Help me remove Yontoo

[chybaty]

Follow the instruction I attached both logs from DDS

DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.13.2

Run by Małe at 8:18:05 on 2013-03-02

Windows JG Seven 6.1.7601.1.1250.48.1045.18.8104.6445 [GMT 1:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe

C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe

C:\Windows\SysWOW64\srvany.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Intel\TurboBoost\TurboBoost.exe

C:\Windows\KMService.exe

C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe

C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe

C:\Program Files (x86)\uTorrent\utorrent.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Cyberfox\Cyberfox.exe

C:\Program Files\Cyberfox\plugin-container.exe

C:\Users\Małe\Desktop\POBIERANIE\dds.scr

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.pl

mWinlogon: Userinit = userinit.exe

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: IEPluginBHO Class: {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Małe\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll

BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

uRun: [sRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\utorrent.exe"

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

uPolicies-Explorer: NoResolveTrack = dword:1

uPolicies-Explorer: NoStartMenuMyMusic = dword:1

uPolicies-Explorer: NoSMMyPictures = dword:1

uPolicies-Explorer: HideSCAHealth = dword:1

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoRecentDocsNetHood = dword:1

mPolicies-System: EnableLUA = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:0

mPolicies-System: EnableInstallerDetection = dword:0

mPolicies-System: SynchronousMachineGroupPolicy = dword:0

mPolicies-System: SynchronousUserGroupPolicy = dword:0

mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:0

mPolicies-Explorer: NoResolveTrack = dword:1

mPolicies-Explorer: NoStartMenuMyMusic = dword:1

mPolicies-Explorer: NoSMMyPictures = dword:1

IE: E&ksportuj do programu Microsoft Excel - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{68BE195D-6F63-43EC-9CD3-8BEF85860C0C} : DHCPNameServer = 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

x64-mStart Page = hxxp://www.google.pl

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe"

x64-Run: [AthBtTray] "C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe"

x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe

x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-11-5 32896]

R0 DC3410;DC3410;C:\Windows\System32\drivers\DC3410.sys [2011-11-5 48328]

R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2011-11-5 310064]

R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-12-31 30056]

R0 SscRdBus;Virtual bus device (SuperSpeed LLC);C:\Windows\System32\drivers\SscRdBus.sys [2012-12-9 93488]

R0 xfiltx64;VIA SATA IDE Hot-plug Driver;C:\Windows\System32\drivers\xfiltx64.sys [2011-11-5 26776]

R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-1-19 283200]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [2012-12-31 151552]

R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe [2010-11-25 52896]

R2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-16 13832]

R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2010-11-25 28832]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2012-12-31 138024]

R3 GenericMount;Generic Mount Driver;C:\Windows\System32\drivers\GenericMount.sys [2009-9-21 54320]

R3 IntcDAud;Intel® Audio dla ekranów;C:\Windows\System32\drivers\IntcDAud.sys [2012-12-31 317440]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-12-31 333928]

R4 Yontoo Desktop Updater;Yontoo Desktop Updater;C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe [2013-3-1 23552]

S3 2310_00;2310_00;C:\Windows\System32\drivers\2310_00.sys [2011-11-5 170528]

S3 ahcix64;ahcix64;C:\Windows\System32\drivers\ahcix64.sys [2011-11-5 264272]

S3 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2011-11-5 226616]

S3 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-11-5 78976]

S3 arcm_a64;arcm_a64;C:\Windows\System32\drivers\arcm_a64.sys [2011-11-5 52768]

S3 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2011-11-5 36448]

S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2010-11-25 36000]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2010-11-25 298144]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2010-11-25 201376]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2010-11-25 55456]

S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2010-11-25 154272]

S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2010-11-25 275616]

S3 DC133;DC133;C:\Windows\System32\drivers\DC133.sys [2011-11-5 39320]

S3 DC150;DC150;C:\Windows\System32\drivers\DC150.sys [2011-11-5 39832]

S3 DC154;DC154;C:\Windows\System32\drivers\DC154.sys [2011-11-5 48136]

S3 DC300e;DC300e;C:\Windows\System32\drivers\DC300e.sys [2011-11-5 40344]

S3 DC324e;DC324e;C:\Windows\System32\drivers\DC324e.sys [2011-11-5 49752]

S3 DC4300;DC4300;C:\Windows\System32\drivers\DC4300.sys [2011-11-5 48360]

S3 DC600e;DC600e;C:\Windows\System32\drivers\DC600e.sys [2011-11-5 40744]

S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]

S3 hptiop;hptiop;C:\Windows\System32\drivers\hptiop.sys [2011-11-5 17440]

S3 hptmv;hptmv;C:\Windows\System32\drivers\hptmv.sys [2011-11-5 93472]

S3 hptmv6;hptmv6;C:\Windows\System32\drivers\hptmv6.sys [2011-11-5 152096]

S3 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2011-11-5 26712]

S3 MegaSR1;MegaSR1;C:\Windows\System32\drivers\MegaSR1.sys [2011-11-5 465488]

S3 mv61xx;mv61xx;C:\Windows\System32\drivers\mv61xx.sys [2011-11-5 181040]

S3 mv91cons;mv91cons;C:\Windows\System32\drivers\mv91cons.sys [2011-11-5 24880]

S3 Pnp680;Pnp680;C:\Windows\System32\drivers\PnP680.sys [2011-11-5 80424]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-6 19456]

S3 rr172x;rr172x;C:\Windows\System32\drivers\rr172x.sys [2011-11-5 124448]

S3 rr174x;rr174x;C:\Windows\System32\drivers\rr174x.sys [2011-11-5 159264]

S3 rr2210;rr2210;C:\Windows\System32\drivers\rr2210.sys [2011-11-5 153632]

S3 rr232x;rr232x;C:\Windows\System32\drivers\rr232x.sys [2011-11-5 152096]

S3 rr2340;rr2340;C:\Windows\System32\drivers\rr2340.sys [2011-11-5 162400]

S3 rr2522;rr2522;C:\Windows\System32\drivers\rr2522.sys [2011-11-5 168032]

S3 rr62x;rr62x;C:\Windows\System32\drivers\rr62x.sys [2011-11-5 155232]

S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2012-12-31 290920]

S3 SI3112r;SI3112r;C:\Windows\System32\drivers\SI3112r.sys [2011-11-5 164656]

S3 SI3114;SI3114;C:\Windows\System32\drivers\SI3114.sys [2011-11-5 99120]

S3 SI3124;SI3124;C:\Windows\System32\drivers\SI3124.sys [2011-11-5 113456]

S3 Si3124r5;Si3124r5;C:\Windows\System32\drivers\Si3124r5.sys [2011-11-5 334640]

S3 Si3531;Si3531;C:\Windows\System32\drivers\Si3531.sys [2011-11-5 333864]

S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]

S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-2-6 29696]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-6 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-2-6 30208]

S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]

S3 viamrx64;viamrx64;C:\Windows\System32\drivers\viamrx64.sys [2011-11-5 161904]

S3 videX64;videX64;C:\Windows\System32\drivers\videX64.sys [2011-11-5 15000]

S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2011-6-27 130384]

S4 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2011-6-27 138576]

S4 GenericMount Helper Service;GenericMount Helper Service;C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [2009-9-21 1571336]

S4 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]

S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-7 161384]

S4 SymSnapService;SymSnapService;C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2009-9-21 2963960]

.

=============== Created Last 30 ================

.

2013-03-02 07:18:05 -------- d-----w- C:\Users\Ma?e\AppData\Local\Microsoft

2013-03-01 09:42:58 -------- d-----w- C:\Program Files (x86)\Gophoto.it

2013-03-01 09:42:12 -------- d-----w- C:\Users\Małe\AppData\Roaming\Babylon

2013-03-01 09:42:12 -------- d-----w- C:\ProgramData\Babylon

2013-03-01 09:42:10 -------- d-----w- C:\Users\Małe\AppData\Roaming\Yontoo

2013-03-01 09:42:10 -------- d-----w- C:\Program Files (x86)\Yontoo

2013-03-01 09:42:07 -------- d-----w- C:\ProgramData\Tarma Installer

2013-03-01 09:42:04 -------- d-----w- C:\Program Files (x86)\TornTV.com

2013-02-24 20:46:55 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-02-24 19:29:32 -------- d-----w- C:\Program Files (x86)\VueScan

2013-02-24 18:17:47 -------- d-----w- C:\Program Files (x86)\epson

2013-02-24 18:10:43 12800 ----a-w- C:\Windows\System32\esxcdev.dll

2013-02-24 18:10:42 459776 ----a-w- C:\Windows\System32\esxwiaud.dll

2013-02-07 07:17:19 -------- d-----w- C:\Users\Małe\AppData\Roaming\pdfforge

2013-02-07 07:17:14 103936 ----a-w- C:\Windows\System32\pdfcmon.dll

2013-02-07 07:17:13 -------- d-----w- C:\Program Files (x86)\PDFCreator

2013-02-06 07:05:25 6144 ---ha-w- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll

2013-02-06 07:04:36 750592 ----a-w- C:\Windows\System32\win32spl.dll

2013-02-06 07:04:35 800768 ----a-w- C:\Windows\System32\usp10.dll

2013-02-06 07:04:35 626688 ----a-w- C:\Windows\SysWow64\usp10.dll

2013-02-06 07:04:35 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll

2013-02-06 07:04:35 3149824 ----a-w- C:\Windows\System32\win32k.sys

2013-02-06 07:04:34 68608 ----a-w- C:\Windows\System32\taskhost.exe

2013-02-06 07:04:34 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2013-02-06 07:04:34 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2013-02-06 06:56:09 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

.

==================== Find3M ====================

.

2013-02-24 20:46:53 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-02-24 20:46:53 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-02-24 20:46:39 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-02-24 20:46:39 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-02-06 06:56:07 963488 ----a-w- C:\Windows\System32\deployJava1.dll

2013-02-06 06:56:07 1085344 ----a-w- C:\Windows\System32\npDeployJava1.dll

2013-01-23 01:55:29 44544 ----a-w- C:\Windows\System32\themeservice.dll

2013-01-23 01:55:29 332288 ----a-w- C:\Windows\System32\uxtheme.dll

2013-01-23 01:55:29 2851328 ----a-w- C:\Windows\System32\themeui.dll

2013-01-19 06:27:21 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys

2013-01-18 03:18:10 564824 ----a-w- C:\Windows\System32\drivers\sptd.sys

2013-01-09 13:52:36 1070152 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX

2012-12-31 16:44:43 3331584 ----a-w- C:\Windows\explorer.exe

2012-12-31 15:55:11 8192 ----a-w- C:\Windows\SysWow64\srvany.exe

2012-12-31 15:55:11 151552 ----a-w- C:\Windows\KMService.exe

2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll

2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll

2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2012-12-14 21:32:14 1608 ----a-w- C:\Windows\System32\RTSLCS.dll

2012-12-09 09:23:15 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll

2012-12-09 09:23:15 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll

2012-12-09 09:23:15 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll

2012-12-09 09:23:15 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll

2012-12-09 09:23:05 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll

2012-12-09 09:23:05 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2012-12-09 09:23:05 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2012-12-09 09:21:59 574464 ----a-w- C:\Windows\System32\d3d10level9.dll

2012-12-09 09:21:59 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll

2012-12-09 09:21:52 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2012-12-09 09:21:39 376688 ----a-w- C:\Windows\System32\drivers\netio.sys

2012-12-09 09:21:39 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2012-12-09 09:21:32 43008 ----a-w- C:\Windows\SysWow64\srclient.dll

2012-12-09 09:21:24 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys

2012-12-09 09:21:17 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe

2012-12-09 09:20:31 95744 ----a-w- C:\Windows\System32\synceng.dll

2012-12-09 09:20:31 78336 ----a-w- C:\Windows\SysWow64\synceng.dll

2012-12-09 09:20:24 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-12-09 09:20:24 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-12-09 09:20:14 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll

2012-12-09 09:20:14 2048 ----a-w- C:\Windows\System32\msxml3r.dll

2012-12-09 09:20:05 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys

2012-12-09 09:20:05 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys

2012-12-09 09:19:51 956928 ----a-w- C:\Windows\System32\localspl.dll

2012-12-09 09:19:44 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2012-12-09 09:19:44 366592 ----a-w- C:\Windows\System32\qdvd.dll

2012-12-09 09:19:38 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-12-09 09:19:31 59392 ----a-w- C:\Windows\System32\browcli.dll

2012-12-09 09:19:31 41984 ----a-w- C:\Windows\SysWow64\browcli.dll

2012-12-09 09:19:31 136704 ----a-w- C:\Windows\System32\browser.dll

2012-12-09 09:19:24 3216384 ----a-w- C:\Windows\System32\msi.dll

2012-12-09 09:19:24 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

2012-12-09 09:19:15 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll

2012-12-09 09:19:15 1133568 ----a-w- C:\Windows\System32\cdosys.dll

2012-12-09 09:18:50 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys

2012-12-09 09:18:28 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-12-09 09:18:06 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys

2012-12-09 09:18:06 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll

2012-12-09 09:18:06 744448 ----a-w- C:\Windows\System32\WUDFx.dll

2012-12-09 09:18:06 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll

2012-12-09 09:18:06 229888 ----a-w- C:\Windows\System32\WUDFHost.exe

2012-12-09 09:18:06 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys

2012-12-09 09:18:06 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll

2012-12-09 09:17:44 9728 ----a-w- C:\Windows\System32\Wdfres.dll

2012-12-09 09:17:44 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2012-12-09 09:17:44 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys

2012-12-09 09:17:25 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-12-09 09:17:25 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-12-09 09:17:25 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-12-09 09:17:17 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-12-09 09:17:17 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2012-12-09 09:17:17 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-12-09 09:17:17 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-12-09 09:17:17 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-12-09 09:17:17 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-12-09 09:16:53 515584 ----a-w- C:\Windows\System32\timedate.cpl

2012-12-09 09:16:53 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl

2012-12-09 09:16:40 1544704 ----a-w- C:\Windows\System32\DWrite.dll

2012-12-09 09:16:40 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-12-09 09:14:57 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-12-09 09:14:57 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-12-09 09:14:57 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-12-09 09:14:50 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2012-12-09 09:14:37 723456 ----a-w- C:\Windows\System32\EncDec.dll

2012-12-09 09:14:37 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll

2012-12-09 09:14:04 395776 ----a-w- C:\Windows\System32\webio.dll

2012-12-09 09:14:04 314880 ----a-w- C:\Windows\SysWow64\webio.dll

2012-12-03 15:47:14 983936 ----a-w- C:\Windows\System32\nvumdshimx.dll

.

