OTL logfile created on: 2014-01-16 10:16:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\programy 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,97 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 55,94% Memory free 7,93 Gb Paging File | 5,79 Gb Available in Paging File | 72,99% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 148,95 Gb Total Space | 18,00 Gb Free Space | 12,08% Space Free | Partition Type: NTFS Drive D: | 144,55 Gb Total Space | 59,78 Gb Free Space | 41,36% Space Free | Partition Type: NTFS Drive E: | 4,49 Gb Total Space | 1,03 Gb Free Space | 23,04% Space Free | Partition Type: NTFS Drive G: | 41,85 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ASUS-KOMPUTER | User Name: Asus | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-01-16 10:13:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\programy\OTL.exe PRC - [2014-01-16 08:41:44 | 000,520,032 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\Internet Manager.exe PRC - [2014-01-16 08:41:44 | 000,224,096 | ---- | M] () -- C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe PRC - [2013-12-15 16:09:53 | 000,309,328 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe PRC - [2013-05-11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013-04-04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013-04-04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013-04-04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2013-02-12 21:21:51 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2013-02-12 21:21:50 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe PRC - [2012-11-29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2011-08-18 15:25:12 | 001,101,960 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe PRC - [2011-03-14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2010-09-28 11:22:23 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2009-08-19 19:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe PRC - [2009-08-17 08:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe PRC - [2009-08-12 15:06:14 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe PRC - [2009-08-12 13:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe PRC - [2009-07-24 09:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2009-06-24 11:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe PRC - [2009-06-19 09:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe PRC - [2009-06-19 09:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe PRC - [2009-06-15 16:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe PRC - [2009-05-18 14:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe PRC - [2008-12-22 16:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe PRC - [2008-08-13 20:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe PRC - [2008-08-13 19:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe PRC - [2008-03-31 01:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe PRC - [2007-11-30 10:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe PRC - [2007-08-07 23:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe PRC - [2007-08-03 11:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-01-16 08:41:49 | 000,277,504 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\XFramePlugin.dll MOD - [2014-01-16 08:41:49 | 000,168,960 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\XCodec.dll MOD - [2014-01-16 08:41:49 | 000,120,160 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\Win7Support.dll MOD - [2014-01-16 08:41:48 | 000,818,688 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\SMSUIPlugin.dll MOD - [2014-01-16 08:41:48 | 000,686,080 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\SmsAppPlugin.dll MOD - [2014-01-16 08:41:48 | 000,423,424 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\USSDUIPlugin.dll MOD - [2014-01-16 08:41:48 | 000,319,488 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\StatusBarMgrPlugin.dll MOD - [2014-01-16 08:41:48 | 000,272,384 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\sdk.dll MOD - [2014-01-16 08:41:48 | 000,219,136 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\SmsSrvPlugin.dll MOD - [2014-01-16 08:41:48 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\USSDSrvPlugin.dll MOD - [2014-01-16 08:41:48 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\Trace.dll MOD - [2014-01-16 08:41:48 | 000,131,936 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\ServiceUIPlugin.dll MOD - [2014-01-16 08:41:47 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\QtNetwork4.dll MOD - [2014-01-16 08:41:47 | 000,398,336 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\QtXml4.dll MOD - [2014-01-16 08:41:46 | 009,515,520 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\QtGui4.dll MOD - [2014-01-16 08:41:46 | 002,415,104 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\QtCore4.dll MOD - [2014-01-16 08:41:46 | 000,545,280 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\PluginContainer.dll MOD - [2014-01-16 08:41:46 | 000,387,072 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\Proxy.dll MOD - [2014-01-16 08:41:46 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\plugins\imageformats\qgif4.dll MOD - [2014-01-16 08:41:46 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\plugins\imageformats\qico4.dll MOD - [2014-01-16 08:41:45 | 001,107,296 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NDISAPI.dll MOD - [2014-01-16 