OTL logfile created on: 2012-08-07 14:44:26 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Dadix\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,99 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 77,12% Memory free 3,98 Gb Paging File | 3,58 Gb Available in Paging File | 89,86% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,61 Gb Total Space | 16,68 Gb Free Space | 48,20% Space Free | Partition Type: NTFS Drive Q: | 198,18 Gb Total Space | 158,21 Gb Free Space | 79,84% Space Free | Partition Type: NTFS Computer Name: DAWID | User Name: Dadix | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-08-07 14:44:06 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Dadix\Downloads\OTL.exe PRC - [2012-07-18 17:25:36 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-07-18 17:25:36 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-01-18 22:33:09 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-07-10 20:53:57 | 004,419,392 | ---- | M] () [Auto | Stopped] -- c:\program files\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai) SRV - [2012-02-15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-01-17 17:22:47 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011-08-01 18:24:00 | 003,889,424 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2009-07-14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | Auto | Stopped] -- C:\Users\Dadix\AppData\Local\Temp\3019.sys -- (3019) DRV - [2012-04-25 20:45:14 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2010-11-20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc) DRV - [2010-11-20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD) DRV - [2010-11-20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-02-25 01:02:30 | 000,015,544 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBTTN.sys -- (HBtnKey) DRV - [2009-10-09 03:37:44 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009-07-14 00:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2009-04-29 08:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2008-07-10 16:29:58 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2006-07-05 14:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01a.sys -- (sfdrv01a) DRV - [2006-06-14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.v9.com/?utm_source=b&utm_medium=vlt IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.v9.com/?utm_source=b&utm_medium=vlt IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.v9.com/?utm_source=b&utm_medium=vlt IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=100482&babsrc=HP_ss&mntrId=500e6636000000000000001e4c9fe704 IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=100482&babsrc=SP_ss&mntrId=500e6636000000000000001e4c9fe704 IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-05 17:17:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-18 17:25:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-06-13 14:18:57 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-05 17:17:17 | 000,000,000 | ---D | M] [2012-06-27 17:29:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dadix\AppData\Roaming\mozilla\Extensions [2012-07-02 11:39:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dadix\AppData\Roaming\mozilla\Firefox\Profiles\bbbb02zi.default\extensions [2012-06-27 17:28:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-07-18 17:25:36 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-07-02 11:36:50 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-04-25 20:42:16 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012-07-02 11:36:50 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-07-02 11:36:50 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-07-02 11:36:50 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-04-12 16:33:13 | 000,002,415 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml [2012-07-02 11:36:50 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-07-02 11:36:50 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://search.babylon.com/?affID=100482&babsrc=HP_ss&mntrId=500e6636000000000000001e4c9fe704 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.168\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.168\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll O1 HOSTS File: ([2012-08-04 19:59:52 | 000,000,761 | RHS- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [spoolss] C:\Users\Dadix\AppData\Local\Microsoft\Windows\978\spoolss.exe () O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Dadix\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [Microsoft Windows Manager] C:\Users\Dadix\M-10-6897-8685-3464\winmgr.exe () O4 - HKCU..\Run: [qeioyi] C:\Users\Dadix\qeioyi.exe (Microsoft) O4 - HKCU..\Run: [uTorrent] "Q:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\ZAINST~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\ZAINST~1\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Q:\MS Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.254 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{102DF8C2-CF39-4660-A1DB-A71B2B090033}: DhcpNameServer = 192.168.100.254 192.168.1.254 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{278806f5-71ca-11e1-a63d-001b38c50b2a}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{52f1b8da-59b4-11e1-9084-001b38c50b2a}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{9ea92509-59b4-11e1-b199-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-08-07 14:27:34 | 000,000,000 | ---D | C] -- C:\Users\Dadix\AppData\Roaming\hellomoto [2012-08-05 19:48:04 | 000,000,000 | ---D | C] -- C:\Users\Dadix\Desktop\Paweł [2012-08-05 17:23:06 | 000,000,000 | ---D | C] -- C:\Users\Dadix\AppData\Local\HP [2012-08-05 17:23:04 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG [2012-08-05 17:23:04 | 000,000,000 | ---D | C] -- C:\Users\Dadix\AppData\Roaming\HP [2012-08-05 17:17:25 | 000,000,000 | ---D | C] -- C:\Users\Dadix\AppData\Roaming\HpUpdate [2012-08-05 17:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant [2012-08-05 17:15:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP [2012-08-05 17:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2012-08-05 17:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard [2012-08-05 17:14:23 | 000,123,904 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\hpf3l70v.dll [2012-08-05 17:13:42 | 000,000,000 | ---D | C] -- C:\Program Files\HP [2012-08-05 17:12:57 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2012-08-05 17:12:52 | 000,712,704 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hposwia_d02b.dll [2012-08-05 17:12:52 | 000,589,824 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\hpost_d02b.dll [2012-08-05 17:12:52 | 000,452,408 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpzids01.dll [2012-08-05 17:12:52 | 000,372,736 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hppldcoi.dll [2012-08-05 17:12:52 | 000,315,392 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\hposc_d02a.dll [2012-08-04 19:58:44 | 000,000,000 | RHSD | C] -- C:\Users\Dadix\M-10-8754-86589-55555 [2012-08-03 11:49:48 | 000,000,000 | RHSD | C] -- C:\Users\Dadix\M-10-6897-8685-3464 [2012-07-29 16:27:10 | 000,000,000 | ---D | C] -- C:\Users\Dadix\Documents\Electronic Arts [2012-07-29 16:24:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE [2012-07-29 16:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts [2012-07-29 16:00:29 | 000,081,920 | RHS- | C] (Microsoft) -- C:\Windows\System32\qeioyi.exe [2012-07-29 00:44:02 | 000,081,920 | RHS- | C] (Microsoft) -- C:\Windows\System32\qeioyi.scr [2012-07-29 00:44:02 | 000,081,920 | RHS- | C] (Microsoft) -- C:\Users\Dadix\qeioyi.exe [2012-07-26 17:51:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium [2012-07-26 17:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate [2012-07-25 22:11:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks [2012-07-25 22:08:28 | 000,000,000 | RH-D | C] -- C:\Users\Dadix\AppData\Roaming\SecuROM [2012-07-25 22:08:21 | 000,000,000 | ---D | C] -- C:\Users\Dadix\AppData\Local\Oblivion [2012-07-25 20:06:41 | 000,000,000 | ---D | C] -- C:\Users\Dadix\AppData\Local\Skyrim [2012-07-25 20:06:41 | 000,000,000 | ---D | C] -- C:\Users\Dadix\Documents\My Games [2012-07-25 20:02:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911 [2012-07-25 19:52:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3 [2012-07-25 19:52:48 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2012-07-25 18:43:30 