OTL logfile created on: 2014-06-15 15:01:37 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Tomek\Instalki Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,86 Gb Available Physical Memory | 43,18% Memory free 4,23 Gb Paging File | 2,53 Gb Available in Paging File | 59,85% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 116,44 Gb Total Space | 67,43 Gb Free Space | 57,91% Space Free | Partition Type: NTFS Drive D: | 106,68 Gb Total Space | 9,38 Gb Free Space | 8,79% Space Free | Partition Type: NTFS Computer Name: MAGDUSIA-PC | User Name: MaGdusia | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-06-15 14:49:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Tomek\Instalki\OTL.exe PRC - [2014-06-13 21:47:09 | 001,869,488 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe PRC - [2014-05-14 16:22:13 | 000,275,568 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013-12-18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-12-28 19:57:47 | 000,246,112 | ---- | M] () -- C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe PRC - [2012-08-01 04:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe PRC - [2012-04-13 11:12:00 | 000,088,576 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2012-01-31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe PRC - [2011-09-09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe PRC - [2011-08-18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe PRC - [2011-05-23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe PRC - [2011-03-28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe PRC - [2011-03-14 17:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe PRC - [2011-03-14 17:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2011-03-09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgfws.exe PRC - [2011-02-10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe PRC - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe PRC - [2011-02-08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgam.exe PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-12-04 13:24:30 | 000,665,424 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe PRC - [2008-09-07 09:41:34 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2008-07-15 20:29:00 | 007,651,328 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe PRC - [2008-07-15 20:22:46 | 000,217,088 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe PRC - [2008-07-10 02:09:26 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe PRC - [2008-06-24 05:16:24 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe PRC - [2008-06-19 21:18:12 | 000,154,168 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe PRC - [2008-06-18 07:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe PRC - [2008-06-13 07:52:51 | 006,183,456 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008-06-04 02:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe PRC - [2008-04-10 20:32:18 | 001,796,648 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe PRC - [2008-04-10 20:32:18 | 000,752,168 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2008-03-18 06:27:11 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2008-02-01 23:29:32 | 000,061,440 | ---- | M] () -- C:\Program Files\ASUS\ATK Media\DMedia.exe PRC - [2008-01-23 19:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe PRC - [2008-01-12 07:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe PRC - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe PRC - [2007-11-16 06:33:05 | 000,172,032 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynAsus.exe PRC - [2007-11-05 04:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe PRC - [2007-10-03 06:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe PRC - [2007-08-15 20:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe PRC - [2007-08-08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe PRC - [2007-08-03 21:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe PRC - [2007-07-06 01:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe PRC - [2007-05-18 11:31:16 | 000,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe PRC - [2005-07-07 00:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-06-13 21:47:07 | 017,024,688 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_14_0_0_125.dll MOD - [2014-05-14 16:22:11 | 003,839,088 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013-09-05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2011-02-10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe MOD - [2008-12-03 14:05:26 | 000,135,168 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll MOD - [2008-11-26 10:56:02 | 000,057,344 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll MOD - [2008-04-10 20:25:54 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll MOD - [2008-02-01 23:29:32 | 000,061,440 | ---- | M] () -- C:\Program Files\ASUS\ATK Media\DMedia.exe MOD - [2008-02-01 23:29:28 | 000,049,152 | ---- | M] () -- C:\Program Files\ASUS\ATK Media\ATKMETHOD.dll MOD - [2008-01-12 07:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe MOD - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe MOD - [2007-11-13 00:41:50 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll MOD - [2007-08-14 22:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll MOD - [2007-08-08 11:52:08 | 000,331,776 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\AdsmendecExt.dll MOD - [2007-07-12 22:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2007-07-12 22:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll MOD - [2007-06-15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll MOD - [2007-06-02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2014-06-13 21:47:13 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-12-19 01:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2013-12-18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-12-28 19:57:47 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc) SRV - [2012-04-21 03:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-04-13 11:12:00 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2012-01-31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011-03-14 17:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe) SRV - [2011-03-09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgfws.exe -- (avgfws) SRV - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd) SRV - [2008-03-18 06:27:11 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-10-03 06:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2007-08-08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2007-08-03 21:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr) SRV - [2007-05-18 11:31:16 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\MaGdusia\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO) DRV - [2012-12-28 19:57:52 | 000,195,200 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2012-12-28 19:57:52 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2012-12-28 19:57:52 | 000,089,856 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV - [2012-12-28 19:57:52 | 000,073,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2012-12-28 19:57:52 | 000,066,688 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcecm.sys -- (huawei_cdcecm) DRV - [2012-12-28 19:57:52 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV - [2012-12-28 19:57:52 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV - [2012-11-12 05:47:48 | 000,255,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2011-05-27 19:05:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV - [2011-04-05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2011-03-16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2011-03-01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011-02-22 08:12:38 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH) DRV - [2011-02-10 07:53:30 | 000,028,624 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim) DRV - [2011-02-10 07:53:28 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV - [2010-07-12 04:34:02 | 000,054,112 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd) DRV - [2010-06-23 11:23:46 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot) DRV - [2009-06-10 16:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32) DRV - [2008-06-25 16:58:59 | 007,534,720 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008-06-25 16:58:59 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008-06-03 23:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2008-05-29 19:21:02 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby) DRV - [2008-04-28 00:29:25 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) DRV - [2008-03-21 06:12:59 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008-02-16 02:42:42 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2008-02-14 23:56:01 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007-12-19 02:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir) DRV - [2007-10-15 09:39:25 | 000,206,336 | ---- | M] (eMPIA Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etFilter.sys -- (FiltUSBET) DRV - [2007-09-06 17:45:21 | 000,006,656 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etScan.sys -- (ScanUSBET) DRV - [2007-09-06 10:43:49 | 000,474,624 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etDevice.sys -- (DCamUSBET) DRV - [2007-08-11 05:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm) DRV - [2007-08-03 06:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio) DRV - [2007-07-30 20:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007-07-30 19:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007-07-24 20:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP) DRV - [2006-12-15 00:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2006-11-02 09:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2529038935-653534040-3308758212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com IE - HKU\S-1-5-21-2529038935-653534040-3308758212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-2529038935-653534040-3308758212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-2529038935-653534040-3308758212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-2529038935-653534040-3308758212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?affID=121845&tt=gc_&babsrc=HP_ss&mntrId=76EB582C80139263 IE - HKU\S-1-5-21-2529038935-653534040-3308758212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2529038935-653534040-3308758212-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-2529038935-653534040-3308758212-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-2529038935-653534040-3308758212-1000\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKU\S-1-5-21-2529038935-653534040-3308758212-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2529038935-653534040-3308758212-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www2.delta-search.com/?q={searchTerms}&affID=121845&tt=gc_&babsrc=SP_ss&mntrId=76EB582C80139263 IE - HKU\S-1-5-21-2529038935-653534040-3308758212-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language} IE - HKU\S-1-5-21-2529038935-653534040-3308758212-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392 IE - HKU\S-1-5-21-2529038935-653534040-3308758212-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..extensions.enabledAddons: WebSiteRecommendation%40weliketheweb.com:1.1.2 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2013-04-09 20:39:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2014-05-14 16:21:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2014-05-14 16:21:50 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2012-05-06 17:58:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaGdusia\AppData\Roaming\mozilla\Extensions [2014-06-04 21:22:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaGdusia\AppData\Roaming\mozilla\Firefox\Profiles\uhys7070.default\extensions [2014-03-20 22:59:15 | 000,000,000 | ---D | M] ("WebSite Recommendation") -- C:\Users\MaGdusia\AppData\Roaming\mozilla\Firefox\Profiles\uhys7070.default\extensions\WebSiteRecommendation@weliketheweb.com [2013-11-12 19:06:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaGdusia\AppData\Roaming\mozilla\Firefox\Profilesuhys7070.default\extensions [2013-11-12 19:06:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MaGdusia\AppData\Roaming\mozilla\Firefox\Profilesuhys7070.default\extensions\staged [2014-06-04 21:22:07 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\MaGdusia\AppData\Roaming\mozilla\firefox\profiles\uhys7070.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-04 09:01:56 | 000,006,505 | ---- | M] () -- C:\Users\MaGdusia\AppData\Roaming\mozilla\firefox\profiles\uhys7070.default\searchplugins\babylon.xml [2013-05-04 09:02:24 | 000,001,294 | ---- | M] () -- C:\Users\MaGdusia\AppData\Roaming\mozilla\firefox\profiles\uhys7070.default\searchplugins\delta.xml O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe () O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O7 - HKU\S-1-5-21-2529038935-653534040-3308758212-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{300D7DAD-3B9A-49D7-8778-61D217F278AA}: DhcpNameServer = 89.108.202.21 89.108.195.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90B1A334-FCA8-4AB1-93F3-4AFD32B5B1D4}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2520098-BCC0-4AF0-A346-8C41ACA7828D}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\MaGdusia\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\MaGdusia\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{1ca40064-aa46-11e1-b61d-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{1ca40064-aa46-11e1-b61d-002243a32dad}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{1ca40065-aa46-11e1-b61d-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{1ca40065-aa46-11e1-b61d-002243a32dad}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{1e312aa4-50fb-11e2-a552-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{1e312aa4-50fb-11e2-a552-002243a32dad}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{1e312ab0-50fb-11e2-a552-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{1e312ab0-50fb-11e2-a552-002243a32dad}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{3c59fdee-b942-11e1-b5a2-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{3c59fdee-b942-11e1-b5a2-002243a32dad}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{3c59fdf0-b942-11e1-b5a2-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{3c59fdf0-b942-11e1-b5a2-002243a32dad}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{45be6b7b-aca2-11e1-8552-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{45be6b7b-aca2-11e1-8552-002243a32dad}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{45be6b7d-aca2-11e1-8552-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{45be6b7d-aca2-11e1-8552-002243a32dad}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{5f5dd8ed-1bae-11e3-9db2-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{5f5dd8ed-1bae-11e3-9db2-002243a32dad}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{7c99026e-c455-11e1-b38d-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{7c99026e-c455-11e1-b38d-002243a32dad}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{7c990271-c455-11e1-b38d-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{7c990271-c455-11e1-b38d-002243a32dad}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{ad2110c4-badf-11e1-aa38-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{ad2110c4-badf-11e1-aa38-002243a32dad}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{bdc6fabc-b4d1-11e1-8764-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{bdc6fabc-b4d1-11e1-8764-002243a32dad}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{bdc6fabe-b4d1-11e1-8764-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{bdc6fabe-b4d1-11e1-8764-002243a32dad}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{c31575ed-aff1-11e1-abf4-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{c31575ed-aff1-11e1-abf4-002243a32dad}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c315760e-aff1-11e1-abf4-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{c315760e-aff1-11e1-abf4-002243a32dad}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c36e86e4-978e-11e1-be20-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{c36e86e4-978e-11e1-be20-002243a32dad}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c36e8705-978e-11e1-be20-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{c36e8705-978e-11e1-be20-002243a32dad}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{dabc674f-bee2-11e1-bd0a-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{dabc674f-bee2-11e1-bd0a-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{e341191d-e23e-11e2-8f65-002243a32dad}\Shell - "" = AutoRun O33 - MountPoints2\{e341191d-e23e-11e2-8f65-002243a32dad}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-06-12 15:46:48 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2014-06-12 15:46:47 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2014-06-12 15:46:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2014-06-12 15:46:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2014-06-12 15:46:47 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2014-06-12 15:46:47 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2014-06-12 15:46:46 | 001,810,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2014-06-12 15:46:45 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2014-06-12 15:46:45 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2014-06-12 15:46:44 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2014-06-12 15:46:43 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2014-06-12 15:46:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2014-06-04 15:41:15 | 000,000,000 | ---D | C] -- C:\Users\MaGdusia\Desktop\Dzień Dziecka [2014-06-04 15:34:10 | 000,000,000 | ---D | C] -- C:\Users\MaGdusia\Desktop\Lunka [2014-05-27 21:56:05 | 000,000,000 | ---D | C] -- C:\Users\MaGdusia\Desktop\Muzyka-siatkówka [2012-10-19 19:35:52 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\MaGdusia\AppData\Roaming\pcouffin.sys [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-06-15 