============= FINISH: 8:18:18,43 ===============

Attach

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Windows JG Seven

Boot Device: \Device\HarddiskVolume2

Install Date: 2012-12-31 12:18:34

System Uptime: 2013-03-02 08:04:53 (0 hours ago)

.

Motherboard: ASUSTeK Computer Inc. | | K53SV

Processor: Intel® Core i5-2410M CPU @ 2.30GHz | CPU 1 | 2301/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 181 GiB total, 116,702 GiB free.

D: is FIXED (NTFS) - 98 GiB total, 16,483 GiB free.

E: is FIXED (NTFS) - 0 GiB total, 0,084 GiB free.

F: is FIXED (NTFS) - 420 GiB total, 224,391 GiB free.

G: is CDROM ()

H: is CDROM ()

I: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Description: Bluetooth Module

Device ID: USB\VID_13D3&PID_3304\6&111E7466&0&1

Manufacturer: Atheros Communications

Name: Bluetooth Module

PNP Device ID: USB\VID_13D3&PID_3304\6&111E7466&0&1

Service: BTHUSB

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Shockwave Player 11.6

Ashampoo Burning Studio 2012 v10.0.15

ASUS Power4Gear Hybrid

Atheros WLAN and Bluetooth Client Installation Program

ATK Package

µTorrent

Bluetooth Win7 Suite (64)

Combined Community Codec Pack 2011-11-11

Cyberfox Web Browser

DAEMON Tools Lite

Easy CD-DA Extractor 16

EPSON Scan

ETDWare PS/2-X64 8.0.5.0_WHQL

foobar2000 v1.2.3

Foxit Reader

HashCheck Shell Extension (x86-64)

Intel® Control Center

Intel® Processor Graphics

Intel® Turbo Boost Technology Monitor

IrfanView (remove only)

Java 7 Update 13

Java 7 Update 13 (64-bit)

Java Auto Updater

Metro 2033

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Office Access MUI (Polish) 2010

Microsoft Office Excel MUI (Polish) 2010

Microsoft Office Groove MUI (Polish) 2010

Microsoft Office InfoPath MUI (Polish) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (Polish) 2010

Microsoft Office Outlook MUI (Polish) 2010

Microsoft Office PowerPoint MUI (Polish) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (German) 2010

Microsoft Office Proof (Polish) 2010

Microsoft Office Proofing (Polish) 2010

Microsoft Office Publisher MUI (Polish) 2010

Microsoft Office Shared 32-bit MUI (Polish) 2010

Microsoft Office Shared MUI (Polish) 2010

Microsoft Office Word MUI (Polish) 2010

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106

NapiProjekt (2.1.0.2287)

NetSpeedMonitor 2.5.4.0 x64

Norton Ghost

Nowe Gadu-Gadu

NVIDIA Install Application

NVIDIA Oprogramowanie systemu PhysX 9.12.1031

NVIDIA Optimus 1.11.3

NVIDIA PhysX

NVIDIA Sterownik graficzny 310.70

NVIDIA Update Components

Odinstaluj drukarkę EPSON SX210 Series

Panel sterowania NVIDIA 310.70

PDFCreator

QT Lite 4.1.0

Realtek Ethernet Controller Driver For Windows 7

Realtek High Definition Audio Driver

Realtek USB 2.0 Reader Driver

Skype™ 6.2

SRS Audio Sandbox

Steam

Sunrise Seven 1.2.61

swMSM

VueScan x32

WapSter AQQ

WinRAR 4.20 (64-bit)

Wireless Console 3

Yontoo 2.04

.

==== End Of File ===========================

[Maniac]

Hello chybaty and ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
  

Step 1

Please uninstall the following applications:

µTorrent

Yontoo 2.04

Step 2

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
  
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  
• The tool will open and start scanning your system.
  
• Please be patient as this can take a while to complete depending on your system's specifications.
  
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  
• Post the contents of JRT.txt into your next message.
  

Step 3

• Launch Malwarebytes' Anti-Malware
  
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  
• Go to Scanner tab and select Perform Quick Scan, then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

• Junkware Removal Tool log
  
• Malwarebytes' Anti-Malware log
  
• a new fresh DDS log

[chybaty]

Hi, thank You for fast answer

JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.6.6 (02.27.2013:1)

OS: Windows 7 Ultimate x64

Ran by Mae on 2013-03-02 at 16:40:30,53

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\1clickdownload

Successfully deleted: [Registry Key] hkey_local_machine\software\babylon

Successfully deleted: [Registry Key] hkey_current_user\software\babylontoolbar

Failed to delete: [Registry Key] hkey_current_user\software\datamngr

Failed to delete: [Registry Key] hkey_local_machine\software\datamngr

Failed to delete: [Registry Key] hkey_current_user\software\datamngr_toolbar

Successfully deleted: [Registry Key] hkey_current_user\software\sweetim

Successfully deleted: [Registry Key] hkey_local_machine\software\sweetim

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasapi32

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasmancs

Failed to delete: [Registry Key] hkey_local_machine\software\wow6432node\datamngr

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}

Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"

Successfully deleted: [Folder] "C:\ProgramData\savebyclick"

Successfully deleted: [Folder] "C:\ProgramData\tarma installer"

Successfully deleted: [Folder] "C:\Users\Mae\AppData\Roaming\babylon"

Successfully deleted: [Folder] "C:\Users\Mae\AppData\Roaming\pdfforge"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 2013-03-02 at 16:47:39,33

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

and

Malwarebytes Anti-Malware (Trial) 1.70.0.1100

www.malwarebytes.org

Database version: v2013.03.02.09

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Małe :: MACIEK [administrator]

Protection: Enabled

2013-03-02 16:55:47

mbam-log-2013-03-02 (16-55-47).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 226912

Time elapsed: 28 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

You need anything else?

[chybaty]

oh I forgot

DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.13.2

Run by Małe at 16:58:01 on 2013-03-02

Windows JG Seven 6.1.7601.1.1250.48.1045.18.8104.5175 [GMT 1:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe

C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe

C:\Windows\SysWOW64\srvany.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Intel\TurboBoost\TurboBoost.exe

C:\Windows\KMService.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe

C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Cyberfox\Cyberfox.exe

C:\Program Files\Cyberfox\plugin-container.exe

C:\Program Files\WapSter\WapSter AQQ\AQQ.exe

C:\Windows\system32\AUDIODG.EXE

C:\Program Files (x86)\foobar2000\foobar2000.exe

C:\Windows\explorer.exe

C:\Windows\SysWOW64\notepad.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Users\Małe\Desktop\POBIERANIE\dds.scr

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.pl

mWinlogon: Userinit = userinit.exe

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: IEPluginBHO Class: {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Małe\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll

uRun: [sRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

uPolicies-Explorer: NoResolveTrack = dword:1

uPolicies-Explorer: NoStartMenuMyMusic = dword:1

uPolicies-Explorer: NoSMMyPictures = dword:1

uPolicies-Explorer: HideSCAHealth = dword:1

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoRecentDocsNetHood = dword:1

mPolicies-System: EnableLUA = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:0

mPolicies-System: EnableInstallerDetection = dword:0

mPolicies-System: SynchronousMachineGroupPolicy = dword:0

mPolicies-System: SynchronousUserGroupPolicy = dword:0

mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:0

mPolicies-Explorer: NoResolveTrack = dword:1

mPolicies-Explorer: NoStartMenuMyMusic = dword:1

mPolicies-Explorer: NoSMMyPictures = dword:1

IE: E&ksportuj do programu Microsoft Excel - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{68BE195D-6F63-43EC-9CD3-8BEF85860C0C} : DHCPNameServer = 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

x64-mStart Page = hxxp://www.google.pl

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe"

x64-Run: [AthBtTray] "C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe"

x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe

x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-11-5 32896]

R0 DC3410;DC3410;C:\Windows\System32\drivers\DC3410.sys [2011-11-5 48328]

R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2011-11-5 310064]

R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-12-31 30056]

R0 SscRdBus;Virtual bus device (SuperSpeed LLC);C:\Windows\System32\drivers\SscRdBus.sys [2012-12-9 93488]

R0 xfiltx64;VIA SATA IDE Hot-plug Driver;C:\Windows\System32\drivers\xfiltx64.sys [2011-11-5 26776]

R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-1-19 283200]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [2012-12-31 151552]

R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe [2010-11-25 52896]

R2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-2 398184]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-2 682344]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-16 13832]

R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2010-11-25 28832]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2012-12-31 138024]

R3 GenericMount;Generic Mount Driver;C:\Windows\System32\drivers\GenericMount.sys [2009-9-21 54320]

R3 IntcDAud;Intel® Audio dla ekranów;C:\Windows\System32\drivers\IntcDAud.sys [2012-12-31 317440]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-2 24176]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-12-31 333928]

S3 2310_00;2310_00;C:\Windows\System32\drivers\2310_00.sys [2011-11-5 170528]

S3 ahcix64;ahcix64;C:\Windows\System32\drivers\ahcix64.sys [2011-11-5 264272]

S3 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2011-11-5 226616]

S3 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-11-5 78976]

S3 arcm_a64;arcm_a64;C:\Windows\System32\drivers\arcm_a64.sys [2011-11-5 52768]

S3 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2011-11-5 36448]

S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2010-11-25 36000]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2010-11-25 298144]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2010-11-25 201376]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2010-11-25 55456]

S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2010-11-25 154272]

S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2010-11-25 275616]