08:41:45 | 000,804,864 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\MiniFramePlugin.dll MOD - [2014-01-16 08:41:45 | 000,524,640 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NetInfoUIExPlugin.dll MOD - [2014-01-16 08:41:45 | 000,501,248 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\DeviceMgrUIPlugin.dll MOD - [2014-01-16 08:41:45 | 000,434,016 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\DialupUIPlugin.dll MOD - [2014-01-16 08:41:45 | 000,424,448 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NetSettingPlugin.dll MOD - [2014-01-16 08:41:45 | 000,421,216 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\core.dll MOD - [2014-01-16 08:41:45 | 000,337,408 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\DeviceAppPlugin.dll MOD - [2014-01-16 08:41:45 | 000,332,640 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NetConnectPlugin.dll MOD - [2014-01-16 08:41:45 | 000,313,856 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NetInfoRecordUIPlugin.dll MOD - [2014-01-16 08:41:45 | 000,300,544 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\DeviceSrvPlugin.dll MOD - [2014-01-16 08:41:45 | 000,295,936 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NetInfoSrvPlugin.dll MOD - [2014-01-16 08:41:45 | 000,271,872 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\MenuMgrPlugin.dll MOD - [2014-01-16 08:41:45 | 000,250,720 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\LiveUpdateInterface.dll MOD - [2014-01-16 08:41:45 | 000,224,256 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NetSrvPlugin.dll MOD - [2014-01-16 08:41:45 | 000,221,696 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\Common.dll MOD - [2014-01-16 08:41:45 | 000,211,968 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\DialUpPlugin.dll MOD - [2014-01-16 08:41:45 | 000,178,688 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NDISPlugin.dll MOD - [2014-01-16 08:41:45 | 000,158,720 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NetConnectSrvPlugin.dll MOD - [2014-01-16 08:41:45 | 000,157,184 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\DataServicePlugin.dll MOD - [2014-01-16 08:41:45 | 000,138,240 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\HelpUIPlugin.dll MOD - [2014-01-16 08:41:45 | 000,133,632 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\OSDialup.dll MOD - [2014-01-16 08:41:45 | 000,131,584 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\OSNDIS.dll MOD - [2014-01-16 08:41:45 | 000,117,248 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\LayoutPlugin.dll MOD - [2014-01-16 08:41:45 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\OSAdapt.dll MOD - [2014-01-16 08:41:45 | 000,099,328 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\CompressRatePlugin.dll MOD - [2014-01-16 08:41:45 | 000,097,280 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NotifyServicePlugin.dll MOD - [2014-01-16 08:41:45 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\OSPowerMgr.dll MOD - [2014-01-16 08:41:45 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\libgcc_s_dw2-1.dll MOD - [2014-01-16 08:41:45 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\mingwm10.dll MOD - [2014-01-16 08:41:44 | 001,084,416 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\AddrBookPlugin.dll MOD - [2014-01-16 08:41:44 | 000,796,160 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\AddrBookUIPlugin.dll MOD - [2014-01-16 08:41:44 | 000,520,032 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\Internet Manager.exe MOD - [2014-01-16 08:41:44 | 000,262,656 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\AddrBookSrvPlugin.dll MOD - [2014-01-16 08:41:44 | 000,239,104 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\AtCodec.dll MOD - [2014-01-16 08:41:44 | 000,123,904 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\ATR2SMgr.dll MOD - [2009-08-12 15:06:14 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe MOD - [2009-07-24 09:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe MOD - [2007-11-30 10:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe MOD - [2007-06-15 09:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll MOD - [2007-06-01 16:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009-08-21 17:07:20 | 000,356,480 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (FastBootAgent) SRV:[b]64bit:[/b] - [2009-08-04 20:35:30 | 000,838,528 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2007-08-07 23:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV:[b]64bit:[/b] - [2007-08-03 11:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr) SRV - [2014-01-16 08:41:44 | 000,224,096 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe -- (Internet Manager. RunOuc) SRV - [2013-11-18 16:27:02 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-05-11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013-04-04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013-04-04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2013-02-12 21:21:50 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2013-02-04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2012-11-29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2011-03-14 16:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-15 16:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008-03-31 01:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV:[b]64bit:[/b] - [2014-01-16 08:41:50 | 000,212,992 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm) DRV:[b]64bit:[/b] - [2014-01-16 08:41:50 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:[b]64bit:[/b] - [2014-01-16 08:41:50 | 000,098,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV:[b]64bit:[/b] - [2014-01-16 08:41:50 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:[b]64bit:[/b] - [2014-01-16 08:41:50 | 000,039,552 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tcpipBM.sys -- (tcpipBM) DRV:[b]64bit:[/b] - [2014-01-16 08:41:50 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV:[b]64bit:[/b] - [2014-01-16 08:41:50 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV:[b]64bit:[/b] - [2014-01-16 08:41:49 | 000,016,512 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BMLoad.sys -- (BMLoad) DRV:[b]64bit:[/b] - [2013-04-04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2012-06-07 17:31:07 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-11-18 14:20:46 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:[b]64bit:[/b] - [2011-11-18 14:20:46 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:[b]64bit:[/b] - [2011-08-18 15:25:12 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2010-09-28 11:22:15 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm) DRV:[b]64bit:[/b] - [2010-08-25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2010-07-16 01:45:42 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf) DRV:[b]64bit:[/b] - [2010-06-22 18:20:18 | 000,030,792 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot) DRV:[b]64bit:[/b] - [2009-10-06 23:54:10 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT) DRV:[b]64bit:[/b] - [2009-10-06 23:49:56 | 000,053,816 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\DgivEcp.sys -- (DgiVecp) DRV:[b]64bit:[/b] - [2009-10-05 15:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009-08-20 09:41:38 | 001,800,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) DRV:[b]64bit:[/b] - [2009-08-12 06:45:30 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:[b]64bit:[/b] - [2009-07-20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-09 09:11:32 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:[b]64bit:[/b] - [2009-07-09 04:11:42 | 000,140,800 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:[b]64bit:[/b] - [2009-06-18 11:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby) DRV:[b]64bit:[/b] - [2009-06-10 21:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-06-09 05:38:24 | 000,055,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) DRV:[b]64bit:[/b] - [2009-06-04 11:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009-05-13 02:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2008-10-21 10:22:44 | 000,145,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017unic.sys -- (s0017unic) DRV:[b]64bit:[/b] - [2008-10-21 10:22:44 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017obex.sys -- (s0017obex) DRV:[b]64bit:[/b] - [2008-10-21 10:22:44 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017nd5.sys -- (s0017nd5) DRV:[b]64bit:[/b] - [2008-10-21 10:22:42 | 000,152,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mdm.sys -- (s0017mdm) DRV:[b]64bit:[/b] - [2008-10-21 10:22:42 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mgmt.sys -- (s0017mgmt) DRV:[b]64bit:[/b] - [2008-10-21 10:22:42 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mdfl.sys -- (s0017mdfl) DRV:[b]64bit:[/b] - [2008-10-21 10:22:40 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017bus.sys -- (s0017bus) DRV:[b]64bit:[/b] - [2008-05-23 16:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV:[b]64bit:[/b] - [2007-08-03 05:26:48 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio) DRV:[b]64bit:[/b] - [2007-07-24 10:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) DRV - [2011-10-19 22:08:15 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2004-05-17 14:04:16 | 000,041,984 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\DGIVECP.SYS -- (DgiVecp) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1720854903-721639992-1052711666-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKU\S-1-5-21-1720854903-721639992-1052711666-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE - HKU\S-1-5-21-1720854903-721639992-1052711666-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-1720854903-721639992-1052711666-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1720854903-721639992-1052711666-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-21-1720854903-721639992-1052711666-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1720854903-721639992-1052711666-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1720854903-721639992-1052711666-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1720854903-721639992-1052711666-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = IE - HKU\S-1-5-21-1720854903-721639992-1052711666-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Asus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013-02-12 10:33:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-02-12 07:48:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-02-12 07:48:10 | 000,000,000 | ---D | M] [2011-03-30 11:14:15 | 000,002,046 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: sweet-page (Enabled) CHR - default_search_provider: search_url = http://www.google.com CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - Extension: Dokumenty Google = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Dysk Google = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\ CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013-03-19 20:05:07 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKU\S-1-5-21-1720854903-721639992-1052711666-1000\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found. O3:[b]64bit:[/b] - HKU\S-1-5-21-1720854903-721639992-1052711666-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-1720854903-721639992-1052711666-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:[b]64bit:[/b] - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files (x86)\SmarThru 4\WEBCapture.dll2.htm () O8:[b]64bit:[/b] - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files (x86)\SmarThru 4\WEBCapture.dll1.htm () O8:[b]64bit:[/b] - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files (x86)\SmarThru 4\WEBCapture.dll.htm () O8:[b]64bit:[/b] - Extra context menu item: SmarThru4 Web Capture - C:\Program Files (x86)\SmarThru 4\WebCapture.dll () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files (x86)\SmarThru 4\WEBCapture.dll2.htm () O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files (x86)\SmarThru 4\WEBCapture.dll1.htm () O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files (x86)\SmarThru 4\WEBCapture.dll.htm () O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files (x86)\SmarThru 4\WebCapture.dll () O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:[b]64bit:[/b] - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {25336921-03F9-11CF-8FD0-00AA00686F13} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Microsoft HTML Document 6.0) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14A08CE4-26B5-40E4-A171-CEB0CEF6A44C}: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4ABD38B-0C82-4443-830D-E477E6AEC4A8}: NameServer = 213.158.199.1 213.158.199.5 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (c:\windows\syswow64\userinit.exe) - c:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013-03-19 12:56:38 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011-06-29 19:36:29 | 000,000,000 | ---D | M] - D:\auto -- [ NTFS ] O32 - AutoRun File - [2009-08-26 08:00:00 | 000,000,043 | ---- | M] () - E:\AUTORUN.INF -- [ NTFS ] O32 - AutoRun File - [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () - G:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2009-09-25 03:46:52 | 000,000,045 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{0f308768-0b7c-11e1-920f-20cf300898f8}\Shell - "" = AutoRun O33 - MountPoints2\{0f308768-0b7c-11e1-920f-20cf300898f8}\Shell\AutoRun\command - "" = H:\Startme.exe O33 - MountPoints2\{168dcea4-7df8-11e3-ac4c-20cf300898f8}\Shell - "" = AutoRun O33 - MountPoints2\{168dcea4-7df8-11e3-ac4c-20cf300898f8}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () O33 - MountPoints2\{168dcecf-7df8-11e3-ac4c-20cf300898f8}\Shell - "" = AutoRun O33 - MountPoints2\{168dcecf-7df8-11e3-ac4c-20cf300898f8}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () O33 - MountPoints2\{168dcefe-7df8-11e3-ac4c-20cf300898f8}\Shell - "" = AutoRun O33 - MountPoints2\{168dcefe-7df8-11e3-ac4c-20cf300898f8}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () O33 - MountPoints2\{388062f8-7e83-11e3-8515-20cf300898f8}\Shell - "" = AutoRun O33 - MountPoints2\{388062f8-7e83-11e3-8515-20cf300898f8}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () O33 - MountPoints2\{7385bea5-7c21-11e3-aa41-20cf300898f8}\Shell - "" = AutoRun O33 - MountPoints2\{7385bea5-7c21-11e3-aa41-20cf300898f8}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () O33 - MountPoints2\{7385beb7-7c21-11e3-aa41-20cf300898f8}\Shell - "" = AutoRun O33 - MountPoints2\{7385beb7-7c21-11e3-aa41-20cf300898f8}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () O33 - MountPoints2\{7d721579-45c6-11e2-8d3a-20cf300898f8}\Shell - "" = AutoRun O33 - MountPoints2\{7d721579-45c6-11e2-8d3a-20cf300898f8}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () O33 - MountPoints2\{848d3057-cb17-11df-ab83-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{848d3057-cb17-11df-ab83-806e6f6e6963}\Shell\AutoRun\command - "" = F:\InstAll.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-01-16 09:55:01 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2014-01-16 08:43:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager [2014-01-16 08:42:30 | 001,001,472 | ---- | C] (DiBcom SA) -- C:\Windows\SysNative\drivers\mod7700.sys [2014-01-16 08:42:30 | 000,415,744 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbwwan.sys [2014-01-16 08:42:30 | 000,222,464 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys [2014-01-16 08:42:30 | 000,212,992 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys [2014-01-16 08:42:30 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys [2014-01-16 08:42:30 | 000,098,816 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys [2014-01-16 08:42:30 | 000,086,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys [2014-01-16 08:42:30 | 000,069,632 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys [2014-01-16 08:42:30 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys [2014-01-16 08:42:30 | 000,028,672 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys [2014-01-16 08:42:30 | 000,022,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwupgrade.sys [2014-01-16 08:42:30 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys [2014-01-16 08:42:02 | 000,724,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bmutil.dll [2014-01-16 08:42:02 | 000,308,352 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysWow64\bminstall.dll [2014-01-16 08:42:01 | 000,039,552 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysNative\drivers\tcpipBM.sys [2014-01-16 08:42:01 | 000,016,512 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysNative\drivers\BMLoad.sys [2014-01-16 08:41:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\T-Mobile [2014-01-15 15:48:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SAMSUNG [2014-01-15 15:45:53 | 000,000,000 | ---D | C] -- C:\Users\Asus\.android [2014-01-15 15:45:50 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\cache [2014-01-15 15:18:19 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2014-01-15 15:17:57 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2014-01-15 15:17:57 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2014-01-15 15:17:57 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2014-01-15 08:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Internet Manager [2014-01-15 08:10:26 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfCoInstaller01007.dll [2014-01-15 08:09:51 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\T-Mobile [2014-01-15 08:09:04 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService [2014-01-10 23:03:11 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup [2014-01-06 20:23:36 | 004,558,848 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2013-12-22 18:13:51 | 000,000,000 | ---D | C] -- C:\Users\Asus\Documents\Sony [2011-06-19 19:59:59 | 000,182,168 | ---- | C] (Microsoft Corporation) -- C:\Program Files\trilogyiii.exe [2008-08-11 20:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-01-16 10:18:02 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-01-16 10:09:46 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-01-16 10:09:46 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-01-16 10:04:27 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-01-16 10:02:03 | 000,000,026 | ---- | M] () -- C:\Windows\SysNative\BootTime.ini [2014-01-16 10:02:00 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini [2014-01-16 10:01:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-01-16 10:01:50 | 3193,765,888 | -HS- | M] () -- C:\hiberfil.sys [2014-01-16 10:00:17 | 000,001,254 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014-01-16 09:49:01 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-01-16 09:16:11 | 004,811,436 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2014-01-16 09:16:11 | 002,149,632 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014-01-16 09:16:11 | 001,585,106 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2014-01-16 09:16:11 | 001,497,084 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014-01-16 09:16:11 | 000,006,462 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014-01-16 08:54:39 | 000,001,793 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini [2014-01-16 08:43:14 | 000,001,203 | ---- | M] () -- C:\Users\Public\Desktop\Internet Manager.lnk [2014-01-16 08:41:50 | 001,001,472 | ---- | M] (DiBcom SA) -- C:\Windows\SysNative\drivers\mod7700.sys [2014-01-16 08:41:50 | 000,415,744 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbwwan.sys [2014-01-16 08:41:50 | 000,212,992 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys [2014-01-16 08:41:50 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys [2014-01-16 08:41:50 | 000,098,816 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys [2014-01-16 08:41:50 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys [2014-01-16 08:41:50 | 000,069,632 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys [2014-01-16 08:41:50 | 000,039,552 | ---- | M] (Bytemobile, Inc.) -- C:\Windows\SysNative\drivers\tcpipBM.sys [2014-01-16 08:41:50 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys [2014-01-16 08:41:50 | 000,022,016 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwupgrade.sys [2014-01-16 08:41:50 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys [2014-01-16 08:41:49 | 001,490,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll [2014-01-16 08:41:49 | 001,490,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfCoInstaller01007.dll [2014-01-16 08:41:49 | 000,222,464 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys [2014-01-16 08:41:49 | 000,032,768 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys [2014-01-16 08:41:49 | 000,016,512 | ---- | M] (Bytemobile, Inc.) -- C:\Windows\SysNative\drivers\BMLoad.sys [2014-01-16 08:41:45 | 000,724,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\bmutil.dll [2014-01-16 08:41:44 | 000,308,352 | ---- | M] (Bytemobile, Inc.) -- C:\Windows\SysWow64\bminstall.dll [2014-01-15 21:28:35 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe [2014-01-15 15:40:30 | 000,001,081 | ---- | M] () -- C:\Users\Asus\Desktop\Continue 7-Zip Installation.lnk [2014-01-15 08:18:41 | 000,010,533 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\SmarThruOptions.xml [2014-01-15 08:11:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf [2014-01-15 08:11:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf [2014-01-15 08:10:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf [2014-01-14 21:51:22 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat [2014-01-14 21:51:22 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat [2014-01-06 20:23:36 | 004,558,848 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2013-12-18 21:09:39 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013-12-18 21:04:13 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013-12-18 21:04:09 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013-12-18 21:03:46 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-01-16 08:43:14 | 000,001,203 | ---- | C] () -- C:\Users\Public\Desktop\Internet Manager.lnk [2014-01-15 15:40:30 | 000,001,081 | ---- | C] () -- C:\Users\Asus\Desktop\Continue 7-Zip Installation.lnk [2014-01-15 08:11:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf [2014-01-15 08:11:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf [2014-01-15 08:10:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf [2013-06-03 11:28:29 | 000,000,004 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\skype.ini [2011-11-02 20:09:35 | 000,010,533 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\SmarThruOptions.xml [2011-07-21 17:13:06 | 000,004,096 | -H-- | C] () -- C:\Users\Asus\AppData\Local\keyfile3.drm [2010-12-20 11:27:21 | 000,005,504 | ---- | C] () -- C:\Users\Asus\raw32.lc [2010-12-09 20:42:47 | 000,002,432 | ---- | C] () -- C:\Users\Asus\AppData\Local\TempITF368.html [2010-12-09 20:42:47 | 000,002,089 | ---- | C] () -- C:\Users\Asus\AppData\Local\TempUyE368.html [2010-10-07 10:31:29 | 000,006,144 | ---- | C] () -- C:\Users\Asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-04-08 09:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll [2008-05-22 07:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg [color=#E56717]========== ZeroAccess Check ==========[/color] [2011-11-17 07:41:18 | 000,002,048 | -HS- | M] () -- C:\Windows\Installer\{9982d713-0db2-4ba2-b619-cb6a9fa2dd1a}\@ [2011-11-17 07:41:18 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{9982d713-0db2-4ba2-b619-cb6a9fa2dd1a}\L [2013-12-06 15:33:58 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{9982d713-0db2-4ba2-b619-cb6a9fa2dd1a}\U [2013-12-06 15:33:45 | 000,000,768 | ---- | M] () -- C:\Windows\Installer\{9982d713-0db2-4ba2-b619-cb6a9fa2dd1a}\U\00000001.@ [2013-12-06 15:33:45 | 000,000,768 | ---- | M] () -- C:\Windows\Installer\{9982d713-0db2-4ba2-b619-cb6a9fa2dd1a}\U\00000002.@ [2013-12-06 15:33:58 | 000,004,096 | ---- | M] () -- C:\Windows\Installer\{9982d713-0db2-4ba2-b619-cb6a9fa2dd1a}\U\80000000.@ [2013-12-06 15:33:58 | 000,004,096 | ---- | M] () -- C:\Windows\Installer\{9982d713-0db2-4ba2-b619-cb6a9fa2dd1a}\U\80000001.@ [2013-12-06 15:33:32 | 000,004,096 | ---- | M] () -- C:\Windows\Installer\{9982d713-0db2-4ba2-b619-cb6a9fa2dd1a}\U\800000cb.@ [2012-09-28 09:46:38 | 000,002,048 | -HS- | M] () -- C:\Users\Asus\AppData\Local\{9982d713-0db2-4ba2-b619-cb6a9fa2dd1a}\@ [2011-11-17 07:41:18 | 000,000,000 | -HSD | M] -- C:\Users\Asus\AppData\Local\{9982d713-0db2-4ba2-b619-cb6a9fa2dd1a}\L [2011-11-17 07:41:18 | 000,000,000 | -HSD | M] -- C:\Users\Asus\AppData\Local\{9982d713-0db2-4ba2-b619-cb6a9fa2dd1a}\U [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "ThreadingModel" = Both "" = C:\Users\Asus\AppData\Local\{9982d713-0db2-4ba2-b619-cb6a9fa2dd1a}\n. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2012-06-07 20:34:23 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Ashampoo [2013-11-09 15:05:26 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Azureus [2013-06-03 12:08:24 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\EliSoft [2010-12-27 10:27:13 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Gadu-Gadu [2010-12-11 17:10:34 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Gadu-Gadu 10 [2013-10-05 06:57:57 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\GofinDruki [2012-06-11 20:37:42 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\GrabIt [2013-10-18 18:47:42 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\IGC [2011-03-19 19:48:39 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\IMSI [2011-03-19 19:48:39 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\IMSIDesign [2010-12-11 08:16:07 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\ipla [2011-03-05 13:13:15 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Panasonic [2013-05-23 11:13:01 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Programer [2011-03-19 19:35:19 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Raptr [2010-12-09 20:44:16 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\RDRM [2013-02-12 19:32:22 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Simply Super Software [2011-11-02 20:09:38 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\SmarThru4 [2011-11-23 23:21:43 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Sony [2011-06-19 20:22:01 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\SoundSpectrum [2011-11-01 20:58:48 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\SumatraPDF [2014-01-15 08:09:51 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\T-Mobile [2013-09-24 19:16:05 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TuneUp Software [2013-09-24 16:25:11 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\vso [2013-11-15 11:51:21 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Gadu-Gadu [2010-12-10 15:01:02 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Gadu-Gadu 10 [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:B2A32C68 @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report >