15:06:59 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-06-15 14:04:27 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2014-06-15 14:04:26 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2014-06-15 14:04:23 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2014-06-15 14:04:09 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\ROC_REG_JAN_DELETE.job [2014-06-15 14:04:09 | 000,000,206 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job [2014-06-15 14:04:09 | 000,000,206 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2014-06-15 14:04:04 | 000,093,892 | ---- | M] () -- C:\ProgramData\nvModes.001 [2014-06-15 14:03:58 | 000,373,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2014-06-15 14:03:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-06-15 14:02:28 | 2146,553,856 | -HS- | M] () -- C:\hiberfil.sys [2014-06-15 14:01:23 | 000,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat [2014-06-15 13:02:23 | 165,268,388 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm [2014-06-13 21:47:09 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2014-06-13 21:47:09 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2014-06-08 20:22:30 | 000,426,644 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm [2014-06-04 15:34:40 | 000,714,932 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2014-06-04 15:34:40 | 000,634,484 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014-06-04 15:34:40 | 000,151,772 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2014-06-04 15:34:40 | 000,120,050 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014-05-28 18:39:36 | 001,810,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2014-05-28 18:32:25 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2014-05-28 18:31:33 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2014-05-28 18:31:17 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2014-05-28 18:30:53 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2014-05-28 18:30:25 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2014-05-28 18:30:08 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2014-05-28 18:30:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2014-05-28 18:29:58 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2014-05-28 18:29:49 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2014-05-28 18:29:31 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2014-05-28 18:28:35 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2014-05-16 18:04:44 | 000,630,828 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavifw.avm [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-06-15 14:02:32 | 000,373,608 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2014-03-02 09:57:33 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini [2014-03-02 09:53:20 | 000,078,848 | ---- | C] () -- C:\Windows\KMSEmulator.exe [2013-11-12 19:05:45 | 000,000,266 | RHS- | C] () -- C:\Users\MaGdusia\ntuser.pol [2013-06-07 18:02:33 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2013-06-02 15:49:17 | 000,006,011 | ---- | C] () -- C:\Users\MaGdusia\AppData\Local\recently-used.xbel [2013-05-30 20:25:43 | 000,000,586 | ---- | C] () -- C:\Users\MaGdusia\rect4698.png [2012-10-19 20:20:34 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2012-10-19 19:35:52 | 000,087,608 | ---- | C] () -- C:\Users\MaGdusia\AppData\Roaming\inst.exe [2012-10-19 19:35:52 | 000,007,887 | ---- | C] () -- C:\Users\MaGdusia\AppData\Roaming\pcouffin.cat [2012-10-19 19:35:52 | 000,001,144 | ---- | C] () -- C:\Users\MaGdusia\AppData\Roaming\pcouffin.inf [2012-10-19 19:14:47 | 000,001,057 | ---- | C] () -- C:\Users\MaGdusia\AppData\Roaming\vso_ts_preview.xml [2012-07-19 13:34:20 | 000,093,892 | ---- | C] () -- C:\ProgramData\nvModes.001 [2012-07-17 23:16:15 | 000,093,892 | ---- | C] () -- C:\ProgramData\nvModes.dat [2012-05-06 23:26:41 | 000,071,680 | ---- | C] () -- C:\Users\MaGdusia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-07-02 04:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll [2008-05-22 18:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg [color=#E56717]========== ZeroAccess Check ==========[/color] [2006-11-02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014-03-25 15:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-12-15 20:02:59 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software [2012-12-15 20:02:59 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software [2013-04-06 10:06:11 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\Audacity [2013-11-12 19:08:39 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\AVG [2012-05-06 19:45:30 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\AVG10 [2013-05-04 09:01:43 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\Babylon [2014-06-15 13:25:00 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\BitTorrent [2013-08-31 09:02:52 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\DAEMON Tools Lite [2013-11-12 19:09:41 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\Dealply [2013-01-27 17:14:25 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\efile.epity2012 [2013-06-08 09:54:47 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\Epson [2012-05-06 23:45:18 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\Gadu-Gadu 10 [2013-12-07 12:40:02 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\inkscape [2013-06-15 06:33:47 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\ipla [2012-06-26 08:52:27 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\NapiProjekt [2013-11-12 19:04:27 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\OpenCandy [2013-08-15 19:43:11 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\PhotoScape [2013-03-08 20:38:46 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\PTC [2013-11-12 19:06:12 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\SimilarSites [2012-11-29 19:01:15 | 000,000,000 | ---D | M] -- C:\Users\MaGdusia\AppData\Roaming\Vso [color=#E56717]========== Purity Check ==========[/color] < End of report >