API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 4th, 2014
103
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 42.76 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 2014-03-04 17:06:17 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Asiulka\Downloads
  3. 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 8.0.7601.17514)
  5. Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
  6.  
  7. 3,87 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 56,94% Memory free
  8. 7,74 Gb Paging File | 5,79 Gb Available in Paging File | 74,77% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 97,60 Gb Total Space | 26,21 Gb Free Space | 26,85% Space Free | Partition Type: NTFS
  13. Drive D: | 100,00 Mb Total Space | 49,58 Mb Free Space | 49,58% Space Free | Partition Type: NTFS
  14. Drive E: | 172,75 Gb Total Space | 119,56 Gb Free Space | 69,21% Space Free | Partition Type: NTFS
  15. Drive F: | 195,31 Gb Total Space | 134,85 Gb Free Space | 69,04% Space Free | Partition Type: NTFS
  16. Drive G: | 1,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
  17. Drive H: | 5,60 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
  18.  
  19. Computer Name: ASIULKA-ASIULKA | User Name: Asiulka | Logged in as Administrator.
  20. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
  21. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  22.  
  23. [color=#E56717]========== Processes (SafeList) ==========[/color]
  24.  
  25. PRC - [2014-03-04 17:04:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asiulka\Downloads\OTL_[www.programosy.pl].exe
  26. PRC - [2014-03-04 16:07:39 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Asiulka\Desktop\HijackThis_2.0.4.exe
  27. PRC - [2014-02-20 21:49:42 | 001,863,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
  28. PRC - [2014-02-15 17:15:52 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  29. PRC - [2013-12-21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  30. PRC - [2013-12-18 22:04:13 | 004,047,424 | ---- | M] (GG Network S.A.) -- C:\Users\Asiulka\AppData\Local\GG\Application\gghub.exe
  31. PRC - [2013-12-18 22:04:13 | 000,132,672 | ---- | M] (GG Network S.A.) -- C:\Users\Asiulka\AppData\Local\GG\Application\ggapp.exe
  32. PRC - [2013-12-18 22:04:13 | 000,076,352 | ---- | M] (GG Network S.A.) -- C:\Users\Asiulka\AppData\Local\GG\Application\xulrunner\gghub.exe
  33. PRC - [2013-11-14 12:56:57 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
  34. PRC - [2013-11-14 12:56:48 | 001,914,656 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
  35. PRC - [2013-11-11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
  36. PRC - [2013-11-01 20:11:50 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
  37. PRC - [2013-09-02 12:10:46 | 003,402,304 | ---- | M] (GG Network S.A.) -- C:\Users\Asiulka\AppData\Local\GG\Application\ggdrive\ggdrive.exe
  38. PRC - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
  39. PRC - [2013-04-04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
  40. PRC - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
  41. PRC - [2012-10-26 07:49:04 | 000,202,752 | ---- | M] () -- C:\Users\Asiulka\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
  42.  
  43.  
  44. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  45.  
  46. MOD - [2014-02-20 21:49:42 | 016,265,096 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
  47. MOD - [2014-02-15 17:15:52 | 003,578,992 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
  48. MOD - [2013-12-18 22:04:13 | 003,006,528 | ---- | M] () -- C:\Users\Asiulka\AppData\Local\GG\Application\xulrunner\mozjs.dll
  49. MOD - [2013-12-18 22:04:13 | 000,141,888 | ---- | M] () -- C:\Users\Asiulka\AppData\Local\GG\Application\ggdrive\zlib1.dll
  50. MOD - [2013-09-02 12:10:44 | 016,166,248 | ---- | M] () -- C:\Users\Asiulka\AppData\Local\GG\Application\FMSBWChecker\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
  51. MOD - [2012-10-26 07:49:04 | 000,202,752 | ---- | M] () -- C:\Users\Asiulka\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
  52.  
  53.  
  54. [color=#E56717]========== Services (SafeList) ==========[/color]
  55.  
  56. SRV:[b]64bit:[/b] - [2014-01-16 01:42:12 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
  57. SRV:[b]64bit:[/b] - [2014-01-07 17:39:10 | 000,551,824 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\Windows\SysNative\appdrvrem01.exe -- (appdrvrem01)
  58. SRV:[b]64bit:[/b] - [2013-11-14 12:57:03 | 015,125,280 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
  59. SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  60. SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
  61. SRV - [2014-02-25 22:57:46 | 000,568,512 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
  62. SRV - [2014-02-20 21:49:42 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  63. SRV - [2014-02-15 17:15:52 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  64. SRV - [2013-12-21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
  65. SRV - [2013-11-14 12:56:48 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
  66. SRV - [2013-11-11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
  67. SRV - [2013-11-01 20:11:50 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
  68. SRV - [2013-10-23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
  69. SRV - [2013-05-20 19:39:44 | 005,086,240 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
  70. SRV - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
  71. SRV - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
  72. SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  73. SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  74.  
  75.  
  76. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  77.  
  78. DRV:[b]64bit:[/b] - [2014-01-07 17:39:11 | 002,918,512 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\appdrv01.sys -- (appdrv01)
  79. DRV:[b]64bit:[/b] - [2013-12-06 14:37:50 | 000,035,232 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
  80. DRV:[b]64bit:[/b] - [2013-11-27 02:54:02 | 000,042,016 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv.sys -- (ManyCam)
  81. DRV:[b]64bit:[/b] - [2013-11-14 12:57:13 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
  82. DRV:[b]64bit:[/b] - [2013-11-14 12:57:05 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
  83. DRV:[b]64bit:[/b] - [2013-10-12 14:47:08 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
  84. DRV:[b]64bit:[/b] - [2013-04-04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
  85. DRV:[b]64bit:[/b] - [2010-11-21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  86. DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  87. DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
  88. DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
  89. DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
  90. DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
  91. DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  92. DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  93. DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
  94. DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  95. DRV:[b]64bit:[/b] - [2009-09-17 18:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
  96. DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  97. DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  98. DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  99. DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  100. DRV:[b]64bit:[/b] - [2009-06-10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
  101. DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  102. DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  103. DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  104. DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  105. DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  106.  
  107.  
  108. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  109.  
  110.  
  111. [color=#E56717]========== Internet Explorer ==========[/color]
  112.  
  113. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1QzutC0CyC0FyCyDtByEtCyB0DtByE0E0CyDtN0D0Tzu0CyCyCyDtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=13279011&ir=
  114. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  115. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutC0CyC0FyCyDtByEtCyB0DtByE0E0CyDtN0D0Tzu0CyCyCyDtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=13279011&ir=
  116. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0CA35B57-220B-8B86-AEE3-314EC4ED4F00}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  117. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  118. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  119. IE - HKLM\..\SearchScopes\{032E1934-8512-E655-416E-1C28DD7ABDA6}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  120. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutC0CyC0FyCyDtByEtCyB0DtByE0E0CyDtN0D0Tzu0CyCyCyDtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=13279011&ir=
  121.  
  122. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.pl/ [binary data]
  123. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  124. IE - HKCU\..\SearchScopes,DefaultScope = {E938ABCF-63B8-4212-99DF-ED5132FBDAC3}
  125. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  126. IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=C4541C6F652417D2&affID=119357&tt=160913_nocpn&tsp=5014
  127. IE - HKCU\..\SearchScopes\{89AE380D-4548-495B-977A-C613583DDE61}: "URL" = http://search.ividi.org/?q={searchTerms}&src=tbsp&id=c4544ec50000000000001c6f652417d2&affilt=3&r=784
  128. IE - HKCU\..\SearchScopes\{E938ABCF-63B8-4212-99DF-ED5132FBDAC3}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutC0CyC0FyCyDtByEtCyB0DtByE0E0CyDtN0D0Tzu0CyCyCyDtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=13279011&ir=
  129. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  130.  
  131. [color=#E56717]========== FireFox ==========[/color]
  132.  
  133. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
  134. FF - user.js - File not found
  135.  
  136. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
  137. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
  138. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
  139. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  140. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  141. FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
  142. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
  143. FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
  144. FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
  145. FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
  146. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
  147. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
  148. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  149. FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Asiulka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
  150. FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
  151.  
  152. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-01 17:06:00 | 000,000,000 | ---D | M]
  153. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  154. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-02-15 17:15:48 | 000,000,000 | ---D | M]
  155. FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-01 17:06:00 | 000,000,000 | ---D | M]
  156. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  157. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-02-15 17:15:48 | 000,000,000 | ---D | M]
  158.  
  159. [2014-02-03 14:51:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asiulka\AppData\Roaming\mozilla\Extensions
  160. [2014-02-03 14:49:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asiulka\AppData\Roaming\mozilla\Firefox\Profiles\oo5ca9jj.default\Extensions
  161. [2014-02-03 14:49:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asiulka\AppData\Roaming\mozilla\Firefox\Profiles\oo5ca9jj.default\Extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
  162. [2014-02-15 17:15:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
  163. [2014-02-15 17:15:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  164. [2012-11-05 19:12:28 | 000,172,032 | ---- | M] (iVIDI.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npffividiplg.dll
  165.  
  166. [color=#E56717]========== Chrome ==========[/color]
  167.  
  168. CHR - default_search_provider: Google (Enabled)
  169. CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
  170. CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
  171. CHR - Extension: iVIDI.org plugin = C:\Users\Asiulka\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol\1.3_1\
  172. CHR - Extension: Google Wallet = C:\Users\Asiulka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
  173.  
  174. O1 HOSTS File: ([2013-10-16 14:47:04 | 000,000,921 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  175. O1 - Hosts: 127.0.0.1 genuine.microsoft.com
  176. O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
  177. O1 - Hosts: 127.0.0.1 sls.microsoft.com
  178. O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
  179. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
  180. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  181. O4:[b]64bit:[/b] - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
  182. O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
  183. O4 - HKLM..\Run: [ConvertAd] C:\Users\Asiulka\AppData\Local\ConvertAd\ConvertAd.exe File not found
  184. O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
  185. O4 - HKCU..\Run: [Apps Hat] C:\Users\Asiulka\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe ()
  186. O4 - HKCU..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h File not found
  187. O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
  188. O4 - HKCU..\Run: [NextLive] C:\Users\Asiulka\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
  189. O4 - HKCU..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent File not found
  190. O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
  191. O4 - Startup: C:\Users\Asiulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.lnk = C:\Users\Asiulka\kr9k25i562pk\72340.vbs ()
  192. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  193. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  194. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  195. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  196. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
  197. O13[b]64bit:[/b] - gopher Prefix: missing
  198. O13 - gopher Prefix: missing
  199. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
  200. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DAFF82A2-D23A-4108-91BE-8C68660A02FD}: DhcpNameServer = 192.168.1.1
  201. O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
  202. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
  203. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  204. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  205. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  206. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  207. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  208. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  209. O32 - HKLM CDRom: AutoRun - 1
  210. O32 - AutoRun File - [2007-06-12 19:20:38 | 000,003,118 | RH-- | M] () - G:\Autorun.inf -- [ CDFS ]
  211. O32 - AutoRun File - [2009-04-23 06:55:11 | 000,054,544 | R--- | M] (Electronic Arts) - H:\Autorun.exe -- [ UDF ]
  212. O32 - AutoRun File - [2008-10-22 00:48:42 | 000,000,045 | R--- | M] () - H:\Autorun.inf -- [ UDF ]
  213. O33 - MountPoints2\{8e18c621-1d3f-11e3-85b8-806e6f6e6963}\Shell - "" = AutoRun
  214. O33 - MountPoints2\{8e18c621-1d3f-11e3-85b8-806e6f6e6963}\Shell\AutoRun\command - "" = G:\SoftR2_Photo.exe -- [2007-04-23 07:57:12 | 000,835,584 | RH-- | M] (Soft-R Research LLC)
  215. O33 - MountPoints2\{b812d656-333b-11e3-8fcd-1c6f652417d2}\Shell - "" = AutoRun
  216. O33 - MountPoints2\{b812d656-333b-11e3-8fcd-1c6f652417d2}\Shell\AutoRun\command - "" = H:\Autorun.exe -- [2009-04-23 06:55:11 | 000,054,544 | R--- | M] (Electronic Arts)
  217. O33 - MountPoints2\{fb9b316a-8bff-11e3-aa4e-1c6f652417d2}\Shell - "" = AutoRun
  218. O33 - MountPoints2\{fb9b316a-8bff-11e3-aa4e-1c6f652417d2}\Shell\AutoRun\command - "" = I:\Startme.exe
  219. O34 - HKLM BootExecute: (autocheck autochk *)
  220. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  221. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  222. O35 - HKLM\..comfile [open] -- "%1" %*
  223. O35 - HKLM\..exefile [open] -- "%1" %*
  224. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  225. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  226. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  227. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  228. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  229. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  230. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  231.  
  232. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  233.  
  234. [2014-03-04 16:07:46 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Asiulka\Desktop\HijackThis_2.0.4.exe
  235. [2014-03-04 15:50:10 | 000,000,000 | ---D | C] -- C:\Users\Asiulka\AppData\Roaming\dclogs
  236. [2014-03-04 15:50:08 | 000,000,000 | RHSD | C] -- C:\Users\Asiulka\kr9k25i562pk
  237. [2014-03-02 13:08:14 | 000,000,000 | ---D | C] -- C:\Users\Asiulka\AppData\Local\Skype
  238. [2014-03-02 13:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
  239. [2014-03-02 13:07:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
  240. [2014-03-02 13:07:57 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
  241. [2014-03-02 10:03:12 | 000,000,000 | ---D | C] -- C:\Users\Asiulka\AppData\Roaming\OpenFM
  242. [2014-03-02 10:03:11 | 000,000,000 | ---D | C] -- C:\Users\Asiulka\AppData\Local\OpenFM
  243. [2014-03-02 09:15:28 | 000,000,000 | ---D | C] -- C:\Users\Asiulka\Desktop\sesja z Kamila
  244. [2014-03-01 16:14:46 | 000,000,000 | ---D | C] -- C:\Users\Asiulka\AppData\Roaming\Soft-R Research
  245. [2014-02-27 15:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
  246. [2014-02-25 09:40:23 | 000,000,000 | ---D | C] -- C:\Users\Asiulka\Desktop\AFKI
  247. [2014-02-18 09:49:34 | 000,000,000 | ---D | C] -- C:\Users\Asiulka\AppData\Roaming\.minecraftzyczu
  248. [2014-02-18 09:49:27 | 003,727,418 | ---- | C] (Zyczu) -- C:\Users\Asiulka\Desktop\MinecraftZyczu.exe
  249. [2014-02-17 09:07:13 | 000,000,000 | ---D | C] -- C:\Users\Asiulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter Strike 1.6
  250. [2014-02-17 09:06:38 | 000,000,000 | ---D | C] -- C:\Gry
  251. [2014-02-15 17:15:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
  252. [2014-02-14 13:59:59 | 000,000,000 | ---D | C] -- C:\Users\Asiulka\Desktop\sesja z wiktoria
  253. [2014-02-12 17:39:59 | 000,000,000 | ---D | C] -- C:\Users\Asiulka\AppData\Local\HP
  254. [2014-02-12 13:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
  255. [2014-02-12 13:14:24 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
  256. [2014-02-08 10:32:24 | 000,000,000 | ---D | C] -- C:\Games
  257. [2014-02-06 16:01:28 | 000,000,000 | ---D | C] -- C:\Users\Asiulka\Desktop\studniowka
  258. [2014-02-06 15:56:09 | 000,000,000 | ---D | C] -- C:\Users\Asiulka\Desktop\Originals
  259. [2014-02-05 18:02:07 | 000,000,000 | ---D | C] -- C:\Users\Asiulka\Desktop\matma
  260. [2014-02-03 14:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
  261.  
  262. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  263.  
  264. [2014-03-04 16:54:21 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  265. [2014-03-04 16:53:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  266. [2014-03-04 16:53:49 | 3117,015,040 | -HS- | M] () -- C:\hiberfil.sys
  267. [2014-03-04 16:25:20 | 000,016,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  268. [2014-03-04 16:25:19 | 000,016,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  269. [2014-03-04 16:07:39 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Asiulka\Desktop\HijackThis_2.0.4.exe
  270. [2014-03-04 15:50:11 | 000,000,822 | -HS- | M] () -- C:\Users\Asiulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.lnk
  271. [2014-03-04 15:50:05 | 001,264,723 | ---- | M] () -- C:\Users\Asiulka\Desktop\umowa_zipped_PDF.zip
  272. [2014-03-04 15:49:02 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  273. [2014-03-04 14:42:21 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  274. [2014-03-03 19:16:56 | 001,661,232 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  275. [2014-03-03 19:16:56 | 000,737,242 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
  276. [2014-03-03 19:16:56 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  277. [2014-03-03 19:16:56 | 000,153,930 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
  278. [2014-03-03 19:16:56 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  279. [2014-03-03 16:46:35 | 000,143,076 | ---- | M] () -- C:\Users\Asiulka\Desktop\1001284_670246616347058_1353112994_n.jpg
  280. [2014-03-02 14:15:22 | 000,035,132 | ---- | M] () -- C:\Users\Asiulka\Desktop\70ad8ccb87fd4d8dac44f202eb08d307_315653.jpg
  281. [2014-03-02 13:07:58 | 000,002,699 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
  282. [2014-03-02 10:03:11 | 000,001,189 | ---- | M] () -- C:\Users\Asiulka\Desktop\OpenFM.lnk
  283. [2014-03-02 09:28:23 | 000,087,040 | -H-- | M] () -- C:\Users\Asiulka\Desktop\photothumb.db
  284. [2014-03-01 20:09:33 | 000,102,348 | ---- | M] () -- C:\Users\Asiulka\Desktop\So,a.jpg
  285. [2014-03-01 14:27:03 | 000,016,923 | ---- | M] () -- C:\Users\Asiulka\Desktop\119851917_1_1000x700_sukienka-dluga-asos-m-lubin.jpg
  286. [2014-02-28 22:04:50 | 000,006,490 | ---- | M] () -- C:\Users\Asiulka\Desktop\1969287_661316577265892_1231032935_n.jpg
  287. [2014-02-28 20:15:28 | 1156,796,997 | ---- | M] () -- C:\Users\Asiulka\Desktop\Alistria.eu.7z
  288. [2014-02-27 11:07:24 | 001,368,868 | ---- | M] () -- C:\Users\Asiulka\Desktop\umowa_zipped_PDF.exe
  289. [2014-02-26 17:20:02 | 000,196,183 | ---- | M] () -- C:\Users\Asiulka\Desktop\9f57da91adffec7eeffc586ef449c9b2_307683.jpg
  290. [2014-02-26 14:25:26 | 000,009,495 | ---- | M] () -- C:\Users\Asiulka\Desktop\1926790_669145363148834_927040082_n.jpg
  291. [2014-02-25 19:31:04 | 001,290,820 | ---- | M] () -- C:\Users\Asiulka\Desktop\DSC_0772.jpg
  292. [2014-02-24 11:18:32 | 000,180,360 | ---- | M] () -- C:\Users\Asiulka\Desktop\ff66242de6d6.jpg
  293. [2014-02-23 20:47:30 | 000,014,409 | ---- | M] () -- C:\Users\Asiulka\Desktop\1920511_1443385052563303_2105125729_n.jpg
  294. [2014-02-23 16:49:08 | 000,014,221 | ---- | M] () -- C:\Users\Asiulka\Desktop\1507634_741964845828023_1345122795_n.jpg
  295. [2014-02-23 16:47:38 | 000,011,241 | ---- | M] () -- C:\Users\Asiulka\Desktop\1508519_607667422646608_905158591_n.jpg
  296. [2014-02-21 20:09:36 | 000,268,579 | ---- | M] () -- C:\Users\Asiulka\Desktop\tlo.png
  297. [2014-02-21 19:58:34 | 000,031,478 | ---- | M] () -- C:\Users\Asiulka\Desktop\417903.jpg
  298. [2014-02-20 21:49:42 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
  299. [2014-02-20 21:49:42 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
  300. [2014-02-20 19:15:00 | 000,087,153 | ---- | M] () -- C:\Users\Asiulka\Desktop\lo1 001.jpg
  301. [2014-02-18 12:33:27 | 000,558,104 | ---- | M] () -- C:\Users\Asiulka\Desktop\Umowa o niekomercyjna (1).pdf
  302. [2014-02-18 09:49:28 | 003,727,418 | ---- | M] (Zyczu) -- C:\Users\Asiulka\Desktop\MinecraftZyczu.exe
  303. [2014-02-17 18:44:23 | 000,007,742 | ---- | M] () -- C:\Users\Asiulka\Desktop\dasfasfas.jpg
  304. [2014-02-17 09:07:13 | 000,000,820 | ---- | M] () -- C:\Users\Asiulka\Desktop\Counter Strike 1.6.lnk
  305. [2014-02-16 21:53:58 | 000,000,533 | ---- | M] () -- C:\Users\Asiulka\Desktop\Polski.lnk
  306. [2014-02-14 13:56:10 | 000,039,650 | ---- | M] () -- C:\Users\Asiulka\Desktop\9d41737576_miales_sie_uczyc.jpg
  307. [2014-02-12 19:39:12 | 000,139,254 | ---- | M] () -- C:\Users\Asiulka\Desktop\ZWR_Faktura_indywidualna_761-494-2978-5034_14_02_F002_V.pdf
  308. [2014-02-12 13:14:27 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
  309. [2014-02-12 13:14:27 | 000,001,931 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
  310. [2014-02-11 19:41:58 | 000,048,102 | ---- | M] () -- C:\Users\Asiulka\Desktop\dzieki-za-info-pl-000000-1.jpg
  311. [2014-02-10 15:57:02 | 000,497,617 | ---- | M] () -- C:\Users\Asiulka\Desktop\sadadsfsas.png
  312. [2014-02-07 21:34:41 | 000,074,457 | ---- | M] () -- C:\Users\Asiulka\Desktop\to cos.jpg
  313. [2014-02-06 19:45:48 | 000,010,458 | ---- | M] () -- C:\Users\Asiulka\Desktop\indeks.jpg
  314. [2014-02-05 18:26:40 | 304,681,742 | ---- | M] () -- C:\Users\Asiulka\Desktop\nieszczesna matma.rtf
  315. [2014-02-04 19:05:12 | 000,109,855 | ---- | M] () -- C:\Users\Asiulka\Desktop\polska_kibice500.jpeg
  316. [2014-02-03 18:52:14 | 000,225,001 | ---- | M] () -- C:\Users\Asiulka\Desktop\Bez tytułu.png
  317. [2014-02-03 14:51:29 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
  318.  
  319. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  320.  
