OTL logfile created on: 2012-02-26 08:56:36 - Run 2 OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Soob\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,93 Gb Total Physical Memory | 2,48 Gb Available Physical Memory | 63,17% Memory free 7,86 Gb Paging File | 6,39 Gb Available in Paging File | 81,31% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 58,50 Gb Total Space | 16,67 Gb Free Space | 28,50% Space Free | Partition Type: NTFS Drive D: | 407,17 Gb Total Space | 307,21 Gb Free Space | 75,45% Space Free | Partition Type: NTFS Computer Name: SOOB-PC | User Name: Soob | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-02-26 08:54:54 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Soob\Desktop\OTL.exe PRC - [2012-02-23 17:23:24 | 004,031,368 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-02-23 17:23:21 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-02-17 23:13:32 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012-01-03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-07-11 22:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2010-10-27 20:21:54 | 001,155,072 | ---- | M] (Last.fm) -- C:\Program Files (x86)\Last.fm\LastFM.exe PRC - [2010-02-04 00:27:55 | 000,672,424 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe PRC - [2009-08-06 06:51:20 | 000,065,536 | R--- | M] () -- C:\Windows\SysWOW64\XSrvSetup.exe PRC - [2009-08-04 16:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe PRC - [2009-08-04 16:29:52 | 000,346,320 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe PRC - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-02-17 23:13:32 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012-01-27 17:37:37 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll MOD - [2010-10-27 20:23:04 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Last.fm\srv_rtaudioplayback.dll MOD - [2010-10-27 20:22:52 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Last.fm\ext_messengernotify.dll MOD - [2010-10-27 20:22:42 | 000,058,880 | ---- | M] () -- C:\Program Files (x86)\Last.fm\ext_skypenotify.dll MOD - [2010-10-27 20:22:08 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Last.fm\srv_madtranscode.dll MOD - [2010-10-27 20:22:00 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Last.fm\srv_httpinput.dll MOD - [2010-10-27 20:19:28 | 000,372,736 | ---- | M] () -- C:\Program Files (x86)\Last.fm\LastFmFingerprint1.dll MOD - [2010-10-27 20:19:06 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Last.fm\breakpad.dll MOD - [2010-10-27 20:18:50 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Last.fm\Moose1.dll MOD - [2010-10-27 20:18:34 | 000,540,672 | ---- | M] () -- C:\Program Files (x86)\Last.fm\LastFmTools1.dll MOD - [2010-10-27 20:13:52 | 001,382,507 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libfftw3f-3.dll MOD - [2010-10-27 20:13:52 | 000,074,240 | ---- | M] () -- C:\Program Files (x86)\Last.fm\zlibwapi.dll MOD - [2010-02-04 00:27:55 | 000,672,424 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe MOD - [2010-02-04 00:05:09 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcaps.dll MOD - [2010-02-04 00:04:53 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxscw.dll MOD - [2010-02-04 00:04:52 | 000,782,336 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxdrs.dll MOD - [2010-02-03 23:52:39 | 000,589,824 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxdatr.dll MOD - [2010-02-03 23:52:33 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcnv4.dll MOD - [2010-02-03 23:52:28 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcats.dll MOD - [2009-07-30 17:15:32 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll MOD - [2008-04-16 16:42:30 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtNetwork4.dll MOD - [2008-04-16 16:42:16 | 000,524,288 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtSql4.dll MOD - [2008-04-16 16:42:02 | 006,701,056 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtGui4.dll MOD - [2008-04-16 16:36:38 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtXml4.dll MOD - [2008-04-16 16:36:34 | 001,654,784 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtCore4.dll MOD - [2008-04-02 13:26:50 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\Last.fm\imageformats\qmng4.dll MOD - [2008-04-02 13:26:34 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Last.fm\imageformats\qgif4.dll MOD - [2008-04-02 13:26:28 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Last.fm\imageformats\qjpeg4.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-02-23 17:23:21 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2010-02-03 23:44:10 | 001,039,872 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdxcoms.exe -- (lxdx_device) SRV:[b]64bit:[/b] - [2009-11-04 16:45:14 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-10-16 17:00:54 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdxserv.exe -- (lxdxCATSCustConnectService) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-01-30 00:50:00 | 004,676,512 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2012-01-03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-09-08 18:08:40 | 002,932,224 | ---- | M] (PACE Anti-Piracy, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe -- (PaceLicenseDServices) SRV - [2011-07-06 04:30:00 | 002,304,912 | ---- | M] (WIBU-SYSTEMS AG) [Disabled | Stopped] -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-02-03 23:43:56 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxdxcoms.exe -- (lxdx_device) SRV - [2009-08-06 06:51:20 | 000,065,536 | R--- | M] () [Auto | Running] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X) SRV - [2009-08-04 16:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-02-23 17:12:43 | 000,817,496 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2012-02-23 17:12:42 | 000,335,704 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2012-02-23 17:11:04 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2012-02-23 17:10:43 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2012-02-23 17:10:38 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2012-02-23 17:10:19 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b]64bit:[/b] - [2011-11-11 19:13:03 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2011-10-14 03:41:42 | 000,023,344 | ---- | M] (Avid Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\diginet.sys -- (DigiNet) DRV:[b]64bit:[/b] - [2011-06-28 17:04:40 | 000,105,592 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-12-02 09:36:42 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-20 11:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST) DRV:[b]64bit:[/b] - [2010-09-28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2010-08-19 05:39:21 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:[b]64bit:[/b] - [2010-08-19 05:39:21 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:[b]64bit:[/b] - [2010-08-19 05:37:02 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri) DRV:[b]64bit:[/b] - [2010-03-01 09:35:20 | 000,020,520 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger) DRV:[b]64bit:[/b] - [2009-11-27 10:45:06 | 000,295,424 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-11-04 17:17:30 | 006,088,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009-10-29 09:14:38 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:[b]64bit:[/b] - [2009-09-30 15:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2009-02-24 17:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus) DRV:[b]64bit:[/b] - [2008-12-26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-268685592-1164845389-3330084532-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com IE - HKU\S-1-5-21-268685592-1164845389-3330084532-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = IE - HKU\S-1-5-21-268685592-1164845389-3330084532-1000\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - No CLSID value found IE - HKU\S-1-5-21-268685592-1164845389-3330084532-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) IE - HKU\S-1-5-21-268685592-1164845389-3330084532-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-268685592-1164845389-3330084532-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Wyszukiwanie filmĂłw wideo w YouTube" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp435@crossrider.com: C:\ProgramData\CodecCheck\firefox [2011-11-05 16:20:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-02-26 06:10:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-02-17 23:13:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-01-21 15:22:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-01-14 18:38:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Soob\AppData\Roaming\mozilla\Extensions [2012-02-03 17:18:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Soob\AppData\Roaming\mozilla\Firefox\Profiles\qemfg7qb.default\extensions [2012-01-14 23:30:40 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Soob\AppData\Roaming\mozilla\Firefox\Profiles\qemfg7qb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-01-14 21:09:09 | 000,001,597 | ---- | M] () -- C:\Users\Soob\AppData\Roaming\Mozilla\Firefox\Profiles\qemfg7qb.default\searchplugins\the-pirate-bay.xml [2012-01-15 20:37:15 | 000,001,330 | ---- | M] () -- C:\Users\Soob\AppData\Roaming\Mozilla\Firefox\Profiles\qemfg7qb.default\searchplugins\wikipedia-en.xml [2012-01-14 18:59:30 | 000,002,075 | ---- | M] () -- C:\Users\Soob\AppData\Roaming\Mozilla\Firefox\Profiles\qemfg7qb.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml [2012-01-14 18:38:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions () (No name found) -- C:\USERS\SOOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QEMFG7QB.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\SOOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QEMFG7QB.DEFAULT\EXTENSIONS\GMAILWATCHER@SONTHAKIT.XPI [2012-02-17 23:13:33 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011-10-03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011-07-11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-12-21 06:04:32 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2011-12-21 06:04:32 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2011-12-21 06:04:32 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011-12-21 06:04:32 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2011-12-21 06:04:32 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-12-21 06:04:32 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Soob\AppData\Local\Google\Chrome\Application\17.0.963.46\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Soob\AppData\Local\Google\Chrome\Application\17.0.963.46\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Soob\AppData\Local\Google\Chrome\Application\17.0.963.46\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: OnLive Game Client Detector (Enabled) = C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\Soob\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\Soob\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Szukaj w Google = C:\Users\Soob\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: Gmail = C:\Users\Soob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2011-01-28 22:25:29 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [lxdxmon.exe] C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe () O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-21-268685592-1164845389-3330084532-1000..\Run: [AQQ] C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data] O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data] O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-268685592-1164845389-3330084532-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-268685592-1164845389-3330084532-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-268685592-1164845389-3330084532-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:[b]64bit:[/b] - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A61BD11-6B6C-44B8-8B13-060FEB2B82A2}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-02-26 08:53:50 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Soob\Desktop\OTL.exe [2012-02-26 06:10:14 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2012-02-23 04:56:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ffmpeg For Audacity [2012-02-23 04:47:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity [2012-02-23 04:42:41 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Roaming\Audacity [2012-02-23 04:42:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode) [2012-02-22 04:07:06 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\{C7ACBE42-7B3F-41CB-9436-898518C62A33} [2012-02-22 04:06:34 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\{59542CEC-049B-4151-B0FB-B9A4E44CE8A5} [2012-02-22 03:25:20 | 000,000,000 | ---D | C] -- C:\Users\Soob\Desktop\H.N.I.C. 3 Mixtape MP3's [2012-02-22 00:48:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Native Instruments [2012-02-20 17:38:34 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\{6C6164C4-F0D2-4C8A-9F12-67A414DB813E} [2012-02-20 17:38:23 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\{1B6D5E59-3829-4E45-92D7-460A802C42EC} [2012-02-18 20:57:38 | 000,000,000 | ---D | C] -- C:\Users\Soob\Desktop\NYC UNDERGROUND 90s [2012-02-15 18:30:38 | 000,000,000 | ---D | C] -- C:\Users\Soob\Desktop\JUGGAKNOTS - use your confusion [2012-02-15 11:28:07 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012-02-15 11:28:06 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012-02-15 11:28:03 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012-02-15 11:28:03 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012-02-15 11:28:03 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012-02-15 11:28:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012-02-15 11:28:01 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012-02-15 11:28:00 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012-02-15 11:28:00 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012-02-15 11:28:00 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012-02-15 11:27:59 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012-02-15 10:02:16 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2012-02-15 10:02:14 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2012-02-15 10:02:10 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2012-02-15 10:01:59 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2012-02-15 00:34:37 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\{F6F9B49B-5F15-4F99-B17E-BE6417D9E04C} [2012-02-15 00:33:53 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\{8D1C374D-0AA6-4E4B-9368-D9CBF607248C} [2012-02-14 20:20:11 | 000,000,000 | ---D | C] -- C:\Users\Soob\Desktop\Free Demo Projects [2012-02-14 14:04:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IK Multimedia [2012-02-13 17:29:10 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rozliczenie Roczne Rzeczpospolitej 2011 [2012-02-13 17:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rozliczenie Roczne Rzeczpospolitej 2011 [2012-02-13 17:29:00 | 000,000,000 | ---D | C] -- C:\Rozliczenie Roczne 2011 [2012-02-10 01:35:33 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment [2012-02-10 01:35:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment [2012-02-09 14:14:00 | 004,676,512 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des [2012-02-09 14:13:10 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys [2012-02-09 14:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared [2012-02-09 14:10:45 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\Chromium [2012-02-09 14:09:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Overwolf [2012-02-09 14:05:39 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\Overwolf [2012-02-08 22:50:13 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2012-02-06 22:09:43 | 000,000,000 | ---D | C] -- C:\Users\Soob\Documents\OnLive App [2012-02-06 22:09:08 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Roaming\OnLive App [2012-02-06 15:13:20 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Roaming\ts3overlay [2012-02-06 00:23:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012-02-05 22:30:30 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler [2012-02-04 13:03:49 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\{157CB591-A311-4525-A30B-FDAE02A9C411} [2012-02-04 13:03:38 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\{FB117071-BDAC-4EBA-8B5F-1FF15FE45EC2} [2012-02-02 21:40:48 | 000,000,000 | ---D | C] -- C:\Users\Soob\Documents\Native Instruments [2012-02-02 21:40:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD} [2012-02-02 21:39:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C78336EC-F2EB-4640-99A4-DFE96581B90B} [2012-02-02 21:39:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments [2012-02-02 21:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\Native Instruments [2012-01-31 21:26:18 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\{45BCDBA3-9A37-45DB-8394-849B5F734EC1} [2012-01-31 21:26:06 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\{55C3FF9D-ABE7-4C06-AF3F-761F115D65A1} [2012-01-31 13:52:05 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012-01-31 13:52:05 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012-01-31 13:52:04 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012-01-31 13:52:04 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012-01-31 13:52:04 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012-01-31 13:52:04 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012-01-30 15:07:45 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\{36B07FF9-B828-4F85-85E0-DFA3963FB7BA} [2012-01-30 15:07:32 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\{C617F949-25B4-4BFF-8E91-1791A49BD862} [2012-01-29 17:41:25 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HQ Software Synthesizer [2012-01-29 17:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HQ Software Synthesizer [2012-01-29 09:09:59 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\{0C16C227-B9CC-49E8-8653-405A0EFEF62B} [2012-01-29 09:09:35 | 000,000,000 | ---D | C] -- C:\Users\Soob\AppData\Local\{2989E96E-BF5D-4068-AF45-015EFC8BE34E} [2012-01-29 09:08:20 | 000,000,000 | ---D | C] -- C:\Users\Soob\Documents\gegl-0.0 [2012-01-29 08:48:32 | 000,000,000 | ---D | C] -- C:\Users\Soob\Documents\The KMPlayer [2012-01-27 17:33:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2010-10-30 19:42:23 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Soob\AppData\Roaming\pcouffin.sys [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-02-26 08:54:54 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Soob\Desktop\OTL.exe [2012-02-26 08:54:41 | 000,014,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-02-26 08:54:41 | 000,014,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-02-26 08:47:36 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2012-02-26 08:47:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-02-26 06:10:14 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012-02-25 22:08:49 | 050,170,680 | ---- | M] () -- C:\Users\Soob\Desktop\RZA - The Cure (2004).rar [2012-02-25 21:48:45 | 056,671,498 | ---- | M] () -- C:\Users\Soob\Desktop\Operation Doomsday.zip [2012-02-25 18:56:46 | 000,003,280 | ---- | M] () -- C:\bootsqm.dat [2012-02-25 10:53:28 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job [2012-02-25 08:34:08 | 013,393,964 | ---- | M] () -- C:\Users\Soob\Desktop\cracker jack sample.wav [2012-02-24 20:58:13 | 000,015,927 | ---- | M] () -- C:\Users\Soob\.recently-used.xbel [2012-02-24 04:21:15 | 101,110,133 | ---- | M] () -- C:\Users\Soob\Desktop\1987 - tutu.rar [2012-02-24 02:55:12 | 000,107,115 | ---- | M] () -- C:\Users\Soob\Desktop\wublock.jpg [2012-02-23 17:23:26 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2012-02-23 17:23:21 | 000,201,352 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012-02-23 17:23:10 | 000,258,520 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012-02-23 17:12:43 | 000,817,496 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012-02-23 17:12:42 | 000,335,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012-02-23 17:11:04 | 000,053,080 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2012-02-23 17:10:43 | 000,059,224 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012-02-23 17:10:38 | 000,069,976 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012-02-23 17:10:19 | 000,024,408 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012-02-15 13:37:59 | 005,068,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-02-15 11:32:51 | 001,497,450 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-02-15 11:32:51 | 000,671,572 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-02-15 11:32:51 | 000,591,490 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-02-15 11:32:51 | 000,124,564 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-02-15 11:32:51 | 000,097,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-02-15 00:30:39 | 008,848,282 | ---- | M] () -- C:\Users\Soob\Desktop\05. Les McCann & Eddie Harris - The Generation Gap.mp3 [2012-02-14 14:31:24 | 000,000,016 | ---- | M] () -- C:\Windows\SysWow64\w3data.vss [2012-02-14 14:31:24 | 000,000,016 | ---- | M] () -- C:\Windows\SysWow64\msvcsv60.dll [2012-02-14 14:31:24 | 000,000,016 | ---- | M] () -- C:\Windows\msocreg32.dat [2012-02-13 17:29:10 | 000,000,680 | ---- | M] () -- C:\Users\Soob\Desktop\Rozliczenie Roczne Rzeczpospolitej 2011.lnk [2012-02-02 23:10:48 | 080,337,991 | ---- | M] () -- C:\Users\Soob\Desktop\Twin Perils - Word Supremacy [2010].rar [2012-01-30 00:50:00 | 004,676,512 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des [2012-01-27 17:37:37 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-02-25 21:56:32 | 050,170,680 | ---- | C] () -- C:\Users\Soob\Desktop\RZA - The Cure (2004).rar [2012-02-25 21:33:24 | 056,671,498 | ---- | C] () -- C:\Users\Soob\Desktop\Operation Doomsday.zip [2012-02-25 18:56:46 | 000,003,280 | ---- | C] () -- C:\bootsqm.dat [2012-02-25 08:32:39 | 013,393,964 | ---- | C] () -- C:\Users\Soob\Desktop\cracker jack sample.wav [2012-02-24 20:58:13 | 000,015,927 | ---- | C] () -- C:\Users\Soob\.recently-used.xbel [2012-02-24 04:13:04 | 101,110,133 | ---- | C] () -- C:\Users\Soob\Desktop\1987 - tutu.rar [2012-02-24 02:55:12 | 000,107,115 | ---- | C] () -- C:\Users\Soob\Desktop\wublock.jpg [2012-02-23 04:42:19 | 000,001,116 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk [2012-02-15 00:30:32 | 008,848,282 | ---- | C] () -- C:\Users\Soob\Desktop\05. Les McCann & Eddie Harris - The Generation Gap.mp3 [2012-02-14 13:42:14 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\w3data.vss [2012-02-14 13:42:14 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll [2012-02-14 13:42:14 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat [2012-02-13 17:29:10 | 000,000,680 | ---- | C] () -- C:\Users\Soob\Desktop\Rozliczenie Roczne Rzeczpospolitej 2011.lnk [2012-02-09 14:13:10 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd [2012-02-02 23:02:28 | 080,337,991 | ---- | C] () -- C:\Users\Soob\Desktop\Twin Perils - Word Supremacy [2010].rar [2011-08-18 18:47:16 | 000,000,071 | ---- | C] () -- C:\Windows\Audiocut.ini [2011-08-18 18:46:25 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\SySCut.dat [2011-08-17 12:56:12 | 000,003,584 | ---- | C] () -- C:\Users\Soob\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-08-01 14:37:57 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll [2011-07-27 23:11:50 | 001,105,920 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxserv.dll [2011-07-27 23:11:50 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcomc.dll [2011-07-27 23:11:50 | 000,843,776 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxusb1.dll [2011-07-27 23:11:50 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxhbn3.dll [2011-07-27 23:11:50 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxpmui.dll [2011-07-27 23:11:50 | 000,589,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcoms.exe [2011-07-27 23:11:50 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxlmpm.dll [2011-07-27 23:11:50 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcomm.dll [2011-07-27 23:11:50 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxinpa.dll [2011-07-27 23:11:50 | 000,360,448 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcfg.exe [2011-07-27 23:11:50 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\LXDXinst.dll [2011-07-27 23:11:50 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxiesc.dll [2011-07-27 23:11:50 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxdxcomx.dll [2011-07-27 23:11:50 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxih.exe [2011-07-27 23:11:50 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxprox.dll [2011-05-05 01:02:44 | 000,000,050 | ---- | C] () -- C:\Windows\SysWow64\winitn.dll [2011-05-05 01:02:41 | 000,051,712 | ---- | C] () -- C:\Windows\SysWow64\coodest.dll [2011-03-08 01:14:42 | 000,005,420 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-03-08 00:06:12 | 000,000,625 | ---- | C] () -- C:\Windows\mp3wavcon.ini [2011-03-08 00:05:15 | 000,000,005 | ---- | C] () -- C:\Windows\SysWow64\SySmp3con.dat [2011-02-08 18:42:31 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2011-02-03 00:48:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxdxcaps.dll [2011-02-03 00:48:31 | 000,782,336 | ---- | C] () -- C:\Windows\SysWow64\lxdxdrs.dll [2011-01-17 17:32:53 | 000,000,122 | ---- | C] () -- C:\Windows\msmmdx9.ini [2010-11-15 17:27:06 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010-11-15 17:27:06 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010-10-30 19:42:23 | 000,007,859 | ---- | C] () -- C:\Users\Soob\AppData\Roaming\pcouffin.cat [2010-10-30 19:42:23 | 000,001,167 | ---- | C] () -- C:\Users\Soob\AppData\Roaming\pcouffin.inf [2010-10-30 19:29:52 | 000,000,216 | ---- | C] () -- C:\Windows\Ulead32.ini [2010-10-30 11:32:34 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxdxcnv4.dll [2010-10-16 11:41:54 | 000,000,367 | ---- | C] () -- C:\Windows\wininit.ini [2010-10-04 14:33:34 | 000,000,028 | ---- | C] () -- C:\Windows\Robota.INI [2010-10-04 14:32:52 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll [2010-10-04 14:32:17 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2010-10-04 14:32:05 | 000,006,211 | ---- | C] () -- C:\Windows\mgxoschk.ini [2010-07-25 19:49:50 | 000,007,609 | ---- | C] () -- C:\Users\Soob\AppData\Local\resmon.resmoncfg [2010-07-22 18:11:51 | 000,000,018 | ---- | C] () -- C:\Windows\avi2divx.INI [2010-07-17 19:21:39 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010-07-17 16:02:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010-07-17 15:23:14 | 000,065,536 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe [2010-07-17 14:50:15 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [color=#E56717]========== LOP Check ==========[/color] [2011-12-12 21:16:22 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Able Apples [2011-12-27 20:37:16 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Ableton [2011-08-27 17:36:25 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Artisteer [2012-02-26 01:02:01 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Audacity [2010-08-14 00:08:47 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\BinarySense [2011-05-28 05:46:01 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\BitDefender [2010-08-17 04:13:22 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\ChemTable Software [2011-11-12 05:03:34 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\DAEMON Tools Lite [2010-09-01 20:08:59 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\DDevExtensions [2010-08-21 13:52:27 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\DesktopPlayer [2011-08-22 08:10:03 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Dropbox [2010-11-06 23:35:35 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\DVDVideoSoftIEHelpers [2011-11-18 20:36:16 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\EurekaLog [2011-07-22 10:59:16 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\fltk.org [2010-11-13 04:49:51 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\GetRightToGo [2010-09-01 20:08:59 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\GExperts [2010-11-09 00:55:53 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\GHISLER [2012-02-24 20:58:13 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\gtk-2.0 [2010-07-18 05:06:15 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\ImgBurn [2010-12-24 21:24:04 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\ImTOO [2012-01-26 21:59:03 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\ipla [2011-04-30 19:22:32 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Leadertech [2011-12-23 21:28:11 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Line 6 [2010-10-04 14:33:26 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\MAGIX [2012-02-25 21:13:27 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Mp3tag [2011-12-13 14:37:32 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Music Label [2010-08-29 11:09:08 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\NetMedia Providers [2010-12-03 17:04:02 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Notepad++ [2012-02-09 17:30:07 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\OnLive App [2011-08-01 14:49:32 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\PACE Anti-Piracy [2010-10-09 11:21:03 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Panda Security [2011-12-23 21:28:37 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Propellerhead Software [2010-08-29 11:09:08 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Publish Providers [2011-01-02 01:23:49 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\RDRM [2010-08-27 13:08:42 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Renoise [2011-08-10 18:39:23 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Sony [2011-08-01 14:43:51 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Structure [2010-10-09 11:20:47 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\SurfSecret Privacy Suite [2011-05-24 17:35:28 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\SynthMaker [2011-08-01 14:54:28 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\Trillium Lane [2012-02-06 15:13:20 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\ts3overlay [2011-07-01 17:02:47 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\TuneUp Software [2012-02-21 18:04:33 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\uTorrent [2010-10-30 19:42:23 | 000,000,000 | ---D | M] -- C:\Users\Soob\AppData\Roaming\VSO [2012-02-25 10:53:28 | 000,000,400 | ---- | M] () -- C:\Windows\Tasks\1-Click Maintenance.job [2012-02-25 19:53:51 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 412 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84 @Alternate Data Stream - 1134 bytes -> C:\ProgramData\Microsoft:x9GEIeKQGjb8FnCpN8QiFV36n @Alternate Data Stream - 1131 bytes -> C:\ProgramData\Microsoft:BZ8iQDdO4iie60CEN2 @Alternate Data Stream - 1121 bytes -> C:\ProgramData\Microsoft:FvbfAcP2iPtnYknbJZpYFbk @Alternate Data Stream - 1101 bytes -> C:\ProgramData\Microsoft:bYWE7xSEFod8Ng76eJGCqfS @Alternate Data Stream - 1095 bytes -> C:\Users\Soob\AppData\Local\Temp:caJ1XnumGQ2Yr0RFfIOLNw @Alternate Data Stream - 1061 bytes -> C:\ProgramData\Microsoft:XCG6iD1u9p60xS3RLGIYUo @Alternate Data Stream - 1046 bytes -> C:\Program Files (x86)\Common Files\microsoft shared:xQ28e7NlKCFpKThY @Alternate Data Stream - 1008 bytes -> C:\ProgramData\Microsoft:57CslVLyZX48LAmgQR45dvqd < End of report >