OTL logfile created on: 2016-08-06 08:48:58 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\AS-ED\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16521) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,99 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 74,53% Memory free 5,99 Gb Paging File | 5,18 Gb Available in Paging File | 86,52% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 58,59 Gb Total Space | 19,91 Gb Free Space | 33,99% Space Free | Partition Type: NTFS Drive D: | 9,76 Gb Total Space | 5,43 Gb Free Space | 55,63% Space Free | Partition Type: NTFS Drive E: | 161,37 Gb Total Space | 60,88 Gb Free Space | 37,73% Space Free | Partition Type: NTFS Drive F: | 68,36 Gb Total Space | 67,49 Gb Free Space | 98,73% Space Free | Partition Type: NTFS Computer Name: AS-ED-KOMPUTER | User Name: AS-ED | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2016-08-06 07:48:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\AS-ED\Desktop\OTL.exe PRC - [2015-04-09 08:46:59 | 005,261,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe PRC - [2014-03-07 03:41:19 | 000,240,720 | ---- | M] () -- C:\ProgramData\MobileBrServ\mbbService.exe PRC - [2012-11-23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-07-14 03:14:46 | 000,115,200 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE [color=#E56717]========== Modules (No Company Name) ==========[/color] [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2016-07-12 12:29:08 | 000,270,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2016-06-10 11:28:07 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2015-04-09 08:46:59 | 005,261,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9) SRV - [2015-03-17 07:14:08 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2014-03-07 03:41:19 | 000,240,720 | ---- | M] () [Auto | Running] -- C:\ProgramData\MobileBrServ\mbbService.exe -- (Huawei E3372) SRV - [2014-03-01 05:38:23 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService) SRV - [2014-02-14 21:11:33 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2013-05-27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2009-07-14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2015-03-17 07:15:36 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl) DRV - [2015-03-17 07:15:22 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2013-10-02 02:43:05 | 000,026,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD) DRV - [2013-10-02 02:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2012-08-23 16:46:55 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt) DRV - [2012-08-23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc) DRV - [2010-11-20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009-07-14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2009-07-14 00:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009-07-14 00:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009-07-14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=180&d=20140605 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/?dp=20160803 IE - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BE DB 16 D0 35 80 CF 01 [binary data] IE - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IESR02 IE - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000\..\SearchScopes\{870CB44C-C1ED-4E96-AF34-896A8ABA07C1}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.countryCode: "PL" FF - prefs.js..browser.search.isUS: false FF - prefs.js..browser.search.region: "PL" FF - prefs.js..browser.startup.homepage: "http://www.wp.pl/?dp=20160803" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:47.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 47.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 47.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 45.2.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 45.2.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8}: C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 47.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 47.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 45.2.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 45.2.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2014-06-04 22:47:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AS-ED\AppData\Roaming\mozilla\Extensions [2016-08-06 07:21:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AS-ED\AppData\Roaming\mozilla\Firefox\Profiles\x427qia0.default\extensions [2016-04-28 11:08:02 | 001,036,367 | ---- | M] () (No name found) -- C:\Users\AS-ED\AppData\Roaming\mozilla\firefox\profiles\x427qia0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-10 11:28:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [color=#E56717]========== Chrome ==========[/color] CHR - Extension: No name found = C:\Users\AS-ED\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\ CHR - Extension: No name found = C:\Users\AS-ED\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\ CHR - Extension: No name found = C:\Users\AS-ED\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\ CHR - Extension: No name found = C:\Users\AS-ED\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\ CHR - Extension: No name found = C:\Users\AS-ED\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\ CHR - Extension: No name found = C:\Users\AS-ED\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\ CHR - Extension: No name found = C:\Users\AS-ED\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\ CHR - Extension: No name found = C:\Users\AS-ED\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\ CHR - Extension: No name found = C:\Users\AS-ED\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ CHR - Extension: No name found = C:\Users\AS-ED\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5116.418.1.13_0\ O1 HOSTS File: ([2016-08-06 07:21:50 | 000,041,853 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: Yahoo's Aabaco Small Business: Websites, Ecommerce, Email & Local Listings
Yahoo Small Business is now Aabaco Small Business. Learn more
We make small business easier
Create a website
Sell online
Market locally
Start selling online.
Quickly set up an ecommerce site for your business with Stores.
  • Easy-to-use tools and templates
  • Customizable online shopping cart
  • Credit card and PayPal processing
Sell online
“The Aabaco Small Business platform offers so much on the back end that we decided that definitely we had to go with them.”

