OTL logfile created on: 2012-07-27 21:10:11 - Run 2 OTL by OldTimer - Version 3.2.55.0 Folder = D:\Downloads 64bit- Ultimate Edition (Version = 6.1.7100) - Type = NTWorkstation Internet Explorer (Version = 8.0.7100.0) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,27 Gb Available Physical Memory | 63,63% Memory free 4,00 Gb Paging File | 3,15 Gb Available in Paging File | 78,67% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 19,53 Gb Total Space | 6,40 Gb Free Space | 32,74% Space Free | Partition Type: NTFS Drive D: | 249,03 Gb Total Space | 136,39 Gb Free Space | 54,77% Space Free | Partition Type: NTFS Drive E: | 29,52 Gb Total Space | 12,15 Gb Free Space | 41,15% Space Free | Partition Type: NTFS Computer Name: DUN-PC | User Name: Dun | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-27 18:01:20 | 000,597,504 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe PRC - [2012-07-15 18:52:14 | 000,026,552 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe PRC - [2012-07-15 18:52:12 | 000,035,256 | ---- | M] (Overwolf) -- C:\Program Files (x86)\Overwolf\Overwolf.exe PRC - [2011-11-10 11:16:50 | 002,169,664 | ---- | M] (DT Soft Ltd) -- D:\Programy\DAEMON Tools Lite\DTShellHlp.exe PRC - [2010-01-15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009-04-22 07:19:30 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-07-15 18:52:28 | 000,476,600 | ---- | M] () -- C:\Program Files (x86)\Overwolf\OWServer.dll MOD - [2012-07-15 18:52:28 | 000,117,688 | ---- | M] () -- C:\Program Files (x86)\Overwolf\OWService.dll MOD - [2012-07-15 18:52:28 | 000,080,312 | ---- | M] () -- C:\Program Files (x86)\Overwolf\OverWolf.BL.Interfaces.dll MOD - [2012-07-15 18:52:28 | 000,058,368 | ---- | M] () -- C:\Program Files (x86)\Overwolf\BrowserWindow.dll MOD - [2012-07-15 18:52:28 | 000,023,480 | ---- | M] () -- C:\Program Files (x86)\Overwolf\OWInjector.dll MOD - [2012-07-15 18:52:24 | 012,452,280 | ---- | M] () -- C:\Program Files (x86)\Overwolf\OverWolf.Client.Core.dll MOD - [2012-07-15 18:52:20 | 000,074,680 | ---- | M] () -- C:\Program Files (x86)\Overwolf\OWExplorer-1066.dll MOD - [2012-07-15 18:52:20 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Overwolf\CoreAudioApi.dll MOD - [2012-07-15 18:52:14 | 000,028,088 | ---- | M] () -- C:\Program Files (x86)\Overwolf\OWLog.dll MOD - [2012-07-15 18:52:14 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\Overwolf\ODK.AddIns.V1.HostView.dll MOD - [2012-07-15 18:52:12 | 000,027,064 | ---- | M] () -- C:\Program Files (x86)\Overwolf\OWExplorerLauncher.dll MOD - [2009-04-22 11:25:00 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\9f8dba1ff941557bad216a843765eba8\WindowsFormsIntegration.ni.dll MOD - [2009-04-22 11:10:52 | 000,633,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\58b5c5489a55496ea6bd5342dd9f50d1\System.AddIn.ni.dll MOD - [2009-04-22 11:10:52 | 000,082,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\4e725d54a826ae2a7d0e31779b565d5a\System.AddIn.Contract.ni.dll MOD - [2009-04-22 11:10:45 | 002,294,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\0f1981ac7ccf02fbe63727bc31b7363a\System.Core.ni.dll MOD - [2009-04-22 11:10:42 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6bc39410c4a2a4da3d3ba042fcc95e51\PresentationFramework.Aero.ni.dll MOD - [2009-04-22 11:10:18 | 014,321,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a97a0a3e0e187078e46f549dfc8fd29e\PresentationFramework.ni.dll MOD - [2009-04-22 11:10:05 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69877bf9e4e5e5ef241fa8f2d06af391\System.ServiceProcess.ni.dll MOD - [2009-04-22 11:10:03 | 012,430,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1b24825ac395a5d13ab0016ab3a2bf09\System.Windows.Forms.ni.dll MOD - [2009-04-22 11:09:57 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\626ddfa385bb4a034da48ee52ebd0cff\System.Drawing.ni.dll MOD - [2009-04-22 11:09:55 | 012,217,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\8622cc9a4095804a28f15dd3a8e78a1d\PresentationCore.ni.dll MOD - [2009-04-22 11:09:45 | 003,314,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47bc95aa688818beb593ed68af6c0c49\WindowsBase.ni.dll MOD - [2009-04-22 11:09:40 | 005,451,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\2fea9fca85a91e6551f2ba9512f7de0f\System.Xml.ni.dll MOD - [2009-04-22 11:09:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\97e4edf5a162dcee869e8cc6473e9335\System.Configuration.ni.dll MOD - [2009-04-22 11:09:36 | 007,948,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\4a70ed40bfb576c17c2096ab53d92789\System.ni.dll MOD - [2009-04-22 11:09:31 | 011,491,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f57491c307c43d1d47a225a84044adfd\mscorlib.ni.dll MOD - [2009-04-04 22:04:42 | 000,163,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll MOD - [2009-04-04 22:04:41 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-07-27 17:49:13 | 000,108,392 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler) SRV:[b]64bit:[/b] - [2012-04-13 10:17:04 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:[b]64bit:[/b] - [2011-12-06 05:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-04-22 07:40:14 | 001,011,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-04-22 07:38:59 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-07-15 18:52:08 | 000,018,360 | ---- | M] (Overwolf Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdaterService) SRV - [2012-07-03 21:34:37 | 000,670,816 | ---- | M] (Wellbia.com Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\xsherlock.xem -- (xsherlock) SRV - [2012-06-15 12:26:32 | 000,103,472 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service) SRV - [2012-04-13 10:17:10 | 002,143,552 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2012-04-13 10:17:04 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2011-12-05 23:15:08 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- D:\Programy\hdati\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2011-07-07 20:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011-06-15 18:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate) SRV - [2011-03-28 21:51:25 | 004,323,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc) SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009-04-04 22:05:06 | 000,067,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2006-10-27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Programy\Office2007\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-07-27 21:10:35 | 000,030,496 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hitmanpro36.sys -- (hitmanpro36) DRV:[b]64bit:[/b] - [2012-05-20 11:27:43 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2011-12-06 05:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2011-12-06 05:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2011-12-06 04:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2010-02-18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:[b]64bit:[/b] - [2009-04-22 07:53:06 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-04-22 07:53:04 | 000,105,040 | ---- | M] (AMD) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-04-22 07:52:53 | 000,028,752 | ---- | M] (AMD) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-04-22 07:48:16 | 000,077,904 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-04-22 07:48:15 | 000,065,616 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-04-22 07:48:04 | 000,023,120 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2009-04-22 07:45:20 | 000,024,640 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-04-22 07:38:39 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (1394hub) DRV:[b]64bit:[/b] - [2009-03-17 06:35:14 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-03-06 09:43:49 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-03-06 09:43:48 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-02-06 05:41:49 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-01-24 06:08:24 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2011-11-08 12:47:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2011-06-24 07:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- D:\Programy\hdati\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV - [2009-04-22 07:23:43 | 000,019,024 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2005-01-02 23:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) DRV - [2002-04-26 13:04:16 | 000,095,484 | ---- | M] (DATOM Dariusz Cielebąk) [Kernel | Auto | Stopped] -- C:\Windows\SysWow64\drivers\KMM4XNT.SYS -- (Kmm4xNT) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ogplanet.com/npOGPPlugin: C:\Windows\system32\npOGPPlugin.dll (OGPlanet) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes) FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll File not found FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dun\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009-04-22 11:45:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012-07-17 22:28:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: D:\Programy\firefox2\components [2012-07-19 16:03:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: D:\Programy\firefox2\plugins [2012-06-19 19:40:50 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: D:\Programy\firefox2\components [2012-07-19 16:03:29 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: D:\Programy\firefox2\plugins [2012-06-19 19:40:50 | 000,000,000 | ---D | M] [2012-02-11 18:20:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dun\AppData\Roaming\Mozilla\Extensions [2012-05-26 14:18:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dun\AppData\Roaming\Mozilla\Firefox\Profiles\jpndh546.default\extensions [2012-03-30 07:37:55 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Dun\AppData\Roaming\Mozilla\Firefox\Profiles\jpndh546.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-05-07 19:56:21 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Users\Dun\AppData\Roaming\Mozilla\Firefox\Profiles\jpndh546.default\extensions\ietab@ip.cn [2012-05-26 14:18:19 | 000,000,000 | ---D | M] (Epuap Sign Plugin) -- C:\Users\Dun\AppData\Roaming\Mozilla\Firefox\Profiles\jpndh546.default\extensions\SignPlugin@epuap.com File not found (No name found) -- C:\USERS\DUN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JPNDH546.DEFAULT\EXTENSIONS\4F8DAF3712E0A@4F8DAF3712E0C.INFO O1 HOSTS File: ([2009-02-24 05:35:22 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\Office2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Dun\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (Trend Media Group) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O4 - HKLM..\Run: [GrooveMonitor] D:\Programy\Office2007\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [StartCCC] D:\Programy\hdati\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000..\Run: [Akamai NetSession Interface] C:\Users\Dun\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000..\Run: [DAEMON Tools Lite] D:\Programy\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000..\Run: [FlashGet 3] D:\Programy\flashget\FlashGet 3\FlashGet3.exe (Trend Media Corporation Limited) O4 - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe (Overwolf) O4 - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Dun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: Download all links by FlashGet3 - D:\Programy\flashget\FlashGet 3\BHO\fdgetallurl.htm () O8:[b]64bit:[/b] - Extra context menu item: Download by FlashGet3 - D:\Programy\flashget\FlashGet 3\BHO\fdgeturl.htm () O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Programy\Office2007\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Download all links by FlashGet3 - D:\Programy\flashget\FlashGet 3\BHO\fdgetallurl.htm () O8 - Extra context menu item: Download by FlashGet3 - D:\Programy\flashget\FlashGet 3\BHO\fdgeturl.htm () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Programy\Office2007\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\Office2007\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\Office2007\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\Office2007\Office12\REFIEBAR.DLL (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} http://www.netgame.com/mplugin/mglaunch_USAv1005.cab (MGLaunch_v1004 Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.177.196.14 195.177.196.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8EE302CB-73BD-45D4-9668-0C8C5A4CC4CC}: DhcpNameServer = 195.177.196.14 195.177.196.4 O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\Office2007\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~2.DLL (Skype Technologies) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O27:[b]64bit:[/b] - HKLM IFEO\dtlite.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\flashget3.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\quickstart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\sbase.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\scalc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\sdraw.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\simpress.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\smath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\soffice.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\swriter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\dtlite.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\flashget3.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\quickstart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\sbase.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\scalc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\sdraw.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\simpress.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\smath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\soffice.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\swriter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programy\Office2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe O33 - MountPoints2\H\Shell\install\command - "" = H:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-27 17:57:53 | 000,000,000 | ---D | C] -- C:\Users\Dun\AppData\Roaming\Malwarebytes [2012-07-27 17:57:44 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012-07-27 17:57:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-07-27 17:57:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-07-27 17:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro [2012-07-27 17:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro [2012-07-27 17:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2012-07-26 16:30:53 | 000,000,000 | ---D | C] -- C:\Users\Dun\AppData\Local\CrashRpt [2012-07-26 16:22:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEVENCORE [2012-07-23 20:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAESTIA [2012-07-18 21:50:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012-07-18 21:50:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Overwolf [2012-07-17 22:27:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Overwolf [2012-07-03 21:34:26 | 000,000,000 | ---D | C] -- C:\Users\Dun\Documents\C9 [2012-07-03 21:30:33 | 000,000,000 | ---D | C] -- C:\Users\Dun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webzen Hub [2012-07-03 21:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Overwolf [2012-07-03 21:28:15 | 000,000,000 | ---D | C] -- C:\Users\Dun\AppData\Local\Overwolf [2012-07-03 21:27:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2012-07-03 21:27:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\C9 [2012-07-01 11:00:24 | 000,000,000 | ---D | C] -- C:\Users\Dun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Red Stone [2012-07-01 11:00:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Stone [2012-07-01 09:54:28 | 000,079,256 | ---- | C] (OGPlanet) -- C:\Windows\SysWow64\npOGPPlugin.dll [2012-07-01 09:54:27 | 000,271,768 | ---- | C] (OGPlanet) -- C:\Windows\SysWow64\OGPIEPlugin.ocx [2012-07-01 09:54:27 | 000,000,000 | ---D | C] -- C:\Users\Dun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OGPlanet [2012-07-01 09:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OGPlanet [2012-06-28 21:42:43 | 000,000,000 | ---D | C] -- C:\Users\Dun\Desktop\konspekty [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-27 21:10:35 | 000,030,496 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro36.sys [2012-07-27 21:07:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-07-27 18:29:03 | 000,727,362 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-07-27 18:29:03 | 000,615,760 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-07-27 18:29:03 | 000,107,396 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-07-27 17:57:44 | 000,000,731 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-07-27 17:52:26 | 000,033,050 | ---- | M] () -- C:\Windows\SysNative\.crusader [2012-07-27 17:49:13 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2012-07-27 17:01:41 | 000,011,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-07-27 17:01:41 | 000,011,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-07-26 16:22:24 | 000,000,521 | ---- | M] () -- C:\Users\Public\Desktop\SEVENCORE.lnk [2012-07-23 20:36:59 | 000,000,614 | ---- | M] () -- C:\Users\Public\Desktop\MAESTIA.lnk [2012-07-23 19:39:36 | 000,232,649 | ---- | M] () -- C:\Users\Dun\Desktop\MaestiaDownloader.exe [2012-07-22 22:15:20 | 000,150,360 | ---- | M] () -- C:\Users\Dun\Desktop\C25169957_3.jpg [2012-07-03 21:34:37 | 000,670,816 | ---- | M] (Wellbia.com Co., Ltd.) -- C:\Windows\SysWow64\xsherlock.xem [2012-07-03 21:30:33 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Webzen Hub.lnk [2012-07-03 21:27:03 | 000,000,086 | ---- | M] () -- C:\Users\Dun\Desktop\C9.url [2012-07-03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012-07-01 11:05:25 | 000,000,022 | ---- | M] () -- C:\clientinfo.ogp [2012-07-01 11:00:28 | 000,001,171 | ---- | M] () -- C:\Users\Dun\Desktop\OGPlanet.lnk [2012-07-01 11:00:24 | 000,000,145 | ---- | M] () -- C:\Users\Dun\Desktop\Red Stone webpage.url [2012-07-01 09:54:27 | 000,001,171 | ---- | M] () -- C:\Users\Dun\Desktop\Game Launcher.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-27 17:57:44 | 000,000,731 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-07-27 17:52:26 | 000,033,050 | ---- | C] () -- C:\Windows\SysNative\.crusader [2012-07-27 17:49:14 | 000,030,496 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro36.sys [2012-07-27 17:49:13 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2012-07-26 16:22:24 | 000,000,521 | ---- | C] () -- C:\Users\Public\Desktop\SEVENCORE.lnk [2012-07-23 20:36:59 | 000,000,614 | ---- | C] () -- C:\Users\Public\Desktop\MAESTIA.lnk [2012-07-23 20:02:30 | 000,232,649 | ---- | C] () -- C:\Users\Dun\Desktop\MaestiaDownloader.exe [2012-07-22 22:15:19 | 000,150,360 | ---- | C] () -- C:\Users\Dun\Desktop\C25169957_3.jpg [2012-07-03 21:30:33 | 000,001,979 | ---- | C] () -- C:\Users\Public\Desktop\Webzen Hub.lnk [2012-07-03 21:27:03 | 000,000,086 | ---- | C] () -- C:\Users\Dun\Desktop\C9.url [2012-07-01 11:00:48 | 000,000,022 | ---- | C] () -- C:\clientinfo.ogp [2012-07-01 11:00:28 | 000,001,171 | ---- | C] () -- C:\Users\Dun\Desktop\OGPlanet.lnk [2012-07-01 11:00:24 | 000,000,145 | ---- | C] () -- C:\Users\Dun\Desktop\Red Stone webpage.url [2012-07-01 09:54:27 | 000,001,171 | ---- | C] () -- C:\Users\Dun\Desktop\Game Launcher.lnk [2012-02-25 23:32:20 | 000,000,091 | ---- | C] () -- C:\Users\Dun\AppData\Local\fusioncache.dat [2012-02-25 23:30:26 | 000,734,870 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-02-18 21:07:46 | 000,001,040 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat [2012-02-18 21:06:13 | 000,005,579 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat [2012-02-18 19:24:57 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI [2012-02-11 18:10:44 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-12-06 04:35:10 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2011-12-06 04:35:10 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011-12-05 23:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011-12-05 23:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011-09-13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [color=#E56717]========== LOP Check ==========[/color] [2012-07-26 16:29:19 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\BITS [2012-05-20 12:00:24 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\DAEMON Tools Lite [2012-02-18 21:07:46 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\FlashGet [2012-02-18 19:24:44 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\FlashGetBHO [2012-02-18 19:24:47 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\FlashgetSetup [2012-04-18 16:07:21 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\Foxit Software [2012-03-12 22:34:21 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\Gadu-Gadu 10 [2012-04-11 17:17:10 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\OpenOffice.org [2012-03-14 19:51:41 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\TS3Client [2012-03-14 19:52:57 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\ts3overlay [2012-06-01 22:06:55 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\TuneUp Software [2012-03-07 18:36:29 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\Unity [2012-04-26 19:46:30 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >