OTL logfile created on: 2012-09-05 17:55:54 - Run 1
OTL by OldTimer - Version 3.2.61.0     Folder = F:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,97 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 78,76% Memory free
3,93 Gb Paging File | 3,53 Gb Available in Paging File | 89,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 123,77 Gb Total Space | 68,59 Gb Free Space | 55,42% Space Free | Partition Type: NTFS
Drive D: | 333,88 Gb Total Space | 286,78 Gb Free Space | 85,89% Space Free | Partition Type: NTFS
Drive F: | 3,73 Gb Total Space | 3,34 Gb Free Space | 89,48% Space Free | Partition Type: FAT32
 
Computer Name: USER-KOMPUTER | User Name: user | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-09-05 17:47:18 | 000,599,040 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2010-09-22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010-08-12 14:18:40 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:[b]64bit:[/b] - [2010-08-12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-08-16 08:10:20 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011-09-23 19:37:42 | 000,641,832 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011-08-31 12:37:21 | 000,581,632 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)/Thomson/ST330/service/st330service.exe -- (st330service)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012-03-08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2011-08-31 12:37:20 | 000,054,272 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stppp.sys -- (stppp)
DRV:[b]64bit:[/b] - [2011-08-31 12:37:20 | 000,047,616 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\st330.sys -- (ST330)
DRV:[b]64bit:[/b] - [2011-08-31 12:37:20 | 000,024,576 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stbus.sys -- (STBUS)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-10-15 23:28:42 | 010,619,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2010-07-29 13:31:26 | 000,168,544 | ---- | M] (ESET) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2010-07-29 13:31:26 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2010-07-29 13:31:26 | 000,126,320 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:[b]64bit:[/b] - [2009-11-06 04:22:02 | 000,154,112 | ---- | M] (AnyDATA.NET INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adusbser.sys -- (adusbser)
DRV:[b]64bit:[/b] - [2009-07-16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011-05-17 13:22:35 | 000,003,026 | ---- | M] (Logix4u) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\hwinterface.sys -- (hwinterface)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.adax.pl/witamy
IE - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.bph.pl/pi/do/Login
IE - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = https://www.bph.pl/pi/do/Login
IE - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\..\SearchScopes,DefaultScope = {CF203786-4939-4C58-8033-630743D3D2D4}
IE - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.3.0&install_country=PL&install_date=20110816&user_guid=AEF82EC682A449F3B984F333E1E2A385&machine_id=e62c30b5b597a94946803be1abd44677&browser=IE&os=win&os_version=6.1-x64-SP0&iesrc={referrer:source}
IE - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100470&mntrId=2a83ba71000000000000bcaec52d2573
IE - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\..\SearchScopes\{1CBD6AB4-DB5D-49FF-B77A-374D290DBD85}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=7EBAEC19-E6E7-4889-BBDC-DB79AD7F8A73&apn_sauid=6E118661-B5A1-4767-A9B1-B269E8A9EDB9&
IE - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\..\SearchScopes\{CF203786-4939-4C58-8033-630743D3D2D4}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms}
IE - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-05-09 10:41:54 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll File not found
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll File not found
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files (x86)\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:[b]64bit:[/b] - HKLM..\Run: [diagnostics] C:\Program Files (x86)\Thomson\ST330\diagnostics\diagnostics.exe (THOMSON Telecom Belgium)
O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Seagull Drivers] ssdal_nc.exe startup File not found
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe" File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002..\Run: [npczjhrxeulyfhk] C:\Windows\npczjhrx.exe (Seagate)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\..Trusted Domains: mks.com.pl ([www] http in Zaufane witryny)
O15 - HKU\S-1-5-21-1469102125-4081553141-2784540763-1002\..Trusted Domains: mks.com.pl ([www] https in Zaufane witryny)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} https://www.bph.pl/sezam/components/SignActivX.cab (SignActivX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{375BF204-4C8C-4D94-A006-C351753C2F84}: DhcpNameServer = 192.168.1.100
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-03-22 10:39:12 | 000,000,000 | -HSD | M] - F:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{6176d091-c4ec-11e1-a45f-bcaec52d2573}\Shell - "" = AutoRun
O33 - MountPoints2\{6176d091-c4ec-11e1-a45f-bcaec52d2573}\Shell\AutoRun\command - "" = F:\Launcher.exe
O33 - MountPoints2\{8e69babb-abb7-11e1-8a95-bcaec52d2573}\Shell - "" = AutoRun
O33 - MountPoints2\{8e69babb-abb7-11e1-8a95-bcaec52d2573}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d6837cea-c4cb-11e1-abe9-bcaec52d2573}\Shell - "" = AutoRun
O33 - MountPoints2\{d6837cea-c4cb-11e1-abe9-bcaec52d2573}\Shell\AutoRun\command - "" = F:\Launcher.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Launcher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-09-05 17:43:51 | 000,000,000 | --SD | C] -- C:\windows\SysWow64\Microsoft
[2012-09-05 16:31:10 | 000,000,000 | ---D | C] -- C:\ProgramData\okgzbwzpejqzqfr
[2012-09-05 16:31:09 | 000,150,016 | ---- | C] (Seagate) -- C:\windows\npczjhrx.exe
[2012-09-05 16:31:08 | 000,150,016 | ---- | C] (Seagate) -- C:\ProgramData\npczjhrx.exe
[2012-09-05 10:30:11 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{06034017-3B56-4DF9-A6A9-51A857EF802E}
[2012-09-04 07:13:15 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{2A42BD18-C845-4964-86CF-6B2FAFADC720}
[2012-09-03 11:18:00 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{EFDEADB2-6384-4A44-BD8E-601371E2494B}
[2012-08-27 09:40:51 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{4E044619-484D-421D-BFE1-97A8F0A83918}
[2012-08-23 07:27:00 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6D85FC2A-51D5-436C-B71C-91A94E49F7C4}
[2012-08-22 09:53:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{9A86B5DA-CBB9-4D84-8988-5503E166BB0E}
[2012-08-21 06:30:00 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{A7DC3858-126B-405C-8B6F-6426785056D9}
[2012-08-20 08:42:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{8CEFE382-BF81-49CB-B450-224FF5AE5744}
[2012-08-17 13:07:51 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{56D1FAAE-80C5-4AEA-B0B7-99E52BF45B29}
[2012-08-17 13:07:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BA00FC49-889C-4A8C-88AB-4F54B64D3A19}
[2012-08-16 11:32:30 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{22222A65-F873-43F3-BC33-8E387E978FA3}
[2012-08-16 11:32:18 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{AE01B6B4-0439-4573-A4CC-ABF803D92139}
[2012-08-14 11:17:28 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{36E724EF-8F0F-4CD6-BA0F-650FD031C79D}
[2012-08-14 11:17:15 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{16E228F1-FE46-422C-A712-4269F95909C0}
[2012-08-10 13:04:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{939C83C3-BFD9-4499-81C3-8C55DCA6139B}
[2012-08-10 13:04:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{428E2AAE-8C75-4D1F-86C6-A05029A718D8}
[2012-08-09 10:25:27 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{9F7A714D-200A-48C8-B3D4-530E012B757C}
[2012-08-09 10:25:15 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{8865AE9A-DC42-4368-8176-F51CCE4CAB8D}
[2012-08-08 15:25:41 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C5D94557-AF12-4769-BEC4-5DB7AA462A31}
[2012-08-08 15:25:29 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{58D47683-D529-4CD1-B5D1-603C76070482}
[2012-08-07 11:11:30 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{7E59A084-76AC-4D6A-9A34-2C3AEE867A24}
[2012-08-07 11:11:18 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{8EEFBAB0-FA5E-4431-A49F-F08C4C2C1EEC}
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\Users\user\Desktop\*.tmp files -> C:\Users\user\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-09-05 18:00:09 | 002,883,584 | -HS- | M] () -- C:\Users\user\ntuser.dat
[2012-09-05 17:45:19 | 001,558,380 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012-09-05 17:45:19 | 000,701,022 | ---- | M] () -- C:\windows\SysNative\perfh015.dat
[2012-09-05 17:45:19 | 000,618,714 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012-09-05 17:45:19 | 000,136,040 | ---- | M] () -- C:\windows\SysNative\perfc015.dat
[2012-09-05 17:45:19 | 000,107,034 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012-09-05 17:43:21 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2012-09-05 17:41:10 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012-09-05 17:41:04 | 1583,177,728 | -HS- | M] () -- C:\hiberfil.sys
[2012-09-05 17:39:52 | 000,196,608 | ---- | M] () -- C:\windows\SysNative\Ikeext.etl
[2012-09-05 17:39:52 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-09-05 17:39:52 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-09-05 17:37:00 | 000,001,044 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-09-05 17:36:41 | 000,001,040 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-09-05 16:31:10 | 000,078,032 | ---- | M] () -- C:\ProgramData\vksgolbkaapmtqj
[2012-09-05 16:30:51 | 000,150,016 | ---- | M] (Seagate) -- C:\windows\npczjhrx.exe
[2012-09-05 16:30:51 | 000,150,016 | ---- | M] (Seagate) -- C:\ProgramData\npczjhrx.exe
[2012-09-05 16:10:00 | 000,000,930 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012-09-05 10:28:59 | 000,575,039 | ---- | M] () -- C:\Users\user\Desktop\skanowanie0002.pdf
[2012-09-05 10:25:38 | 001,041,962 | ---- | M] () -- C:\Users\user\Desktop\skanowanie0001.pdf
[2012-09-04 16:34:43 | 002,523,833 | -H-- | M] () -- C:\Users\user\AppData\Local\IconCache.db
[2012-09-04 12:41:02 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-08-27 14:51:14 | 001,323,479 | ---- | M] () -- C:\Users\user\Desktop\tossa zamowienie0001.jpg
[2012-08-23 09:41:31 | 001,142,334 | ---- | M] () -- C:\Users\user\Desktop\dokumenty założy Domosu0004.jpg
[2012-08-23 09:38:44 | 000,816,598 | ---- | M] () -- C:\Users\user\Desktop\dokumenty założy Domosu0003.jpg
[2012-08-23 09:37:11 | 001,132,034 | ---- | M] () -- C:\Users\user\Desktop\dokumenty założy Domosu0002.jpg
[2012-08-23 09:33:48 | 001,361,434 | ---- | M] () -- C:\Users\user\Desktop\dokumenty założy Domosu0001.jpg
[2012-08-17 15:05:55 | 000,053,396 | ---- | M] () -- C:\Users\user\Desktop\Piotrków wyliczenie 17.08.2012.pdf
[2012-08-16 08:10:20 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012-08-16 08:10:20 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-08-14 15:53:05 | 000,378,940 | ---- | M] () -- C:\Users\user\Desktop\zmiana numeru konta.pdf
[2012-08-07 11:10:34 | 000,340,143 | ---- | M] () -- C:\Users\user\Desktop\pismo grunt antygrzybiczny7.08.20120003.jpg
[2012-08-07 11:06:22 | 000,642,815 | ---- | M] () -- C:\Users\user\Desktop\pismo grunt antygrzybiczny7.08.20120002.jpg
[2012-08-07 11:03:04 | 000,612,813 | ---- | M] () -- C:\Users\user\Desktop\pismo grunt antygrzybiczny7.08.20120001.jpg
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\Users\user\Desktop\*.tmp files -> C:\Users\user\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-09-05 16:30:51 | 000,078,032 | ---- | C] () -- C:\ProgramData\vksgolbkaapmtqj
[2012-09-05 10:28:59 | 001,041,962 | ---- | C] () -- C:\Users\user\Desktop\skanowanie0001.pdf
[2012-09-05 10:25:39 | 000,575,039 | ---- | C] () -- C:\Users\user\Desktop\skanowanie0002.pdf
[2012-09-04 12:41:02 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-08-27 14:51:03 | 001,323,479 | ---- | C] () -- C:\Users\user\Desktop\tossa zamowienie0001.jpg
[2012-08-23 09:41:35 | 001,142,334 | ---- | C] () -- C:\Users\user\Desktop\dokumenty założy Domosu0004.jpg
[2012-08-23 09:41:35 | 001,132,034 | ---- | C] () -- C:\Users\user\Desktop\dokumenty założy Domosu0002.jpg
[2012-08-23 09:41:35 | 000,816,598 | ---- | C] () -- C:\Users\user\Desktop\dokumenty założy Domosu0003.jpg
[2012-08-23 09:41:34 | 001,361,434 | ---- | C] () -- C:\Users\user\Desktop\dokumenty założy Domosu0001.jpg
[2012-08-17 15:05:54 | 000,053,396 | ---- | C] () -- C:\Users\user\Desktop\Piotrków wyliczenie 17.08.2012.pdf
[2012-08-14 15:53:05 | 000,378,940 | ---- | C] () -- C:\Users\user\Desktop\zmiana numeru konta.pdf
[2012-08-07 11:10:36 | 000,642,815 | ---- | C] () -- C:\Users\user\Desktop\pismo grunt antygrzybiczny7.08.20120002.jpg
[2012-08-07 11:10:36 | 000,612,813 | ---- | C] () -- C:\Users\user\Desktop\pismo grunt antygrzybiczny7.08.20120001.jpg
[2012-08-07 11:10:36 | 000,340,143 | ---- | C] () -- C:\Users\user\Desktop\pismo grunt antygrzybiczny7.08.20120003.jpg
[2011-09-29 14:29:58 | 000,000,047 | ---- | C] () -- C:\windows\NeroDigital.ini
[2011-09-06 18:18:00 | 000,000,084 | ---- | C] () -- C:\windows\InsRpPrint.INI
[2011-08-31 08:14:18 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{ABB570DC-331F-4EFD-860D-E8626C0AFF24}
[2011-08-29 10:10:22 | 000,000,135 | ---- | C] () -- C:\windows\ODBC.INI
[2011-08-16 13:42:24 | 000,175,616 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
[2011-08-16 13:42:24 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2011-08-16 13:42:21 | 000,650,752 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2011-08-16 13:42:21 | 000,243,200 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2011-08-16 13:42:21 | 000,074,752 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2011-06-03 14:49:45 | 000,524,288 | -HS- | C] () -- C:\Users\user\ntuser.dat{ee32b9d8-8ddf-11e0-aef4-bcaec52d2573}.TMContainer00000000000000000002.regtrans-ms
[2011-06-03 14:49:45 | 000,524,288 | -HS- | C] () -- C:\Users\user\ntuser.dat{ee32b9d8-8ddf-11e0-aef4-bcaec52d2573}.TMContainer00000000000000000001.regtrans-ms
[2011-06-03 14:49:45 | 000,065,536 | -HS- | C] () -- C:\Users\user\ntuser.dat{ee32b9d8-8ddf-11e0-aef4-bcaec52d2573}.TM.blf
[2011-05-12 14:17:28 | 001,574,790 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011-05-10 15:30:16 | 000,397,312 | R--- | C] () -- C:\windows\SysWow64\zshp1020.exe
[2011-05-10 15:30:16 | 000,106,496 | R--- | C] () -- C:\windows\SysWow64\vshp1020.dll
[2011-05-10 14:39:17 | 000,089,592 | ---- | C] () -- C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
[2011-05-09 11:04:45 | 002,523,833 | -H-- | C] () -- C:\Users\user\AppData\Local\IconCache.db
[2011-05-09 10:25:31 | 002,883,584 | -HS- | C] () -- C:\Users\user\ntuser.dat
[2011-05-09 10:25:31 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2011-05-09 10:25:31 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2011-05-09 10:25:31 | 000,065,536 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2011-05-09 10:25:31 | 000,000,020 | -HS- | C] () -- C:\Users\user\ntuser.ini
[2010-10-15 23:27:08 | 000,982,240 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin
[2010-10-15 23:27:08 | 000,439,308 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin
[2010-10-15 23:27:08 | 000,092,356 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin
[2010-10-15 22:51:56 | 000,208,896 | ---- | C] () -- C:\windows\SysWow64\iglhsip32.dll
[2010-10-15 22:51:56 | 000,143,360 | ---- | C] () -- C:\windows\SysWow64\iglhcp32.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-07-26 15:24:35 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Ashampoo
[2011-08-16 12:44:33 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Babylon
[2011-05-17 13:36:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Etisoft
[2012-03-14 15:53:44 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\InsERT GT
[2011-05-12 14:18:00 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Windows Live Writer
[2012-09-05 17:43:21 | 000,032,608 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >