Nadchodzące zmiany w logowaniu

piwonia2121

Użytkownicy

Pokaż profil Zobacz aktywność

Postów
15
Dołączył
18 Listopada 2013
Ostatnia wizyta
22 Listopada 2013

zamulony system

piwonia2121 odpowiedział(a) na piwonia2121 temat w Dział pomocy doraźnej

1.pisalam juz ze w panelu sterowania/ programy i funkce--->nie ma packageTracker69(....), ani zadnego PcUtilitiesPro, naprawdee. niewiem czemu widac na otl ze to mam,skoro w panelu sterowania naprawde tego nie ma. 2.skany tfc i malwarebytes zrobilam PRZED zrobieniem skanu OTL. wiec logi ktore wkleilam sa PO przeskanowaniu tfc i malwarebytes i PO usunieciu infekcji. moze worcilo dziadostwo? 3.juz wykonauje skan przez malwarebytes 4.tak,komputer uruchamia sie normalnie,na pierwszy rzut oka nic mu nie jest, ale skoro na logach wychodzi ze cos jest nie tak,tzn ze to kwestia czasu az znow infekcje sie rozprzestrzenia i znow nie bedzie mozna korzystac z komputera.
- 21 Listopada 2013
- 23 odpowiedzi
zamulony system

piwonia2121 odpowiedział(a) na piwonia2121 temat w Dział pomocy doraźnej

to wyzej to logi z otl wkleilam na dwa razy jako ze niedalo sie inaczej.nadal jestem na awaryjnym.prosze o wskazowki co dalej
- 20 Listopada 2013
- 23 odpowiedzi
zamulony system

piwonia2121 odpowiedział(a) na piwonia2121 temat w Dział pomocy doraźnej

========== ZeroAccess Check ========== [2006/11/02 12:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 17:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 04:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/21 02:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Custom Scans ========== < PRC - [2013/11/07 09:05:47 | 000,044,784 | ---- | M] (MindSpark) -- C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe > Invalid Switch: 07 09:05:47 | 000,044,784 | ---- | M] (MindSpark) -- C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe < PRC - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe > Invalid Switch: 07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe < PRC - [2013/11/07 09:05:47 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69brmon.exe > Invalid Switch: 07 09:05:47 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69brmon.exe < PRC - [2013/10/29 08:24:24 | 002,886,464 | ---- | M] (Iminent) -- C:\Program Files\Common Files\Umbrella\Umbrella.exe > Invalid Switch: 29 08:24:24 | 002,886,464 | ---- | M] (Iminent) -- C:\Program Files\Common Files\Umbrella\Umbrella.exe < MOD - [2013/11/14 20:31:18 | 000,128,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_elementtree.pyd > Invalid Switch: 14 20:31:18 | 000,128,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_elementtree.pyd < MOD - [2013/11/14 20:31:18 | 000,098,816 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32api.pyd > Invalid Switch: 14 20:31:18 | 000,098,816 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32api.pyd < MOD - [2013/11/14 20:31:18 | 000,044,032 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_socket.pyd > Invalid Switch: 14 20:31:18 | 000,044,032 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_socket.pyd < MOD - [2013/11/14 20:31:18 | 000,022,528 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32ts.pyd > Invalid Switch: 14 20:31:18 | 000,022,528 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32ts.pyd < MOD - [2013/11/14 20:31:17 | 000,557,056 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pysqlite2._sqlite.pyd > Invalid Switch: 14 20:31:17 | 000,557,056 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pysqlite2._sqlite.pyd < MOD - [2013/11/14 20:31:17 | 000,320,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32com.shell.shell.pyd > Invalid Switch: 14 20:31:17 | 000,320,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32com.shell.shell.pyd < MOD - [2013/11/14 20:31:17 | 000,026,624 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_multiprocessing.pyd > Invalid Switch: 14 20:31:17 | 000,026,624 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_multiprocessing.pyd < MOD - [2013/11/14 20:31:16 | 000,070,656 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._html2.pyd > Invalid Switch: 14 20:31:16 | 000,070,656 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._html2.pyd < MOD - [2013/11/14 20:31:16 | 000,011,264 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32crypt.pyd > Invalid Switch: 14 20:31:16 | 000,011,264 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32crypt.pyd < MOD - [2013/11/14 20:31:15 | 000,805,888 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._gdi_.pyd > Invalid Switch: 14 20:31:15 | 000,805,888 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._gdi_.pyd < MOD - [2013/11/14 20:31:15 | 000,504,832 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\windows._cacheinvalidation.pyd > Invalid Switch: 14 20:31:15 | 000,504,832 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\windows._cacheinvalidation.pyd < MOD - [2013/11/14 20:31:14 | 000,087,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_ctypes.pyd > Invalid Switch: 14 20:31:14 | 000,087,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_ctypes.pyd < MOD - [2013/11/14 20:31:14 | 000,017,408 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32profile.pyd > Invalid Switch: 14 20:31:14 | 000,017,408 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32profile.pyd < MOD - [2013/11/14 20:31:13 | 000,364,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pythoncom27.dll > Invalid Switch: 14 20:31:13 | 000,364,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pythoncom27.dll < MOD - [2013/11/14 20:31:12 | 000,735,232 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._misc_.pyd > Invalid Switch: 14 20:31:12 | 000,735,232 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._misc_.pyd < MOD - [2013/11/14 20:31:09 | 000,110,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pywintypes27.dll > Invalid Switch: 14 20:31:09 | 000,110,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pywintypes27.dll < MOD - [2013/11/14 20:31:08 | 001,175,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._core_.pyd > Invalid Switch: 14 20:31:08 | 001,175,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._core_.pyd < MOD - [2013/11/14 20:31:08 | 000,108,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32security.pyd > Invalid Switch: 14 20:31:08 | 000,108,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32security.pyd < MOD - [2013/11/14 20:31:06 | 001,153,024 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_ssl.pyd > Invalid Switch: 14 20:31:06 | 001,153,024 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_ssl.pyd < MOD - [2013/11/14 20:31:04 | 000,035,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32process.pyd > Invalid Switch: 14 20:31:04 | 000,035,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32process.pyd < MOD - [2013/11/14 20:31:04 | 000,025,600 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32pdh.pyd > Invalid Switch: 14 20:31:04 | 000,025,600 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32pdh.pyd < MOD - [2013/11/14 20:31:03 | 000,711,680 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_hashlib.pyd > Invalid Switch: 14 20:31:03 | 000,711,680 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_hashlib.pyd < MOD - [2013/11/14 20:31:02 | 000,811,008 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._windows_.pyd > Invalid Switch: 14 20:31:02 | 000,811,008 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._windows_.pyd < MOD - [2013/11/14 20:31:01 | 000,122,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._wizard.pyd > Invalid Switch: 14 20:31:01 | 000,122,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._wizard.pyd < MOD - [2013/11/14 20:31:01 | 000,119,808 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32file.pyd > Invalid Switch: 14 20:31:01 | 000,119,808 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32file.pyd < MOD - [2013/11/14 20:30:59 | 000,038,912 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32inet.pyd > Invalid Switch: 14 20:30:59 | 000,038,912 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32inet.pyd < MOD - [2013/11/14 20:30:32 | 001,062,400 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._controls_.pyd > Invalid Switch: 14 20:30:32 | 001,062,400 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._controls_.pyd < MOD - [2013/11/14 20:30:29 | 000,018,432 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32event.pyd > Invalid Switch: 14 20:30:29 | 000,018,432 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32event.pyd < MOD - [2013/11/14 20:30:27 | 000,686,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\unicodedata.pyd > Invalid Switch: 14 20:30:27 | 000,686,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\unicodedata.pyd < MOD - [2013/11/14 20:30:27 | 000,127,488 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pyexpat.pyd > Invalid Switch: 14 20:30:27 | 000,127,488 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pyexpat.pyd < MOD - [2013/11/14 20:30:26 | 000,010,240 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\select.pyd > Invalid Switch: 14 20:30:26 | 000,010,240 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\select.pyd < SRV - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe -- (PackageTracer_69Service) > Invalid Switch: 07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe -- (PackageTracer_69Service) < SRV - [2013/10/29 08:24:24 | 002,886,464 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files\Common Files\Umbrella\Umbrella.exe -- (SProtection) > Invalid Switch: 29 08:24:24 | 002,886,464 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files\Common Files\Umbrella\Umbrella.exe -- (SProtection) < IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...Date=14/11/2013 > < IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent...q={searchTerms} > < IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-sea...120007&tsp=5027 > Invalid Switch: www.delta-sea...120007&tsp=5027 < IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...Date=14/11/2013 > < IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.c...Date=14/11/2013 > < IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.tb.ask.c...CFQ7LtAodBmcAtQ > Invalid Switch: home.tb.ask.c...CFQ7LtAodBmcAtQ < IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.c...Date=14/11/2013 > < IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.c...Date=14/11/2013 > < IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found > < IE - HKCU\..\URLSearchHook: {97ef77e6-97be-4204-a890-2485903c5624} - No CLSID value found > < IE - HKCU\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} > < IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...Date=14/11/2013 > < IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent...q={searchTerms} > < FF - prefs.js..browser.search.order.1: "Secure Search" > < FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.c...FQ7LtAodBmcAtQ" > < FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com...34&searchterm=" > < FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.c...FQ7LtAodBmcAtQ" > < FF - prefs.js..keyword.URL: "http://search.tb.ask...AtQ&searchfor=" > < FF - HKLM\Software\MozillaPlugins\@PackageTracer_69.com/Plugin: C:\Program Files\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark) > Invalid Switch: Plugin: C:\Program Files\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark) < [2013/02/04 17:29:55 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} > Invalid Switch: 04 17:29:55 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} < [2013/11/07 09:05:56 | 000,000,000 | ---D | M] (PackageTracer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\69ffxtbr@PackageTracer_69.com > Invalid Switch: 07 09:05:56 | 000,000,000 | ---D | M] (PackageTracer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\69ffxtbr@PackageTracer_69.com < [2012/07/02 13:29:47 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@funmoods.com > Invalid Switch: 02 13:29:47 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@funmoods.com < [2013/11/15 17:25:48 | 000,000,000 | ---D | M] (Iminent Toolbar) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@iminent.com > Invalid Switch: 15 17:25:48 | 000,000,000 | ---D | M] (Iminent Toolbar) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@iminent.com < CHR - homepage: http://start.iminent...01-ECBD2E108515 > Invalid Switch: start.iminent...01-ECBD2E108515 < CHR - homepage: http://start.iminent...01-ECBD2E108515 > Invalid Switch: start.iminent...01-ECBD2E108515 < O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll File not found > < O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found > < O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found > < O2 - BHO: (DataMngr) - {7DA17D5A-5718-4130-A605-FC316C827836} - C:\Program Files\Searchcore Toolbar\Datamngr\BrowserConnection.dll (Discordia , LTD) > < O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc) > < O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll File not found > < O2 - BHO: (no name) - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - No CLSID value found. > < O2 - BHO: (no name) - {CF28D96E-985F-43A6-B320-C2186B551472} - No CLSID value found. > < O2 - BHO: (Toolbar BHO) - {87011c4e-fcde-4476-9348-ecf16134fc1f} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark) > < O2 - BHO: (Search Assistant BHO) - {87eab57c-d0b7-4ca9-8e26-191bfc989e26} - C:\Program Files\PackageTracer_69\bar\1.bin\69SrcAs.dll (MindSpark) > < O3 - HKLM\..\Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found. > < O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found. > < O3 - HKLM\..\Toolbar: (no name) - !{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. > < O3 - HKLM\..\Toolbar: (Searchcore Toolbar) - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - C:\Program Files\Searchcore Toolbar\Datamngr\ToolBar\searchcoredtx.dll () > < O3 - HKLM\..\Toolbar: (PackageTracer) - {ff343558-d5a5-454a-bdd8-c5c81e179fed} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark) > < O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. > < O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. > < O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. > < O4 - HKLM..\Run: [PackageTracer Search Scope Monitor] C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe (MindSpark) > < O4 - HKLM..\Run: [PackageTracer_69 Browser Plugin Loader] C:\Program Files\PackageTracer_69\bar\1.bin\69brmon.exe (VER_COMPANY_NAME) > < O4 - HKLM..\Run: [updater] C:\ProgramData\Updater\updater.exe (Updater) > < O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found > Invalid Switch: ActionTU.htm File not found < O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found > Invalid Switch: Action.htm File not found < [2013/11/15 17:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\IminentToolbar > Invalid Switch: 15 17:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\IminentToolbar < [2013/11/15 17:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\IminentToolbar > Invalid Switch: 15 17:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\IminentToolbar < [2013/11/15 17:25:10 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Iminent > Invalid Switch: 15 17:25:10 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Iminent < [2013/11/15 17:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent > Invalid Switch: 15 17:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent < [2013/11/15 17:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent > Invalid Switch: 15 17:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent < [2013/11/15 17:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella > Invalid Switch: 15 17:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella < [2013/11/15 17:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent > Invalid Switch: 15 17:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent < [2013/11/14 18:02:40 | 000,000,000 | ---D | C] -- C:\Users\Robus\Documents\Optimizer Pro > Invalid Switch: 14 18:02:40 | 000,000,000 | ---D | C] -- C:\Users\Robus\Documents\Optimizer Pro < [2013/11/14 18:02:40 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Optimizer Pro > Invalid Switch: 14 18:02:40 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Optimizer Pro < [2013/11/14 17:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 > Invalid Switch: 14 17:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 < [2013/11/14 17:57:17 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro > Invalid Switch: 14 17:57:17 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro < [2013/11/14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater > Invalid Switch: 14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater < [2013/11/07 09:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\PackageTracer_69 > Invalid Switch: 07 09:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\PackageTracer_69 < [2013/10/29 17:45:32 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard > Invalid Switch: 29 17:45:32 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard < :Commands > < [emptytemp] > ========== Files - Unicode (All) ========== [2013/10/05 12:48:31 | 000,000,000 | ---D | M](C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é [2013/10/05 12:48:31 | 000,000,000 | ---D | M](C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é [2013/10/02 13:00:44 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\?t?t????????????????????p??????? [2013/10/02 13:00:44 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\?t?t????????????????????p??????? [2013/10/01 01:13:02 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/10/01 01:13:02 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/09/30 11:36:50 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? [2013/09/30 11:36:50 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? [2013/09/30 02:44:56 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/09/30 02:44:56 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/09/29 19:34:37 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E [2013/09/29 19:34:37 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCÄ¬?¬) -- C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCÄ¬?¬ [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\???? [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCÄ¬?¬) -- C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCÄ¬?¬ [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\???? [2013/09/22 14:07:55 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\???? [2013/09/22 14:07:55 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\???? [2013/07/20 20:43:37 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\???? [2013/07/20 20:43:37 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\???? [2013/07/20 20:43:33 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/07/20 20:43:33 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/07/20 20:35:19 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? [2013/07/20 20:35:19 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? [2013/06/29 20:42:39 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/06/29 20:42:39 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/06/29 13:28:47 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/06/29 13:28:47 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/06/28 17:07:36 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u [2013/06/28 17:07:36 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u [2013/06/28 16:45:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? [2013/06/28 16:45:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? [2013/06/02 16:53:40 | 000,000,000 | ---D | M](C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\?'?'????????????????????p??????? [2013/06/02 16:53:40 | 000,000,000 | ---D | M](C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\?'?'????????????????????p??????? [2013/05/20 11:31:59 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A [2013/05/20 11:31:59 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A [2013/05/13 18:34:26 | 000,000,000 | ---D | M](C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\?¯?¯????????????????????p??????? [2013/05/13 18:34:26 | 000,000,000 | ---D | M](C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\?¯?¯????????????????????p??????? [2013/05/07 07:18:32 | 000,000,000 | ---D | M](C:\ProgramData\???S) -- C:\ProgramData\???S [2013/05/07 07:18:32 | 000,000,000 | ---D | M](C:\ProgramData\???S) -- C:\ProgramData\???S [2013/05/07 07:18:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/05/07 07:18:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/05/06 20:01:51 | 000,000,000 | ---D | M](C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\?U?U????????????????????p??????? [2013/05/06 20:01:51 | 000,000,000 | ---D | M](C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\?U?U????????????????????p??????? [2013/04/29 17:52:04 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\?t?t????????????????????p??????? [2013/04/29 17:52:04 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\?t?t????????????????????p??????? [2013/04/29 08:25:43 | 000,000,000 | ---D | M](C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò [2013/04/29 08:25:43 | 000,000,000 | ---D | M](C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò [2013/04/24 13:20:26 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U [2013/04/24 13:20:26 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U [2013/04/22 19:10:11 | 000,000,000 | ---D | M](C:\ProgramData\???`) -- C:\ProgramData\???` [2013/04/22 19:10:11 | 000,000,000 | ---D | M](C:\ProgramData\???`) -- C:\ProgramData\???` [2013/04/22 19:10:09 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G [2013/04/22 19:10:09 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G [2013/04/22 17:52:06 | 000,000,000 | ---D | M](C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\?G?G????????????????????p??????? [2013/04/22 17:52:06 | 000,000,000 | ---D | M](C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\?G?G????????????????????p??????? [2013/04/17 17:31:49 | 000,000,000 | ---D | M](C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x [2013/04/17 17:31:49 | 000,000,000 | ---D | M](C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x [2013/04/17 13:10:27 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\???? [2013/04/17 13:10:27 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\???? [2013/04/17 13:10:24 | 000,000,000 | ---D | M](C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š [2013/04/17 13:10:24 | 000,000,000 | ---D | M](C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š [2013/04/16 21:12:07 | 000,000,000 | ---D | M](C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\?r?r????????????????????p??????? [2013/04/16 21:12:07 | 000,000,000 | ---D | M](C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\?r?r????????????????????p??????? [2013/04/03 18:02:38 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\???? [2013/04/03 18:02:38 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\???? [2013/04/03 18:02:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/04/03 18:02:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/04/03 17:11:25 | 000,000,000 | ---D | M](C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\?8?8????????????????????p??????? [2013/04/03 17:11:25 | 000,000,000 | ---D | M](C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\?8?8????????????????????p??????? [2013/04/01 13:24:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/04/01 13:24:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/03/29 18:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á [2013/03/29 18:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á [2013/03/26 19:21:06 | 000,000,000 | ---D | M](C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k [2013/03/26 19:21:06 | 000,000,000 | ---D | M](C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k [2013/03/26 11:34:52 | 000,000,000 | ---D | M](C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?) -- C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ? [2013/03/26 11:34:52 | 000,000,000 | ---D | M](C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?) -- C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ? [2013/03/25 19:46:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\???? [2013/03/25 19:46:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\???? [2013/03/25 19:46:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/03/25 19:46:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/03/25 18:52:03 | 000,000,000 | ---D | M](C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\?˜?˜????????????????????p??????? [2013/03/25 18:52:03 | 000,000,000 | ---D | M](C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\?˜?˜????????????????????p??????? [2013/03/22 03:19:58 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a [2013/03/22 03:19:58 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a [2013/03/20 15:54:16 | 000,000,000 | ---D | M](C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i [2013/03/20 15:54:16 | 000,000,000 | ---D | M](C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i [2013/03/18 18:52:18 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? [2013/03/18 18:52:18 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? [2013/03/14 03:26:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/03/14 03:26:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/03/08 08:24:34 | 000,000,000 | ---D | M](C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?) [2013/03/08 08:24:34 | 000,000,000 | ---D | M](C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?) [2013/03/04 18:58:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\???? [2013/03/04 18:58:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\???? [2013/03/04 18:58:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/03/04 18:58:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? [2013/03/04 18:52:02 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? [2013/03/04 18:52:02 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? [2013/02/27 20:25:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? [2013/02/27 20:25:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? [2013/02/27 14:22:20 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\?a?a0 [2013/02/27 14:22:20 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\?a?a0 [2013/02/17 19:22:01 | 000,000,000 | ---D | M](C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\?9?9????????????????????p??????? [2013/02/17 19:22:01 | 000,000,000 | ---D | M](C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\?9?9????????????????????p??????? [2013/02/17 07:50:22 | 000,000,000 | ---D | M](C:\ProgramData\?|?|0) -- C:\ProgramData\?|?|0 [2013/02/17 07:50:22 | 000,000,000 | ---D | M](C:\ProgramData\?|?|0) -- C:\ProgramData\?|?|0 [2013/01/06 18:01:43 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? [2013/01/06 18:01:43 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? [2013/01/06 17:59:12 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2013/01/06 17:59:12 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2013/01/04 18:41:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2013/01/04 18:41:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2013/01/02 08:35:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2013/01/02 08:35:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/12/22 06:06:03 | 000,000,000 | ---D | M](C:\ProgramData\?.?.0) -- C:\ProgramData\?.?.0 [2012/12/22 06:06:03 | 000,000,000 | ---D | M](C:\ProgramData\?.?.0) -- C:\ProgramData\?.?.0 [2012/12/14 03:35:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/12/14 03:35:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/12/07 13:21:00 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/12/07 13:21:00 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/12/01 13:18:34 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/12/01 13:18:34 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/11/30 21:04:36 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/11/30 21:04:36 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/11/30 17:56:55 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/11/30 17:56:55 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/11/28 17:41:03 | 000,000,000 | ---D | M](C:\ProgramData\?@?@0) -- C:\ProgramData\?@?@0 [2012/11/28 17:41:03 | 000,000,000 | ---D | M](C:\ProgramData\?@?@0) -- C:\ProgramData\?@?@0 [2012/11/28 14:07:54 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/11/28 14:07:54 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/11/27 13:35:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/11/27 13:35:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/11/26 14:40:33 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/11/26 14:40:33 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/11/25 16:09:01 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/11/25 16:09:01 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/11/17 07:42:48 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 [2012/11/17 07:42:48 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0 (C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x (C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U (C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u (C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\?U?U????????????????????p??????? (C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\?t?t????????????????????p??????? (C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\?t?t????????????????????p??????? (C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š (C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\?r?r????????????????????p??????? (C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò (C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k (C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i (C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G (C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\?G?G????????????????????p??????? (C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E (C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é (C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á (C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a (C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A (C:\ProgramData\?a?a0) -- C:\ProgramData\?a?a0 (C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\?9?9????????????????????p??????? (C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\?8?8????????????????????p??????? (C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?) -- C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ? (C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCÄ¬?¬) -- C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCÄ¬?¬ (C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\?˜?˜????????????????????p??????? (C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\?¯?¯????????????????????p??????? (C:\ProgramData\?|?|0) -- C:\ProgramData\?|?|0 (C:\ProgramData\?@?@0) -- C:\ProgramData\?@?@0 (C:\ProgramData\???S) -- C:\ProgramData\???S (C:\ProgramData\???`) -- C:\ProgramData\???` (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ??? (C:\ProgramData\????0) -- C:\ProgramData\????0 (C:\ProgramData\????0) -- C:\ProgramData\????0 (C:\ProgramData\????0) -- C:\ProgramData\????0 (C:\ProgramData\????0) -- C:\ProgramData\????0 (C:\ProgramData\????0) -- C:\ProgramData\????0 (C:\ProgramData\????0) -- C:\ProgramData\????0 (C:\ProgramData\????0) -- C:\ProgramData\????0 (C:\ProgramData\????0) -- C:\ProgramData\????0 (C:\ProgramData\????0) -- C:\ProgramData\????0 (C:\ProgramData\????0) -- C:\ProgramData\????0 (C:\ProgramData\????0) -- C:\ProgramData\????0 (C:\ProgramData\????0) -- C:\ProgramData\????0 (C:\ProgramData\????0) -- C:\ProgramData\????0 (C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\?'?'????????????????????p??????? (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p??????? (C:\ProgramData\????) -- C:\ProgramData\???? (C:\ProgramData\????) -- C:\ProgramData\???? (C:\ProgramData\????) -- C:\ProgramData\???? (C:\ProgramData\????) -- C:\ProgramData\???? (C:\ProgramData\????) -- C:\ProgramData\???? (C:\ProgramData\????) -- C:\ProgramData\???? (C:\ProgramData\????) -- C:\ProgramData\???? (C:\ProgramData\?.?.0) -- C:\ProgramData\?.?.0 (C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?) ========== Alternate Data Streams ========== @Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:2683706C @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:373E1720 < End of report >
- 20 Listopada 2013
- 23 odpowiedzi
zamulony system

piwonia2121 odpowiedział(a) na piwonia2121 temat w Dział pomocy doraźnej

OTL logfile created on: 20/11/2013 17:09:51 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Robus\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1.96 Gb Total Physical Memory | 0.80 Gb Available Physical Memory | 40.55% Memory free 4.15 Gb Paging File | 2.36 Gb Available in Paging File | 56.70% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 109.88 Gb Total Space | 43.31 Gb Free Space | 39.41% Space Free | Partition Type: NTFS Drive F: | 110.00 Gb Total Space | 28.23 Gb Free Space | 25.66% Space Free | Partition Type: NTFS Computer Name: ROBUS-PC | User Name: Robus | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/11/18 17:11:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Robus\Downloads\OTL.exe PRC - [2013/11/15 17:41:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe PRC - [2013/10/25 23:45:12 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe PRC - [2013/10/25 23:07:48 | 000,073,832 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe PRC - [2013/10/20 08:00:19 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe PRC - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) -- C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe PRC - [2013/09/25 16:37:00 | 020,133,824 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe PRC - [2013/05/11 10:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/04/19 15:35:36 | 002,833,120 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012/08/07 13:12:07 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Robus\AppData\Local\Facebook\Update\FacebookUpdate.exe PRC - [2011/12/10 11:07:30 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe PRC - [2011/05/03 18:46:18 | 000,047,424 | ---- | M] (The Nielsen Company) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe PRC - [2008/01/21 02:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe ========== Modules (No Company Name) ========== MOD - [2013/11/19 21:54:02 | 000,557,056 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\pysqlite2._sqlite.pyd MOD - [2013/11/19 21:54:02 | 000,128,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_elementtree.pyd MOD - [2013/11/19 21:54:02 | 000,098,816 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32api.pyd MOD - [2013/11/19 21:54:02 | 000,044,032 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_socket.pyd MOD - [2013/11/19 21:54:02 | 000,026,624 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_multiprocessing.pyd MOD - [2013/11/19 21:54:02 | 000,022,528 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32ts.pyd MOD - [2013/11/19 21:54:01 | 000,805,888 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._gdi_.pyd MOD - [2013/11/19 21:54:01 | 000,320,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32com.shell.shell.pyd MOD - [2013/11/19 21:54:01 | 000,070,656 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._html2.pyd MOD - [2013/11/19 21:54:01 | 000,011,264 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32crypt.pyd MOD - [2013/11/19 21:54:00 | 000,735,232 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._misc_.pyd MOD - [2013/11/19 21:54:00 | 000,504,832 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\windows._cacheinvalidation.pyd MOD - [2013/11/19 21:54:00 | 000,364,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\pythoncom27.dll MOD - [2013/11/19 21:54:00 | 000,087,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_ctypes.pyd MOD - [2013/11/19 21:54:00 | 000,017,408 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32profile.pyd MOD - [2013/11/19 21:53:59 | 000,110,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\pywintypes27.dll MOD - [2013/11/19 21:53:59 | 000,108,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32security.pyd MOD - [2013/11/19 21:53:58 | 001,175,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._core_.pyd MOD - [2013/11/19 21:53:58 | 001,153,024 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_ssl.pyd MOD - [2013/11/19 21:53:57 | 000,711,680 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_hashlib.pyd MOD - [2013/11/19 21:53:57 | 000,035,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32process.pyd MOD - [2013/11/19 21:53:57 | 000,025,600 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32pdh.pyd MOD - [2013/11/19 21:53:56 | 000,811,008 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._windows_.pyd MOD - [2013/11/19 21:53:56 | 000,122,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._wizard.pyd MOD - [2013/11/19 21:53:55 | 000,119,808 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32file.pyd MOD - [2013/11/19 21:53:55 | 000,038,912 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32inet.pyd MOD - [2013/11/19 21:53:52 | 001,062,400 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._controls_.pyd MOD - [2013/11/19 21:53:50 | 000,018,432 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32event.pyd MOD - [2013/11/19 21:53:49 | 000,686,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\unicodedata.pyd MOD - [2013/11/19 21:53:49 | 000,127,488 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\pyexpat.pyd MOD - [2013/11/19 21:53:48 | 000,010,240 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\select.pyd MOD - [2013/11/15 17:41:18 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013/10/20 08:00:16 | 016,233,864 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_117.dll MOD - [2013/04/19 15:33:50 | 000,502,784 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\nsmmc.dll MOD - [2013/03/20 15:55:22 | 000,753,664 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npfirefoxprocessor.dll MOD - [2013/03/20 15:54:10 | 000,224,768 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npwmi.dll MOD - [2013/03/20 15:53:56 | 000,228,864 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npsurvey.dll MOD - [2013/03/20 15:53:48 | 000,150,528 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npsp1.dll MOD - [2013/03/20 15:53:38 | 000,503,808 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\communication.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- c:\progra~1\optimi~1\OptProCrash.exe -- (ca82e1a5) SRV - File not found [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2013/11/15 17:41:18 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe -- (PackageTracer_69Service) SRV - [2013/10/25 23:45:12 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon) SRV - [2013/10/20 08:00:20 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService) SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/05/11 10:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/04/19 15:35:36 | 002,833,120 | ---- | M] () [Auto | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe -- (NielsenUpdate) SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/21 02:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008/01/21 02:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcecm.sys -- (huawei_cdcecm) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcacm.sys -- (huawei_cdcacm) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2013/09/29 23:30:48 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2013/06/13 16:34:06 | 000,452,120 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant) DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2013/03/20 15:52:42 | 000,023,008 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\nnfwdk.sys -- (nnfwdk) DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2012/10/05 03:32:50 | 000,093,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2010/05/12 03:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB) DRV - [2009/12/17 15:02:20 | 001,203,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009/09/29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009/09/29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009/09/29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2009/07/03 17:21:00 | 000,168,448 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009/04/11 04:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009/03/20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2009/03/20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) DRV - [2009/03/20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV - [2008/01/21 02:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2006/11/14 00:11:54 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2006/11/10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc) DRV - [2006/11/02 07:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006/11/02 07:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{f5827716-9540-492e-9e9a-9f18bb2e7912}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&ind=2013111814&n=77fda606&psa=&st=sb&searchfor={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com IE - HKCU\..\SearchScopes,DefaultScope = {f5827716-9540-492e-9e9a-9f18bb2e7912} IE - HKCU\..\SearchScopes\{f5827716-9540-492e-9e9a-9f18bb2e7912}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&ind=2013111814&n=77fda606&psa=&st=sb&searchfor={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Ask Web Search" FF - prefs.js..browser.search.order.1: "Secure Search" FF - prefs.js..browser.search.selectedEngine: "Ask Web Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda60b&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ" FF - prefs.js..extensions.enabledAddons: 69ffxtbr%40PackageTracer_69.com:5.40.2.43053 FF - prefs.js..extensions.enabledAddons: %7Bf35b3d43-735b-29de-1ac7-4e569be965a6%7D:1.1 FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119 FF - prefs.js..extensions.enabledAddons: ffxtlbr%40zonealarm.com:1.6.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1 FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com/?Programid=132&Elementname=Keyword&Applicationid={559CE969-7E04-43B1-BF56-2F90A256442B}&Version=3.6.5&Vintage=20120727&Defaultbrowserid=30&Productid=2869&Vendorid=6413&Offerid=16934&searchterm=" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.prev: "StartWeb" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.savedPrev: "true" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.tb: "Ask Web Search" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.prev: "StartWeb" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.savedPrev: "true" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.tb: "Ask Web Search" FF - prefs.js..browser.startup.homepage: "true" FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda60b&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ" FF - prefs.js..keyword.URL: "http://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda60b&ind=2013111819&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ&searchfor=" FF - prefs.js..network.proxy.type: 4 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: C:\Program Files\NetRatingsNetSight\NetSight\meter9\FirefoxAddOns\npfirefoxtracker.dll (Nielsen) FF - HKLM\Software\MozillaPlugins\@PackageTracer_69.com/Plugin: C:\Program Files\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Robus\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Robus\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\netsight@nielsen.com: C:\Program Files\NetRatingsNetSight\NetSight\meter9\FirefoxAddOns\netsight@nielsen.xpi [2013/11/19 21:54:33 | 000,008,924 | ---- | M] () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/15 17:40:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/15 17:40:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/15 17:40:54 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/15 17:40:58 | 000,000,000 | ---D | M] [2013/10/04 21:28:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Extensions [2013/11/19 14:30:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions [2013/09/29 23:58:59 | 000,000,000 | ---D | M] ("WinToFlash Suggestor") -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3} [2013/11/14 19:41:03 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2013/11/14 17:56:34 | 000,000,000 | ---D | M] ("Snap.Do ") -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{f35b3d43-735b-29de-1ac7-4e569be965a6} [2013/11/07 09:05:56 | 000,000,000 | ---D | M] (PackageTracer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\69ffxtbr@PackageTracer_69.com [2013/11/14 19:41:05 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@zonealarm.com [2012/07/02 12:06:26 | 000,000,000 | ---D | M] (RivalGaming) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\links@rivalgaming.com [2013/11/18 18:54:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\pm2306dz.default\extensions [2012/07/02 13:28:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\pm2306dz.default\extensions\staged [2012/05/25 15:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2013/03/21 07:15:42 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\extensions\ffxtlbr@zonealarm.com\content\Abine\chrome\content\ff\view_expiry.js [2012/05/25 15:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\pm2306dz.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2013/11/18 19:00:25 | 000,009,625 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\searchplugins\ask-web-search.xml [2013/11/18 18:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013/11/15 17:40:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013/11/15 17:41:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - homepage: http://www.google.com CHR - homepage: http://www.google.com CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmdlgjgaamffjidnpeddnekffilecamo\5.0.0.0_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013/11/18 19:10:34 | 000,000,741 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll File not found O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD) O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (no name) - {CF28D96E-985F-43A6-B320-C2186B551472} - No CLSID value found. O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll (Check Point Software Technologies LTD) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKCU..\Run: [Facebook Update] C:\Users\Robus\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.11.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A7C213F-BD10-4507-9ECF-0A4CB9E8F770}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Robus\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Robus\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{06b5badb-821d-11e1-b0d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06b5badb-821d-11e1-b0d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{06b5bb14-821d-11e1-b0d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06b5bb14-821d-11e1-b0d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{06cd51c8-3f69-11e1-95cc-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06cd51c8-3f69-11e1-95cc-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{06cd51dd-3f69-11e1-95cc-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06cd51dd-3f69-11e1-95cc-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{070c50b2-9bdb-11e1-9c13-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{070c50b2-9bdb-11e1-9c13-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{0c7092ad-e55e-11e1-9b1d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{0c7092ad-e55e-11e1-9b1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{0c7092d8-e55e-11e1-9b1d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{0c7092d8-e55e-11e1-9b1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{0f0fd768-dbb1-11e1-a0bd-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{0f0fd768-dbb1-11e1-a0bd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{12618484-c74d-11e0-a61f-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{12618484-c74d-11e0-a61f-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{1549a200-68f6-11e1-8edf-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{1549a200-68f6-11e1-8edf-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{1ad50e5b-6529-11e1-a3bf-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{1ad50e5b-6529-11e1-a3bf-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{23075d0c-d15a-11e0-99fd-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{23075d0c-d15a-11e0-99fd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{23075d0f-d15a-11e0-99fd-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{23075d0f-d15a-11e0-99fd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{238bcd28-e77a-11e1-a5d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{238bcd28-e77a-11e1-a5d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{238bce2d-e77a-11e1-a5d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{238bce2d-e77a-11e1-a5d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{27a83e0d-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a83e0d-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{27a842cf-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a842cf-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{2819ac09-7e3d-11df-af43-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{2819ac09-7e3d-11df-af43-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{2819ac5c-7e3d-11df-af43-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{2819ac5c-7e3d-11df-af43-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{28d8d3e7-1819-11e1-94ff-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{28d8d3e7-1819-11e1-94ff-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{360c7105-36ca-11e1-b679-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{360c7105-36ca-11e1-b679-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{362aa6e3-e2ee-11e1-b072-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{362aa6e3-e2ee-11e1-b072-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{362aa6f2-e2ee-11e1-b072-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{362aa6f2-e2ee-11e1-b072-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{364e5016-e212-11e1-9ce9-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{364e5016-e212-11e1-9ce9-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{3912ded5-3c41-11e1-85e6-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3912ded5-3c41-11e1-85e6-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{3f831bbc-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3f831bbc-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a O33 - MountPoints2\{3f831bfb-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3f831bfb-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{3f831bff-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3f831bff-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4878944f-357c-11e1-bc31-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4878944f-357c-11e1-bc31-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f172-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f172-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f1a3-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f1a3-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f272-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f272-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f274-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f274-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{5bb69e98-5f03-11e1-a466-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{5bb69e98-5f03-11e1-a466-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{5c3c43cc-199b-11e1-a214-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{5c3c43cc-199b-11e1-a214-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{6c783c1e-e1e6-11e1-a55e-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{6c783c1e-e1e6-11e1-a55e-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{6c783c28-e1e6-11e1-a55e-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{6c783c28-e1e6-11e1-a55e-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7be162aa-23de-11e1-bb6a-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7be162aa-23de-11e1-bb6a-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7cef6981-dd45-11e1-9f03-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7cef6981-dd45-11e1-9f03-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7cef6ab4-dd45-11e1-9f03-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7cef6ab4-dd45-11e1-9f03-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7dbc8846-ad58-11e1-9e48-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7dbc8846-ad58-11e1-9e48-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7dbc8897-ad58-11e1-9e48-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7dbc8897-ad58-11e1-9e48-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{8f9aa80f-837e-11e1-9a1d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{8f9aa80f-837e-11e1-9a1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{9156b298-4ede-11e1-847c-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{9156b298-4ede-11e1-847c-002454208e82}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{a0e47c3e-e0aa-11e1-99f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{a0e47c3e-e0aa-11e1-99f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{a0e47c80-e0aa-11e1-99f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{a0e47c80-e0aa-11e1-99f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51c4f4-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51c4f4-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51c4f8-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51c4f8-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51ca3a-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51ca3a-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51cedd-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51cedd-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{b163e4d0-eb97-11e1-b121-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{b163e4d0-eb97-11e1-b121-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{b47b40ce-43e7-11e0-ae9c-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{b47b40ce-43e7-11e0-ae9c-002454208e82}\Shell\AutoRun\command - "" = D:\DPFMate.exe O33 - MountPoints2\{b7f91bcf-f648-11e0-8a5d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{b7f91bcf-f648-11e0-8a5d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c00643fb-c446-11e1-a099-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c00643fb-c446-11e1-a099-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c050d675-6daa-11e1-8824-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c050d675-6daa-11e1-8824-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c050d677-6daa-11e1-8824-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c050d677-6daa-11e1-8824-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c09ca255-36c1-11e1-b84d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c09ca255-36c1-11e1-b84d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f797-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f797-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f7c0-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f7c0-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f7c3-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f7c3-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f7da-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f7da-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363fcdf-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363fcdf-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{cac41099-e432-11df-9781-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{cac41099-e432-11df-9781-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{e4506d49-3142-11e1-884b-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{e4506d49-3142-11e1-884b-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{e7a4db2a-d924-11e1-9bec-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{e7a4db2a-d924-11e1-9bec-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ee298306-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ee298306-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ee298319-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ee298319-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ee29838d-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ee29838d-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{f10f337d-7f00-11df-924f-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{f10f337d-7f00-11df-924f-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{f55a33eb-9c3e-11e1-8c33-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{f55a33eb-9c3e-11e1-8c33-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{f55a33f8-9c3e-11e1-8c33-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{f55a33f8-9c3e-11e1-8c33-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{fd245ccf-fd7c-11e0-bf19-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{fd245ccf-fd7c-11e0-bf19-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013/11/19 17:29:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/11/19 17:29:35 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013/11/18 19:16:18 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\CrashDumps [2013/11/18 19:11:44 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\IAC [2013/11/18 19:11:43 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\PackageTracer_69 [2013/11/18 19:01:32 | 000,000,000 | ---D | C] -- C:\Users\Robus\Desktop\RK_Quarantine [2013/11/18 18:51:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2013/11/18 18:14:54 | 000,000,000 | ---D | C] -- C:\FRST [2013/11/15 17:40:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013/11/15 17:38:41 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2013/11/15 17:38:41 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2013/11/14 19:51:04 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/11/14 19:51:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013/11/14 19:51:01 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013/11/14 19:51:01 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013/11/14 19:51:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013/11/14 19:50:59 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013/11/14 19:50:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013/11/14 19:50:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013/11/14 18:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point [2013/11/14 18:31:16 | 000,256,904 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys [2013/11/14 18:26:57 | 000,000,000 | ---D | C] -- C:\Program Files\Check Point Software Technologies LTD [2013/11/14 18:26:44 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Check Point Software Technologies LTD [2013/11/14 18:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2013/11/14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater [2013/11/14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RHelpers [2013/11/14 17:29:52 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\Avg2014 [2013/11/13 09:22:52 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL [2013/11/07 09:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\PackageTracer_69 [2013/11/06 11:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\GPLGS [2013/11/06 11:40:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator [2013/11/06 11:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator [2012/03/03 09:17:15 | 002,371,152 | ---- | C] (DownVision ) -- C:\Users\Robus\AppData\Local\setup.exe ========== Files - Modified Within 30 Days ========== [2013/11/20 16:43:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job [2013/11/20 16:41:59 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/11/20 16:34:32 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013/11/20 16:34:32 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013/11/20 16:28:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/11/20 14:20:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2270810218-2394552768-2579885175-1000UA.job [2013/11/20 14:20:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2270810218-2394552768-2579885175-1000Core.job [2013/11/20 09:28:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/11/20 08:34:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/11/19 21:59:15 | 000,648,680 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/11/19 21:59:15 | 000,124,648 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/11/19 21:53:15 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2013/11/19 17:29:38 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/11/18 22:05:12 | 000,034,195 | ---- | M] () -- C:\Users\Robus\Desktop\stol4.jpg [2013/11/18 22:04:07 | 000,034,488 | ---- | M] () -- C:\Users\Robus\Desktop\stol3.jpg [2013/11/18 22:03:37 | 000,034,488 | ---- | M] () -- C:\Users\Robus\Desktop\stol.jpg [2013/11/18 19:26:23 | 000,028,426 | ---- | M] () -- C:\Users\Robus\Desktop\droppy heart.jpg [2013/11/18 18:54:36 | 000,000,870 | ---- | M] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk [2013/11/18 18:54:36 | 000,000,846 | ---- | M] () -- C:\Users\Robus\Desktop\Search.lnk [2013/11/18 18:38:59 | 000,028,346 | ---- | M] () -- C:\Users\Robus\Desktop\niebieski.jpg [2013/11/18 18:30:07 | 274,383,198 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013/11/15 17:51:22 | 000,002,523 | ---- | M] () -- C:\Users\Robus\Desktop\HiJackThis.lnk [2013/11/15 17:24:48 | 000,000,596 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog [2013/11/14 19:43:05 | 000,417,569 | ---- | M] () -- C:\Windows\System32\drivers\vsconfig.xml [2013/11/14 19:26:12 | 000,001,288 | ---- | M] () -- C:\Windows\DCEBOOT.RST [2013/11/14 19:25:12 | 000,210,992 | ---- | M] () -- C:\Windows\RegBootClean.exe [2013/11/14 19:25:12 | 000,023,088 | ---- | M] () -- C:\Windows\DCEBoot.exe [2013/11/14 19:15:07 | 000,308,980 | ---- | M] () -- C:\Users\Robus\AppData\Local\census.cache [2013/11/14 19:14:36 | 000,196,747 | ---- | M] () -- C:\Users\Robus\AppData\Local\ars.cache [2013/11/14 18:32:26 | 000,000,639 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk [2013/11/14 18:31:03 | 000,000,036 | ---- | M] () -- C:\Users\Robus\AppData\Local\housecall.guid.cache [2013/11/09 20:34:04 | 000,001,875 | ---- | M] () -- C:\Users\Robus\Desktop\Wordpad.lnk [2013/11/08 08:20:43 | 001,094,600 | ---- | M] () -- C:\Users\Robus\Desktop\rob and me.jpg [2013/11/06 12:40:08 | 000,000,091 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\WB.CFG [2013/11/05 18:48:26 | 001,608,730 | ---- | M] () -- C:\Users\Robus\Desktop\kino domowe.jpg [2013/11/01 19:26:26 | 006,801,542 | ---- | M] () -- C:\Users\Robus\Desktop\salon1.jpg [2013/11/01 18:43:00 | 002,478,596 | ---- | M] () -- C:\Users\Robus\Desktop\salon.jpg [2013/10/28 10:48:11 | 000,000,223 | ---- | M] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Becky Misseldine.URL ========== Files Created - No Company Name ========== [2013/11/19 17:29:38 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/11/18 22:05:12 | 000,034,195 | ---- | C] () -- C:\Users\Robus\Desktop\stol4.jpg [2013/11/18 22:04:07 | 000,034,488 | ---- | C] () -- C:\Users\Robus\Desktop\stol3.jpg [2013/11/18 19:25:53 | 000,028,426 | ---- | C] () -- C:\Users\Robus\Desktop\droppy heart.jpg [2013/11/18 18:38:56 | 000,028,346 | ---- | C] () -- C:\Users\Robus\Desktop\niebieski.jpg [2013/11/18 18:30:07 | 274,383,198 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013/11/15 17:38:41 | 000,002,523 | ---- | C] () -- C:\Users\Robus\Desktop\HiJackThis.lnk [2013/11/15 17:24:39 | 000,000,596 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog [2013/11/14 19:26:12 | 000,001,288 | ---- | C] () -- C:\Windows\DCEBOOT.RST [2013/11/14 19:24:48 | 000,210,992 | ---- | C] () -- C:\Windows\RegBootClean.exe [2013/11/14 19:24:48 | 000,023,088 | ---- | C] () -- C:\Windows\DCEBoot.exe [2013/11/14 19:15:07 | 000,308,980 | ---- | C] () -- C:\Users\Robus\AppData\Local\census.cache [2013/11/14 19:14:36 | 000,196,747 | ---- | C] () -- C:\Users\Robus\AppData\Local\ars.cache [2013/11/14 18:32:57 | 000,417,569 | ---- | C] () -- C:\Windows\System32\drivers\vsconfig.xml [2013/11/14 18:32:26 | 000,000,639 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk [2013/11/14 18:31:03 | 000,000,036 | ---- | C] () -- C:\Users\Robus\AppData\Local\housecall.guid.cache [2013/11/14 17:56:10 | 000,000,870 | ---- | C] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk [2013/11/14 17:56:10 | 000,000,846 | ---- | C] () -- C:\Users\Robus\Desktop\Search.lnk [2013/11/13 09:22:52 | 000,218,228 | ---- | C] () -- C:\Windows\System32\WFP.TMF [2013/11/09 20:34:04 | 000,001,875 | ---- | C] () -- C:\Users\Robus\Desktop\Wordpad.lnk [2013/11/08 08:20:54 | 001,094,600 | ---- | C] () -- C:\Users\Robus\Desktop\rob and me.jpg [2013/11/08 08:18:59 | 002,127,163 | ---- | C] () -- C:\Users\Robus\Desktop\koza.jpg [2013/11/06 12:40:08 | 000,000,091 | ---- | C] () -- C:\Users\Robus\AppData\Roaming\WB.CFG [2013/11/06 11:40:27 | 000,086,016 | ---- | C] () -- C:\Windows\System32\custmon32i.dll [2013/11/05 20:08:53 | 006,801,542 | ---- | C] () -- C:\Users\Robus\Desktop\salon1.jpg [2013/11/05 20:07:51 | 002,478,596 | ---- | C] () -- C:\Users\Robus\Desktop\salon.jpg [2013/11/05 18:45:35 | 005,352,886 | ---- | C] () -- C:\Users\Robus\Desktop\stol2.jpg [2013/11/05 18:45:08 | 004,445,439 | ---- | C] () -- C:\Users\Robus\Desktop\sofa.jpg [2013/11/05 18:44:18 | 005,352,886 | ---- | C] () -- C:\Users\Robus\Desktop\stol1.jpg [2013/11/05 18:44:02 | 000,034,488 | ---- | C] () -- C:\Users\Robus\Desktop\stol.jpg [2013/11/05 18:40:07 | 001,608,730 | ---- | C] () -- C:\Users\Robus\Desktop\kino domowe.jpg [2013/10/28 10:48:11 | 000,000,223 | ---- | C] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Becky Misseldine.URL [2013/03/07 19:33:10 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2013/03/07 19:33:09 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2013/02/09 15:48:57 | 000,026,900 | ---- | C] () -- C:\Users\Robus\AppData\Local\dt.dat [2012/06/30 13:41:12 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2012/03/03 09:17:16 | 000,000,972 | ---- | C] () -- C:\Users\Robus\AppData\Local\Darmowe.Wzory.Ulotek.Reklamowych.torrent [2012/02/15 20:10:02 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2012/02/15 20:10:02 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011/12/08 19:31:23 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011/12/08 19:31:23 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011/06/28 07:26:54 | 000,024,334 | ---- | C] () -- C:\Users\Robus\AppData\Local\umowa poadzialu.pdf [2011/06/17 14:34:06 | 000,000,000 | ---- | C] () -- C:\Users\Robus\AppData\Local\{78F2DA2B-44D9-40DC-9367-6AF299E2187A} [2010/08/16 16:05:07 | 000,046,278 | ---- | C] () -- C:\Users\Robus\WSR Invoice - Mr. R. Plummer - 2452.pdf [2010/06/26 21:06:37 | 000,123,392 | ---- | C] () -- C:\Users\Robus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
- 20 Listopada 2013
- 23 odpowiedzi
zamulony system

piwonia2121 odpowiedział(a) na piwonia2121 temat w Dział pomocy doraźnej

czesc, zrobilam TFC oraz ANTI-MALWARE, usunelam infekcje.dalej zrobilam skan otl,poszlo ladnie,tylko niemoge tutaj tego wkleic wyskakuje blad o zbyt dlugiej wiadomosci. nastepnie przeszlam w tryb awaryjny probowalam zrobic skan FRST oraz GMEREM,oba z tym samym rezultatem,a mainowicie program stopped working i trzeba bylo go zamknac. teraz robie roguekiller, zeskanowalam,nic nie wyskoczylma,nacisnelam fix hosts,komunikat ze naprawione. i co dalej mam robic?komoputer wydaje sie byc ok,zaczelo wszystko szybciej chodzic po tym jak przeskanoalam tfc i antimalware,jednak skoro niemoge uruchomic frst ani gmera znaczy ze cos jeszcze mi tu siedzi.
- 20 Listopada 2013
- 23 odpowiedzi
zamulony system

piwonia2121 odpowiedział(a) na piwonia2121 temat w Dział pomocy doraźnej

jako ze z niczego innego niemoge zrobic loga przeslalam otl
- 18 Listopada 2013
- 23 odpowiedzi
zamulony system

piwonia2121 odpowiedział(a) na piwonia2121 temat w Dział pomocy doraźnej

OTL logfile created on: 18/11/2013 19:17:42 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Robus\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1.96 Gb Total Physical Memory | 0.47 Gb Available Physical Memory | 24.17% Memory free 4.15 Gb Paging File | 2.58 Gb Available in Paging File | 62.16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 109.88 Gb Total Space | 42.19 Gb Free Space | 38.39% Space Free | Partition Type: NTFS Drive D: | 3.68 Gb Total Space | 2.58 Gb Free Space | 70.21% Space Free | Partition Type: FAT32 Drive F: | 110.00 Gb Total Space | 27.75 Gb Free Space | 25.23% Space Free | Partition Type: NTFS Computer Name: ROBUS-PC | User Name: Robus | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/11/18 17:11:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Robus\Downloads\OTL.exe PRC - [2013/11/15 17:41:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013/11/07 09:05:47 | 000,044,784 | ---- | M] (MindSpark) -- C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe PRC - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe PRC - [2013/10/25 23:45:12 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe PRC - [2013/10/25 23:07:48 | 000,073,832 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe PRC - [2013/10/23 20:06:28 | 000,313,208 | ---- | M] (Updater) -- C:\ProgramData\Updater\updater.exe PRC - [2013/10/23 20:06:28 | 000,251,768 | ---- | M] (WatchDog) -- C:\ProgramData\RHelpers\IeHelper\IeHelper.exe PRC - [2013/10/23 20:06:28 | 000,251,768 | ---- | M] (WatchDog) -- C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe PRC - [2013/10/23 20:06:28 | 000,251,768 | ---- | M] (WatchDog) -- C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe PRC - [2013/10/20 08:00:19 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe PRC - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) -- C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe PRC - [2013/09/25 16:37:00 | 020,133,824 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe PRC - [2013/05/11 10:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/04/19 15:35:36 | 002,833,120 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe PRC - [2012/08/07 13:12:07 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Robus\AppData\Local\Facebook\Update\FacebookUpdate.exe PRC - [2011/12/10 11:07:30 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe PRC - [2011/05/03 18:46:18 | 000,047,424 | ---- | M] (The Nielsen Company) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe PRC - [2010/06/28 14:54:38 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows NT\Accessories\wordpad.exe PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe PRC - [2008/01/21 02:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe ========== Modules (No Company Name) ========== MOD - [2013/11/18 18:58:26 | 000,557,056 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\pysqlite2._sqlite.pyd MOD - [2013/11/18 18:58:26 | 000,128,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\_elementtree.pyd MOD - [2013/11/18 18:58:26 | 000,098,816 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32api.pyd MOD - [2013/11/18 18:58:26 | 000,044,032 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\_socket.pyd MOD - [2013/11/18 18:58:26 | 000,022,528 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32ts.pyd MOD - [2013/11/18 18:58:25 | 000,320,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32com.shell.shell.pyd MOD - [2013/11/18 18:58:25 | 000,026,624 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\_multiprocessing.pyd MOD - [2013/11/18 18:58:24 | 000,805,888 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\wx._gdi_.pyd MOD - [2013/11/18 18:58:24 | 000,070,656 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\wx._html2.pyd MOD - [2013/11/18 18:58:24 | 000,011,264 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32crypt.pyd MOD - [2013/11/18 18:58:23 | 000,504,832 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\windows._cacheinvalidation.pyd MOD - [2013/11/18 18:58:23 | 000,087,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\_ctypes.pyd MOD - [2013/11/18 18:58:23 | 000,017,408 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32profile.pyd MOD - [2013/11/18 18:58:22 | 000,735,232 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\wx._misc_.pyd MOD - [2013/11/18 18:58:22 | 000,364,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\pythoncom27.dll MOD - [2013/11/18 18:58:22 | 000,110,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\pywintypes27.dll MOD - [2013/11/18 18:58:21 | 001,175,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\wx._core_.pyd MOD - [2013/11/18 18:58:21 | 000,108,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32security.pyd MOD - [2013/11/18 18:58:20 | 001,153,024 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\_ssl.pyd MOD - [2013/11/18 18:58:20 | 000,025,600 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32pdh.pyd MOD - [2013/11/18 18:58:19 | 000,711,680 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\_hashlib.pyd MOD - [2013/11/18 18:58:19 | 000,035,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32process.pyd MOD - [2013/11/18 18:58:18 | 000,811,008 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\wx._windows_.pyd MOD - [2013/11/18 18:58:17 | 000,122,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\wx._wizard.pyd MOD - [2013/11/18 18:58:16 | 000,119,808 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32file.pyd MOD - [2013/11/18 18:58:16 | 000,038,912 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32inet.pyd MOD - [2013/11/18 18:58:08 | 001,062,400 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\wx._controls_.pyd MOD - [2013/11/18 18:58:06 | 000,127,488 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\pyexpat.pyd MOD - [2013/11/18 18:58:06 | 000,018,432 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32event.pyd MOD - [2013/11/18 18:58:05 | 000,686,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\unicodedata.pyd MOD - [2013/11/18 18:58:04 | 000,010,240 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\select.pyd MOD - [2013/11/15 17:41:18 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013/10/20 08:00:16 | 016,233,864 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_117.dll MOD - [2013/04/19 15:33:50 | 000,502,784 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\nsmmc.dll MOD - [2013/03/20 15:55:22 | 000,753,664 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npfirefoxprocessor.dll MOD - [2013/03/20 15:54:10 | 000,224,768 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npwmi.dll MOD - [2013/03/20 15:53:56 | 000,228,864 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npsurvey.dll MOD - [2013/03/20 15:53:48 | 000,150,528 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npsp1.dll MOD - [2013/03/20 15:53:38 | 000,503,808 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\communication.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- c:\progra~1\optimi~1\OptProCrash.exe -- (ca82e1a5) SRV - File not found [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2013/11/15 17:41:18 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe -- (PackageTracer_69Service) SRV - [2013/10/25 23:45:12 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon) SRV - [2013/10/20 08:00:20 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService) SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/05/11 10:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/04/19 15:35:36 | 002,833,120 | ---- | M] () [Auto | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe -- (NielsenUpdate) SRV - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/21 02:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008/01/21 02:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcecm.sys -- (huawei_cdcecm) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcacm.sys -- (huawei_cdcacm) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2013/09/29 23:30:48 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2013/06/13 16:34:06 | 000,452,120 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant) DRV - [2013/03/20 15:52:42 | 000,023,008 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\nnfwdk.sys -- (nnfwdk) DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2012/10/05 03:32:50 | 000,093,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2010/05/12 03:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB) DRV - [2009/12/17 15:02:20 | 001,203,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009/09/29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009/09/29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009/09/29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2009/07/03 17:21:00 | 000,168,448 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009/04/11 04:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009/03/20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2009/03/20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) DRV - [2009/03/20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV - [2008/01/21 02:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2006/11/14 00:11:54 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2006/11/10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc) DRV - [2006/11/02 07:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006/11/02 07:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{f5827716-9540-492e-9e9a-9f18bb2e7912}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&ind=2013111814&n=77fda606&psa=&st=sb&searchfor={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com IE - HKCU\..\URLSearchHook: {97ef77e6-97be-4204-a890-2485903c5624} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {f5827716-9540-492e-9e9a-9f18bb2e7912} IE - HKCU\..\SearchScopes\{f5827716-9540-492e-9e9a-9f18bb2e7912}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&ind=2013111814&n=77fda606&psa=&st=sb&searchfor={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Ask Web Search" FF - prefs.js..browser.search.order.1: "Secure Search" FF - prefs.js..browser.search.selectedEngine: "Ask Web Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda60b&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ" FF - prefs.js..extensions.enabledAddons: 69ffxtbr%40PackageTracer_69.com:5.40.2.43053 FF - prefs.js..extensions.enabledAddons: %7Bf35b3d43-735b-29de-1ac7-4e569be965a6%7D:1.1 FF - prefs.js..extensions.enabledAddons: support%40tubedimmerapp.com:2.6.48 FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119 FF - prefs.js..extensions.enabledAddons: ffxtlbr%40zonealarm.com:1.6.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1 FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com/?Programid=132&Elementname=Keyword&Applicationid={559CE969-7E04-43B1-BF56-2F90A256442B}&Version=3.6.5&Vintage=20120727&Defaultbrowserid=30&Productid=2869&Vendorid=6413&Offerid=16934&searchterm=" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.prev: "StartWeb" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.savedPrev: "true" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.tb: "Ask Web Search" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.prev: "StartWeb" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.savedPrev: "true" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.tb: "Ask Web Search" FF - prefs.js..browser.startup.homepage: "true" FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda60b&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ" FF - prefs.js..keyword.URL: "http://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda60b&ind=2013111819&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ&searchfor=" FF - prefs.js..network.proxy.type: 4 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: C:\Program Files\NetRatingsNetSight\NetSight\meter9\FirefoxAddOns\npfirefoxtracker.dll (Nielsen) FF - HKLM\Software\MozillaPlugins\@PackageTracer_69.com/Plugin: C:\Program Files\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Robus\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Robus\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\netsight@nielsen.com: C:\Program Files\NetRatingsNetSight\NetSight\meter9\FirefoxAddOns\netsight@nielsen.xpi [2013/11/18 18:58:54 | 000,008,924 | ---- | M] () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/15 17:40:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/15 17:40:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/15 17:40:54 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/15 17:40:58 | 000,000,000 | ---D | M] [2013/10/04 21:28:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Extensions [2013/11/18 18:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions [2013/09/29 23:58:59 | 000,000,000 | ---D | M] ("WinToFlash Suggestor") -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3} [2013/11/14 19:41:03 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2013/11/14 17:56:34 | 000,000,000 | ---D | M] ("Snap.Do ") -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{f35b3d43-735b-29de-1ac7-4e569be965a6} [2013/11/07 09:05:56 | 000,000,000 | ---D | M] (PackageTracer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\69ffxtbr@PackageTracer_69.com [2013/11/14 19:41:05 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@zonealarm.com [2012/07/02 12:06:26 | 000,000,000 | ---D | M] (RivalGaming) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\links@rivalgaming.com [2013/11/14 19:30:09 | 000,000,000 | ---D | M] (Tube Dimmer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\support@tubedimmerapp.com [2013/11/18 18:54:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\pm2306dz.default\extensions [2012/07/02 13:28:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\pm2306dz.default\extensions\staged [2012/05/25 15:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2013/03/21 07:15:42 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\extensions\ffxtlbr@zonealarm.com\content\Abine\chrome\content\ff\view_expiry.js [2012/05/25 15:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\pm2306dz.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2013/11/18 19:00:25 | 000,009,625 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\searchplugins\ask-web-search.xml [2013/11/18 18:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013/11/15 17:40:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013/11/15 17:41:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - homepage: http://www.google.com CHR - homepage: http://www.google.com CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmdlgjgaamffjidnpeddnekffilecamo\5.0.0.0_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.48_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013/11/18 19:10:34 | 000,000,741 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll File not found O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD) O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Toolbar BHO) - {87011c4e-fcde-4476-9348-ecf16134fc1f} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark) O2 - BHO: (Search Assistant BHO) - {87eab57c-d0b7-4ca9-8e26-191bfc989e26} - C:\Program Files\PackageTracer_69\bar\1.bin\69SrcAs.dll (MindSpark) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (no name) - {CF28D96E-985F-43A6-B320-C2186B551472} - No CLSID value found. O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll (Check Point Software Technologies LTD) O3 - HKLM\..\Toolbar: (PackageTracer) - {ff343558-d5a5-454a-bdd8-c5c81e179fed} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (PackageTracer) - {FF343558-D5A5-454A-BDD8-C5C81E179FED} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark) O4 - HKLM..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [PackageTracer Search Scope Monitor] C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe (MindSpark) O4 - HKLM..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKCU..\Run: [Facebook Update] C:\Users\Robus\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.11.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A7C213F-BD10-4507-9ECF-0A4CB9E8F770}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Robus\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Robus\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{06b5badb-821d-11e1-b0d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06b5badb-821d-11e1-b0d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{06b5bb14-821d-11e1-b0d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06b5bb14-821d-11e1-b0d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{06cd51c8-3f69-11e1-95cc-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06cd51c8-3f69-11e1-95cc-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{06cd51dd-3f69-11e1-95cc-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06cd51dd-3f69-11e1-95cc-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{070c50b2-9bdb-11e1-9c13-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{070c50b2-9bdb-11e1-9c13-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{0c7092ad-e55e-11e1-9b1d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{0c7092ad-e55e-11e1-9b1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{0c7092d8-e55e-11e1-9b1d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{0c7092d8-e55e-11e1-9b1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{0f0fd768-dbb1-11e1-a0bd-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{0f0fd768-dbb1-11e1-a0bd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{12618484-c74d-11e0-a61f-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{12618484-c74d-11e0-a61f-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{1549a200-68f6-11e1-8edf-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{1549a200-68f6-11e1-8edf-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{1ad50e5b-6529-11e1-a3bf-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{1ad50e5b-6529-11e1-a3bf-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{23075d0c-d15a-11e0-99fd-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{23075d0c-d15a-11e0-99fd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{23075d0f-d15a-11e0-99fd-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{23075d0f-d15a-11e0-99fd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{238bcd28-e77a-11e1-a5d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{238bcd28-e77a-11e1-a5d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{238bce2d-e77a-11e1-a5d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{238bce2d-e77a-11e1-a5d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{27a83e0d-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a83e0d-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{27a842cf-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a842cf-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{2819ac09-7e3d-11df-af43-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{2819ac09-7e3d-11df-af43-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{2819ac5c-7e3d-11df-af43-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{2819ac5c-7e3d-11df-af43-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{28d8d3e7-1819-11e1-94ff-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{28d8d3e7-1819-11e1-94ff-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{360c7105-36ca-11e1-b679-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{360c7105-36ca-11e1-b679-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{362aa6e3-e2ee-11e1-b072-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{362aa6e3-e2ee-11e1-b072-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{362aa6f2-e2ee-11e1-b072-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{362aa6f2-e2ee-11e1-b072-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{364e5016-e212-11e1-9ce9-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{364e5016-e212-11e1-9ce9-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{3912ded5-3c41-11e1-85e6-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3912ded5-3c41-11e1-85e6-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{3f831bbc-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3f831bbc-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a O33 - MountPoints2\{3f831bfb-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3f831bfb-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{3f831bff-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3f831bff-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4878944f-357c-11e1-bc31-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4878944f-357c-11e1-bc31-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f172-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f172-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f1a3-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f1a3-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f272-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f272-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f274-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f274-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{5bb69e98-5f03-11e1-a466-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{5bb69e98-5f03-11e1-a466-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{5c3c43cc-199b-11e1-a214-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{5c3c43cc-199b-11e1-a214-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{6c783c1e-e1e6-11e1-a55e-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{6c783c1e-e1e6-11e1-a55e-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{6c783c28-e1e6-11e1-a55e-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{6c783c28-e1e6-11e1-a55e-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7be162aa-23de-11e1-bb6a-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7be162aa-23de-11e1-bb6a-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7cef6981-dd45-11e1-9f03-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7cef6981-dd45-11e1-9f03-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7cef6ab4-dd45-11e1-9f03-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7cef6ab4-dd45-11e1-9f03-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7dbc8846-ad58-11e1-9e48-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7dbc8846-ad58-11e1-9e48-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7dbc8897-ad58-11e1-9e48-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7dbc8897-ad58-11e1-9e48-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{8f9aa80f-837e-11e1-9a1d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{8f9aa80f-837e-11e1-9a1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{9156b298-4ede-11e1-847c-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{9156b298-4ede-11e1-847c-002454208e82}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{a0e47c3e-e0aa-11e1-99f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{a0e47c3e-e0aa-11e1-99f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{a0e47c80-e0aa-11e1-99f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{a0e47c80-e0aa-11e1-99f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51c4f4-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51c4f4-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51c4f8-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51c4f8-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51ca3a-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51ca3a-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51cedd-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51cedd-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{b163e4d0-eb97-11e1-b121-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{b163e4d0-eb97-11e1-b121-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{b47b40ce-43e7-11e0-ae9c-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{b47b40ce-43e7-11e0-ae9c-002454208e82}\Shell\AutoRun\command - "" = D:\DPFMate.exe O33 - MountPoints2\{b7f91bcf-f648-11e0-8a5d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{b7f91bcf-f648-11e0-8a5d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c00643fb-c446-11e1-a099-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c00643fb-c446-11e1-a099-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c050d675-6daa-11e1-8824-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c050d675-6daa-11e1-8824-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c050d677-6daa-11e1-8824-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c050d677-6daa-11e1-8824-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c09ca255-36c1-11e1-b84d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c09ca255-36c1-11e1-b84d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f797-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f797-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f7c0-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f7c0-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f7c3-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f7c3-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f7da-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f7da-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363fcdf-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363fcdf-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{cac41099-e432-11df-9781-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{cac41099-e432-11df-9781-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{e4506d49-3142-11e1-884b-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{e4506d49-3142-11e1-884b-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{e7a4db2a-d924-11e1-9bec-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{e7a4db2a-d924-11e1-9bec-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ee298306-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ee298306-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ee298319-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ee298319-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ee29838d-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ee29838d-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{f10f337d-7f00-11df-924f-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{f10f337d-7f00-11df-924f-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{f55a33eb-9c3e-11e1-8c33-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{f55a33eb-9c3e-11e1-8c33-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{f55a33f8-9c3e-11e1-8c33-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{f55a33f8-9c3e-11e1-8c33-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{fd245ccf-fd7c-11e0-bf19-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{fd245ccf-fd7c-11e0-bf19-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013/11/18 19:16:18 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\CrashDumps [2013/11/18 19:11:44 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\IAC [2013/11/18 19:11:43 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\PackageTracer_69 [2013/11/18 19:01:32 | 000,000,000 | ---D | C] -- C:\Users\Robus\Desktop\RK_Quarantine [2013/11/18 18:51:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2013/11/18 18:14:54 | 000,000,000 | ---D | C] -- C:\FRST [2013/11/15 17:40:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013/11/15 17:38:41 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2013/11/15 17:38:41 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2013/11/14 19:51:04 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/11/14 19:51:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013/11/14 19:51:01 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013/11/14 19:51:01 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013/11/14 19:51:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013/11/14 19:50:59 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013/11/14 19:50:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013/11/14 19:50:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013/11/14 18:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point [2013/11/14 18:31:16 | 000,256,904 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys [2013/11/14 18:26:57 | 000,000,000 | ---D | C] -- C:\Program Files\Check Point Software Technologies LTD [2013/11/14 18:26:44 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Check Point Software Technologies LTD [2013/11/14 18:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2013/11/14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater [2013/11/14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RHelpers [2013/11/14 17:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\TubeDimmer [2013/11/14 17:29:52 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\Avg2014 [2013/11/13 09:22:52 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL [2013/11/07 09:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\PackageTracer_69 [2013/11/06 11:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\GPLGS [2013/11/06 11:40:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator [2013/11/06 11:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator [2013/10/20 07:48:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle [2012/03/03 09:17:15 | 002,371,152 | ---- | C] (DownVision ) -- C:\Users\Robus\AppData\Local\setup.exe ========== Files - Modified Within 30 Days ========== [2013/11/18 19:28:04 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/11/18 19:26:23 | 000,028,426 | ---- | M] () -- C:\Users\Robus\Desktop\droppy heart.jpg [2013/11/18 19:04:30 | 000,648,680 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/11/18 19:04:30 | 000,124,648 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/11/18 18:57:32 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2013/11/18 18:57:22 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/11/18 18:57:22 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/11/18 18:57:22 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job [2013/11/18 18:57:07 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013/11/18 18:57:07 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013/11/18 18:56:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/11/18 18:54:36 | 000,000,870 | ---- | M] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk [2013/11/18 18:54:36 | 000,000,846 | ---- | M] () -- C:\Users\Robus\Desktop\Search.lnk [2013/11/18 18:38:59 | 000,028,346 | ---- | M] () -- C:\Users\Robus\Desktop\niebieski.jpg [2013/11/18 18:30:37 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2270810218-2394552768-2579885175-1000UA.job [2013/11/18 18:30:37 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2270810218-2394552768-2579885175-1000Core.job [2013/11/18 18:30:07 | 274,383,198 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013/11/15 17:51:22 | 000,002,523 | ---- | M] () -- C:\Users\Robus\Desktop\HiJackThis.lnk [2013/11/15 17:24:48 | 000,000,596 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog [2013/11/14 19:43:05 | 000,417,569 | ---- | M] () -- C:\Windows\System32\drivers\vsconfig.xml [2013/11/14 19:26:12 | 000,001,288 | ---- | M] () -- C:\Windows\DCEBOOT.RST [2013/11/14 19:25:12 | 000,210,992 | ---- | M] () -- C:\Windows\RegBootClean.exe [2013/11/14 19:25:12 | 000,023,088 | ---- | M] () -- C:\Windows\DCEBoot.exe [2013/11/14 19:15:07 | 000,308,980 | ---- | M] () -- C:\Users\Robus\AppData\Local\census.cache [2013/11/14 19:14:36 | 000,196,747 | ---- | M] () -- C:\Users\Robus\AppData\Local\ars.cache [2013/11/14 18:32:26 | 000,000,639 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk [2013/11/14 18:31:03 | 000,000,036 | ---- | M] () -- C:\Users\Robus\AppData\Local\housecall.guid.cache [2013/11/09 20:34:04 | 000,001,875 | ---- | M] () -- C:\Users\Robus\Desktop\Wordpad.lnk [2013/11/08 08:20:43 | 001,094,600 | ---- | M] () -- C:\Users\Robus\Desktop\rob and me.jpg [2013/11/06 12:40:08 | 000,000,091 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\WB.CFG [2013/11/05 18:48:26 | 001,608,730 | ---- | M] () -- C:\Users\Robus\Desktop\kino domowe.jpg [2013/11/01 19:26:26 | 006,801,542 | ---- | M] () -- C:\Users\Robus\Desktop\salon1.jpg [2013/11/01 18:43:00 | 002,478,596 | ---- | M] () -- C:\Users\Robus\Desktop\salon.jpg [2013/10/28 10:48:11 | 000,000,223 | ---- | M] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Becky Misseldine.URL [2013/10/20 12:40:58 | 002,127,163 | ---- | M] () -- C:\Users\Robus\Desktop\koza.jpg [2013/10/20 08:40:49 | 000,412,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/10/20 08:00:20 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013/10/20 08:00:19 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl ========== Files Created - No Company Name ========== [2013/11/18 19:25:53 | 000,028,426 | ---- | C] () -- C:\Users\Robus\Desktop\droppy heart.jpg [2013/11/18 18:38:56 | 000,028,346 | ---- | C] () -- C:\Users\Robus\Desktop\niebieski.jpg [2013/11/18 18:30:07 | 274,383,198 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013/11/15 17:38:41 | 000,002,523 | ---- | C] () -- C:\Users\Robus\Desktop\HiJackThis.lnk [2013/11/15 17:24:39 | 000,000,596 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog [2013/11/14 19:26:12 | 000,001,288 | ---- | C] () -- C:\Windows\DCEBOOT.RST [2013/11/14 19:24:48 | 000,210,992 | ---- | C] () -- C:\Windows\RegBootClean.exe [2013/11/14 19:24:48 | 000,023,088 | ---- | C] () -- C:\Windows\DCEBoot.exe [2013/11/14 19:15:07 | 000,308,980 | ---- | C] () -- C:\Users\Robus\AppData\Local\census.cache [2013/11/14 19:14:36 | 000,196,747 | ---- | C] () -- C:\Users\Robus\AppData\Local\ars.cache [2013/11/14 18:32:57 | 000,417,569 | ---- | C] () -- C:\Windows\System32\drivers\vsconfig.xml [2013/11/14 18:32:26 | 000,000,639 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk [2013/11/14 18:31:03 | 000,000,036 | ---- | C] () -- C:\Users\Robus\AppData\Local\housecall.guid.cache [2013/11/14 17:56:10 | 000,000,870 | ---- | C] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk [2013/11/14 17:56:10 | 000,000,846 | ---- | C] () -- C:\Users\Robus\Desktop\Search.lnk [2013/11/13 09:22:52 | 000,218,228 | ---- | C] () -- C:\Windows\System32\WFP.TMF [2013/11/09 20:34:04 | 000,001,875 | ---- | C] () -- C:\Users\Robus\Desktop\Wordpad.lnk [2013/11/08 08:20:54 | 001,094,600 | ---- | C] () -- C:\Users\Robus\Desktop\rob and me.jpg [2013/11/08 08:18:59 | 002,127,163 | ---- | C] () -- C:\Users\Robus\Desktop\koza.jpg [2013/11/06 12:40:08 | 000,000,091 | ---- | C] () -- C:\Users\Robus\AppData\Roaming\WB.CFG [2013/11/06 11:40:27 | 000,086,016 | ---- | C] () -- C:\Windows\System32\custmon32i.dll [2013/11/05 20:08:53 | 006,801,542 | ---- | C] () -- C:\Users\Robus\Desktop\salon1.jpg [2013/11/05 20:07:51 | 002,478,596 | ---- | C] () -- C:\Users\Robus\Desktop\salon.jpg [2013/11/05 18:45:35 | 005,352,886 | ---- | C] () -- C:\Users\Robus\Desktop\stol2.jpg [2013/11/05 18:45:08 | 004,445,439 | ---- | C] () -- C:\Users\Robus\Desktop\sofa.jpg [2013/11/05 18:44:18 | 005,352,886 | ---- | C] () -- C:\Users\Robus\Desktop\stol1.jpg [2013/11/05 18:44:02 | 005,407,789 | ---- | C] () -- C:\Users\Robus\Desktop\stol.jpg [2013/11/05 18:40:07 | 001,608,730 | ---- | C] () -- C:\Users\Robus\Desktop\kino domowe.jpg [2013/10/28 10:48:11 | 000,000,223 | ---- | C] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Becky Misseldine.URL [2013/03/07 19:33:10 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2013/03/07 19:33:09 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2013/02/09 15:48:57 | 000,026,900 | ---- | C] () -- C:\Users\Robus\AppData\Local\dt.dat [2012/06/30 13:41:12 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2012/03/03 09:17:16 | 000,000,972 | ---- | C] () -- C:\Users\Robus\AppData\Local\Darmowe.Wzory.Ulotek.Reklamowych.torrent [2012/02/15 20:10:02 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2012/02/15 20:10:02 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011/12/08 19:31:23 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011/12/08 19:31:23 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011/06/28 07:26:54 | 000,024,334 | ---- | C] () -- C:\Users\Robus\AppData\Local\umowa poadzialu.pdf [2011/06/17 14:34:06 | 000,000,000 | ---- | C] () -- C:\Users\Robus\AppData\Local\{78F2DA2B-44D9-40DC-9367-6AF299E2187A} [2010/08/16 16:05:07 | 000,046,278 | ---- | C] () -- C:\Users\Robus\WSR Invoice - Mr. R. Plummer - 2452.pdf [2010/06/26 21:06:37 | 000,123,392 | ---- | C] () -- C:\Users\Robus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2006/11/02 12:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 17:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 04:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/21 02:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Files - Unicode (All) ========== [2013/10/05 12:48:31 | 000,000,000 | ---D | M](C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\䉘é㼈éÄé㍨é8520-1533-40C5-AD09-953C574F14BCÄé㠸é [2013/10/05 12:48:31 | 000,000,000 | ---D | M](C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\䉘é㼈éÄé㍨é8520-1533-40C5-AD09-953C574F14BCÄé㠸é [2013/10/02 13:00:44 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ţ㠘ţ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/10/02 13:00:44 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ţ㠘ţ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/10/01 01:13:02 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/10/01 01:13:02 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/09/30 11:36:50 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˢ㠘ˢ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/09/30 11:36:50 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˢ㠘ˢ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/09/30 02:44:56 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠ƺ㼐ƺÄƺ㍰ƺ8520-1533-40C5-AD09-953C574F14BCÄƺ㡀ƺ [2013/09/30 02:44:56 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠ƺ㼐ƺÄƺ㍰ƺ8520-1533-40C5-AD09-953C574F14BCÄƺ㡀ƺ [2013/09/29 19:34:37 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䉠Ē㼐ĒÄĒ㍰Ē8520-1533-40C5-AD09-953C574F14BCÄĒ㡀Ē [2013/09/29 19:34:37 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䉠Ē㼐ĒÄĒ㍰Ē8520-1533-40C5-AD09-953C574F14BCÄĒ㡀Ē [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCÄ¬?¬) -- C:\ProgramData\䉨¬㼘¬Ä¬㍸¬8520-1533-40C5-AD09-953C574F14BCÄ¬㡈¬ [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘ˖籐˴ [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCÄ¬?¬) -- C:\ProgramData\䉨¬㼘¬Ä¬㍸¬8520-1533-40C5-AD09-953C574F14BCÄ¬㡈¬ [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘ˖籐˴ [2013/09/22 14:07:55 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˡ籐˺ [2013/09/22 14:07:55 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˡ籐˺ [2013/07/20 20:43:37 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐 [2013/07/20 20:43:37 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐 [2013/07/20 20:43:33 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ƿ㼘ƿÄƿ㍸ƿ8520-1533-40C5-AD09-953C574F14BCÄƿ㡈ƿ [2013/07/20 20:43:33 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ƿ㼘ƿÄƿ㍸ƿ8520-1533-40C5-AD09-953C574F14BCÄƿ㡈ƿ [2013/07/20 20:35:19 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˓㠘˓楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/07/20 20:35:19 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˓㠘˓楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/06/29 20:42:39 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/06/29 20:42:39 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/06/29 13:28:47 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Ǆ㼐ǄÄǄ㍰Ǆ8520-1533-40C5-AD09-953C574F14BCÄǄ㡀Ǆ [2013/06/29 13:28:47 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Ǆ㼐ǄÄǄ㍰Ǆ8520-1533-40C5-AD09-953C574F14BCÄǄ㡀Ǆ [2013/06/28 17:07:36 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䉠ǜ㼐ǜÄǜ㍰ǜ8520-1533-40C5-AD09-953C574F14BCÄǜ㡀ǜ [2013/06/28 17:07:36 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䉠ǜ㼐ǜÄǜ㍰ǜ8520-1533-40C5-AD09-953C574F14BCÄǜ㡀ǜ [2013/06/28 16:45:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˪㠘˪楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/06/28 16:45:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˪㠘˪楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/06/02 16:53:40 | 000,000,000 | ---D | M](C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\睨ˈ㠘ˈ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/06/02 16:53:40 | 000,000,000 | ---D | M](C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\睨ˈ㠘ˈ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/05/20 11:31:59 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䉠Ǎ㼐ǍÄǍ㍰Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡀Ǎ [2013/05/20 11:31:59 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䉠Ǎ㼐ǍÄǍ㍰Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡀Ǎ [2013/05/13 18:34:26 | 000,000,000 | ---D | M](C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\睨ˉ㠘ˉ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/05/13 18:34:26 | 000,000,000 | ---D | M](C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\睨ˉ㠘ˉ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/05/07 07:18:32 | 000,000,000 | ---D | M](C:\ProgramData\???S) -- C:\ProgramData\Ꮘ˪籐Ś [2013/05/07 07:18:32 | 000,000,000 | ---D | M](C:\ProgramData\???S) -- C:\ProgramData\Ꮘ˪籐Ś [2013/05/07 07:18:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ǵ㼘ǵÄǵ㍸ǵ8520-1533-40C5-AD09-953C574F14BCÄǵ㡈ǵ [2013/05/07 07:18:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ǵ㼘ǵÄǵ㍸ǵ8520-1533-40C5-AD09-953C574F14BCÄǵ㡈ǵ [2013/05/06 20:01:51 | 000,000,000 | ---D | M](C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\睨Ǘ㠘Ǘ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/05/06 20:01:51 | 000,000,000 | ---D | M](C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\睨Ǘ㠘Ǘ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/29 17:52:04 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ť㠘ť楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/29 17:52:04 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ť㠘ť楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/29 08:25:43 | 000,000,000 | ---D | M](C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\䉠Ò㼐ÒÄÒ㍰Ò8520-1533-40C5-AD09-953C574F14BCÄÒ㡀Ò [2013/04/29 08:25:43 | 000,000,000 | ---D | M](C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\䉠Ò㼐ÒÄÒ㍰Ò8520-1533-40C5-AD09-953C574F14BCÄÒ㡀Ò [2013/04/24 13:20:26 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䉠Ǚ㼐ǙÄǙ㍰Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡀Ǚ [2013/04/24 13:20:26 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䉠Ǚ㼐ǙÄǙ㍰Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡀Ǚ [2013/04/22 19:10:11 | 000,000,000 | ---D | M](C:\ProgramData\???`) -- C:\ProgramData\Ꮘʶ籐ˋ [2013/04/22 19:10:11 | 000,000,000 | ---D | M](C:\ProgramData\???`) -- C:\ProgramData\Ꮘʶ籐ˋ [2013/04/22 19:10:09 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䉨Ǧ㼘ǦÄǦ㍸Ǧ8520-1533-40C5-AD09-953C574F14BCÄǦ㡈Ǧ [2013/04/22 19:10:09 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䉨Ǧ㼘ǦÄǦ㍸Ǧ8520-1533-40C5-AD09-953C574F14BCÄǦ㡈Ǧ [2013/04/22 17:52:06 | 000,000,000 | ---D | M](C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\睨Ǧ㠘Ǧ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/22 17:52:06 | 000,000,000 | ---D | M](C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\睨Ǧ㠘Ǧ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/17 17:31:49 | 000,000,000 | ---D | M](C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\䉠x㼐xÄx㍰x8520-1533-40C5-AD09-953C574F14BCÄx㡀x [2013/04/17 17:31:49 | 000,000,000 | ---D | M](C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\䉠x㼐xÄx㍰x8520-1533-40C5-AD09-953C574F14BCÄx㡀x [2013/04/17 13:10:27 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘȼ籐ɍ [2013/04/17 13:10:27 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘȼ籐ɍ [2013/04/17 13:10:24 | 000,000,000 | ---D | M](C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\䉨Š㼘ŠÄŠ㍸Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡈Š [2013/04/17 13:10:24 | 000,000,000 | ---D | M](C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\䉨Š㼘ŠÄŠ㍸Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡈Š [2013/04/16 21:12:07 | 000,000,000 | ---D | M](C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\睨ŗ㠘ŗ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/16 21:12:07 | 000,000,000 | ---D | M](C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\睨ŗ㠘ŗ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/03 18:02:38 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐˗ [2013/04/03 18:02:38 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐˗ [2013/04/03 18:02:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ƶ㼘ƵÄƵ㍸Ƶ8520-1533-40C5-AD09-953C574F14BCÄƵ㡈Ƶ [2013/04/03 18:02:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ƶ㼘ƵÄƵ㍸Ƶ8520-1533-40C5-AD09-953C574F14BCÄƵ㡈Ƶ [2013/04/03 17:11:25 | 000,000,000 | ---D | M](C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\睨8㠘8楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/03 17:11:25 | 000,000,000 | ---D | M](C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\睨8㠘8楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/01 13:24:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Ǿ㼐ǾÄǾ㍰Ǿ8520-1533-40C5-AD09-953C574F14BCÄǾ㡀Ǿ [2013/04/01 13:24:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Ǿ㼐ǾÄǾ㍰Ǿ8520-1533-40C5-AD09-953C574F14BCÄǾ㡀Ǿ [2013/03/29 18:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\䉠á㼐áÄá㍰á8520-1533-40C5-AD09-953C574F14BCÄá㡀á [2013/03/29 18:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\䉠á㼐áÄá㍰á8520-1533-40C5-AD09-953C574F14BCÄá㡀á [2013/03/26 19:21:06 | 000,000,000 | ---D | M](C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\䉠ǩ㼐ǩÄǩ㍰ǩ8520-1533-40C5-AD09-953C574F14BCÄǩ㡀ǩ [2013/03/26 19:21:06 | 000,000,000 | ---D | M](C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\䉠ǩ㼐ǩÄǩ㍰ǩ8520-1533-40C5-AD09-953C574F14BCÄǩ㡀ǩ [2013/03/26 11:34:52 | 000,000,000 | ---D | M](C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/03/26 11:34:52 | 000,000,000 | ---D | M](C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/03/25 19:46:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐ƻ [2013/03/25 19:46:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐ƻ [2013/03/25 19:46:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ǉ㼘ǉÄǉ㍸ǉ8520-1533-40C5-AD09-953C574F14BCÄǉ㡈ǉ [2013/03/25 19:46:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ǉ㼘ǉÄǉ㍸ǉ8520-1533-40C5-AD09-953C574F14BCÄǉ㡈ǉ [2013/03/25 18:52:03 | 000,000,000 | ---D | M](C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\睨˜㠘˜楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/03/25 18:52:03 | 000,000,000 | ---D | M](C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\睨˜㠘˜楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/03/22 03:19:58 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䉠ǟ㼐ǟÄǟ㍰ǟ8520-1533-40C5-AD09-953C574F14BCÄǟ㡀ǟ [2013/03/22 03:19:58 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䉠ǟ㼐ǟÄǟ㍰ǟ8520-1533-40C5-AD09-953C574F14BCÄǟ㡀ǟ [2013/03/20 15:54:16 | 000,000,000 | ---D | M](C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\䉠ǐ㼐ǐÄǐ㍰ǐ8520-1533-40C5-AD09-953C574F14BCÄǐ㡀ǐ [2013/03/20 15:54:16 | 000,000,000 | ---D | M](C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\䉠ǐ㼐ǐÄǐ㍰ǐ8520-1533-40C5-AD09-953C574F14BCÄǐ㡀ǐ [2013/03/18 18:52:18 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˦㠘˦楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/03/18 18:52:18 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˦㠘˦楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/03/14 03:26:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/03/14 03:26:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 [2013/03/08 08:24:34 | 000,000,000 | ---D | M](C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\䉠)㼐)Ä)㍰)8520-1533-40C5-AD09-953C574F14BCÄ)㡀) [2013/03/08 08:24:34 | 000,000,000 | ---D | M](C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\䉠)㼐)Ä)㍰)8520-1533-40C5-AD09-953C574F14BCÄ)㡀) [2013/03/04 18:58:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˌ籐˧ [2013/03/04 18:58:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˌ籐˧ [2013/03/04 18:58:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ǣ㼘ǢÄǢ㍸Ǣ8520-1533-40C5-AD09-953C574F14BCÄǢ㡈Ǣ [2013/03/04 18:58:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ǣ㼘ǢÄǢ㍸Ǣ8520-1533-40C5-AD09-953C574F14BCÄǢ㡈Ǣ [2013/03/04 18:52:02 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˌ㠘ˌ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/03/04 18:52:02 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˌ㠘ˌ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/02/27 20:25:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˃㠘˃楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/02/27 20:25:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˃㠘˃楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/02/27 14:22:20 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\䉠ǎ㼐ǎ0 [2013/02/27 14:22:20 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\䉠ǎ㼐ǎ0 [2013/02/17 19:22:01 | 000,000,000 | ---D | M](C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\睨9㠘9楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/02/17 19:22:01 | 000,000,000 | ---D | M](C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\睨9㠘9楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/02/17 07:50:22 | 000,000,000 | ---D | M](C:\ProgramData\?|?|0) -- C:\ProgramData\䇨ǀ㺘ǀ0 [2013/02/17 07:50:22 | 000,000,000 | ---D | M](C:\ProgramData\?|?|0) -- C:\ProgramData\䇨ǀ㺘ǀ0 [2013/01/06 18:01:43 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\皸˙㝨˙楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/01/06 18:01:43 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\皸˙㝨˙楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/01/06 17:59:12 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ʀ㸈Ʀ0 [2013/01/06 17:59:12 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ʀ㸈Ʀ0 [2013/01/04 18:41:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ț㸈ț0 [2013/01/04 18:41:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ț㸈ț0 [2013/01/02 08:35:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȇ㸈ȇ0 [2013/01/02 08:35:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȇ㸈ȇ0 [2012/12/22 06:06:03 | 000,000,000 | ---D | M](C:\ProgramData\?.?.0) -- C:\ProgramData\䅘.㸈.0 [2012/12/22 06:06:03 | 000,000,000 | ---D | M](C:\ProgramData\?.?.0) -- C:\ProgramData\䅘.㸈.0 [2012/12/14 03:35:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȷ㸈ȷ0 [2012/12/14 03:35:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȷ㸈ȷ0 [2012/12/07 13:21:00 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘㸈0 [2012/12/07 13:21:00 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘㸈0 [2012/12/01 13:18:34 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȴ㸈ȴ0 [2012/12/01 13:18:34 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȴ㸈ȴ0 [2012/11/30 21:04:36 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȅ㸈ȅ0 [2012/11/30 21:04:36 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȅ㸈ȅ0 [2012/11/30 17:56:55 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȥ㸈Ȥ0 [2012/11/30 17:56:55 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȥ㸈Ȥ0 [2012/11/28 17:41:03 | 000,000,000 | ---D | M](C:\ProgramData\?@?@0) -- C:\ProgramData\䅘@㸈@0 [2012/11/28 17:41:03 | 000,000,000 | ---D | M](C:\ProgramData\?@?@0) -- C:\ProgramData\䅘@㸈@0 [2012/11/28 14:07:54 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ǽ㸈ǽ0 [2012/11/28 14:07:54 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ǽ㸈ǽ0 [2012/11/27 13:35:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȳ㸈Ȳ0 [2012/11/27 13:35:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȳ㸈Ȳ0 [2012/11/26 14:40:33 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȏ㸈Ȏ0 [2012/11/26 14:40:33 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȏ㸈Ȏ0 [2012/11/25 16:09:01 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȸ㸈ȸ0 [2012/11/25 16:09:01 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȸ㸈ȸ0 [2012/11/17 07:42:48 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䃨ǵ㶘ǵ0 [2012/11/17 07:42:48 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䃨ǵ㶘ǵ0 (C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\䉠x㼐xÄx㍰x8520-1533-40C5-AD09-953C574F14BCÄx㡀x (C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䉠Ǚ㼐ǙÄǙ㍰Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡀Ǚ (C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䉠ǜ㼐ǜÄǜ㍰ǜ8520-1533-40C5-AD09-953C574F14BCÄǜ㡀ǜ (C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\睨Ǘ㠘Ǘ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ţ㠘ţ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ť㠘ť楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\䉨Š㼘ŠÄŠ㍸Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡈Š (C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\睨ŗ㠘ŗ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\䉠Ò㼐ÒÄÒ㍰Ò8520-1533-40C5-AD09-953C574F14BCÄÒ㡀Ò (C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\䉠ǩ㼐ǩÄǩ㍰ǩ8520-1533-40C5-AD09-953C574F14BCÄǩ㡀ǩ (C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\䉠ǐ㼐ǐÄǐ㍰ǐ8520-1533-40C5-AD09-953C574F14BCÄǐ㡀ǐ (C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䉨Ǧ㼘ǦÄǦ㍸Ǧ8520-1533-40C5-AD09-953C574F14BCÄǦ㡈Ǧ (C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\睨Ǧ㠘Ǧ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䉠Ē㼐ĒÄĒ㍰Ē8520-1533-40C5-AD09-953C574F14BCÄĒ㡀Ē (C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\䉘é㼈éÄé㍨é8520-1533-40C5-AD09-953C574F14BCÄé㠸é (C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\䉠á㼐áÄá㍰á8520-1533-40C5-AD09-953C574F14BCÄá㡀á (C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䉠ǟ㼐ǟÄǟ㍰ǟ8520-1533-40C5-AD09-953C574F14BCÄǟ㡀ǟ (C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䉠Ǎ㼐ǍÄǍ㍰Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡀Ǎ (C:\ProgramData\?a?a0) -- C:\ProgramData\䉠ǎ㼐ǎ0 (C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\睨9㠘9楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\睨8㠘8楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 (C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCÄ¬?¬) -- C:\ProgramData\䉨¬㼘¬Ä¬㍸¬8520-1533-40C5-AD09-953C574F14BCÄ¬㡈¬ (C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\睨˜㠘˜楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\睨ˉ㠘ˉ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?|?|0) -- C:\ProgramData\䇨ǀ㺘ǀ0 (C:\ProgramData\?@?@0) -- C:\ProgramData\䅘@㸈@0 (C:\ProgramData\???S) -- C:\ProgramData\Ꮘ˪籐Ś (C:\ProgramData\???`) -- C:\ProgramData\Ꮘʶ籐ˋ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ƶ㼘ƵÄƵ㍸Ƶ8520-1533-40C5-AD09-953C574F14BCÄƵ㡈Ƶ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ƿ㼘ƿÄƿ㍸ƿ8520-1533-40C5-AD09-953C574F14BCÄƿ㡈ƿ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ǉ㼘ǉÄǉ㍸ǉ8520-1533-40C5-AD09-953C574F14BCÄǉ㡈ǉ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ǵ㼘ǵÄǵ㍸ǵ8520-1533-40C5-AD09-953C574F14BCÄǵ㡈ǵ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ǣ㼘ǢÄǢ㍸Ǣ8520-1533-40C5-AD09-953C574F14BCÄǢ㡈Ǣ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠ƺ㼐ƺÄƺ㍰ƺ8520-1533-40C5-AD09-953C574F14BCÄƺ㡀ƺ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Ǿ㼐ǾÄǾ㍰Ǿ8520-1533-40C5-AD09-953C574F14BCÄǾ㡀Ǿ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Ǆ㼐ǄÄǄ㍰Ǆ8520-1533-40C5-AD09-953C574F14BCÄǄ㡀Ǆ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀 (C:\ProgramData\????0) -- C:\ProgramData\䅘Ȥ㸈Ȥ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘Ȳ㸈Ȳ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ț㸈ț0 (C:\ProgramData\????0) -- C:\ProgramData\䅘Ʀ㸈Ʀ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘Ȏ㸈Ȏ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ȴ㸈ȴ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ȷ㸈ȷ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ȇ㸈ȇ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ȅ㸈ȅ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ȸ㸈ȸ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ǽ㸈ǽ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘㸈0 (C:\ProgramData\????0) -- C:\ProgramData\䃨ǵ㶘ǵ0 (C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\睨ˈ㠘ˈ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˦㠘˦楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˓㠘˓楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˃㠘˃楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˌ㠘ˌ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˪㠘˪楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˢ㠘ˢ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\皸˙㝨˙楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐ƻ (C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐 (C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐˗ (C:\ProgramData\????) -- C:\ProgramData\Ꮘˌ籐˧ (C:\ProgramData\????) -- C:\ProgramData\Ꮘ˖籐˴ (C:\ProgramData\????) -- C:\ProgramData\Ꮘˡ籐˺ (C:\ProgramData\????) -- C:\ProgramData\Ꮘȼ籐ɍ (C:\ProgramData\?.?.0) -- C:\ProgramData\䅘.㸈.0 (C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\䉠)㼐)Ä)㍰)8520-1533-40C5-AD09-953C574F14BCÄ)㡀) ========== Alternate Data Streams ========== @Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:2683706C @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:373E1720 < End of report >
- 18 Listopada 2013
- 23 odpowiedzi
zamulony system

piwonia2121 odpowiedział(a) na piwonia2121 temat w Dział pomocy doraźnej

ok,wiec tak- zrobilam wedlug zalecen adwcleaner oraz roguecleaner,nastepnie odpalilam frst i powtorka z rozrywki-program stopped working.
- 18 Listopada 2013
- 23 odpowiedzi
zamulony system

piwonia2121 odpowiedział(a) na piwonia2121 temat w Dział pomocy doraźnej

robie teraz adwcleaner i nastepnie roguekiller.dam potrzebne logi
- 18 Listopada 2013
- 23 odpowiedzi
zamulony system

piwonia2121 odpowiedział(a) na piwonia2121 temat w Dział pomocy doraźnej

dzieki probowalam sobie poradzic,ale z otl chyba mam inna wersje,napewno angielska, w dodatku nie ma nigdzie niczego co by odpowiadalo"wykonaj skrypt"
- 18 Listopada 2013
- 23 odpowiedzi
zamulony system

piwonia2121 odpowiedział(a) na piwonia2121 temat w Dział pomocy doraźnej

podczasu robieniu skanu gmer pojawil sie niebieski ekran,zrobilam jego zdjecie ale niewiem jak dodac.problem has been detected and windows has been shut down to prevent damage. kglorpog.sys page_fault_in_notepad_area skan z poziomu awaryjnego prze[raszam bardzo ale nie umiem
- 18 Listopada 2013
- 23 odpowiedzi
zamulony system

piwonia2121 odpowiedział(a) na piwonia2121 temat w Dział pomocy doraźnej

zrobilam po raz drugi,to samo-frst.exe stopped working correctly.sprobuje gmera
- 18 Listopada 2013
- 23 odpowiedzi
zamulony system

piwonia2121 odpowiedział(a) na piwonia2121 temat w Dział pomocy doraźnej

robie skan frst i wyskoczyl komunikat ze skanowanie program stopped working i musialam zamknac okno,robie jeszcze raz
- 18 Listopada 2013
- 23 odpowiedzi
zamulony system

piwonia2121 odpowiedział(a) na piwonia2121 temat w Dział pomocy doraźnej

no i ktorego mam uzyc?
- 18 Listopada 2013
- 23 odpowiedzi
zamulony system

piwonia2121 opublikował(a) temat w Dział pomocy doraźnej

problem jest spory bo praktycznie uniemozliwia korzystanie z komputera, system jest bardzo powolny, nie ma mozliwosci by obejrzec film online,youtube dziala tylko jak sie ruszy myszka,tak samo strony laduja sie tylko jak poruszy sie myszka,inaczej stoi w miejscu. ogolnie bardzo utrudnione korzystanie z komputera, czeka sie dlugie minuty az cokowliek zalapie.instalacja jakiegokolwike antywirusa jest bezskuteczna jako ze proces instalacji zostaje zawsze przerwany.dolaczam logi z otl i prosze o pomoc logiotlxtras.Txt 2OTL.Txt
- 18 Listopada 2013
- 23 odpowiedzi

Zaloguj się

piwonia2121

Postów

Dołączył

Ostatnia wizyta

zamulony system

zamulony system

zamulony system

zamulony system

zamulony system

zamulony system

zamulony system

zamulony system

zamulony system

zamulony system

zamulony system

zamulony system

zamulony system

zamulony system

zamulony system

Przeglądaj

Cała aktywność