S3 DC133;DC133;C:\Windows\System32\drivers\DC133.sys [2011-11-5 39320]

S3 DC150;DC150;C:\Windows\System32\drivers\DC150.sys [2011-11-5 39832]

S3 DC154;DC154;C:\Windows\System32\drivers\DC154.sys [2011-11-5 48136]

S3 DC300e;DC300e;C:\Windows\System32\drivers\DC300e.sys [2011-11-5 40344]

S3 DC324e;DC324e;C:\Windows\System32\drivers\DC324e.sys [2011-11-5 49752]

S3 DC4300;DC4300;C:\Windows\System32\drivers\DC4300.sys [2011-11-5 48360]

S3 DC600e;DC600e;C:\Windows\System32\drivers\DC600e.sys [2011-11-5 40744]

S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]

S3 hptiop;hptiop;C:\Windows\System32\drivers\hptiop.sys [2011-11-5 17440]

S3 hptmv;hptmv;C:\Windows\System32\drivers\hptmv.sys [2011-11-5 93472]

S3 hptmv6;hptmv6;C:\Windows\System32\drivers\hptmv6.sys [2011-11-5 152096]

S3 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2011-11-5 26712]

S3 MegaSR1;MegaSR1;C:\Windows\System32\drivers\MegaSR1.sys [2011-11-5 465488]

S3 mv61xx;mv61xx;C:\Windows\System32\drivers\mv61xx.sys [2011-11-5 181040]

S3 mv91cons;mv91cons;C:\Windows\System32\drivers\mv91cons.sys [2011-11-5 24880]

S3 Pnp680;Pnp680;C:\Windows\System32\drivers\PnP680.sys [2011-11-5 80424]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-6 19456]

S3 rr172x;rr172x;C:\Windows\System32\drivers\rr172x.sys [2011-11-5 124448]

S3 rr174x;rr174x;C:\Windows\System32\drivers\rr174x.sys [2011-11-5 159264]

S3 rr2210;rr2210;C:\Windows\System32\drivers\rr2210.sys [2011-11-5 153632]

S3 rr232x;rr232x;C:\Windows\System32\drivers\rr232x.sys [2011-11-5 152096]

S3 rr2340;rr2340;C:\Windows\System32\drivers\rr2340.sys [2011-11-5 162400]

S3 rr2522;rr2522;C:\Windows\System32\drivers\rr2522.sys [2011-11-5 168032]

S3 rr62x;rr62x;C:\Windows\System32\drivers\rr62x.sys [2011-11-5 155232]

S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2012-12-31 290920]

S3 SI3112r;SI3112r;C:\Windows\System32\drivers\SI3112r.sys [2011-11-5 164656]

S3 SI3114;SI3114;C:\Windows\System32\drivers\SI3114.sys [2011-11-5 99120]

S3 SI3124;SI3124;C:\Windows\System32\drivers\SI3124.sys [2011-11-5 113456]

S3 Si3124r5;Si3124r5;C:\Windows\System32\drivers\Si3124r5.sys [2011-11-5 334640]

S3 Si3531;Si3531;C:\Windows\System32\drivers\Si3531.sys [2011-11-5 333864]

S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]

S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-2-6 29696]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-6 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-2-6 30208]

S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]

S3 viamrx64;viamrx64;C:\Windows\System32\drivers\viamrx64.sys [2011-11-5 161904]

S3 videX64;videX64;C:\Windows\System32\drivers\videX64.sys [2011-11-5 15000]

S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2011-6-27 130384]

S4 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2011-6-27 138576]

S4 GenericMount Helper Service;GenericMount Helper Service;C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [2009-9-21 1571336]

S4 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]

S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-7 161384]

S4 SymSnapService;SymSnapService;C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2009-9-21 2963960]

.

=============== Created Last 30 ================

.

2013-03-02 15:51:08 -------- d-----w- C:\Users\Małe\AppData\Roaming\Malwarebytes

2013-03-02 15:51:01 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-02 15:51:01 -------- d-----w- C:\ProgramData\Malwarebytes

2013-03-02 15:51:01 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-03-02 15:40:25 -------- d-----w- C:\Windows\ERUNT

2013-03-02 15:40:14 -------- d-----w- C:\JRT

2013-03-02 07:18:05 -------- d-----w- C:\Users\Ma?e\AppData\Local\Microsoft

2013-03-01 09:42:58 -------- d-----w- C:\Program Files (x86)\Gophoto.it

2013-03-01 09:42:04 -------- d-----w- C:\Program Files (x86)\TornTV.com

2013-02-24 20:46:55 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-02-24 19:29:32 -------- d-----w- C:\Program Files (x86)\VueScan

2013-02-24 18:17:47 -------- d-----w- C:\Program Files (x86)\epson

2013-02-24 18:10:43 12800 ----a-w- C:\Windows\System32\esxcdev.dll

2013-02-24 18:10:42 459776 ----a-w- C:\Windows\System32\esxwiaud.dll

2013-02-07 07:17:14 103936 ----a-w- C:\Windows\System32\pdfcmon.dll

2013-02-07 07:17:13 -------- d-----w- C:\Program Files (x86)\PDFCreator

2013-02-06 07:05:25 6144 ---ha-w- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll

2013-02-06 07:04:36 750592 ----a-w- C:\Windows\System32\win32spl.dll

2013-02-06 07:04:35 800768 ----a-w- C:\Windows\System32\usp10.dll

2013-02-06 07:04:35 626688 ----a-w- C:\Windows\SysWow64\usp10.dll

2013-02-06 07:04:35 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll

2013-02-06 07:04:35 3149824 ----a-w- C:\Windows\System32\win32k.sys

2013-02-06 07:04:34 68608 ----a-w- C:\Windows\System32\taskhost.exe

2013-02-06 07:04:34 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2013-02-06 07:04:34 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2013-02-06 06:56:09 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

.

==================== Find3M ====================

.

2013-02-24 20:46:53 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-02-24 20:46:53 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-02-24 20:46:39 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-02-24 20:46:39 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-02-06 06:56:07 963488 ----a-w- C:\Windows\System32\deployJava1.dll

2013-02-06 06:56:07 1085344 ----a-w- C:\Windows\System32\npDeployJava1.dll

2013-01-23 01:55:29 44544 ----a-w- C:\Windows\System32\themeservice.dll

2013-01-23 01:55:29 332288 ----a-w- C:\Windows\System32\uxtheme.dll

2013-01-23 01:55:29 2851328 ----a-w- C:\Windows\System32\themeui.dll

2013-01-19 06:27:21 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys

2013-01-18 03:18:10 564824 ----a-w- C:\Windows\System32\drivers\sptd.sys

2013-01-09 13:52:36 1070152 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX

2012-12-31 16:44:43 3331584 ----a-w- C:\Windows\explorer.exe

2012-12-31 15:55:11 8192 ----a-w- C:\Windows\SysWow64\srvany.exe

2012-12-31 15:55:11 151552 ----a-w- C:\Windows\KMService.exe

2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll

2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll

2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2012-12-14 21:32:14 1608 ----a-w- C:\Windows\System32\RTSLCS.dll

2012-12-09 09:23:15 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll

2012-12-09 09:23:15 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll

2012-12-09 09:23:15 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll

2012-12-09 09:23:15 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll

2012-12-09 09:23:05 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll

2012-12-09 09:23:05 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2012-12-09 09:23:05 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2012-12-09 09:21:59 574464 ----a-w- C:\Windows\System32\d3d10level9.dll

2012-12-09 09:21:59 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll

2012-12-09 09:21:52 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2012-12-09 09:21:39 376688 ----a-w- C:\Windows\System32\drivers\netio.sys

2012-12-09 09:21:39 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2012-12-09 09:21:32 43008 ----a-w- C:\Windows\SysWow64\srclient.dll

2012-12-09 09:21:24 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys

2012-12-09 09:21:17 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe

2012-12-09 09:20:31 95744 ----a-w- C:\Windows\System32\synceng.dll

2012-12-09 09:20:31 78336 ----a-w- C:\Windows\SysWow64\synceng.dll

2012-12-09 09:20:24 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-12-09 09:20:24 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-12-09 09:20:14 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll

2012-12-09 09:20:14 2048 ----a-w- C:\Windows\System32\msxml3r.dll

2012-12-09 09:20:05 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys

2012-12-09 09:20:05 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys

2012-12-09 09:19:51 956928 ----a-w- C:\Windows\System32\localspl.dll

2012-12-09 09:19:44 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2012-12-09 09:19:44 366592 ----a-w- C:\Windows\System32\qdvd.dll

2012-12-09 09:19:38 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-12-09 09:19:31 59392 ----a-w- C:\Windows\System32\browcli.dll

2012-12-09 09:19:31 41984 ----a-w- C:\Windows\SysWow64\browcli.dll

2012-12-09 09:19:31 136704 ----a-w- C:\Windows\System32\browser.dll

2012-12-09 09:19:24 3216384 ----a-w- C:\Windows\System32\msi.dll

2012-12-09 09:19:24 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

2012-12-09 09:19:15 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll

2012-12-09 09:19:15 1133568 ----a-w- C:\Windows\System32\cdosys.dll

2012-12-09 09:18:50 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys

2012-12-09 09:18:28 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-12-09 09:18:06 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys

2012-12-09 09:18:06 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll

2012-12-09 09:18:06 744448 ----a-w- C:\Windows\System32\WUDFx.dll

2012-12-09 09:18:06 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll

2012-12-09 09:18:06 229888 ----a-w- C:\Windows\System32\WUDFHost.exe

2012-12-09 09:18:06 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys

2012-12-09 09:18:06 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll

2012-12-09 09:17:44 9728 ----a-w- C:\Windows\System32\Wdfres.dll

2012-12-09 09:17:44 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2012-12-09 09:17:44 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys

2012-12-09 09:17:25 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-12-09 09:17:25 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-12-09 09:17:25 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-12-09 09:17:17 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-12-09 09:17:17 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2012-12-09 09:17:17 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-12-09 09:17:17 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-12-09 09:17:17 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-12-09 09:17:17 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-12-09 09:16:53 515584 ----a-w- C:\Windows\System32\timedate.cpl

2012-12-09 09:16:53 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl

2012-12-09 09:16:40 1544704 ----a-w- C:\Windows\System32\DWrite.dll

2012-12-09 09:16:40 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-12-09 09:14:57 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-12-09 09:14:57 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-12-09 09:14:57 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-12-09 09:14:50 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2012-12-09 09:14:37 723456 ----a-w- C:\Windows\System32\EncDec.dll

2012-12-09 09:14:37 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll

2012-12-09 09:14:04 395776 ----a-w- C:\Windows\System32\webio.dll

2012-12-09 09:14:04 314880 ----a-w- C:\Windows\SysWow64\webio.dll

2012-12-03 15:47:14 983936 ----a-w- C:\Windows\System32\nvumdshimx.dll

.

============= FINISH: 16:58:10,02 ===============

Attach

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Windows JG Seven

Boot Device: \Device\HarddiskVolume2

Install Date: 2012-12-31 12:18:34

System Uptime: 2013-03-02 08:04:53 (8 hours ago)

.

Motherboard: ASUSTeK Computer Inc. | | K53SV

Processor: Intel® Core i5-2410M CPU @ 2.30GHz | CPU 1 | 2301/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 181 GiB total, 121,418 GiB free.

D: is FIXED (NTFS) - 98 GiB total, 16,483 GiB free.

E: is FIXED (NTFS) - 0 GiB total, 0,084 GiB free.

F: is FIXED (NTFS) - 420 GiB total, 224,391 GiB free.

G: is CDROM ()

H: is CDROM ()

I: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Description: Bluetooth Module

Device ID: USB\VID_13D3&PID_3304\6&111E7466&0&1

Manufacturer: Atheros Communications

Name: Bluetooth Module

PNP Device ID: USB\VID_13D3&PID_3304\6&111E7466&0&1

Service: BTHUSB

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Shockwave Player 11.6

Ashampoo Burning Studio 2012 v10.0.15

ASUS Power4Gear Hybrid

Atheros WLAN and Bluetooth Client Installation Program

ATK Package

Bluetooth Win7 Suite (64)

Combined Community Codec Pack 2011-11-11

Cyberfox Web Browser

DAEMON Tools Lite

Easy CD-DA Extractor 16

EPSON Scan

ETDWare PS/2-X64 8.0.5.0_WHQL

foobar2000 v1.2.3

Foxit Reader

HashCheck Shell Extension (x86-64)

Intel® Control Center

Intel® Processor Graphics

Intel® Turbo Boost Technology Monitor

IrfanView (remove only)

Java 7 Update 13

Java 7 Update 13 (64-bit)

Java Auto Updater

Malwarebytes Anti-Malware wersja 1.70.0.1100

Metro 2033

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Office Access MUI (Polish) 2010

Microsoft Office Excel MUI (Polish) 2010

Microsoft Office Groove MUI (Polish) 2010

Microsoft Office InfoPath MUI (Polish) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (Polish) 2010

Microsoft Office Outlook MUI (Polish) 2010

Microsoft Office PowerPoint MUI (Polish) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (German) 2010

Microsoft Office Proof (Polish) 2010

Microsoft Office Proofing (Polish) 2010

Microsoft Office Publisher MUI (Polish) 2010

Microsoft Office Shared 32-bit MUI (Polish) 2010

Microsoft Office Shared MUI (Polish) 2010

Microsoft Office Word MUI (Polish) 2010

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106

NapiProjekt (2.1.0.2287)

NetSpeedMonitor 2.5.4.0 x64

Norton Ghost

Nowe Gadu-Gadu

NVIDIA Install Application

NVIDIA Oprogramowanie systemu PhysX 9.12.1031

NVIDIA Optimus 1.11.3

NVIDIA PhysX

NVIDIA Sterownik graficzny 310.70

NVIDIA Update Components

Odinstaluj drukarkę EPSON SX210 Series

Panel sterowania NVIDIA 310.70

PDFCreator

QT Lite 4.1.0

Realtek Ethernet Controller Driver For Windows 7

Realtek High Definition Audio Driver

Realtek USB 2.0 Reader Driver

Skype™ 6.2

SRS Audio Sandbox

Steam

Sunrise Seven 1.2.61

swMSM

VueScan x32

WapSter AQQ

WinRAR 4.20 (64-bit)

Wireless Console 3

.

==== End Of File ===========================

[Maniac]

How are things now?

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!