Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-11-2013 02 Ran by USER (administrator) on USER-PC on 18-11-2013 14:34:45 Running from C:\Users\USER\Downloads Microsoft Windows 7 Ultimate (X86) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (ASUSTeK Computer Inc.) C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe (Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Google Inc.) C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe (Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\system32\cmd.exe (Microsoft Corporation) C:\Windows\system32\reg.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [RemoteControl9] - C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-02-16] (CyberLink Corp.) HKLM\...\Run: [PDVD9LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2008-10-13] (CyberLink Corp.) HKLM\...\Run: [BDRegion] - C:\Program Files\CyberLink\Shared Files\brs.exe [75048 2009-02-28] (cyberlink) HKLM\...\Run: [AdobeCS4ServiceManager] - C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated) HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.) HKLM\...\Run: [Adobe_ID0ENQBO] - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7858720 2009-10-21] (Realtek Semiconductor) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.) HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM\...\Run: [snpstd] - C:\Windows\vsnpstd.exe [339968 2005-10-11] () HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4767304 2013-03-07] (AVAST Software) HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company) Startup: C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ritaglio schermata e avvio di OneNote 2007.lnk ShortcutTarget: Ritaglio schermata e avvio di OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4A652FDB2702CB01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - URL http://isearch.babylon.com/?q={searchTerms}&affID=121845&tt=gc_&babsrc=SP_ss_Btisdt4&mntrId=A40FE0CB4E268068 SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms} SearchScopes: HKCU - {A6722584-4A36-4956-B012-45CEE59D1929} URL = http://search.softonic.com/MOY00010/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a40faadc000000000000e0cb4e268068&r=820 BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (Adobe Systems Incorporated.) BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll No File BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\USER\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (Adobe Systems Incorporated.) Toolbar: HKLM - Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks) Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\08fr7o7x.default-1384743513831 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\USER\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKCU\...\Firefox\Extensions: [LyricsArt@SternoC.co] - C:\Program Files\LyricsArt\116.xpi Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.210.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Users\USER\AppData\Roaming\Mozilla\plugins\np-mswmp.dll (Microsoft Corporation) CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java(TM) Platform SE 6 U21) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\USER\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () CHR Extension: (AdBlock) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0 CHR Extension: (avast! WebRep) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0 CHR Extension: (Google Wallet) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR HKLM\...\Chrome\Extension: [ajcghoegamlabppilamagaddfdfamden] - C:\Program Files\LyricsArt\116.crx CHR HKLM\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files\OnlineHD.TV\onhd11.crx CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx ========================== Services (Whitelisted) ================= R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S3 Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software) ==================== Drivers (Whitelisted) ==================== R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] () R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-03-07] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-03-07] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [60656 2013-03-07] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49248 2013-03-07] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-03-07] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368176 2013-03-07] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [62376 2013-03-07] (AVAST Software) S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [164736 2013-03-07] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-11-05] (DT Soft Ltd) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] () S3 snpstd; C:\Windows\System32\DRIVERS\snpstd.sys [390784 2006-05-03] () R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-02-28] (CyberLink Corp.) S3 andnetadb; System32\Drivers\lgandnetadb.sys [x] S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [x] S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [x] S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [x] S3 catchme; \??\C:\Users\USER\AppData\Local\Temp\catchme.sys [x] S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x] S3 LgBttPort; system32\DRIVERS\lgbtport.sys [x] S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [x] S3 LGVMODEM; system32\DRIVERS\lgvmodem.sys [x] S3 usbbus; system32\DRIVERS\lgusbbus.sys [x] S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [x] S3 USBModem; system32\DRIVERS\lgusbmodem.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-18 14:33 - 2013-11-18 14:33 - 00080898 _____ C:\Users\USER\Desktop\OTL.Txt 2013-11-18 14:33 - 2013-11-18 14:33 - 00075632 _____ C:\Users\USER\Desktop\Extras.Txt 2013-11-18 13:57 - 2013-11-18 13:57 - 00009319 _____ C:\Users\USER\Downloads\fixlist.txt 2013-11-18 13:50 - 2013-11-18 13:50 - 00023745 _____ C:\Users\USER\Desktop\AdwCleaner[S0].txt 2013-11-18 13:46 - 2013-11-18 13:46 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9 2013-11-18 13:39 - 2013-11-18 13:44 - 00000000 ____D C:\AdwCleaner 2013-11-18 13:38 - 2013-11-18 13:39 - 01085542 _____ C:\Users\USER\Downloads\adwcleaner.exe 2013-11-18 04:34 - 2013-11-18 04:34 - 00025538 _____ C:\Users\USER\Downloads\Addition.txt 2013-11-18 04:33 - 2013-11-18 14:35 - 00019064 _____ C:\Users\USER\Downloads\FRST.txt 2013-11-18 04:33 - 2013-11-18 14:34 - 00000000 ____D C:\FRST 2013-11-18 04:32 - 2013-11-18 04:32 - 01090935 _____ (Farbar) C:\Users\USER\Downloads\FRST.exe 2013-11-18 04:28 - 2013-11-18 14:30 - 00075632 _____ C:\Users\USER\Downloads\Extras.Txt 2013-11-18 04:26 - 2013-11-18 14:28 - 00080898 _____ C:\Users\USER\Downloads\OTL.Txt 2013-11-18 04:15 - 2013-11-18 04:15 - 00602112 _____ (OldTimer Tools) C:\Users\USER\Downloads\OTL.com 2013-11-18 04:15 - 2013-11-18 04:15 - 00602112 _____ (OldTimer Tools) C:\Users\USER\Downloads\OTL (1).exe 2013-11-18 04:12 - 2013-11-18 04:12 - 00602112 _____ (OldTimer Tools) C:\Users\USER\Downloads\OTL.exe 2013-11-18 03:58 - 2013-11-18 03:58 - 00000000 ____D C:\Users\USER\Desktop\Stare dane programu Firefox 2013-11-18 01:59 - 2013-11-18 03:50 - 00000000 ____D C:\ProgramData\Avira 2013-11-18 01:52 - 2013-11-18 01:52 - 02092792 _____ C:\Users\USER\Downloads\avira_free_antivirus (1).exe 2013-11-18 01:50 - 2013-11-18 01:50 - 02296952 _____ C:\Users\USER\Downloads\avira_free_antivirus.exe 2013-11-14 14:24 - 2013-11-14 15:54 - 00000000 ____D C:\Users\USER\Desktop\crack attuale 2013-11-14 06:44 - 2013-11-14 06:45 - 00000000 ____D C:\Users\USER\Desktop\crack adesso 2013-11-14 06:00 - 2013-11-14 06:00 - 00000000 ____D C:\Users\USER\Desktop\crack season 2013-11-14 05:36 - 2013-11-14 05:38 - 1936850944 _____ C:\Users\USER\Desktop\Sims3EP10.iso 2013-11-14 05:13 - 2013-11-14 05:13 - 00000000 ____D C:\Users\USER\AppData\Roaming\NeroDigital(TM) 2013-11-14 02:28 - 2013-11-14 06:01 - 00000000 ____D C:\Users\USER\Desktop\crack 2013-11-13 02:23 - 2013-11-13 02:24 - 00000000 ____D C:\Users\USER\Downloads\Foto scaricate 2013-11-13 00:47 - 2013-11-14 06:09 - 00000000 ____D C:\Users\USER\Downloads\The Sims 3 Into The Future [MULTI20][PCDVD][EXPANSION][FLT][WwW.GamesTorrents.CoM] 2013-11-12 23:48 - 2013-11-14 14:51 - 00000000 ____D C:\Users\USER\Downloads\The Sims 3 Late Night [MULTI10][PCDVD][WwW.GamesTorrents.CoM] 2013-11-12 20:46 - 2010-09-07 20:23 - 04695312 _____ (Electronic Arts, Inc.) C:\Users\USER\Desktop\TSLHost.dll 2013-11-12 20:43 - 2010-09-07 20:23 - 12084496 _____ (Electronic Arts Inc.) C:\Users\USER\Desktop\TS3.exe 2013-10-29 14:16 - 2013-10-29 14:16 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images 2013-10-28 02:05 - 2013-11-11 01:58 - 00000000 ____D C:\Users\USER\Downloads\Musica 2 ==================== One Month Modified Files and Folders ======= 2013-11-18 14:35 - 2013-11-18 04:33 - 00019064 _____ C:\Users\USER\Downloads\FRST.txt 2013-11-18 14:34 - 2013-11-18 04:33 - 00000000 ____D C:\FRST 2013-11-18 14:33 - 2013-11-18 14:33 - 00080898 _____ C:\Users\USER\Desktop\OTL.Txt 2013-11-18 14:33 - 2013-11-18 14:33 - 00075632 _____ C:\Users\USER\Desktop\Extras.Txt 2013-11-18 14:30 - 2013-11-18 04:28 - 00075632 _____ C:\Users\USER\Downloads\Extras.Txt 2013-11-18 14:28 - 2013-11-18 04:26 - 00080898 _____ C:\Users\USER\Downloads\OTL.Txt 2013-11-18 14:00 - 2010-08-31 17:23 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-18 13:57 - 2013-11-18 13:57 - 00009319 _____ C:\Users\USER\Downloads\fixlist.txt 2013-11-18 13:54 - 2009-07-14 05:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-18 13:54 - 2009-07-14 05:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-18 13:50 - 2013-11-18 13:50 - 00023745 _____ C:\Users\USER\Desktop\AdwCleaner[S0].txt 2013-11-18 13:50 - 2010-06-02 14:06 - 01793846 _____ C:\Windows\WindowsUpdate.log 2013-11-18 13:46 - 2013-11-18 13:46 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9 2013-11-18 13:46 - 2013-09-01 02:09 - 00004872 _____ C:\Windows\setupact.log 2013-11-18 13:46 - 2013-09-01 02:08 - 00031366 _____ C:\Windows\PFRO.log 2013-11-18 13:46 - 2010-08-31 17:23 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-18 13:46 - 2010-06-02 08:31 - 00000000 ____D C:\ProgramData\NVIDIA 2013-11-18 13:46 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-18 13:44 - 2013-11-18 13:39 - 00000000 ____D C:\AdwCleaner 2013-11-18 13:44 - 2013-07-03 19:00 - 00001204 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-11-18 13:44 - 2010-06-02 14:10 - 00001080 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-11-18 13:39 - 2013-11-18 13:38 - 01085542 _____ C:\Users\USER\Downloads\adwcleaner.exe 2013-11-18 04:34 - 2013-11-18 04:34 - 00025538 _____ C:\Users\USER\Downloads\Addition.txt 2013-11-18 04:32 - 2013-11-18 04:32 - 01090935 _____ (Farbar) C:\Users\USER\Downloads\FRST.exe 2013-11-18 04:15 - 2013-11-18 04:15 - 00602112 _____ (OldTimer Tools) C:\Users\USER\Downloads\OTL.com 2013-11-18 04:15 - 2013-11-18 04:15 - 00602112 _____ (OldTimer Tools) C:\Users\USER\Downloads\OTL (1).exe 2013-11-18 04:12 - 2013-11-18 04:12 - 00602112 _____ (OldTimer Tools) C:\Users\USER\Downloads\OTL.exe 2013-11-18 03:58 - 2013-11-18 03:58 - 00000000 ____D C:\Users\USER\Desktop\Stare dane programu Firefox 2013-11-18 03:50 - 2013-11-18 01:59 - 00000000 ____D C:\ProgramData\Avira 2013-11-18 03:05 - 2013-02-28 00:06 - 00000000 ____D C:\Program Files\SuperLyrics 2013-11-18 02:44 - 2010-06-02 08:41 - 10739744 _____ C:\Windows\system32\perfh010.dat 2013-11-18 02:44 - 2010-06-02 08:41 - 03546952 _____ C:\Windows\system32\perfc010.dat 2013-11-18 02:44 - 2010-06-02 08:21 - 00005946 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-18 02:43 - 2013-03-20 14:59 - 00000000 ____D C:\ProgramData\AVAST Software 2013-11-18 02:20 - 2012-04-10 23:38 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FoxTab FLV Player 2013-11-18 02:20 - 2012-04-10 23:38 - 00000000 ____D C:\Program Files\FoxTabFLVPlayer 2013-11-18 01:52 - 2013-11-18 01:52 - 02092792 _____ C:\Users\USER\Downloads\avira_free_antivirus (1).exe 2013-11-18 01:50 - 2013-11-18 01:50 - 02296952 _____ C:\Users\USER\Downloads\avira_free_antivirus.exe 2013-11-14 15:54 - 2013-11-14 14:24 - 00000000 ____D C:\Users\USER\Desktop\crack attuale 2013-11-14 15:48 - 2012-11-28 15:58 - 00000000 ____D C:\Program Files\Electronic Arts 2013-11-14 15:48 - 2010-06-02 10:16 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-11-14 14:51 - 2013-11-12 23:48 - 00000000 ____D C:\Users\USER\Downloads\The Sims 3 Late Night [MULTI10][PCDVD][WwW.GamesTorrents.CoM] 2013-11-14 14:06 - 2010-08-31 01:16 - 00000000 ____D C:\Users\USER\AppData\Roaming\uTorrent 2013-11-14 06:45 - 2013-11-14 06:44 - 00000000 ____D C:\Users\USER\Desktop\crack adesso 2013-11-14 06:09 - 2013-11-13 00:47 - 00000000 ____D C:\Users\USER\Downloads\The Sims 3 Into The Future [MULTI20][PCDVD][EXPANSION][FLT][WwW.GamesTorrents.CoM] 2013-11-14 06:01 - 2013-11-14 02:28 - 00000000 ____D C:\Users\USER\Desktop\crack 2013-11-14 06:00 - 2013-11-14 06:00 - 00000000 ____D C:\Users\USER\Desktop\crack season 2013-11-14 05:38 - 2013-11-14 05:36 - 1936850944 _____ C:\Users\USER\Desktop\Sims3EP10.iso 2013-11-14 05:13 - 2013-11-14 05:13 - 00000000 ____D C:\Users\USER\AppData\Roaming\NeroDigital(TM) 2013-11-14 03:31 - 2009-07-14 05:33 - 02368912 _____ C:\Windows\system32\FNTCACHE.DAT 2013-11-14 03:08 - 2010-06-02 09:49 - 00117248 _____ C:\Users\USER\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-13 03:00 - 2013-09-30 23:52 - 00000000 ____D C:\Users\USER\Downloads\Abiti 2013-11-13 02:58 - 2013-04-04 21:52 - 00000000 ____D C:\Users\USER\Desktop\do wyrobienia 2013-11-13 02:25 - 2013-01-18 00:31 - 00000000 ____D C:\Users\USER\Downloads\Musica scaricata 2013-11-13 02:24 - 2013-11-13 02:23 - 00000000 ____D C:\Users\USER\Downloads\Foto scaricate 2013-11-13 00:53 - 2010-11-05 22:39 - 00000000 ____D C:\Program Files\Dziobas Rar Player 2013-11-11 01:58 - 2013-10-28 02:05 - 00000000 ____D C:\Users\USER\Downloads\Musica 2 2013-11-01 01:53 - 2013-08-19 00:57 - 00000000 ____D C:\ProgramData\CanonIJPLM 2013-10-31 02:30 - 2011-01-08 23:00 - 00000000 ____D C:\Users\USER\Desktop\.picasaoriginals 2013-10-29 17:59 - 2010-06-09 10:47 - 00000000 ____D C:\Users\USER\Desktop\EWA 2013-10-29 14:23 - 2012-01-29 18:35 - 00000000 ____D C:\Users\USER\AppData\Roaming\DAEMON Tools Lite 2013-10-29 14:16 - 2013-10-29 14:16 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images 2013-10-28 18:14 - 2009-07-14 05:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-10-27 21:02 - 2012-07-21 12:30 - 00000000 ___HD C:\Users\USER\Downloads\.picasaoriginals 2013-10-27 21:02 - 2012-04-24 14:30 - 00001330 ____H C:\Users\USER\Downloads\.picasa.ini Some content of TEMP: ==================== C:\Users\USER\AppData\Local\Temp\ICReinstall_ccleaner.exe C:\Users\USER\AppData\Local\Temp\Quarantine.exe C:\Users\USER\AppData\Local\Temp\uninst1.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-12 05:01 ==================== End Of Log ============================