  321. [2014-03-04 15:50:38 | 001,368,868 | ---- | C] () -- C:\Users\Asiulka\Desktop\umowa_zipped_PDF.exe
  322. [2014-03-04 15:50:09 | 000,000,822 | -HS- | C] () -- C:\Users\Asiulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.lnk
  323. [2014-03-04 15:50:04 | 001,264,723 | ---- | C] () -- C:\Users\Asiulka\Desktop\umowa_zipped_PDF.zip
  324. [2014-03-02 14:15:22 | 000,035,132 | ---- | C] () -- C:\Users\Asiulka\Desktop\70ad8ccb87fd4d8dac44f202eb08d307_315653.jpg
  325. [2014-03-02 13:07:58 | 000,002,699 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
  326. [2014-03-02 10:03:11 | 000,001,197 | ---- | C] () -- C:\Users\Asiulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk
  327. [2014-03-02 10:03:11 | 000,001,189 | ---- | C] () -- C:\Users\Asiulka\Desktop\OpenFM.lnk
  328. [2014-03-02 09:53:56 | 000,143,076 | ---- | C] () -- C:\Users\Asiulka\Desktop\1001284_670246616347058_1353112994_n.jpg
  329. [2014-03-01 20:09:32 | 000,102,348 | ---- | C] () -- C:\Users\Asiulka\Desktop\So,a.jpg
  330. [2014-03-01 14:26:59 | 000,016,923 | ---- | C] () -- C:\Users\Asiulka\Desktop\119851917_1_1000x700_sukienka-dluga-asos-m-lubin.jpg
  331. [2014-02-28 22:04:47 | 000,006,490 | ---- | C] () -- C:\Users\Asiulka\Desktop\1969287_661316577265892_1231032935_n.jpg
  332. [2014-02-28 20:15:03 | 1156,796,997 | ---- | C] () -- C:\Users\Asiulka\Desktop\Alistria.eu.7z
  333. [2014-02-26 17:20:00 | 000,196,183 | ---- | C] () -- C:\Users\Asiulka\Desktop\9f57da91adffec7eeffc586ef449c9b2_307683.jpg
  334. [2014-02-26 14:25:25 | 000,009,495 | ---- | C] () -- C:\Users\Asiulka\Desktop\1926790_669145363148834_927040082_n.jpg
  335. [2014-02-25 19:30:14 | 001,290,820 | ---- | C] () -- C:\Users\Asiulka\Desktop\DSC_0772.jpg
  336. [2014-02-24 11:14:07 | 000,180,360 | ---- | C] () -- C:\Users\Asiulka\Desktop\ff66242de6d6.jpg
  337. [2014-02-23 20:47:30 | 000,014,409 | ---- | C] () -- C:\Users\Asiulka\Desktop\1920511_1443385052563303_2105125729_n.jpg
  338. [2014-02-23 16:49:08 | 000,014,221 | ---- | C] () -- C:\Users\Asiulka\Desktop\1507634_741964845828023_1345122795_n.jpg
  339. [2014-02-23 16:47:37 | 000,011,241 | ---- | C] () -- C:\Users\Asiulka\Desktop\1508519_607667422646608_905158591_n.jpg
  340. [2014-02-21 20:09:36 | 000,268,579 | ---- | C] () -- C:\Users\Asiulka\Desktop\tlo.png
  341. [2014-02-21 19:58:34 | 000,031,478 | ---- | C] () -- C:\Users\Asiulka\Desktop\417903.jpg
  342. [2014-02-20 19:15:00 | 000,087,153 | ---- | C] () -- C:\Users\Asiulka\Desktop\lo1 001.jpg
  343. [2014-02-18 12:33:27 | 000,558,104 | ---- | C] () -- C:\Users\Asiulka\Desktop\Umowa o niekomercyjna (1).pdf
  344. [2014-02-17 18:44:22 | 000,007,742 | ---- | C] () -- C:\Users\Asiulka\Desktop\dasfasfas.jpg
  345. [2014-02-17 09:07:13 | 000,000,820 | ---- | C] () -- C:\Users\Asiulka\Desktop\Counter Strike 1.6.lnk
  346. [2014-02-14 13:56:10 | 000,039,650 | ---- | C] () -- C:\Users\Asiulka\Desktop\9d41737576_miales_sie_uczyc.jpg
  347. [2014-02-12 19:39:12 | 000,139,254 | ---- | C] () -- C:\Users\Asiulka\Desktop\ZWR_Faktura_indywidualna_761-494-2978-5034_14_02_F002_V.pdf
  348. [2014-02-12 13:14:27 | 000,001,931 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
  349. [2014-02-11 19:41:57 | 000,048,102 | ---- | C] () -- C:\Users\Asiulka\Desktop\dzieki-za-info-pl-000000-1.jpg
  350. [2014-02-10 15:57:02 | 000,497,617 | ---- | C] () -- C:\Users\Asiulka\Desktop\sadadsfsas.png
  351. [2014-02-07 21:34:41 | 000,074,457 | ---- | C] () -- C:\Users\Asiulka\Desktop\to cos.jpg
  352. [2014-02-06 19:45:48 | 000,010,458 | ---- | C] () -- C:\Users\Asiulka\Desktop\indeks.jpg
  353. [2014-02-05 18:26:37 | 304,681,742 | ---- | C] () -- C:\Users\Asiulka\Desktop\nieszczesna matma.rtf
  354. [2014-02-04 19:05:12 | 000,109,855 | ---- | C] () -- C:\Users\Asiulka\Desktop\polska_kibice500.jpeg
  355. [2014-02-03 18:52:14 | 000,225,001 | ---- | C] () -- C:\Users\Asiulka\Desktop\Bez tytułu.png
  356. [2014-02-03 14:51:29 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
  357. [2014-02-03 14:51:29 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
  358. [2014-01-13 19:25:54 | 000,001,647 | ---- | C] () -- C:\Users\Asiulka\AppData\Local\recently-used.xbel
  359. [2013-12-30 17:00:49 | 001,636,610 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
  360. [2013-12-01 17:03:36 | 000,177,269 | ---- | C] () -- C:\Windows\hpoins14.dat
  361. [2013-12-01 17:03:36 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat
  362. [2013-10-23 16:43:22 | 000,000,892 | RHS- | C] () -- C:\Users\Asiulka\ntuser.pol
  363. [2013-10-16 14:47:25 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\winver.exe
  364. [2013-10-07 19:16:18 | 000,028,501 | ---- | C] () -- C:\Users\Asiulka\AppData\Roaming\UserTile.png
  365. [2013-09-18 11:34:40 | 000,282,296 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
  366. [2013-09-18 11:34:40 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
  367.  
  368. [color=#E56717]========== ZeroAccess Check ==========[/color]
  369.  
  370. [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  371.  
  372. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  373.  
  374. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  375.  
  376. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  377.  
  378. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  379.  
  380. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  381. "" = C:\Windows\SysNative\shell32.dll -- [2010-11-21 04:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
  382. "ThreadingModel" = Apartment
  383.  
  384. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  385. "" = %SystemRoot%\system32\shell32.dll -- [2010-11-21 04:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
  386. "ThreadingModel" = Apartment
  387.  
  388. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  389. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
  390. "ThreadingModel" = Free
  391.  
  392. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  393. "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
  394. "ThreadingModel" = Free
  395.  
  396. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  397. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
  398. "ThreadingModel" = Both
  399.  
  400. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  401.  
  402. [color=#E56717]========== LOP Check ==========[/color]
  403.  
  404. [2014-03-02 16:47:56 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\.minecraft
  405. [2014-02-18 09:52:26 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\.minecraftzyczu
  406. [2014-02-08 18:57:34 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\Awesomium
  407. [2013-12-21 10:56:57 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\BitTorrent
  408. [2013-10-12 14:47:53 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\DAEMON Tools Lite
  409. [2014-03-04 15:51:52 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\dclogs
  410. [2014-03-04 17:01:47 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\GG
  411. [2013-10-12 14:49:00 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\Leadertech
  412. [2013-09-15 07:38:36 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\LolClient
  413. [2013-12-27 16:40:00 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\ManyCam
  414. [2014-01-07 16:58:17 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\Mount&Blade
  415. [2014-03-04 16:54:16 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\newnext.me
  416. [2014-03-02 10:03:12 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\OpenFM
  417. [2013-11-11 12:18:20 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\openvr
  418. [2014-01-18 17:21:46 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\PhotoScape
  419. [2013-09-14 14:46:31 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\Riot Games
  420. [2014-03-01 16:14:47 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\Soft-R Research
  421. [2014-03-02 21:36:15 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\TS3Client
  422. [2013-11-24 19:27:52 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\Unity
  423. [2013-12-01 16:31:51 | 000,000,000 | ---D | M] -- C:\Users\Asiulka\AppData\Roaming\Wayforward Technologies
  424.  
  425. [color=#E56717]========== Purity Check ==========[/color]
  426.  
  427.  
  428.  
  429. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!