OTL logfile created on: 7/6/2012 5:41:18 PM - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Gość.KomputerPC\Downloads Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1015.24 Mb Total Physical Memory | 139.45 Mb Available Physical Memory | 13.74% Memory free 1.99 Gb Paging File | 0.52 Gb Available in Paging File | 26.33% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 80.00 Gb Total Space | 19.72 Gb Free Space | 24.66% Space Free | Partition Type: NTFS Drive D: | 59.03 Gb Total Space | 28.15 Gb Free Space | 47.69% Space Free | Partition Type: NTFS Drive E: | 647.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: KOMPUTERPC | User Name: Komputer | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/07/06 17:40:40 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Gość.KomputerPC\Downloads\OTL (2).exe PRC - [2012/05/05 23:05:23 | 000,351,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe PRC - [2012/03/22 20:08:51 | 000,246,112 | ---- | M] () -- C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe PRC - [2012/01/18 15:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe PRC - [2011/10/25 16:59:16 | 000,244,960 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe PRC - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE PRC - [2011/08/01 15:35:42 | 000,114,992 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe PRC - [2011/06/24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011/03/14 17:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009/11/26 11:08:07 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2009/10/17 07:43:28 | 001,021,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe PRC - [2009/10/14 04:34:34 | 000,628,016 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Security\VizorHtmlDialog.exe PRC - [2009/10/14 03:19:46 | 000,116,008 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe PRC - [2009/10/14 02:33:28 | 000,155,048 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe PRC - [2009/10/14 02:33:28 | 000,142,688 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe PRC - [2009/09/25 21:04:10 | 000,115,888 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\SystemSetting\WallPaperAgent.exe PRC - [2009/09/25 14:02:26 | 000,402,608 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe PRC - [2009/09/14 17:05:56 | 000,044,312 | ---- | M] () -- C:\Program Files\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe PRC - [2009/09/11 21:41:02 | 000,100,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe PRC - [2009/08/28 01:38:28 | 000,803,304 | ---- | M] () -- C:\Program Files\ASUS\LiveUpdate\LiveUpdate.exe PRC - [2009/08/19 03:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe PRC - [2009/07/20 11:47:14 | 000,083,240 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2010/09/02 13:08:00 | 000,118,784 | ---- | M] () -- C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt.dll MOD - [2009/09/25 14:02:26 | 000,402,608 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp) SRV - [2012/06/23 14:05:50 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/06/16 12:59:49 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/03/22 20:08:51 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc) SRV - [2011/10/25 16:59:16 | 000,244,960 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar) SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate) SRV - [2011/06/12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2011/03/14 17:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe) SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009/09/14 17:05:56 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService) SRV - [2009/08/19 03:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService) SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\btwrchid.sys -- (btwrchid) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwl2cap.sys -- (btwl2cap) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\btwavdt.sys -- (btwavdt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwaudio.sys -- (btwaudio) DRV - [2012/06/02 16:00:08 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2012/03/22 20:08:53 | 000,353,280 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbwwan.sys -- (ewusbmbb) DRV - [2012/03/22 20:08:53 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2012/03/22 20:08:53 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2012/03/22 20:08:53 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2012/03/12 11:18:46 | 000,085,064 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\Windows\System32\drivers\NEOFLTR_717_20581.SYS -- (NEOFLTR_717_20581) Juniper Networks TDI Filter Driver (NEOFLTR_717_20581) DRV - [2012/01/04 16:28:36 | 000,016,128 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtkdrv.sys -- (TrojanKillerDriver) DRV - [2011/05/10 08:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl) DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009/10/05 19:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009/07/20 11:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2009/07/14 00:02:47 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=bdl IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=bdl IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:\Program Files\Ashampoo_PO\prxtbAsha.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=bdl IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com [binary data] IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=110819&tt=010712_8&babsrc=HP_ss&mntrId=be44bc9e000000000000485b3928904d IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://search.conduit.com?SearchSource=10&ctid=CT2481033 IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120129&user_guid=BAFDF107DF8245B99ABD6B2CE4218ECC&machine_id=8c891013744f9e4422df0746cd4ba11d&browser=IE&os=win&os_version=6.1-x86-SP1&iesrc={referrer:source} IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110819&tt=010712_8&babsrc=SP_ss&mntrId=be44bc9e000000000000485b3928904d IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\..\SearchScopes\{58E0F37C-852F-480C-A58A-47C3D33B81B7}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481033 IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms} IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-501\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-501\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com [binary data] IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-501\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://eeepc.asus.com [binary data] IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-501\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2790392 IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-501\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-501\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKU\S-1-5-21-3240586025-4056203667-1841815989-501\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.defaultthis.engineName: "Ashampoo PO Customized Web Search" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)" FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=110819&tt=010712_8&babsrc=HP_ss&mntrId=be44bc9e000000000000485b3928904d" FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2481033&SearchSource=2&q=" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2481033&SearchSource=3&q={searchTerms}" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Google" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://klit.startnow.com/s/?src=addrbar&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120129&user_guid=BAFDF107DF8245B99ABD6B2CE4218ECC&machine_id=8c891013744f9e4422df0746cd4ba11d&browser=FF&os=win&os_version=6.1-x86-SP1&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Komputer\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/16 12:59:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/16 12:59:50 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/29 20:13:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Komputer\AppData\Roaming\mozilla\Extensions [2012/07/06 16:19:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Komputer\AppData\Roaming\mozilla\Firefox\Profiles\xeyldnmz.default\extensions [2012/01/29 22:59:18 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\Komputer\AppData\Roaming\mozilla\Firefox\Profiles\xeyldnmz.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F} [2012/06/02 08:57:22 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Komputer\AppData\Roaming\mozilla\Firefox\Profiles\xeyldnmz.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} [2012/03/31 12:51:42 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Komputer\AppData\Roaming\mozilla\Firefox\Profiles\xeyldnmz.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012/06/06 22:27:55 | 000,000,000 | ---D | M] (Ashampoo PO Community Toolbar) -- C:\Users\Komputer\AppData\Roaming\mozilla\Firefox\Profiles\xeyldnmz.default\extensions\{d43723ae-1ae1-4a25-a6a4-bf0929273cab} [2012/02/18 01:48:30 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Komputer\AppData\Roaming\mozilla\Firefox\Profiles\xeyldnmz.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2012/07/06 15:33:01 | 000,000,000 | ---D | M] ("Codec-V") -- C:\Users\Komputer\AppData\Roaming\mozilla\Firefox\Profiles\xeyldnmz.default\extensions\crossriderapp435@crossrider.com [2012/07/06 16:19:43 | 000,000,000 | ---D | M] ("Giant Savings") -- C:\Users\Komputer\AppData\Roaming\mozilla\Firefox\Profiles\xeyldnmz.default\extensions\crossriderapp4479@crossrider.com [2011/11/27 00:07:53 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Komputer\AppData\Roaming\mozilla\Firefox\Profiles\xeyldnmz.default\extensions\ffxtlbr@babylon.com [2011/12/15 12:36:06 | 000,000,925 | ---- | M] () -- C:\Users\Komputer\AppData\Roaming\Mozilla\Firefox\Profiles\xeyldnmz.default\searchplugins\conduit.xml [2012/02/18 01:48:23 | 000,003,915 | ---- | M] () -- C:\Users\Komputer\AppData\Roaming\Mozilla\Firefox\Profiles\xeyldnmz.default\searchplugins\sweetim.xml [2012/01/29 22:59:15 | 000,001,390 | ---- | M] () -- C:\Users\Komputer\AppData\Roaming\Mozilla\Firefox\Profiles\xeyldnmz.default\searchplugins\yahoo-zugo.xml [2012/03/25 08:24:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/05/20 14:22:11 | 000,550,833 | ---- | M] () (No name found) -- C:\USERS\KOMPUTER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XEYLDNMZ.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI [2011/10/24 20:59:23 | 000,010,043 | ---- | M] () (No name found) -- C:\USERS\KOMPUTER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XEYLDNMZ.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI [2012/06/16 12:59:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/06/09 09:05:19 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012/07/06 16:19:43 | 000,002,351 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012/06/09 09:05:19 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012/06/09 09:05:19 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012/06/09 09:05:19 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012/06/02 12:57:30 | 000,000,429 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml [2012/06/09 09:05:19 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012/06/09 09:05:19 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Yahoo (Enabled) CHR - default_search_provider: search_url = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120129&user_guid=BAFDF107DF8245B99ABD6B2CE4218ECC&machine_id=8c891013744f9e4422df0746cd4ba11d&browser=CR&os=win&os_version=6.1-x86-SP1 CHR - default_search_provider: suggest_url = , CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\gcswf32.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: BitTorrentBar = C:\Users\Komputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\2.3.0.15_0\ O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Premiumplay Codec-C) - {11111111-1111-1111-1111-110011041135} - C:\Program Files\Premiumplay Codec-C\Premiumplay Codec-C.dll (WebPicks) O2 - BHO: (Giant Savings) - {11111111-1111-1111-1111-110011441179} - C:\Program Files\Giant Savings\Giant Savings.dll (215 Apps) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll () O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (ASUS Windows 7 Starter Helper) - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\ASUS\SystemSetting\StarterHelper.dll (ASUSTeK Computer Inc.) O2 - BHO: (Ashampoo PO Toolbar) - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:\Program Files\Ashampoo_PO\prxtbAsha.dll (Conduit Ltd.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll () O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (Ashampoo PO Toolbar) - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:\Program Files\Ashampoo_PO\prxtbAsha.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\..\Toolbar\WebBrowser: (Ashampoo PO Toolbar) - {D43723AE-1AE1-4A25-A6A4-BF0929273CAB} - C:\Program Files\Ashampoo_PO\prxtbAsha.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKU\S-1-5-21-3240586025-4056203667-1841815989-501\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3240586025-4056203667-1841815989-501\..\Toolbar\WebBrowser: (Ashampoo PO Toolbar) - {D43723AE-1AE1-4A25-A6A4-BF0929273CAB} - C:\Program Files\Ashampoo_PO\prxtbAsha.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3240586025-4056203667-1841815989-501\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe () O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [OOBESetup] C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated) O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe (Trend Micro Inc.) O4 - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Security\VizorHtmlDialog.exe (Trend Micro Inc.) O4 - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000..\Run: [DriverScanner] C:\Program Files\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited) O4 - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000..\Run: [Facebook Update] C:\Users\Komputer\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000..\Run: [VaultCredProvider] C:\Users\Komputer\AppData\Local\Microsoft\Windows\2645\VaultCredProvider.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3240586025-4056203667-1841815989-501\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Komputer\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html () O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03A67122-23A8-4F65-9509-01F440530A36}: DhcpNameServer = 217.116.100.65 79.163.127.70 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3654794F-AD3F-42BA-BB69-310C0412CCC5}: DhcpNameServer = 62.179.1.63 62.179.1.62 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43DE96A7-1507-4E52-A6C8-7F3428ECDD7A}: DhcpNameServer = 192.168.0.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKU\S-1-5-21-3240586025-4056203667-1841815989-1000 Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-3240586025-4056203667-1841815989-501 Winlogon: Shell - (C:\Program Files\asus\SystemSetting\WallPaperAgent.exe) - C:\Program Files\ASUS\SystemSetting\WallPaperAgent.exe (ASUSTeK Computer Inc.) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010/03/24 01:54:52 | 000,000,175 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{11561483-eea4-11e0-aeac-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{11561483-eea4-11e0-aeac-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{11561486-eea4-11e0-aeac-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{11561486-eea4-11e0-aeac-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{17a727ff-aca7-11e1-b23e-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{17a727ff-aca7-11e1-b23e-485b3928904d}\Shell\AutoRun\command - "" = E:\setup.exe -- [2010/03/12 09:49:40 | 001,100,664 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{17a727ff-aca7-11e1-b23e-485b3928904d}\Shell\configure\command - "" = E:\setup.exe -- [2010/03/12 09:49:40 | 001,100,664 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{17a727ff-aca7-11e1-b23e-485b3928904d}\Shell\install\command - "" = E:\setup.exe -- [2010/03/12 09:49:40 | 001,100,664 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{1fcf794e-7386-11e1-add6-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{1fcf794e-7386-11e1-add6-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{1fcf7963-7386-11e1-add6-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{1fcf7963-7386-11e1-add6-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{1fcf7974-7386-11e1-add6-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{1fcf7974-7386-11e1-add6-485b3928904d}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2b1c535f-8d31-11e1-8b38-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{2b1c535f-8d31-11e1-8b38-485b3928904d}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2d2e6358-3a21-11e1-aded-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{2d2e6358-3a21-11e1-aded-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{2d2e6380-3a21-11e1-aded-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{2d2e6380-3a21-11e1-aded-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{2d2e6384-3a21-11e1-aded-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{2d2e6384-3a21-11e1-aded-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{2d839db2-eac5-11e0-b123-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{2d839db2-eac5-11e0-b123-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{2d839db5-eac5-11e0-b123-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{2d839db5-eac5-11e0-b123-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{316fc9f0-00af-11e1-8515-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{316fc9f0-00af-11e1-8515-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{316fc9f4-00af-11e1-8515-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{316fc9f4-00af-11e1-8515-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{8fadfc4d-fd97-11e0-9ef3-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{8fadfc4d-fd97-11e0-9ef3-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{8fadfc53-fd97-11e0-9ef3-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{8fadfc53-fd97-11e0-9ef3-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{8fadfc5f-fd97-11e0-9ef3-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{8fadfc5f-fd97-11e0-9ef3-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{8fadfc62-fd97-11e0-9ef3-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{8fadfc62-fd97-11e0-9ef3-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{8fadfc82-fd97-11e0-9ef3-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{8fadfc82-fd97-11e0-9ef3-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{8fadfc86-fd97-11e0-9ef3-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{8fadfc86-fd97-11e0-9ef3-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{8fadfc9f-fd97-11e0-9ef3-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{8fadfc9f-fd97-11e0-9ef3-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{8fadfca3-fd97-11e0-9ef3-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{8fadfca3-fd97-11e0-9ef3-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{9726c6ff-ea7c-11e0-a1c4-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{9726c6ff-ea7c-11e0-a1c4-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{9726c705-ea7c-11e0-a1c4-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{9726c705-ea7c-11e0-a1c4-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{f721a5e8-97ac-11e1-b26b-485b3928904d}\Shell - "" = AutoRun O33 - MountPoints2\{f721a5e8-97ac-11e1-b26b-485b3928904d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012/07/06 16:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Trojan Killer [2012/07/06 16:45:21 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer [2012/07/06 16:26:02 | 000,000,000 | ---D | C] -- C:\_OTL [2012/07/06 16:19:44 | 000,000,000 | ---D | C] -- C:\Users\Komputer\AppData\Local\Giant Savings [2012/07/06 16:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\Giant Savings [2012/07/06 16:18:30 | 000,000,000 | ---D | C] -- C:\Users\Komputer\AppData\Roaming\BabylonToolbar [2012/07/06 16:08:34 | 000,000,000 | ---D | C] -- C:\Users\Komputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012/07/06 16:08:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012/07/06 15:34:58 | 000,000,000 | ---D | C] -- C:\Users\Komputer\AppData\Roaming\hellomoto [2012/07/03 16:37:25 | 000,000,000 | ---D | C] -- C:\Users\Komputer\AppData\Local\Diagnostics [2012/07/02 19:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012/07/02 19:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012/06/23 16:03:15 | 000,000,000 | ---D | C] -- C:\Users\Komputer\AppData\Local\Macromedia [2012/06/07 16:51:37 | 000,000,000 | ---D | C] -- C:\Users\Komputer\AppData\Roaming\DVDVideoSoftIEHelpers [2012/06/07 16:51:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2012/06/07 16:51:22 | 002,557,952 | ---- | C] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\windows\System32\QtCore4.dll [2012/06/07 16:51:16 | 000,405,176 | ---- | C] (Newtonsoft) -- C:\windows\System32\Newtonsoft.Json.Net20.dll [2012/06/07 16:51:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2012/06/07 16:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft [2012/06/03 10:44:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue [2012/06/02 16:31:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2012/06/02 16:31:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012/06/02 16:28:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2012/06/02 16:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012/06/02 16:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012/06/02 16:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework [2012/06/02 16:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2012/06/02 16:24:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8 [2012/06/02 16:21:52 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012/06/02 16:13:30 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images [2012/06/02 16:02:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012/06/02 16:00:35 | 000,000,000 | ---D | C] -- C:\Users\Komputer\AppData\Roaming\Uniblue [2012/06/02 16:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue [2012/06/02 16:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue [2012/06/02 16:00:08 | 000,242,240 | ---- | C] (DT Soft Ltd) -- C:\windows\System32\drivers\dtsoftbus01.sys [2012/06/02 15:59:50 | 000,000,000 | ---D | C] -- C:\Users\Komputer\AppData\Roaming\DAEMON Tools Lite [2012/06/02 15:59:43 | 000,000,000 | ---D | C] -- C:\Users\Komputer\AppData\Roaming\OpenCandy [2012/06/02 15:59:43 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2012/06/02 15:59:07 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012/06/02 15:56:14 | 000,000,000 | ---D | C] -- C:\windows\SHELLNEW [2012/06/02 12:57:10 | 000,000,000 | ---D | C] -- C:\Program Files\v9Soft [2012/06/01 23:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2012/06/01 23:00:14 | 000,000,000 | ---D | C] -- C:\Users\Komputer\AppData\Local\MicrosoftStore [2012/06/01 22:11:22 | 000,000,000 | ---D | C] -- C:\Users\Komputer\Desktop\pb [2012/05/13 12:00:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012/05/13 12:00:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [1 C:\Users\Komputer\Desktop\*.tmp files -> C:\Users\Komputer\Desktop\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012/07/06 17:28:00 | 000,000,940 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3240586025-4056203667-1841815989-1000UA.job [2012/07/06 17:27:05 | 000,001,040 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2012/07/06 17:06:01 | 000,000,930 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2012/07/06 16:45:38 | 000,001,061 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Killer.lnk [2012/07/06 16:45:30 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/07/06 16:45:30 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/07/06 16:39:50 | 000,001,036 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2012/07/06 16:39:45 | 000,000,334 | ---- | M] () -- C:\windows\tasks\DriverScanner.job [2012/07/06 16:37:59 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012/07/06 16:37:51 | 798,416,896 | -HS- | M] () -- C:\hiberfil.sys [2012/07/06 16:20:02 | 000,000,498 | ---- | M] () -- C:\user.js [2012/07/05 22:50:28 | 000,697,912 | ---- | M] () -- C:\windows\System32\perfh015.dat [2012/07/05 22:50:28 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat [2012/07/05 22:50:28 | 000,134,990 | ---- | M] () -- C:\windows\System32\perfc015.dat [2012/07/05 22:50:28 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat [2012/07/05 20:28:33 | 000,000,918 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3240586025-4056203667-1841815989-1000Core.job [2012/07/01 00:43:28 | 000,023,893 | ---- | M] () -- C:\Users\Komputer\Desktop\555830_369584156445332_1370045947_n.jpg [2012/06/29 09:23:06 | 000,109,258 | ---- | M] () -- C:\Users\Komputer\Desktop\564059_10150881940045946_789949612_n.jpg [2012/06/26 18:24:35 | 000,004,608 | ---- | M] () -- C:\Users\Komputer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/06/26 18:16:24 | 000,121,014 | ---- | M] () -- C:\Users\Komputer\Desktop\asia.jpg [2012/06/26 18:14:52 | 000,089,621 | ---- | M] () -- C:\Users\Komputer\Desktop\van persi.jpg [2012/06/26 16:30:23 | 000,044,318 | ---- | M] () -- C:\Users\Komputer\Desktop\abercrombie_fitch_call_me_maybe.jpg [2012/06/26 12:05:29 | 000,219,916 | ---- | M] () -- C:\Users\Komputer\Desktop\tumblr_m5v7lr0q6g1qjkf3xo1_500.png [2012/06/24 15:08:48 | 000,035,566 | ---- | M] () -- C:\Users\Komputer\Desktop\181402_389012077812480_354043088_n.jpg [2012/06/23 14:05:48 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe [2012/06/23 14:05:48 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2012/06/21 09:57:19 | 000,051,687 | ---- | M] () -- C:\Users\Komputer\Desktop\lol.jpg [2012/06/17 13:38:56 | 000,063,699 | ---- | M] () -- C:\Users\Komputer\Desktop\paris.jpg [2012/06/17 11:59:07 | 000,416,984 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2012/06/08 18:55:10 | 000,061,181 | ---- | M] () -- C:\Users\Komputer\Desktop\lewandowski.jpg [2012/06/08 11:07:53 | 000,106,564 | ---- | M] () -- C:\Users\Komputer\Desktop\67011__full_news.jpg [2012/06/08 11:07:18 | 000,099,361 | ---- | M] () -- C:\Users\Komputer\Desktop\Euro_2012_logo.png [2012/06/07 16:51:23 | 000,001,320 | ---- | M] () -- C:\Users\Komputer\Desktop\Free YouTube to MP3 Converter.lnk [2012/06/02 16:00:08 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\windows\System32\drivers\dtsoftbus01.sys [2012/06/02 13:48:11 | 000,000,897 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk [2012/06/02 12:57:28 | 000,001,489 | ---- | M] () -- C:\Users\Komputer\Desktop\Internet Explorer.lnk [2012/06/02 12:57:28 | 000,001,190 | ---- | M] () -- C:\Users\Komputer\Desktop\Mozilla Firefox.lnk [2012/06/02 08:28:26 | 000,000,020 | ---- | M] () -- C:\windows\čöu [2012/05/10 19:51:26 | 001,965,656 | ---- | M] () -- C:\Users\Komputer\Desktop\VIANNOUCH.JPG [1 C:\Users\Komputer\Desktop\*.tmp files -> C:\Users\Komputer\Desktop\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/07/06 16:45:38 | 000,001,061 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Killer.lnk [2012/07/06 16:17:56 | 000,000,498 | ---- | C] () -- C:\user.js [2012/07/05 22:52:01 | 001,965,656 | ---- | C] () -- C:\Users\Komputer\Desktop\VIANNOUCH.JPG [2012/07/01 00:42:54 | 000,023,893 | ---- | C] () -- C:\Users\Komputer\Desktop\555830_369584156445332_1370045947_n.jpg [2012/06/29 09:22:50 | 000,109,258 | ---- | C] () -- C:\Users\Komputer\Desktop\564059_10150881940045946_789949612_n.jpg [2012/06/26 18:16:18 | 000,121,014 | ---- | C] () -- C:\Users\Komputer\Desktop\asia.jpg [2012/06/26 18:14:36 | 000,089,621 | ---- | C] () -- C:\Users\Komputer\Desktop\van persi.jpg [2012/06/26 16:29:49 | 000,044,318 | ---- | C] () -- C:\Users\Komputer\Desktop\abercrombie_fitch_call_me_maybe.jpg [2012/06/26 12:05:08 | 000,219,916 | ---- | C] () -- C:\Users\Komputer\Desktop\tumblr_m5v7lr0q6g1qjkf3xo1_500.png [2012/06/24 15:08:36 | 000,035,566 | ---- | C] () -- C:\Users\Komputer\Desktop\181402_389012077812480_354043088_n.jpg [2012/06/21 09:56:59 | 000,051,687 | ---- | C] () -- C:\Users\Komputer\Desktop\lol.jpg [2012/06/17 13:38:43 | 000,063,699 | ---- | C] () -- C:\Users\Komputer\Desktop\paris.jpg [2012/06/08 18:54:59 | 000,061,181 | ---- | C] () -- C:\Users\Komputer\Desktop\lewandowski.jpg [2012/06/08 11:07:52 | 000,106,564 | ---- | C] () -- C:\Users\Komputer\Desktop\67011__full_news.jpg [2012/06/08 11:06:50 | 000,099,361 | ---- | C] () -- C:\Users\Komputer\Desktop\Euro_2012_logo.png [2012/06/07 16:51:23 | 000,001,320 | ---- | C] () -- C:\Users\Komputer\Desktop\Free YouTube to MP3 Converter.lnk [2012/06/02 16:00:45 | 000,000,334 | ---- | C] () -- C:\windows\tasks\DriverScanner.job [2012/06/02 13:48:11 | 000,000,897 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk [2012/06/02 08:28:24 | 000,000,020 | ---- | C] () -- C:\windows\čöu [2012/02/17 20:01:44 | 000,004,096 | -H-- | C] () -- C:\Users\Komputer\AppData\Local\keyfile3.drm [2012/01/29 22:58:10 | 000,243,200 | ---- | C] () -- C:\windows\System32\xvidvfw.dll [2012/01/29 22:58:09 | 000,175,616 | ---- | C] () -- C:\windows\System32\unrar.dll [2012/01/29 22:58:05 | 000,079,360 | ---- | C] () -- C:\windows\System32\ff_vfw.dll [2011/12/25 22:04:13 | 000,004,608 | ---- | C] () -- C:\Users\Komputer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/10/22 21:55:51 | 000,000,048 | ---- | C] () -- C:\windows\winfile.ini [2011/10/22 14:13:09 | 000,650,752 | ---- | C] () -- C:\windows\System32\xvidcore.dll [2011/10/22 14:13:09 | 000,258,048 | ---- | C] () -- C:\windows\System32\libFLAC.dll [2011/09/28 10:42:59 | 000,006,144 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS [2011/09/28 10:41:27 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe [color=#E56717]========== LOP Check ==========[/color] [2011/12/25 21:46:51 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\Ashampoo [2011/10/16 19:53:58 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\ASUS WebStorage [2011/11/27 00:07:18 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\Babylon [2012/07/06 16:18:30 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\BabylonToolbar [2012/01/30 01:14:16 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\BESTplayer [2012/07/02 21:46:36 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\BitTorrent [2012/06/02 16:13:43 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\DAEMON Tools Lite [2012/06/07 16:52:22 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\DVDVideoSoft [2012/06/07 16:51:37 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\DVDVideoSoftIEHelpers [2012/07/06 15:35:09 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\hellomoto [2012/06/01 17:22:09 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\ipla [2012/03/08 02:02:45 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\Juniper Networks [2012/06/02 15:59:51 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\OpenCandy [2012/06/02 08:36:13 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\SoftGrid Client [2011/12/03 16:39:34 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\TP [2012/06/02 16:00:35 | 000,000,000 | ---D | M] -- C:\Users\Komputer\AppData\Roaming\Uniblue [2012/07/06 16:39:45 | 000,000,334 | ---- | M] () -- C:\windows\Tasks\DriverScanner.job [2012/07/05 20:28:33 | 000,000,918 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3240586025-4056203667-1841815989-1000Core.job [2012/07/06 17:28:00 | 000,000,940 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3240586025-4056203667-1841815989-1000UA.job [2011/12/28 14:42:23 | 000,032,572 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >