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Maka\AppData\Roaming\mozilla\Firefox\Profiles\538sp7j8.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2013-05-15 11:53:32 | 000,000,000 | ---D | M] ("NetVideoHunter") -- C:\Users\Maka\AppData\Roaming\mozilla\Firefox\Profiles\538sp7j8.default\extensions\netvideohunter@netvideohunter.com [2013-07-05 15:02:20 | 000,268,398 | ---- | M] () (No name found) -- C:\Users\Maka\AppData\Roaming\mozilla\firefox\profiles\538sp7j8.default\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2013-06-05 19:39:34 | 000,169,523 | ---- | M] () (No name found) -- C:\Users\Maka\AppData\Roaming\mozilla\firefox\profiles\538sp7j8.default\extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOw@jetpack.xpi [2013-07-05 15:12:37 | 000,046,326 | ---- | M] () (No name found) -- C:\Users\Maka\AppData\Roaming\mozilla\firefox\profiles\538sp7j8.default\extensions\memoryrestart@teamextension.com.xpi [2013-07-05 14:54:12 | 000,010,666 | ---- | M] () (No name found) -- C:\Users\Maka\AppData\Roaming\mozilla\firefox\profiles\538sp7j8.default\extensions\noverflow@sdrocking.com.xpi [2013-07-05 15:12:37 | 000,041,753 | ---- | M] () (No name found) -- C:\Users\Maka\AppData\Roaming\mozilla\firefox\profiles\538sp7j8.default\extensions\tabrestore@plugin.xpi [2013-07-06 10:34:56 | 001,060,244 | ---- | M] () (No name found) -- C:\Users\Maka\AppData\Roaming\mozilla\firefox\profiles\538sp7j8.default\extensions\trafficlight@bitdefender.com.xpi [2013-07-05 15:04:46 | 000,534,371 | ---- | M] () (No name found) -- C:\Users\Maka\AppData\Roaming\mozilla\firefox\profiles\538sp7j8.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-07-05 15:04:46 | 000,003,965 | ---- | M] () (No name found) -- C:\Users\Maka\AppData\Roaming\mozilla\firefox\profiles\538sp7j8.default\extensions\{AA6F0803-145A-4200-8E5E-68898D02B5B3}.xpi [2013-07-05 15:04:46 | 000,065,551 | ---- | M] () (No name found) -- C:\Users\Maka\AppData\Roaming\mozilla\firefox\profiles\538sp7j8.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2013-07-05 15:04:46 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Maka\AppData\Roaming\mozilla\firefox\profiles\538sp7j8.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-07-05 15:04:46 | 000,014,714 | ---- | M] () (No name found) -- C:\Users\Maka\AppData\Roaming\mozilla\firefox\profiles\538sp7j8.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2013-06-27 17:10:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013-06-27 17:10:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013-02-25 12:49:04 | 000,171,552 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll CHR - Extension: Dokumenty Google = C:\Users\Maka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Dysk Google = C:\Users\Maka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Maka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Szukaj w Google = C:\Users\Maka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Gmail = C:\Users\Maka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013-07-13 23:01:01 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO) O4 - Startup: C:\Users\Maka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeLeft.lnk = C:\Program Files (x86)\TimeLeft3\TimeLeft.exe (NesterSoft Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Image - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8:[b]64bit:[/b] - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Memo - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8:[b]64bit:[/b] - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Text file - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8:[b]64bit:[/b] - Extra context menu item: LG Air Sync (R-Click) - Set as Mobile Wallpaper - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8:[b]64bit:[/b] - Extra context menu item: LG Air Sync Option - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Image - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Memo - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Text file - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Air Sync (R-Click) - Set as Mobile Wallpaper - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: LG Air Sync Option - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.) O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B38CCA00-B2EB-48E6-802A-09C5869085EB}: NameServer = 156.154.70.22,156.154.71.22 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1BDAE02-F399-4F46-9E84-E979D4EA6263}: DhcpNameServer = 192.168.1.1 0.0.0.0 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1BDAE02-F399-4F46-9E84-E979D4EA6263}: NameServer = 156.154.70.22,156.154.71.22 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013-03-27 12:27:19 | 000,000,152 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2013-06-05 04:48:53 | 000,000,000 | ---D | M] - C:\AutoHotkey -- [ NTFS ] O32 - AutoRun File - [2012-01-21 00:47:25 | 000,000,000 | ---- | M] () - E:\Autoexec.001 -- [ NTFS ] O32 - AutoRun File - [2013-04-07 02:14:52 | 000,000,152 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2012-01-05 23:05:24 | 000,000,000 | ---D | M] - E:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-07-13 23:01:11 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2013-07-13 22:38:25 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013-07-13 22:38:25 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013-07-13 22:38:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013-07-13 22:36:05 | 000,000,000 | ---D | C] -- C:\Qoobox [2013-07-13 22:35:37 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013-07-13 22:33:18 | 005,088,600 | R--- | C] (Swearware) -- C:\Users\Maka\Desktop\ComboFix.exe [2013-07-13 20:16:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable) [2013-07-13 18:13:38 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2013-07-13 17:59:40 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Roaming\Malwarebytes [2013-07-13 17:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013-07-13 17:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013-07-13 17:59:28 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013-07-13 17:59:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013-07-13 05:00:50 | 000,000,000 | ---D | C] -- C:\Users\Maka\Ntvdohtr [2013-07-13 04:34:43 | 000,000,000 | ---D | C] -- C:\Users\Maka\Documents\Freemake [2013-07-13 04:34:42 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake [2013-07-13 04:34:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake [2013-07-13 04:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake [2013-07-13 04:34:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake [2013-07-13 04:28:38 | 000,000,000 | ---D | C] -- C:\Users\Maka\Documents\VideoOutput [2013-07-13 04:28:38 | 000,000,000 | ---D | C] -- C:\Users\Maka\Documents\Snapshot [2013-07-13 04:28:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters [2013-07-13 04:28:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video to Video [2013-07-13 04:27:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Video to Video [2013-07-11 06:18:50 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Roaming\Process Hacker 2 [2013-07-11 05:22:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager Pro [2013-07-11 05:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnVir Task Manager Pro [2013-07-11 05:12:47 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager [2013-07-11 05:12:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnVir Task Manager [2013-07-11 05:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager Free [2013-07-11 05:06:53 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Local\AnVir [2013-07-11 04:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\TaskManager [2013-07-11 04:15:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2 [2013-07-11 04:15:35 | 000,000,000 | ---D | C] -- C:\Program Files\Process Hacker 2 [2013-07-10 22:32:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link Shell Extension [2013-07-10 19:39:25 | 000,150,392 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\junction.exe [2013-07-10 19:38:35 | 000,000,000 | ---D | C] -- C:\Junction [2013-07-10 12:10:21 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2013-07-10 11:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise JetSearch [2013-07-10 08:24:21 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013-07-10 08:24:21 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013-07-10 08:24:19 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013-07-10 08:24:19 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013-07-10 08:24:19 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013-07-10 08:24:19 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013-07-10 08:24:19 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013-07-10 08:24:19 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013-07-10 08:24:19 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013-07-10 08:24:19 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013-07-10 08:24:19 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013-07-10 08:24:18 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013-07-10 08:24:17 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013-07-10 08:24:17 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013-07-10 08:24:16 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013-07-10 08:16:05 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2013-07-10 08:16:05 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2013-07-10 08:16:02 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll [2013-07-10 08:16:02 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll [2013-07-10 08:15:57 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013-07-10 06:05:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Folder Hider [2013-07-10 06:05:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise [2013-07-09 23:34:14 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Local\CrashDumps [2013-07-08 11:18:00 | 000,000,000 | ---D | C] -- C:\FFOutput [2013-07-08 11:17:30 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory [2013-07-08 11:17:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime [2013-07-07 23:35:01 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Roaming\NVIDIA [2013-07-07 23:34:55 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Roaming\CUDA [2013-07-07 23:33:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free CUDA Video Converter 6 [2013-07-07 23:32:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free CUDA Video Converter 6 [2013-07-07 22:57:32 | 000,000,000 | ---D | C] -- C:\Konwersja MeGui [2013-07-07 03:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\bdch [2013-07-06 19:13:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro [2013-07-06 19:11:34 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro [2013-07-06 19:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2013-07-06 19:04:57 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Local\NPE [2013-07-06 19:04:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2013-07-06 11:22:42 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys [2013-07-06 11:20:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition [2013-07-06 11:19:59 | 000,718,840 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys [2013-07-06 11:19:59 | 000,593,144 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys [2013-07-06 11:17:10 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Roaming\QuickScan [2013-07-06 11:17:00 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender [2013-07-06 11:16:57 | 000,148,696 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys [2013-07-06 11:16:51 | 000,382,536 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys [2013-07-06 10:40:27 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Local\Secunia PSI [2013-07-06 10:40:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia [2013-07-06 02:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft HiJackFree [2013-07-06 02:49:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft HiJackFree [2013-07-06 02:07:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2013-07-06 02:07:47 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2013-07-06 01:24:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Maka\Desktop\OTL.exe [2013-07-05 22:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013-07-05 21:08:21 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Local\MigWiz [2013-07-05 19:08:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBoost [2013-07-05 19:08:50 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueSprig [2013-07-05 17:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TimeLeft 3 [2013-07-05 17:16:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TimeLeft3 [2013-07-05 17:16:43 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Roaming\NesterSoft [2013-07-05 17:02:58 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Roaming\BlueSprig [2013-07-05 17:02:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetClean [2013-07-05 17:02:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueSprig [2013-07-05 16:46:37 | 000,660,160 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Maka\Desktop\autoruns.exe [2013-07-05 16:42:10 | 002,756,800 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Maka\Desktop\procexp.exe [2013-07-05 16:19:58 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Roaming\Comodo [2013-07-05 15:24:49 | 000,000,000 | ---D | C] -- C:\ProgramData\SystemExplorer [2013-07-05 15:24:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer [2013-07-05 15:24:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\System Explorer [2013-07-05 15:18:37 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Local\ElevatedDiagnostics [2013-07-05 14:44:23 | 000,058,880 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys [2013-07-05 14:40:32 | 000,196,608 | ---- | C] (RICOH) -- C:\Windows\SysNative\RiSDIcon.dll [2013-07-05 14:40:32 | 000,188,416 | ---- | C] (RICOH) -- C:\Windows\SysNative\RiMMCIcon.dll [2013-07-05 14:40:32 | 000,080,384 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\risdpe64.sys [2013-07-05 14:36:01 | 000,000,000 | ---D | C] -- C:\VTRoot [2013-07-05 14:35:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers [2013-07-04 23:07:02 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013-07-04 23:06:58 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013-07-04 23:06:58 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013-07-04 23:06:56 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013-07-04 23:06:56 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013-07-04 23:06:55 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013-07-04 23:06:55 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013-07-04 23:06:55 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013-07-04 23:06:55 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013-07-04 23:06:54 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013-07-04 23:06:53 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013-07-04 23:06:53 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013-07-04 23:06:52 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013-07-04 23:06:52 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013-07-04 23:06:52 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013-07-04 23:06:51 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013-07-04 23:06:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013-07-04 23:06:50 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013-07-04 23:06:50 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013-07-04 23:06:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013-07-04 23:06:49 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013-07-04 23:06:49 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013-07-04 23:06:49 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013-07-04 23:06:49 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013-07-04 23:06:49 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013-07-04 23:06:43 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013-07-04 23:06:43 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013-07-04 23:06:43 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013-07-04 23:06:43 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013-07-04 23:06:43 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013-07-04 23:06:43 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013-07-04 23:06:43 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013-07-04 23:06:43 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013-07-04 23:06:43 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013-07-04 23:06:43 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013-07-04 23:06:43 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013-07-04 23:06:43 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013-07-04 23:06:43 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013-07-04 23:06:43 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013-07-04 23:06:43 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013-07-04 23:06:43 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013-07-04 23:06:43 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013-07-04 23:06:43 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013-07-04 23:06:43 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013-07-04 23:06:43 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013-07-04 23:06:43 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013-07-04 23:06:43 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013-07-04 23:06:43 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013-07-04 23:06:43 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013-07-04 23:06:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013-07-04 23:06:43 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013-07-04 23:06:43 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013-07-04 23:06:43 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013-07-02 13:14:45 | 000,000,000 | ---D | C] -- C:\Zdjęcia Vi [2013-06-27 17:10:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013-06-27 12:17:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2013-06-26 00:09:11 | 000,000,000 | ---D | C] -- C:\Users\Maka\Desktop\AWESIM [2013-06-24 09:06:20 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2013-06-24 09:06:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker [2013-06-24 09:06:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit [2013-06-22 14:17:37 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView [2013-06-22 14:17:37 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Roaming\IrfanView [2013-06-22 14:17:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView [2013-06-22 11:51:43 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013-06-22 11:51:20 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013-06-22 11:51:19 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013-06-22 11:51:19 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013-06-22 11:51:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2013-06-22 11:47:18 | 000,000,000 | ---D | C] -- C:\Users\Maka\Desktop\forum [2013-06-21 07:49:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software [2013-06-21 07:48:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs [2013-06-21 07:48:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite [2013-06-21 07:48:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Software [2013-06-21 07:48:36 | 000,000,000 | ---D | C] -- C:\Users\Maka\AppData\Roaming\NCH Software [2013-06-20 13:30:58 | 000,000,000 | ---D | C] -- C:\Users\Maka\Desktop\STUDIA ostatni semestr [2013-06-20 05:55:39 | 000,000,000 | ---D | C] -- C:\Windows\rescache [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-07-13 23:31:54 | 000,032,000 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys [2013-07-13 23:07:06 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-07-13 23:07:06 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-07-13 23:01:01 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013-07-13 22:59:59 | 000,001,841 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini [2013-07-13 22:59:39 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-07-13 22:59:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-07-13 22:59:00 | 3212,697,600 | -HS- | M] () -- C:\hiberfil.sys [2013-07-13 22:58:22 | 000,065,284 | ---- | M] () -- C:\Windows\SysNative\drivers\fvstore.dat [2013-07-13 22:33:19 | 005,088,600 | R--- | M] (Swearware) -- C:\Users\Maka\Desktop\ComboFix.exe [2013-07-13 17:59:31 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013-07-13 11:36:57 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013-07-13 07:29:59 | 001,553,354 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-07-13 07:29:59 | 000,699,184 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-07-13 07:29:59 | 000,617,280 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-07-13 07:29:59 | 000,135,760 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-07-13 07:29:59 | 000,107,158 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-07-13 05:07:52 | 000,001,887 | ---- | M] () -- C:\Users\Maka\Desktop\Process Hacker 2.lnk [2013-07-13 04:34:41 | 000,001,326 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk [2013-07-13 04:28:07 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\Video to Video.lnk [2013-07-13 01:33:01 | 000,002,358 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini [2013-07-13 01:32:29 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-07-11 05:22:09 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\AnVir Task Manager Pro.lnk [2013-07-11 05:12:47 | 000,001,064 | ---- | M] () -- C:\Users\Maka\Desktop\AnVir Task Manager.lnk [2013-07-11 00:56:41 | 000,413,272 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-07-11 00:55:51 | 000,000,540 | ---- | M] () -- C:\ProgramData\SMRResults322.dat [2013-07-10 23:40:03 | 000,002,052 | ---- | M] () -- C:\Windows\epplauncher.mif [2013-07-10 19:37:29 | 000,079,623 | ---- | M] () -- C:\Junction.zip [2013-07-10 19:24:41 | 000,047,616 | ---- | M] () -- C:\Win32kDiag.exe [2013-07-10 12:10:21 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2013-07-10 11:45:45 | 000,001,179 | ---- | M] () -- C:\Users\Public\Desktop\Wise JetSearch.lnk [2013-07-10 06:05:25 | 000,001,210 | ---- | M] () -- C:\Users\Public\Desktop\Wise Folder Hider.lnk [2013-07-10 05:38:10 | 000,000,640 | RHS- | M] () -- C:\Users\Maka\ntuser.pol [2013-07-08 15:16:45 | 000,154,681 | ---- | M] () -- C:\Users\Maka\Desktop\Ritaaaa.jpg [2013-07-08 15:15:01 | 000,154,863 | ---- | M] () -- C:\Users\Maka\Desktop\RitaH.jpg [2013-07-08 15:11:00 | 000,054,678 | ---- | M] () -- C:\Users\Maka\Desktop\RitaGlove.jpg [2013-07-08 11:17:30 | 000,001,204 | ---- | M] () -- C:\Users\Maka\Desktop\Format Factory.lnk [2013-07-07 23:33:12 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\Free CUDA Video Converter 6.lnk [2013-07-06 19:13:41 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2013-07-06 12:42:02 | 000,007,598 | ---- | M] () -- C:\Users\Maka\AppData\Local\Resmon.ResmonCfg [2013-07-06 11:22:42 | 000,261,056 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys [2013-07-06 11:20:02 | 000,002,178 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk [2013-07-06 11:14:17 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini [2013-07-06 03:52:23 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-07-06 03:50:55 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat [2013-07-06 03:07:13 | 000,000,096 | ---- | M] () -- C:\index.ini [2013-07-06 02:49:45 | 000,001,110 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft HiJackFree.lnk [2013-07-06 02:07:47 | 000,002,971 | ---- | M] () -- C:\Users\Maka\Desktop\HiJackThis.lnk [2013-07-06 01:22:50 | 000,368,554 | ---- | M] () -- C:\Users\Maka\Desktop\gmer.zip [2013-07-06 01:20:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maka\Desktop\OTL.exe [2013-07-05 19:08:52 | 000,001,163 | ---- | M] () -- C:\Users\Public\Desktop\Quick Boost.lnk [2013-07-05 19:08:51 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\JetBoost.lnk [2013-07-05 18:00:22 | 000,174,448 | ---- | M] () -- C:\Users\Maka\Documents\startowa konf comodo.cfgx [2013-07-05 17:16:44 | 000,001,056 | ---- | M] () -- C:\Users\Maka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeLeft.lnk [2013-07-05 17:16:44 | 000,001,020 | ---- | M] () -- C:\Users\Maka\Desktop\TimeLeft.lnk [2013-07-05 17:06:14 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job [2013-07-05 17:02:56 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\JetClean.lnk [2013-07-05 15:55:04 | 000,000,020 | ---- | M] () -- C:\Windows\SysNative\BootTime.ini [2013-07-05 15:24:49 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\System Explorer.lnk [2013-07-05 14:49:56 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013-07-05 14:35:46 | 000,002,467 | ---- | M] () -- C:\Users\Public\Desktop\SlimDrivers.lnk [2013-07-05 04:48:49 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe [2013-07-04 23:07:02 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013-07-04 23:06:58 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013-07-04 23:06:58 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013-07-04 23:06:56 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013-07-04 23:06:56 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013-07-04 23:06:55 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013-07-04 23:06:55 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013-07-04 23:06:55 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013-07-04 23:06:55 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013-07-04 23:06:54 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013-07-04 23:06:53 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013-07-04 23:06:53 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013-07-04 23:06:52 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013-07-04 23:06:52 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013-07-04 23:06:52 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013-07-04 23:06:51 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013-07-04 23:06:51 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013-07-04 23:06:50 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013-07-04 23:06:50 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013-07-04 23:06:50 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013-07-04 23:06:49 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013-07-04 23:06:49 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013-07-04 23:06:49 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013-07-04 23:06:49 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013-07-04 23:06:49 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013-07-04 23:06:49 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013-07-04 23:06:43 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013-07-04 23:06:43 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013-07-04 23:06:43 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013-07-04 23:06:43 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013-07-04 23:06:43 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013-07-04 23:06:43 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013-07-04 23:06:43 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013-07-04 23:06:43 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013-07-04 23:06:43 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013-07-04 23:06:43 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013-07-04 23:06:43 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013-07-04 23:06:43 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013-07-04 23:06:43 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013-07-04 23:06:43 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013-07-04 23:06:43 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013-07-04 23:06:43 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013-07-04 23:06:43 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013-07-04 23:06:43 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013-07-04 23:06:43 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013-07-04 23:06:43 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013-07-04 23:06:43 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013-07-04 23:06:43 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013-07-04 23:06:43 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013-07-04 23:06:43 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013-07-04 23:06:43 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013-07-04 23:06:43 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013-07-04 23:06:43 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013-07-04 23:06:43 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013-07-04 23:06:43 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013-06-27 23:20:52 | 000,660,160 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Maka\Desktop\autoruns.exe [2013-06-26 00:26:03 | 000,000,985 | ---- | M] () -- C:\Users\Maka\Desktop\Awesim.exe — skrót.lnk [2013-06-24 09:06:20 | 000,001,186 | ---- | M] () -- C:\Users\Public\Desktop\IObit Unlocker.lnk [2013-06-22 14:17:37 | 000,001,004 | ---- | M] () -- C:\Users\Maka\Desktop\IrfanView.lnk [2013-06-22 11:51:11 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013-06-22 11:51:11 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013-06-22 11:51:11 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013-06-22 11:51:11 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013-06-22 11:51:11 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013-06-22 11:51:11 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013-06-21 13:57:37 | 000,000,464 | ---- | M] () -- C:\Users\Maka\klik repeat.ahk [2013-06-21 12:14:39 | 000,000,202 | ---- | M] () -- C:\Users\Maka\klik repeat.ahk.bak [2013-06-21 07:48:41 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Debut Video Capture Software.lnk [2013-06-18 17:16:07 | 000,023,168 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys [2013-06-18 17:15:49 | 000,043,216 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll [2013-06-18 17:15:47 | 000,348,584 | ---- | M] (COMODO) -- C:\Windows\SysWow64\guard32.dll [2013-06-18 17:15:46 | 000,437,688 | ---- | M] (COMODO) -- C:\Windows\SysNative\guard64.dll [2013-06-18 17:15:38 | 000,344,792 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdvrt64.dll [2013-06-18 17:15:38 | 000,045,784 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdkbd64.dll [2013-06-18 17:15:35 | 000,278,232 | ---- | M] (COMODO) -- C:\Windows\SysWow64\cmdvrt32.dll [2013-06-18 17:15:34 | 000,040,664 | ---- | M] (COMODO) -- C:\Windows\SysWow64\cmdkbd32.dll [2013-06-16 01:54:22 | 018,192,313 | ---- | M] () -- C:\Users\Maka\Desktop\Pete i ple.ogg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-07-13 23:31:54 | 000,032,000 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys [2013-07-13 22:38:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013-07-13 22:38:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013-07-13 22:38:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013-07-13 22:38:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013-07-13 22:38:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013-07-13 17:59:31 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013-07-13 04:34:40 | 000,001,326 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk [2013-07-13 04:28:07 | 000,001,019 | ---- | C] () -- C:\Users\Public\Desktop\Video to Video.lnk [2013-07-11 05:22:09 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\AnVir Task Manager Pro.lnk [2013-07-11 05:12:47 | 000,001,064 | ---- | C] () -- C:\Users\Maka\Desktop\AnVir Task Manager.lnk [2013-07-11 04:15:36 | 000,001,887 | ---- | C] () -- C:\Users\Maka\Desktop\Process Hacker 2.lnk [2013-07-11 00:55:50 | 000,000,540 | ---- | C] () -- C:\ProgramData\SMRResults322.dat [2013-07-10 23:27:49 | 000,002,052 | ---- | C] () -- C:\Windows\epplauncher.mif [2013-07-10 19:37:45 | 000,079,623 | ---- | C] () -- C:\Junction.zip [2013-07-10 19:24:55 | 000,047,616 | ---- | C] () -- C:\Win32kDiag.exe [2013-07-10 11:45:45 | 000,001,179 | ---- | C] () -- C:\Users\Public\Desktop\Wise JetSearch.lnk [2013-07-10 06:05:25 | 000,001,210 | ---- | C] () -- C:\Users\Public\Desktop\Wise Folder Hider.lnk [2013-07-10 05:38:10 | 000,000,640 | RHS- | C] () -- C:\Users\Maka\ntuser.pol [2013-07-08 15:16:44 | 000,154,681 | ---- | C] () -- C:\Users\Maka\Desktop\Ritaaaa.jpg [2013-07-08 15:14:59 | 000,154,863 | ---- | C] () -- C:\Users\Maka\Desktop\RitaH.jpg [2013-07-08 15:08:44 | 000,054,678 | ---- | C] () -- C:\Users\Maka\Desktop\RitaGlove.jpg [2013-07-08 11:17:30 | 000,001,204 | ---- | C] () -- C:\Users\Maka\Desktop\Format Factory.lnk [2013-07-07 23:33:12 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\Free CUDA Video Converter 6.lnk [2013-07-06 19:13:41 | 000,001,941 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2013-07-06 11:20:02 | 000,002,178 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk [2013-07-06 02:50:12 | 000,000,096 | ---- | C] () -- C:\index.ini [2013-07-06 02:49:45 | 000,001,110 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft HiJackFree.lnk [2013-07-06 02:07:47 | 000,002,971 | ---- | C] () -- C:\Users\Maka\Desktop\HiJackThis.lnk [2013-07-06 01:24:20 | 000,368,554 | ---- | C] () -- C:\Users\Maka\Desktop\gmer.zip [2013-07-05 19:08:52 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\Quick Boost.lnk [2013-07-05 19:08:51 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\JetBoost.lnk [2013-07-05 18:00:21 | 000,174,448 | ---- | C] () -- C:\Users\Maka\Documents\startowa konf comodo.cfgx [2013-07-05 17:16:44 | 000,001,056 | ---- | C] () -- C:\Users\Maka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeLeft.lnk [2013-07-05 17:16:44 | 000,001,020 | ---- | C] () -- C:\Users\Maka\Desktop\TimeLeft.lnk [2013-07-05 17:02:56 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\JetClean.lnk [2013-07-05 15:24:49 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\System Explorer.lnk [2013-07-05 14:35:46 | 000,002,467 | ---- | C] () -- C:\Users\Public\Desktop\SlimDrivers.lnk [2013-07-04 23:06:49 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013-07-04 23:06:43 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013-06-26 00:26:03 | 000,000,985 | ---- | C] () -- C:\Users\Maka\Desktop\Awesim.exe — skrót.lnk [2013-06-24 09:06:20 | 000,001,186 | ---- | C] () -- C:\Users\Public\Desktop\IObit Unlocker.lnk [2013-06-22 14:17:37 | 000,001,004 | ---- | C] () -- C:\Users\Maka\Desktop\IrfanView.lnk [2013-06-21 12:05:50 | 000,000,464 | ---- | C] () -- C:\Users\Maka\klik repeat.ahk [2013-06-21 12:05:50 | 000,000,202 | ---- | C] () -- C:\Users\Maka\klik repeat.ahk.bak [2013-06-21 07:48:41 | 000,001,128 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software.lnk [2013-06-21 07:48:41 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Debut Video Capture Software.lnk [2013-06-16 01:53:27 | 018,192,313 | ---- | C] () -- C:\Users\Maka\Desktop\Pete i ple.ogg [2013-06-12 20:00:10 | 000,006,144 | ---- | C] () -- C:\Users\Maka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-06-05 08:02:43 | 000,000,200 | ---- | C] () -- C:\Users\Maka\hgfjg.ahk [2013-06-05 07:36:19 | 000,026,741 | ---- | C] () -- C:\Users\Maka\testloa.ahk [2013-06-05 07:36:19 | 000,000,395 | ---- | C] () -- C:\Users\Maka\testloa.ahk.bak [2013-06-05 06:49:34 | 000,000,838 | ---- | C] () -- C:\Users\Maka\loginfobi.ahk [2013-06-05 06:49:34 | 000,000,837 | ---- | C] () -- C:\Users\Maka\loginfobi.ahk.bak [2013-06-05 06:02:37 | 000,011,870 | ---- | C] () -- C:\Users\Maka\testing.ahk [2013-06-05 06:02:37 | 000,011,694 | ---- | C] () -- C:\Users\Maka\testing.ahk.bak [2013-06-05 05:10:11 | 000,066,867 | ---- | C] () -- C:\Users\Maka\HTTPRequesttest.ahk.bak [2013-06-05 05:10:11 | 000,055,198 | ---- | C] () -- C:\Users\Maka\HTTPRequesttest.ahk [2013-05-16 04:48:01 | 000,007,598 | ---- | C] () -- C:\Users\Maka\AppData\Local\Resmon.ResmonCfg [2013-04-18 19:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2013-04-18 19:06:46 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2013-04-18 19:06:46 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2013-04-18 19:06:46 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2013-04-18 19:06:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2013-03-27 20:12:30 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [2013-03-27 19:39:21 | 000,000,735 | ---- | C] () -- C:\Windows\FF05_Render_Spk_Hp.ini [2013-03-27 19:39:21 | 000,000,508 | ---- | C] () -- C:\Windows\FF05_not_Spk_Hp.ini [2013-03-27 19:37:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll [2013-03-27 19:34:46 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2013-03-27 19:34:46 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2013-03-27 14:07:05 | 003,064,856 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013-02-27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report >