-Bonnie Arnwine, nationalautismresources.com
Create your website.
Get your local business online with a custom website on Web Hosting.
  • Easy-to-use website design tools
  • Templates perfect for local businesses and other groups
  • Intuitive site-performance tracking
Create a website
Growing your business just got easier.
Enhance your site today with apps from Commerce Central.
  • Get real-time insights free with Live Insights
  • Quickly enhance your store, regardless of what platform you're using
  • Discover simple, affordable, and effective tools and apps to help you find customers and increase sales
“Aabaco Small Business has been an important part of the development of our company. It’s easy to use, robust, sophisticated, and keeps up with our needs. It's also reliable, scalable—an invaluable resource.”

-Tony Pang, gojane.com
Market locally. Get found.
Find new customers with custom advertising programs through Localworks.
  • Increase your website's visibility on 60+ directories
  • Control your business information across the web
  • Track ad performance quickly
Market locally

Small Business Advisor

Get the news, advice, and tools to help you start, build, and grow your business.

  • Buying an Existing Business

    Maybe you’ve already O1 - Hosts: owned or operated a small business. Perhaps this is your first. Sure, you have O1 - Hosts: to review the numbers.... O1 - Hosts: View more »

  • Targeting Health Clubs and Swanky Hotels, But Finding a Purpose in Flint

    Rich Razgaitis cofounded FloWater in 2013 on a mission to eliminate single use plastic water bottles and their destruction... O1 - Hosts: View more »

  • What If the MBA Road Less Traveled Pays As Well As the Traditional Path?

    For business students choosing a path out of grad school, two Harvard Business School professors have tried to apply some... O1 - Hosts: View more »

  • If Hard-to-Get Loans Are the Problem, Who’s to Blame?

    Who’s to blame for the slowdown in startups? Recent research shows entrepreneurship is stagnating, and a Senate hearing... O1 - Hosts: View more »

  • Meet the World's Biggest Fruit – and the Company Using it to Change Vegan Food Options

    There are lots of reasons for O1 - Hosts: being a vegan. Maybe it makes your body feel better. Or perhaps you don’t O1 - Hosts: approve of... O1 - Hosts: View more »

  • Surveys for Small Business: Want to know what your customers are thinking? Ask Them

    Want to know what O1 - Hosts: your customers are thinking? Go ahead and ask them.That’s the advice O1 - Hosts: from some of the country’s best... O1 - Hosts: View more »

  • Buying an Existing Business

    Maybe you’ve already O1 - Hosts: owned or operated a small business. Perhaps this is your first. Sure, you have O1 - Hosts: to review the numbers.... O1 - Hosts: View more »

    Targeting Health Clubs and Swanky Hotels, But Finding a Purpose in Flint

    Rich Razgaitis cofounded FloWater in 2013 on a mission to eliminate single use plastic water bottles and their destruction... O1 - Hosts: View more »

  • What If the MBA Road Less Traveled Pays As Well As the Traditional Path?

    For business students choosing a path out of grad school, two Harvard Business School professors have tried to apply some... O1 - Hosts: View more »

    If Hard-to-Get Loans Are the Problem, Who’s to Blame?

    Who’s to blame for the slowdown in startups? Recent research shows entrepreneurship is stagnating, and a Senate hearing... O1 - Hosts: View more »

View more articles »
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll File not found O4 - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000..\Run: [Microsoft Sync Center] C:\Users\AS-ED\AppData\Roaming\WindowsUpdate\mobsync.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0E96DD50-30B7-41B5-8119-FC6D5F25BDB0}: DhcpNameServer = 192.168.8.1 192.168.8.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C832495-39F3-4D08-807C-1C69D3DFA9F5}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{37494295-5ECE-42FF-8A23-2EE9E90F70B0}: DhcpNameServer = 192.168.2.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: TaskMan - (C:\Users\AS-ED\AppData\Roaming\WindowsUpdate\mobsync.exe) - C:\Users\AS-ED\AppData\Roaming\WindowsUpdate\mobsync.exe () O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-1462958219-1592882257-2837737144-1000 Winlogon: Shell - (C:\Users\AS-ED\AppData\Roaming\WindowsUpdate\mobsync.exe) - C:\Users\AS-ED\AppData\Roaming\WindowsUpdate\mobsync.exe () O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2016-07-11 10:11:31 | 000,000,007 | -HS- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{0fa0ea82-b296-11e4-94ac-0024540be715}\Shell - "" = AutoRun O33 - MountPoints2\{0fa0ea82-b296-11e4-94ac-0024540be715}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\{560f6802-605e-11e4-af6c-0024540be715}\Shell - "" = AutoRun O33 - MountPoints2\{560f6802-605e-11e4-af6c-0024540be715}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{b95bf596-69a5-11e5-bf16-0024540be715}\Shell - "" = AutoRun O33 - MountPoints2\{b95bf596-69a5-11e5-bf16-0024540be715}\Shell\AutoRun\command - "" = H:\Lenovo_Suite.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2016-08-06 08:46:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\AS-ED\Desktop\OTL.exe [2016-08-06 07:36:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2016-08-04 16:14:26 | 000,000,000 | ---D | C] -- C:\Users\AS-ED\AppData\Roaming\TeamViewer [2016-07-15 11:45:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2016-08-06 08:51:56 | 000,786,640 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2016-08-06 08:51:56 | 000,700,432 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2016-08-06 08:51:56 | 000,172,996 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2016-08-06 08:51:56 | 000,139,118 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2016-08-06 08:51:22 | 000,021,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2016-08-06 08:51:22 | 000,021,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2016-08-06 08:44:09 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2016-08-06 08:43:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2016-08-06 08:43:55 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys [2016-08-06 08:42:48 | 000,041,916 | ---- | M] () -- C:\Users\AS-ED\AppData\Local\Update.12.Bron.Tok.bin [2016-08-06 08:29:24 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2016-08-06 08:29:13 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2016-08-06 08:26:55 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [2016-08-06 07:48:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\AS-ED\Desktop\OTL.exe [2016-08-06 07:35:05 | 000,288,464 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2016-08-06 07:22:14 | 000,000,013 | ---- | M] () -- C:\Windows\TEXTware.ini [2016-08-06 07:21:50 | 000,041,853 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2016-08-05 12:18:53 | 000,021,525 | ---- | M] () -- C:\Users\AS-ED\Documents\CV rs16.odt [2016-08-05 12:15:51 | 000,022,021 | ---- | M] () -- C:\Users\AS-ED\Documents\CV rs16-nowe.odt [2016-07-26 14:24:26 | 000,406,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2016-07-12 12:29:07 | 000,796,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2016-07-12 12:29:07 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2016-07-11 10:11:31 | 000,000,007 | -HS- | M] () -- C:\autoexec.bat [color=#E56717]========== Files Created - No Company Name ==========[/color] [2016-08-06 08:42:48 | 000,041,916 | ---- | C] () -- C:\Users\AS-ED\AppData\Local\Update.12.Bron.Tok.bin [2016-08-05 11:30:23 | 000,022,021 | ---- | C] () -- C:\Users\AS-ED\Documents\CV rs16-nowe.odt [2016-07-28 02:33:18 | 000,021,525 | ---- | C] () -- C:\Users\AS-ED\Documents\CV rs16.odt [2016-03-01 14:31:32 | 000,000,013 | ---- | C] () -- C:\Windows\TEXTware.ini [2016-03-01 14:01:41 | 000,041,546 | ---- | C] () -- C:\Users\AS-ED\AppData\Local\Bron.tok.A12.em.bin [2014-10-28 11:27:13 | 000,006,144 | ---- | C] () -- C:\Windows\System32\ScanCoInstall.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2014-12-15 15:14:45 | 000,000,000 | ---D | M] -- C:\Users\AS-ED\AppData\Roaming\EncryptStick [2014-10-07 16:02:59 | 000,000,000 | ---D | M] -- C:\Users\AS-ED\AppData\Roaming\InsERT GT [2014-12-18 21:23:00 | 000,000,000 | ---D | M] -- C:\Users\AS-ED\AppData\Roaming\OpenOffice [2014-06-05 02:12:02 | 000,000,000 | ---D | M] -- C:\Users\AS-ED\AppData\Roaming\OpenOffice.org [2014-08-01 12:25:38 | 000,000,000 | ---D | M] -- C:\Users\AS-ED\AppData\Roaming\Opera Software [2016-08-04 16:14:26 | 000,000,000 | ---D | M] -- C:\Users\AS-ED\AppData\Roaming\TeamViewer [2014-09-04 17:58:20 | 000,000,000 | ---D | M] -- C:\Users\AS-ED\AppData\Roaming\Thunderbird [2016-08-06 08:42:38 | 000,000,000 | ---D | M] -- C:\Users\AS-ED\AppData\Roaming\Update [2016-08-06 08:43:54 | 000,000,000 | ---D | M] -- C:\Users\AS-ED\AppData\Roaming\Windows Live [2016-08-06 08:42:38 | 000,000,000 | ---D | M] -- C:\Users\AS-ED\AppData\Roaming\WindowsUpdate [color=#E56717]========== Purity Check ==========[/color] < End of report >