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab [2012-07-25 18:43:20 | 000,000,000 | ---D | C] -- C:\Users\Dadix\SystemRequirementsLab [2012-07-12 09:44:15 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012-07-12 09:44:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012-07-12 09:44:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012-07-12 09:44:13 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012-07-12 09:44:12 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-07-12 09:44:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012-07-12 09:44:10 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012-07-12 09:39:52 | 000,000,000 | R--D | C] -- C:\Users\Dadix\Saved Games [2012-07-11 23:32:35 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012-07-11 19:14:52 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2012-07-11 19:14:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2012-07-11 19:14:50 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll [2012-06-23 19:03:14 | 000,081,920 | ---- | C] (Microsoft) -- C:\Users\Dadix\joutor.exe.vir [2012-01-20 00:45:41 | 000,233,472 | ---- | C] (Propellerhead Software AB) -- C:\Users\Dadix\AppData\Roaming\REX Shared Library.dll [2012-01-20 00:45:41 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\Users\Dadix\AppData\Roaming\Rewire.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-08-07 14:39:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-08-07 14:39:15 | 1602,764,800 | -HS- | M] () -- C:\hiberfil.sys [2012-08-07 14:36:26 | 000,022,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-08-07 14:36:26 | 000,022,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-08-07 13:54:06 | 000,697,912 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-08-07 13:54:06 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-08-07 13:54:06 | 000,134,990 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-08-07 13:54:06 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-08-05 20:51:30 | 000,418,384 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-08-05 17:22:52 | 000,174,622 | ---- | M] () -- C:\Windows\hpoins45.dat [2012-08-05 17:16:38 | 000,001,347 | ---- | M] () -- C:\Users\Public\Desktop\Centrum obsługi HP.lnk [2012-08-05 17:16:00 | 000,002,069 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-08-04 19:59:52 | 000,000,761 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012-08-02 00:06:24 | 008,625,006 | ---- | M] () -- C:\Users\Dadix\Desktop\Sebastian Ingrosso & Alesso Feat. Ryan Tedder - Calling (Lose My Mind) (Radio Edit).mp3 [2012-07-29 16:23:59 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk [2012-07-29 16:00:29 | 000,081,920 | RHS- | M] (Microsoft) -- C:\Windows\System32\qeioyi.exe [2012-07-29 16:00:29 | 000,000,650 | ---- | M] () -- C:\Windows\System32\Video .lnk [2012-07-29 16:00:29 | 000,000,650 | ---- | M] () -- C:\Windows\System32\Pictures .lnk [2012-07-29 16:00:29 | 000,000,650 | ---- | M] () -- C:\Windows\System32\Passwords .lnk [2012-07-29 16:00:29 | 000,000,650 | ---- | M] () -- C:\Windows\System32\New Folder .lnk [2012-07-29 16:00:29 | 000,000,650 | ---- | M] () -- C:\Windows\System32\Music .lnk [2012-07-29 16:00:29 | 000,000,650 | ---- | M] () -- C:\Windows\System32\Documents .lnk [2012-07-29 16:00:29 | 000,000,135 | RHS- | M] () -- C:\Windows\System32\autorun.inf [2012-07-29 00:44:02 | 000,081,920 | RHS- | M] (Microsoft) -- C:\Windows\System32\qeioyi.scr [2012-07-29 00:44:02 | 000,081,920 | RHS- | M] (Microsoft) -- C:\Users\Dadix\qeioyi.exe [2012-07-25 22:08:28 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll [2012-07-25 18:41:11 | 000,012,288 | ---- | M] () -- C:\Users\Dadix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-23 20:37:59 | 000,047,293 | ---- | M] () -- C:\Users\Dadix\Desktop\dragon-ball-z_.jpg [2012-07-20 19:39:32 | 000,000,000 | ---- | M] () -- C:\Windows\System32\weird-people-fat-guy-eating-huge-hamburger.jpg [2012-07-20 00:08:11 | 002,365,465 | ---- | M] () -- C:\Users\Dadix\Documents\CIMG2743.JPG [2012-07-20 00:06:53 | 000,000,000 | ---- | M] () -- C:\Windows\System32\CIMG2743.JPG [2012-07-19 23:14:48 | 002,171,760 | ---- | M] () -- C:\Users\Dadix\Documents\P1100532.JPG [2012-07-19 23:14:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\P1110340.JPG [2012-07-19 23:14:01 | 000,000,000 | ---- | M] () -- C:\Windows\System32\P1100378.JPG [2012-07-19 23:13:50 | 000,000,000 | ---- | M] () -- C:\Windows\System32\P1100557.JPG [2012-07-19 23:13:36 | 000,000,000 | ---- | M] () -- C:\Windows\System32\P1100532.JPG [2012-07-18 00:05:35 | 000,832,618 | ---- | M] () -- C:\Users\Dadix\Documents\DSC00138.jpg [2012-07-18 00:04:14 | 000,000,000 | ---- | M] () -- C:\Windows\System32\DSC00138.jpg [2012-07-17 23:55:38 | 001,019,131 | ---- | M] () -- C:\Users\Dadix\Documents\DSC00145.jpg [2012-07-17 23:55:02 | 000,000,000 | ---- | M] () -- C:\Windows\System32\DSC00145.jpg [2012-07-15 23:37:47 | 002,271,528 | ---- | M] () -- C:\Users\Dadix\Documents\CIMG3043.JPG [2012-07-15 23:36:02 | 001,086,407 | ---- | M] () -- C:\Users\Dadix\Documents\P4080570.JPG [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-05 17:16:37 | 000,001,347 | ---- | C] () -- C:\Users\Public\Desktop\Centrum obsługi HP.lnk [2012-08-05 17:16:00 | 000,002,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-08-05 17:13:02 | 000,174,622 | ---- | C] () -- C:\Windows\hpoins45.dat [2012-08-05 17:13:02 | 000,000,450 | ---- | C] () -- C:\Windows\hpomdl45.dat [2012-08-02 00:04:04 | 008,625,006 | ---- | C] () -- C:\Users\Dadix\Desktop\Sebastian Ingrosso & Alesso Feat. Ryan Tedder - Calling (Lose My Mind) (Radio Edit).mp3 [2012-07-29 16:23:59 | 000,000,923 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk [2012-07-29 16:00:29 | 000,000,650 | ---- | C] () -- C:\Windows\System32\Video .lnk [2012-07-29 16:00:29 | 000,000,650 | ---- | C] () -- C:\Windows\System32\Pictures .lnk [2012-07-29 16:00:29 | 000,000,650 | ---- | C] () -- C:\Windows\System32\Passwords .lnk [2012-07-29 16:00:29 | 000,000,650 | ---- | C] () -- C:\Windows\System32\New Folder .lnk [2012-07-29 16:00:29 | 000,000,650 | ---- | C] () -- C:\Windows\System32\Music .lnk [2012-07-29 16:00:29 | 000,000,650 | ---- | C] () -- C:\Windows\System32\Documents .lnk [2012-07-29 16:00:29 | 000,000,135 | RHS- | C] () -- C:\Windows\System32\autorun.inf [2012-07-23 20:37:56 | 000,047,293 | ---- | C] () -- C:\Users\Dadix\Desktop\dragon-ball-z_.jpg [2012-07-20 19:39:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\weird-people-fat-guy-eating-huge-hamburger.jpg [2012-07-20 00:07:01 | 002,365,465 | ---- | C] () -- C:\Users\Dadix\Documents\CIMG2743.JPG [2012-07-20 00:06:53 | 000,000,000 | ---- | C] () -- C:\Windows\System32\CIMG2743.JPG [2012-07-19 23:14:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\P1110340.JPG [2012-07-19 23:14:01 | 000,000,000 | ---- | C] () -- C:\Windows\System32\P1100378.JPG [2012-07-19 23:13:50 | 000,000,000 | ---- | C] () -- C:\Windows\System32\P1100557.JPG [2012-07-19 23:13:49 | 002,171,760 | ---- | C] () -- C:\Users\Dadix\Documents\P1100532.JPG [2012-07-19 23:13:36 | 000,000,000 | ---- | C] () -- C:\Windows\System32\P1100532.JPG [2012-07-18 00:04:28 | 000,832,618 | ---- | C] () -- C:\Users\Dadix\Documents\DSC00138.jpg [2012-07-18 00:04:14 | 000,000,000 | ---- | C] () -- C:\Windows\System32\DSC00138.jpg [2012-07-17 23:55:08 | 001,019,131 | ---- | C] () -- C:\Users\Dadix\Documents\DSC00145.jpg [2012-07-17 23:55:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\DSC00145.jpg [2012-07-15 23:36:21 | 002,271,528 | ---- | C] () -- C:\Users\Dadix\Documents\CIMG3043.JPG [2012-07-15 23:35:29 | 001,086,407 | ---- | C] () -- C:\Users\Dadix\Documents\P4080570.JPG [2012-04-14 10:20:29 | 000,000,705 | ---- | C] () -- C:\Windows\unins000.dat [2012-01-19 22:00:26 | 000,012,288 | ---- | C] () -- C:\Users\Dadix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-01-18 20:58:26 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2012-01-18 15:00:47 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012-01-17 16:11:18 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll [2011-04-12 07:08:42 | 000,697,912 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2011-04-12 07:08:42 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2011-04-12 07:08:42 | 000,134,990 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2011-04-12 07:08:42 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2010-11-20 23:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report >