zamulony system

[piwonia2121]

problem jest spory bo praktycznie uniemozliwia korzystanie z komputera, system jest bardzo powolny, nie ma mozliwosci by obejrzec film online,youtube dziala tylko jak sie ruszy myszka,tak samo strony laduja sie tylko jak poruszy sie myszka,inaczej stoi w miejscu. ogolnie bardzo utrudnione korzystanie z komputera, czeka sie dlugie minuty az cokowliek zalapie.instalacja jakiegokolwike antywirusa jest bezskuteczna jako ze proces instalacji zostaje zawsze przerwany.dolaczam logi z otl i prosze o pomoc

logiotlxtras.Txt

2OTL.Txt

[Anonim8]

Wstaw logi z FRST

https://www.fixitpc.pl/topic/8-dezynfekcja-zbior-narzedzi-usuwajacych/

[piwonia2121]

no i ktorego mam uzyc?

[muzyk75]

Przeczytaj pierwszy temat:  WAŻNE - Zakładanie tematu: obowiązkowe logi   i załącz wymagane logi z OTL, FRST, GMER.

[Anonim8]

https://www.fixitpc.pl/topic/61-diagnostyka-ogolne-raporty-systemowe/#1

 

sorki dałem zły link

[piwonia2121]

robie skan frst i wyskoczyl komunikat ze skanowanie program stopped working i musialam zamknac okno,robie jeszcze raz

[piwonia2121]

zrobilam po raz drugi,to samo-frst.exe stopped working correctly.sprobuje gmera

[Anonim8]

zrób skany FRST i GMER z trybu awaryjnego

[muzyk75]

Uruchom OTL --> "Własne opcje skanowania / skrypt" i wklej:

 

:OTL

PRC - [2013/11/07 09:05:47 | 000,044,784 | ---- | M] (MindSpark) -- C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe
PRC - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe
PRC - [2013/11/07 09:05:47 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69brmon.exe
PRC - [2013/10/29 08:24:24 | 002,886,464 | ---- | M] (Iminent) -- C:\Program Files\Common Files\Umbrella\Umbrella.exe
MOD - [2013/11/14 20:31:18 | 000,128,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_elementtree.pyd
MOD - [2013/11/14 20:31:18 | 000,098,816 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32api.pyd
MOD - [2013/11/14 20:31:18 | 000,044,032 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_socket.pyd
MOD - [2013/11/14 20:31:18 | 000,022,528 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32ts.pyd
MOD - [2013/11/14 20:31:17 | 000,557,056 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pysqlite2._sqlite.pyd
MOD - [2013/11/14 20:31:17 | 000,320,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32com.shell.shell.pyd
MOD - [2013/11/14 20:31:17 | 000,026,624 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_multiprocessing.pyd
MOD - [2013/11/14 20:31:16 | 000,070,656 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._html2.pyd
MOD - [2013/11/14 20:31:16 | 000,011,264 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32crypt.pyd
MOD - [2013/11/14 20:31:15 | 000,805,888 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._gdi_.pyd
MOD - [2013/11/14 20:31:15 | 000,504,832 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\windows._cacheinvalidation.pyd
MOD - [2013/11/14 20:31:14 | 000,087,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_ctypes.pyd
MOD - [2013/11/14 20:31:14 | 000,017,408 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32profile.pyd
MOD - [2013/11/14 20:31:13 | 000,364,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pythoncom27.dll
MOD - [2013/11/14 20:31:12 | 000,735,232 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._misc_.pyd
MOD - [2013/11/14 20:31:09 | 000,110,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pywintypes27.dll
MOD - [2013/11/14 20:31:08 | 001,175,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._core_.pyd
MOD - [2013/11/14 20:31:08 | 000,108,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32security.pyd
MOD - [2013/11/14 20:31:06 | 001,153,024 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_ssl.pyd
MOD - [2013/11/14 20:31:04 | 000,035,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32process.pyd
MOD - [2013/11/14 20:31:04 | 000,025,600 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32pdh.pyd
MOD - [2013/11/14 20:31:03 | 000,711,680 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_hashlib.pyd
MOD - [2013/11/14 20:31:02 | 000,811,008 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._windows_.pyd
MOD - [2013/11/14 20:31:01 | 000,122,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._wizard.pyd
MOD - [2013/11/14 20:31:01 | 000,119,808 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32file.pyd
MOD - [2013/11/14 20:30:59 | 000,038,912 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32inet.pyd
MOD - [2013/11/14 20:30:32 | 001,062,400 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._controls_.pyd
MOD - [2013/11/14 20:30:29 | 000,018,432 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32event.pyd
MOD - [2013/11/14 20:30:27 | 000,686,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\unicodedata.pyd
MOD - [2013/11/14 20:30:27 | 000,127,488 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pyexpat.pyd
MOD - [2013/11/14 20:30:26 | 000,010,240 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\select.pyd
SRV - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe -- (PackageTracer_69Service)
SRV - [2013/10/29 08:24:24 | 002,886,464 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files\Common Files\Umbrella\Umbrella.exe -- (SProtection)
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent.com/?appId=43A86978-C745-4B94-8801-ECBD2E108515&ref=toolbox&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?babsrc=HP_ss&mntrId=4C05002454208E82&affID=120007&tsp=5027
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.tb.ask.com/index.jhtml?n=77FD35DB&p2=^AFW^xdm004^YYA^gb&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&si=CPD09PGo0roCFQ7LtAodBmcAtQ
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\URLSearchHook: {97ef77e6-97be-4204-a890-2485903c5624} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013
IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent.com/?appId=43A86978-C745-4B94-8801-ECBD2E108515&ref=toolbox&q={searchTerms}
FF - prefs.js..browser.search.order.1: "Secure Search"
FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda27e&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ"
FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com/?Programid=132&Elementname=Keyword&Applicationid={559CE969-7E04-43B1-BF56-2F90A256442B}&Version=3.6.5&Vintage=20120727&Defaultbrowserid=30&Productid=2869&Vendorid=6413&Offerid=16934&searchterm="
FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda27e&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ"
FF - prefs.js..keyword.URL: "http://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda27e&ind=2013110910&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ&searchfor="
FF - HKLM\Software\MozillaPlugins\@PackageTracer_69.com/Plugin: C:\Program Files\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark)
[2013/02/04 17:29:55 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2013/11/07 09:05:56 | 000,000,000 | ---D | M] (PackageTracer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\69ffxtbr@PackageTracer_69.com
[2012/07/02 13:29:47 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@funmoods.com
[2013/11/15 17:25:48 | 000,000,000 | ---D | M] (Iminent Toolbar) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@iminent.com
CHR - homepage: http://start.iminent.com/?appId=43A86978-C745-4B94-8801-ECBD2E108515
CHR - homepage: http://start.iminent.com/?appId=43A86978-C745-4B94-8801-ECBD2E108515
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll File not found
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (DataMngr) - {7DA17D5A-5718-4130-A605-FC316C827836} - C:\Program Files\Searchcore Toolbar\Datamngr\BrowserConnection.dll (Discordia , LTD)
O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll File not found
O2 - BHO: (no name) - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - No CLSID value found.
O2 - BHO: (no name) - {CF28D96E-985F-43A6-B320-C2186B551472} - No CLSID value found.
O2 - BHO: (Toolbar BHO) - {87011c4e-fcde-4476-9348-ecf16134fc1f} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark)
O2 - BHO: (Search Assistant BHO) - {87eab57c-d0b7-4ca9-8e26-191bfc989e26} - C:\Program Files\PackageTracer_69\bar\1.bin\69SrcAs.dll (MindSpark)
O3 - HKLM\..\Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchcore Toolbar) - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - C:\Program Files\Searchcore Toolbar\Datamngr\ToolBar\searchcoredtx.dll ()
O3 - HKLM\..\Toolbar: (PackageTracer) - {ff343558-d5a5-454a-bdd8-c5c81e179fed} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4 - HKLM..\Run: [PackageTracer Search Scope Monitor] C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe (MindSpark)
O4 - HKLM..\Run: [PackageTracer_69 Browser Plugin Loader] C:\Program Files\PackageTracer_69\bar\1.bin\69brmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [updater] C:\ProgramData\Updater\updater.exe (Updater)
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found
[2013/11/15 17:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\IminentToolbar
[2013/11/15 17:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\IminentToolbar
[2013/11/15 17:25:10 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Iminent
[2013/11/15 17:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent
[2013/11/15 17:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
[2013/11/15 17:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella
[2013/11/15 17:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent
[2013/11/14 18:02:40 | 000,000,000 | ---D | C] -- C:\Users\Robus\Documents\Optimizer Pro
[2013/11/14 18:02:40 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Optimizer Pro
[2013/11/14 17:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
[2013/11/14 17:57:17 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro
[2013/11/14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater
[2013/11/07 09:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\PackageTracer_69
[2013/10/29 17:45:32 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
:Commands
[emptytemp]
 

Kliknij "Wykonaj skrypt"

 

Pobierz ADW-Cleaner: "Dział pomocy doraźnej"-->"Dezynfekcja: zbiór narzędzi usuwających"-->"Pobierz" . Po uruchomieniu kliknij "szukaj" , po zakończeniu skanu "usuń".  Reset komputera.

 

Pobierz RogueKiller by Tigzy: "Dział pomocy doraźnej"-->"Dezynfekcja: zbiór narzędzi usuwających"-->"Pobierz" . Po uruchomieniu kliknij "skanuj" , po zakończeniu skanu "usuń" -->następnie "Napraw Hosts"

 

Zobacz czy teraz wykonasz logi z FRST i nowe z OTL.

[piwonia2121]

podczasu robieniu skanu gmer pojawil sie niebieski ekran,zrobilam jego zdjecie ale niewiem jak dodac.problem has been detected and windows has been shut down to prevent damage.

kglorpog.sys

page_fault_in_notepad_area

 

 

skan z poziomu awaryjnego prze[raszam bardzo ale nie umiem

[piwonia2121]

Uruchom OTL --> "Własne opcje skanowania / skrypt" i wklej:

Kliknij "Wykonaj skrypt"

 

Pobierz ADW-Cleaner: "Dział pomocy doraźnej"-->"Dezynfekcja: zbiór narzędzi usuwających"-->"Pobierz" . Po uruchomieniu kliknij "szukaj" , po zakończeniu skanu "usuń".  Reset komputera.

 

Pobierz RogueKiller by Tigzy: "Dział pomocy doraźnej"-->"Dezynfekcja: zbiór narzędzi usuwających"-->"Pobierz" . Po uruchomieniu kliknij "skanuj" , po zakończeniu skanu "usuń" -->następnie "Napraw Hosts"

 

Zobacz czy teraz wykonasz logi z FRST i nowe z OTL.

dzieki probowalam sobie poradzic,ale z otl chyba mam inna wersje,napewno angielska, w dodatku nie ma nigdzie niczego co by odpowiadalo"wykonaj skrypt"

[muzyk75]

Wykonaj to co napisałem. Zobaczymy czy po tym pójdzie.

 

Pobierz tu: Przeczytaj pierwszy temat:  WAŻNE - Zakładanie tematu: obowiązkowe logi   i załącz wymagane logi z OTL, FRST, GMER.

[piwonia2121]

robie teraz adwcleaner i nastepnie roguekiller.dam potrzebne logi

[piwonia2121]

ok,wiec tak- zrobilam wedlug zalecen adwcleaner oraz roguecleaner,nastepnie odpalilam frst i powtorka z rozrywki-program stopped working.

[piwonia2121]

OTL logfile created on: 18/11/2013 19:17:42 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Robus\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
1.96 Gb Total Physical Memory | 0.47 Gb Available Physical Memory | 24.17% Memory free
4.15 Gb Paging File | 2.58 Gb Available in Paging File | 62.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 109.88 Gb Total Space | 42.19 Gb Free Space | 38.39% Space Free | Partition Type: NTFS
Drive D: | 3.68 Gb Total Space | 2.58 Gb Free Space | 70.21% Space Free | Partition Type: FAT32
Drive F: | 110.00 Gb Total Space | 27.75 Gb Free Space | 25.23% Space Free | Partition Type: NTFS
 
Computer Name: ROBUS-PC | User Name: Robus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/11/18 17:11:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Robus\Downloads\OTL.exe
PRC - [2013/11/15 17:41:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/11/07 09:05:47 | 000,044,784 | ---- | M] (MindSpark) -- C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe
PRC - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe
PRC - [2013/10/25 23:45:12 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2013/10/25 23:07:48 | 000,073,832 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2013/10/23 20:06:28 | 000,313,208 | ---- | M] (Updater) -- C:\ProgramData\Updater\updater.exe
PRC - [2013/10/23 20:06:28 | 000,251,768 | ---- | M] (WatchDog) -- C:\ProgramData\RHelpers\IeHelper\IeHelper.exe
PRC - [2013/10/23 20:06:28 | 000,251,768 | ---- | M] (WatchDog) -- C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe
PRC - [2013/10/23 20:06:28 | 000,251,768 | ---- | M] (WatchDog) -- C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
PRC - [2013/10/20 08:00:19 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
PRC - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) -- C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
PRC - [2013/09/25 16:37:00 | 020,133,824 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe
PRC - [2013/05/11 10:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/19 15:35:36 | 002,833,120 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe
PRC - [2012/08/07 13:12:07 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Robus\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2011/12/10 11:07:30 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2011/05/03 18:46:18 | 000,047,424 | ---- | M] (The Nielsen Company) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
PRC - [2010/06/28 14:54:38 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows NT\Accessories\wordpad.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2008/01/21 02:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/11/18 18:58:26 | 000,557,056 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\pysqlite2._sqlite.pyd
MOD - [2013/11/18 18:58:26 | 000,128,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\_elementtree.pyd
MOD - [2013/11/18 18:58:26 | 000,098,816 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32api.pyd
MOD - [2013/11/18 18:58:26 | 000,044,032 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\_socket.pyd
MOD - [2013/11/18 18:58:26 | 000,022,528 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32ts.pyd
MOD - [2013/11/18 18:58:25 | 000,320,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32com.shell.shell.pyd
MOD - [2013/11/18 18:58:25 | 000,026,624 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\_multiprocessing.pyd
MOD - [2013/11/18 18:58:24 | 000,805,888 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\wx._gdi_.pyd
MOD - [2013/11/18 18:58:24 | 000,070,656 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\wx._html2.pyd
MOD - [2013/11/18 18:58:24 | 000,011,264 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32crypt.pyd
MOD - [2013/11/18 18:58:23 | 000,504,832 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\windows._cacheinvalidation.pyd
MOD - [2013/11/18 18:58:23 | 000,087,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\_ctypes.pyd
MOD - [2013/11/18 18:58:23 | 000,017,408 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32profile.pyd
MOD - [2013/11/18 18:58:22 | 000,735,232 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\wx._misc_.pyd
MOD - [2013/11/18 18:58:22 | 000,364,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\pythoncom27.dll
MOD - [2013/11/18 18:58:22 | 000,110,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\pywintypes27.dll
MOD - [2013/11/18 18:58:21 | 001,175,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\wx._core_.pyd
MOD - [2013/11/18 18:58:21 | 000,108,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32security.pyd
MOD - [2013/11/18 18:58:20 | 001,153,024 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\_ssl.pyd
MOD - [2013/11/18 18:58:20 | 000,025,600 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32pdh.pyd
MOD - [2013/11/18 18:58:19 | 000,711,680 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\_hashlib.pyd
MOD - [2013/11/18 18:58:19 | 000,035,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32process.pyd
MOD - [2013/11/18 18:58:18 | 000,811,008 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\wx._windows_.pyd
MOD - [2013/11/18 18:58:17 | 000,122,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\wx._wizard.pyd
MOD - [2013/11/18 18:58:16 | 000,119,808 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32file.pyd
MOD - [2013/11/18 18:58:16 | 000,038,912 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32inet.pyd
MOD - [2013/11/18 18:58:08 | 001,062,400 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\wx._controls_.pyd
MOD - [2013/11/18 18:58:06 | 000,127,488 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\pyexpat.pyd
MOD - [2013/11/18 18:58:06 | 000,018,432 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\win32event.pyd
MOD - [2013/11/18 18:58:05 | 000,686,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\unicodedata.pyd
MOD - [2013/11/18 18:58:04 | 000,010,240 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI40802\select.pyd
MOD - [2013/11/15 17:41:18 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/10/20 08:00:16 | 016,233,864 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_117.dll
MOD - [2013/04/19 15:33:50 | 000,502,784 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\nsmmc.dll
MOD - [2013/03/20 15:55:22 | 000,753,664 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npfirefoxprocessor.dll
MOD - [2013/03/20 15:54:10 | 000,224,768 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npwmi.dll
MOD - [2013/03/20 15:53:56 | 000,228,864 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npsurvey.dll
MOD - [2013/03/20 15:53:48 | 000,150,528 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npsp1.dll
MOD - [2013/03/20 15:53:38 | 000,503,808 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\communication.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- c:\progra~1\optimi~1\OptProCrash.exe -- (ca82e1a5)
SRV - File not found [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2013/11/15 17:41:18 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe -- (PackageTracer_69Service)
SRV - [2013/10/25 23:45:12 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2013/10/20 08:00:20 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/11 10:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/19 15:35:36 | 002,833,120 | ---- | M] () [Auto | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe -- (NielsenUpdate)
SRV - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/21 02:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/21 02:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcecm.sys -- (huawei_cdcecm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2013/09/29 23:30:48 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013/06/13 16:34:06 | 000,452,120 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2013/03/20 15:52:42 | 000,023,008 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\nnfwdk.sys -- (nnfwdk)
DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/05 03:32:50 | 000,093,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/05/12 03:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2009/12/17 15:02:20 | 001,203,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009/09/29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009/09/29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2009/07/03 17:21:00 | 000,168,448 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/04/11 04:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/03/20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009/03/20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009/03/20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2008/01/21 02:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/11/14 00:11:54 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2006/11/10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
DRV - [2006/11/02 07:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 07:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{f5827716-9540-492e-9e9a-9f18bb2e7912}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&ind=2013111814&n=77fda606&psa=&st=sb&searchfor={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\..\URLSearchHook: {97ef77e6-97be-4204-a890-2485903c5624} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {f5827716-9540-492e-9e9a-9f18bb2e7912}
IE - HKCU\..\SearchScopes\{f5827716-9540-492e-9e9a-9f18bb2e7912}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&ind=2013111814&n=77fda606&psa=&st=sb&searchfor={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Ask Web Search"
FF - prefs.js..browser.search.order.1: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Ask Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda60b&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ"
FF - prefs.js..extensions.enabledAddons: 69ffxtbr%40PackageTracer_69.com:5.40.2.43053
FF - prefs.js..extensions.enabledAddons: %7Bf35b3d43-735b-29de-1ac7-4e569be965a6%7D:1.1
FF - prefs.js..extensions.enabledAddons: support%40tubedimmerapp.com:2.6.48
FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40zonealarm.com:1.6.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com/?Programid=132&Elementname=Keyword&Applicationid={559CE969-7E04-43B1-BF56-2F90A256442B}&Version=3.6.5&Vintage=20120727&Defaultbrowserid=30&Productid=2869&Vendorid=6413&Offerid=16934&searchterm="
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.prev: "StartWeb"
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.savedPrev: "true"
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.tb: "Ask Web Search"
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.prev: "StartWeb"
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.savedPrev: "true"
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.tb: "Ask Web Search"
FF - prefs.js..browser.startup.homepage: "true"
FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda60b&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ"
FF - prefs.js..keyword.URL: "http://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda60b&ind=2013111819&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ&searchfor="
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: C:\Program Files\NetRatingsNetSight\NetSight\meter9\FirefoxAddOns\npfirefoxtracker.dll (Nielsen)
FF - HKLM\Software\MozillaPlugins\@PackageTracer_69.com/Plugin: C:\Program Files\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Robus\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Robus\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\netsight@nielsen.com: C:\Program Files\NetRatingsNetSight\NetSight\meter9\FirefoxAddOns\netsight@nielsen.xpi [2013/11/18 18:58:54 | 000,008,924 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/15 17:40:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/15 17:40:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/15 17:40:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/15 17:40:58 | 000,000,000 | ---D | M]
 
[2013/10/04 21:28:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Extensions
[2013/11/18 18:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions
[2013/09/29 23:58:59 | 000,000,000 | ---D | M] ("WinToFlash Suggestor") -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}
[2013/11/14 19:41:03 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2013/11/14 17:56:34 | 000,000,000 | ---D | M] ("Snap.Do ") -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{f35b3d43-735b-29de-1ac7-4e569be965a6}
[2013/11/07 09:05:56 | 000,000,000 | ---D | M] (PackageTracer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\69ffxtbr@PackageTracer_69.com
[2013/11/14 19:41:05 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@zonealarm.com
[2012/07/02 12:06:26 | 000,000,000 | ---D | M] (RivalGaming) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\links@rivalgaming.com
[2013/11/14 19:30:09 | 000,000,000 | ---D | M] (Tube Dimmer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\support@tubedimmerapp.com
[2013/11/18 18:54:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\pm2306dz.default\extensions
[2012/07/02 13:28:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\pm2306dz.default\extensions\staged
[2012/05/25 15:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi
[2013/03/21 07:15:42 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\extensions\ffxtlbr@zonealarm.com\content\Abine\chrome\content\ff\view_expiry.js
[2012/05/25 15:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\pm2306dz.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi
[2013/11/18 19:00:25 | 000,009,625 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\searchplugins\ask-web-search.xml
[2013/11/18 18:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/11/15 17:40:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/15 17:41:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - homepage: http://www.google.com
CHR - homepage: http://www.google.com
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmdlgjgaamffjidnpeddnekffilecamo\5.0.0.0_0\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.48_0\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013/11/18 19:10:34 | 000,000,741 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1    localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll File not found
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Toolbar BHO) - {87011c4e-fcde-4476-9348-ecf16134fc1f} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark)
O2 - BHO: (Search Assistant BHO) - {87eab57c-d0b7-4ca9-8e26-191bfc989e26} - C:\Program Files\PackageTracer_69\bar\1.bin\69SrcAs.dll (MindSpark)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {CF28D96E-985F-43A6-B320-C2186B551472} - No CLSID value found.
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll (Check Point Software Technologies LTD)
O3 - HKLM\..\Toolbar: (PackageTracer) - {ff343558-d5a5-454a-bdd8-c5c81e179fed} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (PackageTracer) - {FF343558-D5A5-454A-BDD8-C5C81E179FED} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark)
O4 - HKLM..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [PackageTracer Search Scope Monitor] C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe (MindSpark)
O4 - HKLM..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Robus\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.11.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A7C213F-BD10-4507-9ECF-0A4CB9E8F770}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Robus\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Robus\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{06b5badb-821d-11e1-b0d3-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{06b5badb-821d-11e1-b0d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{06b5bb14-821d-11e1-b0d3-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{06b5bb14-821d-11e1-b0d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{06cd51c8-3f69-11e1-95cc-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{06cd51c8-3f69-11e1-95cc-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{06cd51dd-3f69-11e1-95cc-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{06cd51dd-3f69-11e1-95cc-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{070c50b2-9bdb-11e1-9c13-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{070c50b2-9bdb-11e1-9c13-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{0c7092ad-e55e-11e1-9b1d-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{0c7092ad-e55e-11e1-9b1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{0c7092d8-e55e-11e1-9b1d-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{0c7092d8-e55e-11e1-9b1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{0f0fd768-dbb1-11e1-a0bd-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{0f0fd768-dbb1-11e1-a0bd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{12618484-c74d-11e0-a61f-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{12618484-c74d-11e0-a61f-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{1549a200-68f6-11e1-8edf-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{1549a200-68f6-11e1-8edf-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{1ad50e5b-6529-11e1-a3bf-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{1ad50e5b-6529-11e1-a3bf-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{23075d0c-d15a-11e0-99fd-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{23075d0c-d15a-11e0-99fd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{23075d0f-d15a-11e0-99fd-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{23075d0f-d15a-11e0-99fd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{238bcd28-e77a-11e1-a5d3-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{238bcd28-e77a-11e1-a5d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{238bce2d-e77a-11e1-a5d3-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{238bce2d-e77a-11e1-a5d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{27a83e0d-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{27a83e0d-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{27a842cf-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{27a842cf-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{2819ac09-7e3d-11df-af43-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2819ac09-7e3d-11df-af43-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{2819ac5c-7e3d-11df-af43-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{2819ac5c-7e3d-11df-af43-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{28d8d3e7-1819-11e1-94ff-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{28d8d3e7-1819-11e1-94ff-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{360c7105-36ca-11e1-b679-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{360c7105-36ca-11e1-b679-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{362aa6e3-e2ee-11e1-b072-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{362aa6e3-e2ee-11e1-b072-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{362aa6f2-e2ee-11e1-b072-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{362aa6f2-e2ee-11e1-b072-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{364e5016-e212-11e1-9ce9-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{364e5016-e212-11e1-9ce9-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{3912ded5-3c41-11e1-85e6-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{3912ded5-3c41-11e1-85e6-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{3f831bbc-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{3f831bbc-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{3f831bfb-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{3f831bfb-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{3f831bff-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{3f831bff-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4878944f-357c-11e1-bc31-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{4878944f-357c-11e1-bc31-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4a75f172-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{4a75f172-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4a75f1a3-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{4a75f1a3-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4a75f272-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{4a75f272-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4a75f274-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{4a75f274-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{5bb69e98-5f03-11e1-a466-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{5bb69e98-5f03-11e1-a466-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{5c3c43cc-199b-11e1-a214-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{5c3c43cc-199b-11e1-a214-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{6c783c1e-e1e6-11e1-a55e-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{6c783c1e-e1e6-11e1-a55e-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{6c783c28-e1e6-11e1-a55e-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{6c783c28-e1e6-11e1-a55e-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{7be162aa-23de-11e1-bb6a-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{7be162aa-23de-11e1-bb6a-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{7cef6981-dd45-11e1-9f03-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{7cef6981-dd45-11e1-9f03-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{7cef6ab4-dd45-11e1-9f03-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{7cef6ab4-dd45-11e1-9f03-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{7dbc8846-ad58-11e1-9e48-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{7dbc8846-ad58-11e1-9e48-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{7dbc8897-ad58-11e1-9e48-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{7dbc8897-ad58-11e1-9e48-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{8f9aa80f-837e-11e1-9a1d-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{8f9aa80f-837e-11e1-9a1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{9156b298-4ede-11e1-847c-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{9156b298-4ede-11e1-847c-002454208e82}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{a0e47c3e-e0aa-11e1-99f1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{a0e47c3e-e0aa-11e1-99f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{a0e47c80-e0aa-11e1-99f1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{a0e47c80-e0aa-11e1-99f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ad51c4f4-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ad51c4f4-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ad51c4f8-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ad51c4f8-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ad51ca3a-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ad51ca3a-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ad51cedd-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ad51cedd-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{b163e4d0-eb97-11e1-b121-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{b163e4d0-eb97-11e1-b121-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{b47b40ce-43e7-11e0-ae9c-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{b47b40ce-43e7-11e0-ae9c-002454208e82}\Shell\AutoRun\command - "" = D:\DPFMate.exe
O33 - MountPoints2\{b7f91bcf-f648-11e0-8a5d-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{b7f91bcf-f648-11e0-8a5d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c00643fb-c446-11e1-a099-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c00643fb-c446-11e1-a099-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c050d675-6daa-11e1-8824-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c050d675-6daa-11e1-8824-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c050d677-6daa-11e1-8824-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c050d677-6daa-11e1-8824-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c09ca255-36c1-11e1-b84d-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c09ca255-36c1-11e1-b84d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c363f797-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c363f797-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c363f7c0-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c363f7c0-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c363f7c3-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c363f7c3-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c363f7da-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c363f7da-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c363fcdf-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c363fcdf-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{cac41099-e432-11df-9781-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{cac41099-e432-11df-9781-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{e4506d49-3142-11e1-884b-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{e4506d49-3142-11e1-884b-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{e7a4db2a-d924-11e1-9bec-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{e7a4db2a-d924-11e1-9bec-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ee298306-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ee298306-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ee298319-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ee298319-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ee29838d-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ee29838d-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{f10f337d-7f00-11df-924f-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{f10f337d-7f00-11df-924f-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{f55a33eb-9c3e-11e1-8c33-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{f55a33eb-9c3e-11e1-8c33-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{f55a33f8-9c3e-11e1-8c33-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{f55a33f8-9c3e-11e1-8c33-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{fd245ccf-fd7c-11e0-bf19-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{fd245ccf-fd7c-11e0-bf19-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/11/18 19:16:18 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\CrashDumps
[2013/11/18 19:11:44 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\IAC
[2013/11/18 19:11:43 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\PackageTracer_69
[2013/11/18 19:01:32 | 000,000,000 | ---D | C] -- C:\Users\Robus\Desktop\RK_Quarantine
[2013/11/18 18:51:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/18 18:14:54 | 000,000,000 | ---D | C] -- C:\FRST
[2013/11/15 17:40:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/11/15 17:38:41 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013/11/15 17:38:41 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013/11/14 19:51:04 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/11/14 19:51:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/11/14 19:51:01 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/11/14 19:51:01 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/11/14 19:51:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/11/14 19:50:59 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/11/14 19:50:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/11/14 19:50:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/11/14 18:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2013/11/14 18:31:16 | 000,256,904 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2013/11/14 18:26:57 | 000,000,000 | ---D | C] -- C:\Program Files\Check Point Software Technologies LTD
[2013/11/14 18:26:44 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Check Point Software Technologies LTD
[2013/11/14 18:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2013/11/14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater
[2013/11/14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RHelpers
[2013/11/14 17:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\TubeDimmer
[2013/11/14 17:29:52 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\Avg2014
[2013/11/13 09:22:52 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2013/11/07 09:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\PackageTracer_69
[2013/11/06 11:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\GPLGS
[2013/11/06 11:40:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator
[2013/11/06 11:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2013/10/20 07:48:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2012/03/03 09:17:15 | 002,371,152 | ---- | C] (DownVision                                                  ) -- C:\Users\Robus\AppData\Local\setup.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013/11/18 19:28:04 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/18 19:26:23 | 000,028,426 | ---- | M] () -- C:\Users\Robus\Desktop\droppy heart.jpg
[2013/11/18 19:04:30 | 000,648,680 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/11/18 19:04:30 | 000,124,648 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/11/18 18:57:32 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013/11/18 18:57:22 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/18 18:57:22 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/18 18:57:22 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2013/11/18 18:57:07 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/18 18:57:07 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/18 18:56:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/18 18:54:36 | 000,000,870 | ---- | M] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk
[2013/11/18 18:54:36 | 000,000,846 | ---- | M] () -- C:\Users\Robus\Desktop\Search.lnk
[2013/11/18 18:38:59 | 000,028,346 | ---- | M] () -- C:\Users\Robus\Desktop\niebieski.jpg
[2013/11/18 18:30:37 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2270810218-2394552768-2579885175-1000UA.job
[2013/11/18 18:30:37 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2270810218-2394552768-2579885175-1000Core.job
[2013/11/18 18:30:07 | 274,383,198 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/11/15 17:51:22 | 000,002,523 | ---- | M] () -- C:\Users\Robus\Desktop\HiJackThis.lnk
[2013/11/15 17:24:48 | 000,000,596 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog
[2013/11/14 19:43:05 | 000,417,569 | ---- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2013/11/14 19:26:12 | 000,001,288 | ---- | M] () -- C:\Windows\DCEBOOT.RST
[2013/11/14 19:25:12 | 000,210,992 | ---- | M] () -- C:\Windows\RegBootClean.exe
[2013/11/14 19:25:12 | 000,023,088 | ---- | M] () -- C:\Windows\DCEBoot.exe
[2013/11/14 19:15:07 | 000,308,980 | ---- | M] () -- C:\Users\Robus\AppData\Local\census.cache
[2013/11/14 19:14:36 | 000,196,747 | ---- | M] () -- C:\Users\Robus\AppData\Local\ars.cache
[2013/11/14 18:32:26 | 000,000,639 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2013/11/14 18:31:03 | 000,000,036 | ---- | M] () -- C:\Users\Robus\AppData\Local\housecall.guid.cache
[2013/11/09 20:34:04 | 000,001,875 | ---- | M] () -- C:\Users\Robus\Desktop\Wordpad.lnk
[2013/11/08 08:20:43 | 001,094,600 | ---- | M] () -- C:\Users\Robus\Desktop\rob and me.jpg
[2013/11/06 12:40:08 | 000,000,091 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\WB.CFG
[2013/11/05 18:48:26 | 001,608,730 | ---- | M] () -- C:\Users\Robus\Desktop\kino domowe.jpg
[2013/11/01 19:26:26 | 006,801,542 | ---- | M] () -- C:\Users\Robus\Desktop\salon1.jpg
[2013/11/01 18:43:00 | 002,478,596 | ---- | M] () -- C:\Users\Robus\Desktop\salon.jpg
[2013/10/28 10:48:11 | 000,000,223 | ---- | M] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Becky Misseldine.URL
[2013/10/20 12:40:58 | 002,127,163 | ---- | M] () -- C:\Users\Robus\Desktop\koza.jpg
[2013/10/20 08:40:49 | 000,412,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/10/20 08:00:20 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/10/20 08:00:19 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2013/11/18 19:25:53 | 000,028,426 | ---- | C] () -- C:\Users\Robus\Desktop\droppy heart.jpg
[2013/11/18 18:38:56 | 000,028,346 | ---- | C] () -- C:\Users\Robus\Desktop\niebieski.jpg
[2013/11/18 18:30:07 | 274,383,198 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/11/15 17:38:41 | 000,002,523 | ---- | C] () -- C:\Users\Robus\Desktop\HiJackThis.lnk
[2013/11/15 17:24:39 | 000,000,596 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog
[2013/11/14 19:26:12 | 000,001,288 | ---- | C] () -- C:\Windows\DCEBOOT.RST
[2013/11/14 19:24:48 | 000,210,992 | ---- | C] () -- C:\Windows\RegBootClean.exe
[2013/11/14 19:24:48 | 000,023,088 | ---- | C] () -- C:\Windows\DCEBoot.exe
[2013/11/14 19:15:07 | 000,308,980 | ---- | C] () -- C:\Users\Robus\AppData\Local\census.cache
[2013/11/14 19:14:36 | 000,196,747 | ---- | C] () -- C:\Users\Robus\AppData\Local\ars.cache
[2013/11/14 18:32:57 | 000,417,569 | ---- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2013/11/14 18:32:26 | 000,000,639 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2013/11/14 18:31:03 | 000,000,036 | ---- | C] () -- C:\Users\Robus\AppData\Local\housecall.guid.cache
[2013/11/14 17:56:10 | 000,000,870 | ---- | C] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk
[2013/11/14 17:56:10 | 000,000,846 | ---- | C] () -- C:\Users\Robus\Desktop\Search.lnk
[2013/11/13 09:22:52 | 000,218,228 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2013/11/09 20:34:04 | 000,001,875 | ---- | C] () -- C:\Users\Robus\Desktop\Wordpad.lnk
[2013/11/08 08:20:54 | 001,094,600 | ---- | C] () -- C:\Users\Robus\Desktop\rob and me.jpg
[2013/11/08 08:18:59 | 002,127,163 | ---- | C] () -- C:\Users\Robus\Desktop\koza.jpg
[2013/11/06 12:40:08 | 000,000,091 | ---- | C] () -- C:\Users\Robus\AppData\Roaming\WB.CFG
[2013/11/06 11:40:27 | 000,086,016 | ---- | C] () -- C:\Windows\System32\custmon32i.dll
[2013/11/05 20:08:53 | 006,801,542 | ---- | C] () -- C:\Users\Robus\Desktop\salon1.jpg
[2013/11/05 20:07:51 | 002,478,596 | ---- | C] () -- C:\Users\Robus\Desktop\salon.jpg
[2013/11/05 18:45:35 | 005,352,886 | ---- | C] () -- C:\Users\Robus\Desktop\stol2.jpg
[2013/11/05 18:45:08 | 004,445,439 | ---- | C] () -- C:\Users\Robus\Desktop\sofa.jpg
[2013/11/05 18:44:18 | 005,352,886 | ---- | C] () -- C:\Users\Robus\Desktop\stol1.jpg
[2013/11/05 18:44:02 | 005,407,789 | ---- | C] () -- C:\Users\Robus\Desktop\stol.jpg
[2013/11/05 18:40:07 | 001,608,730 | ---- | C] () -- C:\Users\Robus\Desktop\kino domowe.jpg
[2013/10/28 10:48:11 | 000,000,223 | ---- | C] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Becky Misseldine.URL
[2013/03/07 19:33:10 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2013/03/07 19:33:09 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2013/02/09 15:48:57 | 000,026,900 | ---- | C] () -- C:\Users\Robus\AppData\Local\dt.dat
[2012/06/30 13:41:12 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2012/03/03 09:17:16 | 000,000,972 | ---- | C] () -- C:\Users\Robus\AppData\Local\Darmowe.Wzory.Ulotek.Reklamowych.torrent
[2012/02/15 20:10:02 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012/02/15 20:10:02 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/12/08 19:31:23 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011/12/08 19:31:23 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011/06/28 07:26:54 | 000,024,334 | ---- | C] () -- C:\Users\Robus\AppData\Local\umowa poadzialu.pdf
[2011/06/17 14:34:06 | 000,000,000 | ---- | C] () -- C:\Users\Robus\AppData\Local\{78F2DA2B-44D9-40DC-9367-6AF299E2187A}
[2010/08/16 16:05:07 | 000,046,278 | ---- | C] () -- C:\Users\Robus\WSR Invoice - Mr. R. Plummer - 2452.pdf
[2010/06/26 21:06:37 | 000,123,392 | ---- | C] () -- C:\Users\Robus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006/11/02 12:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 17:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 04:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/21 02:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Files - Unicode (All) ==========
[2013/10/05 12:48:31 | 000,000,000 | ---D | M](C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\䉘é㼈éÄé㍨é8520-1533-40C5-AD09-953C574F14BCÄé㠸é
[2013/10/05 12:48:31 | 000,000,000 | ---D | M](C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\䉘é㼈éÄé㍨é8520-1533-40C5-AD09-953C574F14BCÄé㠸é
[2013/10/02 13:00:44 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ţ㠘ţ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/10/02 13:00:44 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ţ㠘ţ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/10/01 01:13:02 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀
[2013/10/01 01:13:02 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀
[2013/09/30 11:36:50 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˢ㠘ˢ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/09/30 11:36:50 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˢ㠘ˢ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/09/30 02:44:56 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠ƺ㼐ƺÄƺ㍰ƺ8520-1533-40C5-AD09-953C574F14BCÄƺ㡀ƺ
[2013/09/30 02:44:56 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠ƺ㼐ƺÄƺ㍰ƺ8520-1533-40C5-AD09-953C574F14BCÄƺ㡀ƺ
[2013/09/29 19:34:37 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䉠Ē㼐ĒÄĒ㍰Ē8520-1533-40C5-AD09-953C574F14BCÄĒ㡀Ē
[2013/09/29 19:34:37 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䉠Ē㼐ĒÄĒ㍰Ē8520-1533-40C5-AD09-953C574F14BCÄĒ㡀Ē
[2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCĬ?¬) -- C:\ProgramData\䉨¬㼘¬Ä¬㍸¬8520-1533-40C5-AD09-953C574F14BCĬ㡈¬
[2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘ˖籐˴
[2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCĬ?¬) -- C:\ProgramData\䉨¬㼘¬Ä¬㍸¬8520-1533-40C5-AD09-953C574F14BCĬ㡈¬
[2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘ˖籐˴
[2013/09/22 14:07:55 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˡ籐˺
[2013/09/22 14:07:55 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˡ籐˺
[2013/07/20 20:43:37 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐
[2013/07/20 20:43:37 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐
[2013/07/20 20:43:33 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ƿ㼘ƿÄƿ㍸ƿ8520-1533-40C5-AD09-953C574F14BCÄƿ㡈ƿ
[2013/07/20 20:43:33 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ƿ㼘ƿÄƿ㍸ƿ8520-1533-40C5-AD09-953C574F14BCÄƿ㡈ƿ
[2013/07/20 20:35:19 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˓㠘˓楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/07/20 20:35:19 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˓㠘˓楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/06/29 20:42:39 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀
[2013/06/29 20:42:39 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀
[2013/06/29 13:28:47 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠DŽ㼐DŽÄDŽ㍰DŽ8520-1533-40C5-AD09-953C574F14BCÄDŽ㡀DŽ
[2013/06/29 13:28:47 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠DŽ㼐DŽÄDŽ㍰DŽ8520-1533-40C5-AD09-953C574F14BCÄDŽ㡀DŽ
[2013/06/28 17:07:36 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䉠ǜ㼐ǜÄǜ㍰ǜ8520-1533-40C5-AD09-953C574F14BCÄǜ㡀ǜ
[2013/06/28 17:07:36 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䉠ǜ㼐ǜÄǜ㍰ǜ8520-1533-40C5-AD09-953C574F14BCÄǜ㡀ǜ
[2013/06/28 16:45:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˪㠘˪楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/06/28 16:45:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˪㠘˪楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/06/02 16:53:40 | 000,000,000 | ---D | M](C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\睨ˈ㠘ˈ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/06/02 16:53:40 | 000,000,000 | ---D | M](C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\睨ˈ㠘ˈ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/05/20 11:31:59 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䉠Ǎ㼐ǍÄǍ㍰Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡀Ǎ
[2013/05/20 11:31:59 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䉠Ǎ㼐ǍÄǍ㍰Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡀Ǎ
[2013/05/13 18:34:26 | 000,000,000 | ---D | M](C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\睨ˉ㠘ˉ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/05/13 18:34:26 | 000,000,000 | ---D | M](C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\睨ˉ㠘ˉ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/05/07 07:18:32 | 000,000,000 | ---D | M](C:\ProgramData\???S) -- C:\ProgramData\Ꮘ˪籐Ś
[2013/05/07 07:18:32 | 000,000,000 | ---D | M](C:\ProgramData\???S) -- C:\ProgramData\Ꮘ˪籐Ś
[2013/05/07 07:18:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ǵ㼘ǵÄǵ㍸ǵ8520-1533-40C5-AD09-953C574F14BCÄǵ㡈ǵ
[2013/05/07 07:18:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ǵ㼘ǵÄǵ㍸ǵ8520-1533-40C5-AD09-953C574F14BCÄǵ㡈ǵ
[2013/05/06 20:01:51 | 000,000,000 | ---D | M](C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\睨Ǘ㠘Ǘ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/05/06 20:01:51 | 000,000,000 | ---D | M](C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\睨Ǘ㠘Ǘ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/04/29 17:52:04 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ť㠘ť楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/04/29 17:52:04 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ť㠘ť楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/04/29 08:25:43 | 000,000,000 | ---D | M](C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\䉠Ò㼐ÒÄÒ㍰Ò8520-1533-40C5-AD09-953C574F14BCÄÒ㡀Ò
[2013/04/29 08:25:43 | 000,000,000 | ---D | M](C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\䉠Ò㼐ÒÄÒ㍰Ò8520-1533-40C5-AD09-953C574F14BCÄÒ㡀Ò
[2013/04/24 13:20:26 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䉠Ǚ㼐ǙÄǙ㍰Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡀Ǚ
[2013/04/24 13:20:26 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䉠Ǚ㼐ǙÄǙ㍰Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡀Ǚ
[2013/04/22 19:10:11 | 000,000,000 | ---D | M](C:\ProgramData\???`) -- C:\ProgramData\Ꮘʶ籐ˋ
[2013/04/22 19:10:11 | 000,000,000 | ---D | M](C:\ProgramData\???`) -- C:\ProgramData\Ꮘʶ籐ˋ
[2013/04/22 19:10:09 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䉨Ǧ㼘ǦÄǦ㍸Ǧ8520-1533-40C5-AD09-953C574F14BCÄǦ㡈Ǧ
[2013/04/22 19:10:09 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䉨Ǧ㼘ǦÄǦ㍸Ǧ8520-1533-40C5-AD09-953C574F14BCÄǦ㡈Ǧ
[2013/04/22 17:52:06 | 000,000,000 | ---D | M](C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\睨Ǧ㠘Ǧ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/04/22 17:52:06 | 000,000,000 | ---D | M](C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\睨Ǧ㠘Ǧ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/04/17 17:31:49 | 000,000,000 | ---D | M](C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\䉠x㼐xÄx㍰x8520-1533-40C5-AD09-953C574F14BCÄx㡀x
[2013/04/17 17:31:49 | 000,000,000 | ---D | M](C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\䉠x㼐xÄx㍰x8520-1533-40C5-AD09-953C574F14BCÄx㡀x
[2013/04/17 13:10:27 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘȼ籐ɍ
[2013/04/17 13:10:27 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘȼ籐ɍ
[2013/04/17 13:10:24 | 000,000,000 | ---D | M](C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\䉨Š㼘ŠÄŠ㍸Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡈Š
[2013/04/17 13:10:24 | 000,000,000 | ---D | M](C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\䉨Š㼘ŠÄŠ㍸Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡈Š
[2013/04/16 21:12:07 | 000,000,000 | ---D | M](C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\睨ŗ㠘ŗ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/04/16 21:12:07 | 000,000,000 | ---D | M](C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\睨ŗ㠘ŗ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/04/03 18:02:38 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐˗
[2013/04/03 18:02:38 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐˗
[2013/04/03 18:02:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ƶ㼘ƵÄƵ㍸Ƶ8520-1533-40C5-AD09-953C574F14BCÄƵ㡈Ƶ
[2013/04/03 18:02:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ƶ㼘ƵÄƵ㍸Ƶ8520-1533-40C5-AD09-953C574F14BCÄƵ㡈Ƶ
[2013/04/03 17:11:25 | 000,000,000 | ---D | M](C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\睨8㠘8楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/04/03 17:11:25 | 000,000,000 | ---D | M](C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\睨8㠘8楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/04/01 13:24:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Ǿ㼐ǾÄǾ㍰Ǿ8520-1533-40C5-AD09-953C574F14BCÄǾ㡀Ǿ
[2013/04/01 13:24:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Ǿ㼐ǾÄǾ㍰Ǿ8520-1533-40C5-AD09-953C574F14BCÄǾ㡀Ǿ
[2013/03/29 18:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\䉠á㼐áÄá㍰á8520-1533-40C5-AD09-953C574F14BCÄá㡀á
[2013/03/29 18:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\䉠á㼐áÄá㍰á8520-1533-40C5-AD09-953C574F14BCÄá㡀á
[2013/03/26 19:21:06 | 000,000,000 | ---D | M](C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\䉠ǩ㼐ǩÄǩ㍰ǩ8520-1533-40C5-AD09-953C574F14BCÄǩ㡀ǩ
[2013/03/26 19:21:06 | 000,000,000 | ---D | M](C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\䉠ǩ㼐ǩÄǩ㍰ǩ8520-1533-40C5-AD09-953C574F14BCÄǩ㡀ǩ
[2013/03/26 11:34:52 | 000,000,000 | ---D | M](C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀
[2013/03/26 11:34:52 | 000,000,000 | ---D | M](C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀
[2013/03/25 19:46:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐ƻ
[2013/03/25 19:46:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐ƻ
[2013/03/25 19:46:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨lj㼘ljÄlj㍸lj8520-1533-40C5-AD09-953C574F14BCÄlj㡈lj
[2013/03/25 19:46:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨lj㼘ljÄlj㍸lj8520-1533-40C5-AD09-953C574F14BCÄlj㡈lj
[2013/03/25 18:52:03 | 000,000,000 | ---D | M](C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\睨˜㠘˜楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/03/25 18:52:03 | 000,000,000 | ---D | M](C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\睨˜㠘˜楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/03/22 03:19:58 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䉠ǟ㼐ǟÄǟ㍰ǟ8520-1533-40C5-AD09-953C574F14BCÄǟ㡀ǟ
[2013/03/22 03:19:58 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䉠ǟ㼐ǟÄǟ㍰ǟ8520-1533-40C5-AD09-953C574F14BCÄǟ㡀ǟ
[2013/03/20 15:54:16 | 000,000,000 | ---D | M](C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\䉠ǐ㼐ǐÄǐ㍰ǐ8520-1533-40C5-AD09-953C574F14BCÄǐ㡀ǐ
[2013/03/20 15:54:16 | 000,000,000 | ---D | M](C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\䉠ǐ㼐ǐÄǐ㍰ǐ8520-1533-40C5-AD09-953C574F14BCÄǐ㡀ǐ
[2013/03/18 18:52:18 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˦㠘˦楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/03/18 18:52:18 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˦㠘˦楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/03/14 03:26:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀
[2013/03/14 03:26:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀
[2013/03/08 08:24:34 | 000,000,000 | ---D | M](C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\䉠)㼐)Ä)㍰)8520-1533-40C5-AD09-953C574F14BCÄ)㡀)
[2013/03/08 08:24:34 | 000,000,000 | ---D | M](C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\䉠)㼐)Ä)㍰)8520-1533-40C5-AD09-953C574F14BCÄ)㡀)
[2013/03/04 18:58:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˌ籐˧
[2013/03/04 18:58:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˌ籐˧
[2013/03/04 18:58:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ǣ㼘ǢÄǢ㍸Ǣ8520-1533-40C5-AD09-953C574F14BCÄǢ㡈Ǣ
[2013/03/04 18:58:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ǣ㼘ǢÄǢ㍸Ǣ8520-1533-40C5-AD09-953C574F14BCÄǢ㡈Ǣ
[2013/03/04 18:52:02 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˌ㠘ˌ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/03/04 18:52:02 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˌ㠘ˌ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/02/27 20:25:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˃㠘˃楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/02/27 20:25:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˃㠘˃楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/02/27 14:22:20 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\䉠ǎ㼐ǎ0
[2013/02/27 14:22:20 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\䉠ǎ㼐ǎ0
[2013/02/17 19:22:01 | 000,000,000 | ---D | M](C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\睨9㠘9楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/02/17 19:22:01 | 000,000,000 | ---D | M](C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\睨9㠘9楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/02/17 07:50:22 | 000,000,000 | ---D | M](C:\ProgramData\?|?|0) -- C:\ProgramData\䇨ǀ㺘ǀ0
[2013/02/17 07:50:22 | 000,000,000 | ---D | M](C:\ProgramData\?|?|0) -- C:\ProgramData\䇨ǀ㺘ǀ0
[2013/01/06 18:01:43 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\皸˙㝨˙楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/01/06 18:01:43 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\皸˙㝨˙楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
[2013/01/06 17:59:12 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ʀ㸈Ʀ0
[2013/01/06 17:59:12 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ʀ㸈Ʀ0
[2013/01/04 18:41:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ț㸈ț0
[2013/01/04 18:41:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ț㸈ț0
[2013/01/02 08:35:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȇ㸈ȇ0
[2013/01/02 08:35:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȇ㸈ȇ0
[2012/12/22 06:06:03 | 000,000,000 | ---D | M](C:\ProgramData\?.?.0) -- C:\ProgramData\䅘.㸈.0
[2012/12/22 06:06:03 | 000,000,000 | ---D | M](C:\ProgramData\?.?.0) -- C:\ProgramData\䅘.㸈.0
[2012/12/14 03:35:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȷ㸈ȷ0
[2012/12/14 03:35:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȷ㸈ȷ0
[2012/12/07 13:21:00 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘㸈0
[2012/12/07 13:21:00 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘㸈0
[2012/12/01 13:18:34 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȴ㸈ȴ0
[2012/12/01 13:18:34 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȴ㸈ȴ0
[2012/11/30 21:04:36 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȅ㸈ȅ0
[2012/11/30 21:04:36 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȅ㸈ȅ0
[2012/11/30 17:56:55 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȥ㸈Ȥ0
[2012/11/30 17:56:55 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȥ㸈Ȥ0
[2012/11/28 17:41:03 | 000,000,000 | ---D | M](C:\ProgramData\?@?@0) -- C:\ProgramData\䅘@㸈@0
[2012/11/28 17:41:03 | 000,000,000 | ---D | M](C:\ProgramData\?@?@0) -- C:\ProgramData\䅘@㸈@0
[2012/11/28 14:07:54 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ǽ㸈ǽ0
[2012/11/28 14:07:54 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ǽ㸈ǽ0
[2012/11/27 13:35:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȳ㸈Ȳ0
[2012/11/27 13:35:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȳ㸈Ȳ0
[2012/11/26 14:40:33 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȏ㸈Ȏ0
[2012/11/26 14:40:33 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȏ㸈Ȏ0
[2012/11/25 16:09:01 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȸ㸈ȸ0
[2012/11/25 16:09:01 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȸ㸈ȸ0
[2012/11/17 07:42:48 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䃨ǵ㶘ǵ0
[2012/11/17 07:42:48 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䃨ǵ㶘ǵ0
(C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\䉠x㼐xÄx㍰x8520-1533-40C5-AD09-953C574F14BCÄx㡀x
(C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䉠Ǚ㼐ǙÄǙ㍰Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡀Ǚ
(C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䉠ǜ㼐ǜÄǜ㍰ǜ8520-1533-40C5-AD09-953C574F14BCÄǜ㡀ǜ
(C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\睨Ǘ㠘Ǘ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ţ㠘ţ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ť㠘ť楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\䉨Š㼘ŠÄŠ㍸Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡈Š
(C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\睨ŗ㠘ŗ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\䉠Ò㼐ÒÄÒ㍰Ò8520-1533-40C5-AD09-953C574F14BCÄÒ㡀Ò
(C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\䉠ǩ㼐ǩÄǩ㍰ǩ8520-1533-40C5-AD09-953C574F14BCÄǩ㡀ǩ
(C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\䉠ǐ㼐ǐÄǐ㍰ǐ8520-1533-40C5-AD09-953C574F14BCÄǐ㡀ǐ
(C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䉨Ǧ㼘ǦÄǦ㍸Ǧ8520-1533-40C5-AD09-953C574F14BCÄǦ㡈Ǧ
(C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\睨Ǧ㠘Ǧ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䉠Ē㼐ĒÄĒ㍰Ē8520-1533-40C5-AD09-953C574F14BCÄĒ㡀Ē
(C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\䉘é㼈éÄé㍨é8520-1533-40C5-AD09-953C574F14BCÄé㠸é
(C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\䉠á㼐áÄá㍰á8520-1533-40C5-AD09-953C574F14BCÄá㡀á
(C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䉠ǟ㼐ǟÄǟ㍰ǟ8520-1533-40C5-AD09-953C574F14BCÄǟ㡀ǟ
(C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䉠Ǎ㼐ǍÄǍ㍰Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡀Ǎ
(C:\ProgramData\?a?a0) -- C:\ProgramData\䉠ǎ㼐ǎ0
(C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\睨9㠘9楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\睨8㠘8楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀
(C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCĬ?¬) -- C:\ProgramData\䉨¬㼘¬Ä¬㍸¬8520-1533-40C5-AD09-953C574F14BCĬ㡈¬
(C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\睨˜㠘˜楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\睨ˉ㠘ˉ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\?|?|0) -- C:\ProgramData\䇨ǀ㺘ǀ0
(C:\ProgramData\?@?@0) -- C:\ProgramData\䅘@㸈@0
(C:\ProgramData\???S) -- C:\ProgramData\Ꮘ˪籐Ś
(C:\ProgramData\???`) -- C:\ProgramData\Ꮘʶ籐ˋ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ƶ㼘ƵÄƵ㍸Ƶ8520-1533-40C5-AD09-953C574F14BCÄƵ㡈Ƶ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ƿ㼘ƿÄƿ㍸ƿ8520-1533-40C5-AD09-953C574F14BCÄƿ㡈ƿ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨lj㼘ljÄlj㍸lj8520-1533-40C5-AD09-953C574F14BCÄlj㡈lj
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ǵ㼘ǵÄǵ㍸ǵ8520-1533-40C5-AD09-953C574F14BCÄǵ㡈ǵ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ǣ㼘ǢÄǢ㍸Ǣ8520-1533-40C5-AD09-953C574F14BCÄǢ㡈Ǣ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠ƺ㼐ƺÄƺ㍰ƺ8520-1533-40C5-AD09-953C574F14BCÄƺ㡀ƺ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Ǿ㼐ǾÄǾ㍰Ǿ8520-1533-40C5-AD09-953C574F14BCÄǾ㡀Ǿ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠DŽ㼐DŽÄDŽ㍰DŽ8520-1533-40C5-AD09-953C574F14BCÄDŽ㡀DŽ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCÄ㡀
(C:\ProgramData\????0) -- C:\ProgramData\䅘Ȥ㸈Ȥ0
(C:\ProgramData\????0) -- C:\ProgramData\䅘Ȳ㸈Ȳ0
(C:\ProgramData\????0) -- C:\ProgramData\䅘ț㸈ț0
(C:\ProgramData\????0) -- C:\ProgramData\䅘Ʀ㸈Ʀ0
(C:\ProgramData\????0) -- C:\ProgramData\䅘Ȏ㸈Ȏ0
(C:\ProgramData\????0) -- C:\ProgramData\䅘ȴ㸈ȴ0
(C:\ProgramData\????0) -- C:\ProgramData\䅘ȷ㸈ȷ0
(C:\ProgramData\????0) -- C:\ProgramData\䅘ȇ㸈ȇ0
(C:\ProgramData\????0) -- C:\ProgramData\䅘ȅ㸈ȅ0
(C:\ProgramData\????0) -- C:\ProgramData\䅘ȸ㸈ȸ0
(C:\ProgramData\????0) -- C:\ProgramData\䅘ǽ㸈ǽ0
(C:\ProgramData\????0) -- C:\ProgramData\䅘㸈0
(C:\ProgramData\????0) -- C:\ProgramData\䃨ǵ㶘ǵ0
(C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\睨ˈ㠘ˈ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˦㠘˦楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˓㠘˓楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˃㠘˃楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˌ㠘ˌ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˪㠘˪楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˢ㠘ˢ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\皸˙㝨˙楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽
(C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐ƻ
(C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐
(C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐˗
(C:\ProgramData\????) -- C:\ProgramData\Ꮘˌ籐˧
(C:\ProgramData\????) -- C:\ProgramData\Ꮘ˖籐˴
(C:\ProgramData\????) -- C:\ProgramData\Ꮘˡ籐˺
(C:\ProgramData\????) -- C:\ProgramData\Ꮘȼ籐ɍ
(C:\ProgramData\?.?.0) -- C:\ProgramData\䅘.㸈.0
(C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\䉠)㼐)Ä)㍰)8520-1533-40C5-AD09-953C574F14BCÄ)㡀)
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:2683706C
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:373E1720

< End of report >
 

[piwonia2121]

jako ze z niczego innego niemoge zrobic loga przeslalam otl

[muzyk75]

Zaznaczyłaś w OTL "wszyscy użytkownicy"? To co jest do wklejenia- wklejasz do OTL.

 

Zobacz czy w "Panel sterowania"-->"Programy i funkcje"-->jest to: PackageTracer_69; MindSpark; COMPANYVERS_NAME; VER_COMPANY_NAME; PC Utilities Pro; Updater;

 

Pobierz: TFC Temp File Cleaner by Oldtimer: "Dział pomocy doraźnej"-->"Dezynfekcja kroki finalizujące temat"-->"Czyszczenie lokalizacji tymczasowych" Naciśnij "start" i rozpocznie się usuwanie plików tymczasowych.

 

Pobierz Malwarebytes Anti-Malware i wykonaj skany.

 

Jeżeli nieuda się to przejdź do trybu awaryjnego. Podczas uruchamiania komputera, gdy wyświetli się logo producenta naciśnij kilkakrotnie F8--> uruchom tryb awaryjny z dostępem do sieci i wykonaj wszystko raz jeszcze + to co teraz napisałem.

[piwonia2121]

czesc, zrobilam TFC oraz ANTI-MALWARE, usunelam infekcje.dalej zrobilam skan otl,poszlo ladnie,tylko niemoge tutaj tego wkleic wyskakuje blad o zbyt dlugiej wiadomosci.

nastepnie przeszlam w tryb awaryjny probowalam zrobic skan FRST oraz GMEREM,oba z tym samym rezultatem,a mainowicie program stopped working i trzeba bylo go zamknac.

teraz robie roguekiller, zeskanowalam,nic nie wyskoczylma,nacisnelam fix hosts,komunikat ze naprawione.

i co dalej mam robic?komoputer wydaje sie byc ok,zaczelo wszystko szybciej chodzic po tym jak przeskanoalam tfc i antimalware,jednak skoro niemoge uruchomic frst ani gmera znaczy ze cos jeszcze mi tu siedzi.

[piwonia2121]

OTL logfile created on: 20/11/2013 17:09:51 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Robus\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
1.96 Gb Total Physical Memory | 0.80 Gb Available Physical Memory | 40.55% Memory free
4.15 Gb Paging File | 2.36 Gb Available in Paging File | 56.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 109.88 Gb Total Space | 43.31 Gb Free Space | 39.41% Space Free | Partition Type: NTFS
Drive F: | 110.00 Gb Total Space | 28.23 Gb Free Space | 25.66% Space Free | Partition Type: NTFS
 
Computer Name: ROBUS-PC | User Name: Robus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/11/18 17:11:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Robus\Downloads\OTL.exe
PRC - [2013/11/15 17:41:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe
PRC - [2013/10/25 23:45:12 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2013/10/25 23:07:48 | 000,073,832 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2013/10/20 08:00:19 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
PRC - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) -- C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
PRC - [2013/09/25 16:37:00 | 020,133,824 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe
PRC - [2013/05/11 10:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/19 15:35:36 | 002,833,120 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/08/07 13:12:07 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Robus\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2011/12/10 11:07:30 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2011/05/03 18:46:18 | 000,047,424 | ---- | M] (The Nielsen Company) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2008/01/21 02:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/11/19 21:54:02 | 000,557,056 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\pysqlite2._sqlite.pyd
MOD - [2013/11/19 21:54:02 | 000,128,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_elementtree.pyd
MOD - [2013/11/19 21:54:02 | 000,098,816 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32api.pyd
MOD - [2013/11/19 21:54:02 | 000,044,032 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_socket.pyd
MOD - [2013/11/19 21:54:02 | 000,026,624 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_multiprocessing.pyd
MOD - [2013/11/19 21:54:02 | 000,022,528 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32ts.pyd
MOD - [2013/11/19 21:54:01 | 000,805,888 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._gdi_.pyd
MOD - [2013/11/19 21:54:01 | 000,320,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32com.shell.shell.pyd
MOD - [2013/11/19 21:54:01 | 000,070,656 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._html2.pyd
MOD - [2013/11/19 21:54:01 | 000,011,264 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32crypt.pyd
MOD - [2013/11/19 21:54:00 | 000,735,232 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._misc_.pyd
MOD - [2013/11/19 21:54:00 | 000,504,832 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\windows._cacheinvalidation.pyd
MOD - [2013/11/19 21:54:00 | 000,364,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\pythoncom27.dll
MOD - [2013/11/19 21:54:00 | 000,087,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_ctypes.pyd
MOD - [2013/11/19 21:54:00 | 000,017,408 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32profile.pyd
MOD - [2013/11/19 21:53:59 | 000,110,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\pywintypes27.dll
MOD - [2013/11/19 21:53:59 | 000,108,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32security.pyd
MOD - [2013/11/19 21:53:58 | 001,175,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._core_.pyd
MOD - [2013/11/19 21:53:58 | 001,153,024 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_ssl.pyd
MOD - [2013/11/19 21:53:57 | 000,711,680 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_hashlib.pyd
MOD - [2013/11/19 21:53:57 | 000,035,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32process.pyd
MOD - [2013/11/19 21:53:57 | 000,025,600 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32pdh.pyd
MOD - [2013/11/19 21:53:56 | 000,811,008 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._windows_.pyd
MOD - [2013/11/19 21:53:56 | 000,122,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._wizard.pyd
MOD - [2013/11/19 21:53:55 | 000,119,808 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32file.pyd
MOD - [2013/11/19 21:53:55 | 000,038,912 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32inet.pyd
MOD - [2013/11/19 21:53:52 | 001,062,400 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._controls_.pyd
MOD - [2013/11/19 21:53:50 | 000,018,432 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32event.pyd
MOD - [2013/11/19 21:53:49 | 000,686,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\unicodedata.pyd
MOD - [2013/11/19 21:53:49 | 000,127,488 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\pyexpat.pyd
MOD - [2013/11/19 21:53:48 | 000,010,240 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\select.pyd
MOD - [2013/11/15 17:41:18 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/10/20 08:00:16 | 016,233,864 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_117.dll
MOD - [2013/04/19 15:33:50 | 000,502,784 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\nsmmc.dll
MOD - [2013/03/20 15:55:22 | 000,753,664 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npfirefoxprocessor.dll
MOD - [2013/03/20 15:54:10 | 000,224,768 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npwmi.dll
MOD - [2013/03/20 15:53:56 | 000,228,864 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npsurvey.dll
MOD - [2013/03/20 15:53:48 | 000,150,528 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npsp1.dll
MOD - [2013/03/20 15:53:38 | 000,503,808 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\communication.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- c:\progra~1\optimi~1\OptProCrash.exe -- (ca82e1a5)
SRV - File not found [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2013/11/15 17:41:18 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe -- (PackageTracer_69Service)
SRV - [2013/10/25 23:45:12 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2013/10/20 08:00:20 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/11 10:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/19 15:35:36 | 002,833,120 | ---- | M] () [Auto | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe -- (NielsenUpdate)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/21 02:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/21 02:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcecm.sys -- (huawei_cdcecm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2013/09/29 23:30:48 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013/06/13 16:34:06 | 000,452,120 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/20 15:52:42 | 000,023,008 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\nnfwdk.sys -- (nnfwdk)
DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/05 03:32:50 | 000,093,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/05/12 03:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2009/12/17 15:02:20 | 001,203,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009/09/29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009/09/29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2009/07/03 17:21:00 | 000,168,448 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/04/11 04:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/03/20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009/03/20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009/03/20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2008/01/21 02:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/11/14 00:11:54 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2006/11/10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
DRV - [2006/11/02 07:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 07:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{f5827716-9540-492e-9e9a-9f18bb2e7912}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&ind=2013111814&n=77fda606&psa=&st=sb&searchfor={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {f5827716-9540-492e-9e9a-9f18bb2e7912}
IE - HKCU\..\SearchScopes\{f5827716-9540-492e-9e9a-9f18bb2e7912}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&ind=2013111814&n=77fda606&psa=&st=sb&searchfor={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Ask Web Search"
FF - prefs.js..browser.search.order.1: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Ask Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda60b&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ"
FF - prefs.js..extensions.enabledAddons: 69ffxtbr%40PackageTracer_69.com:5.40.2.43053
FF - prefs.js..extensions.enabledAddons: %7Bf35b3d43-735b-29de-1ac7-4e569be965a6%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40zonealarm.com:1.6.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com/?Programid=132&Elementname=Keyword&Applicationid={559CE969-7E04-43B1-BF56-2F90A256442B}&Version=3.6.5&Vintage=20120727&Defaultbrowserid=30&Productid=2869&Vendorid=6413&Offerid=16934&searchterm="
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.prev: "StartWeb"
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.savedPrev: "true"
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.tb: "Ask Web Search"
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.prev: "StartWeb"
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.savedPrev: "true"
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.tb: "Ask Web Search"
FF - prefs.js..browser.startup.homepage: "true"
FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda60b&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ"
FF - prefs.js..keyword.URL: "http://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda60b&ind=2013111819&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ&searchfor="
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: C:\Program Files\NetRatingsNetSight\NetSight\meter9\FirefoxAddOns\npfirefoxtracker.dll (Nielsen)
FF - HKLM\Software\MozillaPlugins\@PackageTracer_69.com/Plugin: C:\Program Files\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Robus\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Robus\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\netsight@nielsen.com: C:\Program Files\NetRatingsNetSight\NetSight\meter9\FirefoxAddOns\netsight@nielsen.xpi [2013/11/19 21:54:33 | 000,008,924 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/15 17:40:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/15 17:40:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/15 17:40:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/15 17:40:58 | 000,000,000 | ---D | M]
 
[2013/10/04 21:28:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Extensions
[2013/11/19 14:30:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions
[2013/09/29 23:58:59 | 000,000,000 | ---D | M] ("WinToFlash Suggestor") -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}
[2013/11/14 19:41:03 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2013/11/14 17:56:34 | 000,000,000 | ---D | M] ("Snap.Do ") -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{f35b3d43-735b-29de-1ac7-4e569be965a6}
[2013/11/07 09:05:56 | 000,000,000 | ---D | M] (PackageTracer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\69ffxtbr@PackageTracer_69.com
[2013/11/14 19:41:05 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@zonealarm.com
[2012/07/02 12:06:26 | 000,000,000 | ---D | M] (RivalGaming) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\links@rivalgaming.com
[2013/11/18 18:54:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\pm2306dz.default\extensions
[2012/07/02 13:28:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\pm2306dz.default\extensions\staged
[2012/05/25 15:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi
[2013/03/21 07:15:42 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\extensions\ffxtlbr@zonealarm.com\content\Abine\chrome\content\ff\view_expiry.js
[2012/05/25 15:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\pm2306dz.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi
[2013/11/18 19:00:25 | 000,009,625 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\searchplugins\ask-web-search.xml
[2013/11/18 18:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/11/15 17:40:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/15 17:41:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - homepage: http://www.google.com
CHR - homepage: http://www.google.com
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmdlgjgaamffjidnpeddnekffilecamo\5.0.0.0_0\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013/11/18 19:10:34 | 000,000,741 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1    localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll File not found
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {CF28D96E-985F-43A6-B320-C2186B551472} - No CLSID value found.
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll (Check Point Software Technologies LTD)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Robus\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.11.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A7C213F-BD10-4507-9ECF-0A4CB9E8F770}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Robus\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Robus\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{06b5badb-821d-11e1-b0d3-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{06b5badb-821d-11e1-b0d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{06b5bb14-821d-11e1-b0d3-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{06b5bb14-821d-11e1-b0d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{06cd51c8-3f69-11e1-95cc-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{06cd51c8-3f69-11e1-95cc-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{06cd51dd-3f69-11e1-95cc-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{06cd51dd-3f69-11e1-95cc-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{070c50b2-9bdb-11e1-9c13-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{070c50b2-9bdb-11e1-9c13-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{0c7092ad-e55e-11e1-9b1d-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{0c7092ad-e55e-11e1-9b1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{0c7092d8-e55e-11e1-9b1d-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{0c7092d8-e55e-11e1-9b1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{0f0fd768-dbb1-11e1-a0bd-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{0f0fd768-dbb1-11e1-a0bd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{12618484-c74d-11e0-a61f-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{12618484-c74d-11e0-a61f-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{1549a200-68f6-11e1-8edf-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{1549a200-68f6-11e1-8edf-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{1ad50e5b-6529-11e1-a3bf-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{1ad50e5b-6529-11e1-a3bf-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{23075d0c-d15a-11e0-99fd-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{23075d0c-d15a-11e0-99fd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{23075d0f-d15a-11e0-99fd-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{23075d0f-d15a-11e0-99fd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{238bcd28-e77a-11e1-a5d3-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{238bcd28-e77a-11e1-a5d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{238bce2d-e77a-11e1-a5d3-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{238bce2d-e77a-11e1-a5d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{27a83e0d-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{27a83e0d-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{27a842cf-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{27a842cf-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{2819ac09-7e3d-11df-af43-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2819ac09-7e3d-11df-af43-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{2819ac5c-7e3d-11df-af43-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{2819ac5c-7e3d-11df-af43-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{28d8d3e7-1819-11e1-94ff-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{28d8d3e7-1819-11e1-94ff-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{360c7105-36ca-11e1-b679-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{360c7105-36ca-11e1-b679-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{362aa6e3-e2ee-11e1-b072-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{362aa6e3-e2ee-11e1-b072-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{362aa6f2-e2ee-11e1-b072-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{362aa6f2-e2ee-11e1-b072-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{364e5016-e212-11e1-9ce9-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{364e5016-e212-11e1-9ce9-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{3912ded5-3c41-11e1-85e6-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{3912ded5-3c41-11e1-85e6-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{3f831bbc-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{3f831bbc-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{3f831bfb-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{3f831bfb-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{3f831bff-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{3f831bff-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4878944f-357c-11e1-bc31-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{4878944f-357c-11e1-bc31-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4a75f172-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{4a75f172-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4a75f1a3-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{4a75f1a3-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4a75f272-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{4a75f272-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4a75f274-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{4a75f274-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{5bb69e98-5f03-11e1-a466-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{5bb69e98-5f03-11e1-a466-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{5c3c43cc-199b-11e1-a214-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{5c3c43cc-199b-11e1-a214-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{6c783c1e-e1e6-11e1-a55e-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{6c783c1e-e1e6-11e1-a55e-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{6c783c28-e1e6-11e1-a55e-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{6c783c28-e1e6-11e1-a55e-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{7be162aa-23de-11e1-bb6a-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{7be162aa-23de-11e1-bb6a-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{7cef6981-dd45-11e1-9f03-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{7cef6981-dd45-11e1-9f03-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{7cef6ab4-dd45-11e1-9f03-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{7cef6ab4-dd45-11e1-9f03-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{7dbc8846-ad58-11e1-9e48-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{7dbc8846-ad58-11e1-9e48-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{7dbc8897-ad58-11e1-9e48-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{7dbc8897-ad58-11e1-9e48-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{8f9aa80f-837e-11e1-9a1d-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{8f9aa80f-837e-11e1-9a1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{9156b298-4ede-11e1-847c-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{9156b298-4ede-11e1-847c-002454208e82}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{a0e47c3e-e0aa-11e1-99f1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{a0e47c3e-e0aa-11e1-99f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{a0e47c80-e0aa-11e1-99f1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{a0e47c80-e0aa-11e1-99f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ad51c4f4-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ad51c4f4-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ad51c4f8-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ad51c4f8-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ad51ca3a-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ad51ca3a-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ad51cedd-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ad51cedd-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{b163e4d0-eb97-11e1-b121-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{b163e4d0-eb97-11e1-b121-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{b47b40ce-43e7-11e0-ae9c-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{b47b40ce-43e7-11e0-ae9c-002454208e82}\Shell\AutoRun\command - "" = D:\DPFMate.exe
O33 - MountPoints2\{b7f91bcf-f648-11e0-8a5d-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{b7f91bcf-f648-11e0-8a5d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c00643fb-c446-11e1-a099-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c00643fb-c446-11e1-a099-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c050d675-6daa-11e1-8824-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c050d675-6daa-11e1-8824-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c050d677-6daa-11e1-8824-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c050d677-6daa-11e1-8824-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c09ca255-36c1-11e1-b84d-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c09ca255-36c1-11e1-b84d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c363f797-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c363f797-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c363f7c0-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c363f7c0-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c363f7c3-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c363f7c3-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c363f7da-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c363f7da-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c363fcdf-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c363fcdf-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{cac41099-e432-11df-9781-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{cac41099-e432-11df-9781-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{e4506d49-3142-11e1-884b-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{e4506d49-3142-11e1-884b-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{e7a4db2a-d924-11e1-9bec-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{e7a4db2a-d924-11e1-9bec-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ee298306-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ee298306-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ee298319-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ee298319-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ee29838d-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ee29838d-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{f10f337d-7f00-11df-924f-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{f10f337d-7f00-11df-924f-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{f55a33eb-9c3e-11e1-8c33-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{f55a33eb-9c3e-11e1-8c33-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{f55a33f8-9c3e-11e1-8c33-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{f55a33f8-9c3e-11e1-8c33-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{fd245ccf-fd7c-11e0-bf19-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{fd245ccf-fd7c-11e0-bf19-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/11/19 17:29:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/19 17:29:35 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/11/18 19:16:18 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\CrashDumps
[2013/11/18 19:11:44 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\IAC
[2013/11/18 19:11:43 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\PackageTracer_69
[2013/11/18 19:01:32 | 000,000,000 | ---D | C] -- C:\Users\Robus\Desktop\RK_Quarantine
[2013/11/18 18:51:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/18 18:14:54 | 000,000,000 | ---D | C] -- C:\FRST
[2013/11/15 17:40:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/11/15 17:38:41 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013/11/15 17:38:41 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013/11/14 19:51:04 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/11/14 19:51:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/11/14 19:51:01 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/11/14 19:51:01 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/11/14 19:51:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/11/14 19:50:59 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/11/14 19:50:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/11/14 19:50:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/11/14 18:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2013/11/14 18:31:16 | 000,256,904 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2013/11/14 18:26:57 | 000,000,000 | ---D | C] -- C:\Program Files\Check Point Software Technologies LTD
[2013/11/14 18:26:44 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Check Point Software Technologies LTD
[2013/11/14 18:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2013/11/14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater
[2013/11/14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RHelpers
[2013/11/14 17:29:52 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\Avg2014
[2013/11/13 09:22:52 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2013/11/07 09:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\PackageTracer_69
[2013/11/06 11:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\GPLGS
[2013/11/06 11:40:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator
[2013/11/06 11:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2012/03/03 09:17:15 | 002,371,152 | ---- | C] (DownVision                                                  ) -- C:\Users\Robus\AppData\Local\setup.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013/11/20 16:43:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2013/11/20 16:41:59 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/20 16:34:32 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/20 16:34:32 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/20 16:28:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/20 14:20:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2270810218-2394552768-2579885175-1000UA.job
[2013/11/20 14:20:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2270810218-2394552768-2579885175-1000Core.job
[2013/11/20 09:28:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/20 08:34:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/19 21:59:15 | 000,648,680 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/11/19 21:59:15 | 000,124,648 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/11/19 21:53:15 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013/11/19 17:29:38 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/18 22:05:12 | 000,034,195 | ---- | M] () -- C:\Users\Robus\Desktop\stol4.jpg
[2013/11/18 22:04:07 | 000,034,488 | ---- | M] () -- C:\Users\Robus\Desktop\stol3.jpg
[2013/11/18 22:03:37 | 000,034,488 | ---- | M] () -- C:\Users\Robus\Desktop\stol.jpg
[2013/11/18 19:26:23 | 000,028,426 | ---- | M] () -- C:\Users\Robus\Desktop\droppy heart.jpg
[2013/11/18 18:54:36 | 000,000,870 | ---- | M] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk
[2013/11/18 18:54:36 | 000,000,846 | ---- | M] () -- C:\Users\Robus\Desktop\Search.lnk
[2013/11/18 18:38:59 | 000,028,346 | ---- | M] () -- C:\Users\Robus\Desktop\niebieski.jpg
[2013/11/18 18:30:07 | 274,383,198 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/11/15 17:51:22 | 000,002,523 | ---- | M] () -- C:\Users\Robus\Desktop\HiJackThis.lnk
[2013/11/15 17:24:48 | 000,000,596 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog
[2013/11/14 19:43:05 | 000,417,569 | ---- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2013/11/14 19:26:12 | 000,001,288 | ---- | M] () -- C:\Windows\DCEBOOT.RST
[2013/11/14 19:25:12 | 000,210,992 | ---- | M] () -- C:\Windows\RegBootClean.exe
[2013/11/14 19:25:12 | 000,023,088 | ---- | M] () -- C:\Windows\DCEBoot.exe
[2013/11/14 19:15:07 | 000,308,980 | ---- | M] () -- C:\Users\Robus\AppData\Local\census.cache
[2013/11/14 19:14:36 | 000,196,747 | ---- | M] () -- C:\Users\Robus\AppData\Local\ars.cache
[2013/11/14 18:32:26 | 000,000,639 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2013/11/14 18:31:03 | 000,000,036 | ---- | M] () -- C:\Users\Robus\AppData\Local\housecall.guid.cache
[2013/11/09 20:34:04 | 000,001,875 | ---- | M] () -- C:\Users\Robus\Desktop\Wordpad.lnk
[2013/11/08 08:20:43 | 001,094,600 | ---- | M] () -- C:\Users\Robus\Desktop\rob and me.jpg
[2013/11/06 12:40:08 | 000,000,091 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\WB.CFG
[2013/11/05 18:48:26 | 001,608,730 | ---- | M] () -- C:\Users\Robus\Desktop\kino domowe.jpg
[2013/11/01 19:26:26 | 006,801,542 | ---- | M] () -- C:\Users\Robus\Desktop\salon1.jpg
[2013/11/01 18:43:00 | 002,478,596 | ---- | M] () -- C:\Users\Robus\Desktop\salon.jpg
[2013/10/28 10:48:11 | 000,000,223 | ---- | M] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Becky Misseldine.URL
 
========== Files Created - No Company Name ==========
 
[2013/11/19 17:29:38 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/18 22:05:12 | 000,034,195 | ---- | C] () -- C:\Users\Robus\Desktop\stol4.jpg
[2013/11/18 22:04:07 | 000,034,488 | ---- | C] () -- C:\Users\Robus\Desktop\stol3.jpg
[2013/11/18 19:25:53 | 000,028,426 | ---- | C] () -- C:\Users\Robus\Desktop\droppy heart.jpg
[2013/11/18 18:38:56 | 000,028,346 | ---- | C] () -- C:\Users\Robus\Desktop\niebieski.jpg
[2013/11/18 18:30:07 | 274,383,198 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/11/15 17:38:41 | 000,002,523 | ---- | C] () -- C:\Users\Robus\Desktop\HiJackThis.lnk
[2013/11/15 17:24:39 | 000,000,596 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog
[2013/11/14 19:26:12 | 000,001,288 | ---- | C] () -- C:\Windows\DCEBOOT.RST
[2013/11/14 19:24:48 | 000,210,992 | ---- | C] () -- C:\Windows\RegBootClean.exe
[2013/11/14 19:24:48 | 000,023,088 | ---- | C] () -- C:\Windows\DCEBoot.exe
[2013/11/14 19:15:07 | 000,308,980 | ---- | C] () -- C:\Users\Robus\AppData\Local\census.cache
[2013/11/14 19:14:36 | 000,196,747 | ---- | C] () -- C:\Users\Robus\AppData\Local\ars.cache
[2013/11/14 18:32:57 | 000,417,569 | ---- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2013/11/14 18:32:26 | 000,000,639 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2013/11/14 18:31:03 | 000,000,036 | ---- | C] () -- C:\Users\Robus\AppData\Local\housecall.guid.cache
[2013/11/14 17:56:10 | 000,000,870 | ---- | C] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk
[2013/11/14 17:56:10 | 000,000,846 | ---- | C] () -- C:\Users\Robus\Desktop\Search.lnk
[2013/11/13 09:22:52 | 000,218,228 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2013/11/09 20:34:04 | 000,001,875 | ---- | C] () -- C:\Users\Robus\Desktop\Wordpad.lnk
[2013/11/08 08:20:54 | 001,094,600 | ---- | C] () -- C:\Users\Robus\Desktop\rob and me.jpg
[2013/11/08 08:18:59 | 002,127,163 | ---- | C] () -- C:\Users\Robus\Desktop\koza.jpg
[2013/11/06 12:40:08 | 000,000,091 | ---- | C] () -- C:\Users\Robus\AppData\Roaming\WB.CFG
[2013/11/06 11:40:27 | 000,086,016 | ---- | C] () -- C:\Windows\System32\custmon32i.dll
[2013/11/05 20:08:53 | 006,801,542 | ---- | C] () -- C:\Users\Robus\Desktop\salon1.jpg
[2013/11/05 20:07:51 | 002,478,596 | ---- | C] () -- C:\Users\Robus\Desktop\salon.jpg
[2013/11/05 18:45:35 | 005,352,886 | ---- | C] () -- C:\Users\Robus\Desktop\stol2.jpg
[2013/11/05 18:45:08 | 004,445,439 | ---- | C] () -- C:\Users\Robus\Desktop\sofa.jpg
[2013/11/05 18:44:18 | 005,352,886 | ---- | C] () -- C:\Users\Robus\Desktop\stol1.jpg
[2013/11/05 18:44:02 | 000,034,488 | ---- | C] () -- C:\Users\Robus\Desktop\stol.jpg
[2013/11/05 18:40:07 | 001,608,730 | ---- | C] () -- C:\Users\Robus\Desktop\kino domowe.jpg
[2013/10/28 10:48:11 | 000,000,223 | ---- | C] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Becky Misseldine.URL
[2013/03/07 19:33:10 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2013/03/07 19:33:09 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2013/02/09 15:48:57 | 000,026,900 | ---- | C] () -- C:\Users\Robus\AppData\Local\dt.dat
[2012/06/30 13:41:12 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2012/03/03 09:17:16 | 000,000,972 | ---- | C] () -- C:\Users\Robus\AppData\Local\Darmowe.Wzory.Ulotek.Reklamowych.torrent
[2012/02/15 20:10:02 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012/02/15 20:10:02 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/12/08 19:31:23 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011/12/08 19:31:23 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011/06/28 07:26:54 | 000,024,334 | ---- | C] () -- C:\Users\Robus\AppData\Local\umowa poadzialu.pdf
[2011/06/17 14:34:06 | 000,000,000 | ---- | C] () -- C:\Users\Robus\AppData\Local\{78F2DA2B-44D9-40DC-9367-6AF299E2187A}
[2010/08/16 16:05:07 | 000,046,278 | ---- | C] () -- C:\Users\Robus\WSR Invoice - Mr. R. Plummer - 2452.pdf
[2010/06/26 21:06:37 | 000,123,392 | ---- | C] () -- C:\Users\Robus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 

[piwonia2121]

========== ZeroAccess Check ==========
 
[2006/11/02 12:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 17:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 04:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/21 02:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Custom Scans ==========
 
< PRC - [2013/11/07 09:05:47 | 000,044,784 | ---- | M] (MindSpark) -- C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe >
Invalid Switch: 07 09:05:47 | 000,044,784 | ---- | M] (MindSpark) -- C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe
 
< PRC - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe >
Invalid Switch: 07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe
 
< PRC - [2013/11/07 09:05:47 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69brmon.exe >
Invalid Switch: 07 09:05:47 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69brmon.exe
 
< PRC - [2013/10/29 08:24:24 | 002,886,464 | ---- | M] (Iminent) -- C:\Program Files\Common Files\Umbrella\Umbrella.exe >
Invalid Switch: 29 08:24:24 | 002,886,464 | ---- | M] (Iminent) -- C:\Program Files\Common Files\Umbrella\Umbrella.exe
 
< MOD - [2013/11/14 20:31:18 | 000,128,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_elementtree.pyd >
Invalid Switch: 14 20:31:18 | 000,128,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_elementtree.pyd
 
< MOD - [2013/11/14 20:31:18 | 000,098,816 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32api.pyd >
Invalid Switch: 14 20:31:18 | 000,098,816 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32api.pyd
 
< MOD - [2013/11/14 20:31:18 | 000,044,032 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_socket.pyd >
Invalid Switch: 14 20:31:18 | 000,044,032 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_socket.pyd
 
< MOD - [2013/11/14 20:31:18 | 000,022,528 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32ts.pyd >
Invalid Switch: 14 20:31:18 | 000,022,528 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32ts.pyd
 
< MOD - [2013/11/14 20:31:17 | 000,557,056 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pysqlite2._sqlite.pyd >
Invalid Switch: 14 20:31:17 | 000,557,056 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pysqlite2._sqlite.pyd
 
< MOD - [2013/11/14 20:31:17 | 000,320,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32com.shell.shell.pyd >
Invalid Switch: 14 20:31:17 | 000,320,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32com.shell.shell.pyd
 
< MOD - [2013/11/14 20:31:17 | 000,026,624 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_multiprocessing.pyd >
Invalid Switch: 14 20:31:17 | 000,026,624 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_multiprocessing.pyd
 
< MOD - [2013/11/14 20:31:16 | 000,070,656 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._html2.pyd >
Invalid Switch: 14 20:31:16 | 000,070,656 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._html2.pyd
 
< MOD - [2013/11/14 20:31:16 | 000,011,264 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32crypt.pyd >
Invalid Switch: 14 20:31:16 | 000,011,264 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32crypt.pyd
 
< MOD - [2013/11/14 20:31:15 | 000,805,888 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._gdi_.pyd >
Invalid Switch: 14 20:31:15 | 000,805,888 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._gdi_.pyd
 
< MOD - [2013/11/14 20:31:15 | 000,504,832 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\windows._cacheinvalidation.pyd >
Invalid Switch: 14 20:31:15 | 000,504,832 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\windows._cacheinvalidation.pyd
 
< MOD - [2013/11/14 20:31:14 | 000,087,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_ctypes.pyd >
Invalid Switch: 14 20:31:14 | 000,087,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_ctypes.pyd
 
< MOD - [2013/11/14 20:31:14 | 000,017,408 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32profile.pyd >
Invalid Switch: 14 20:31:14 | 000,017,408 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32profile.pyd
 
< MOD - [2013/11/14 20:31:13 | 000,364,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pythoncom27.dll >
Invalid Switch: 14 20:31:13 | 000,364,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pythoncom27.dll
 
< MOD - [2013/11/14 20:31:12 | 000,735,232 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._misc_.pyd >
Invalid Switch: 14 20:31:12 | 000,735,232 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._misc_.pyd
 
< MOD - [2013/11/14 20:31:09 | 000,110,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pywintypes27.dll >
Invalid Switch: 14 20:31:09 | 000,110,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pywintypes27.dll
 
< MOD - [2013/11/14 20:31:08 | 001,175,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._core_.pyd >
Invalid Switch: 14 20:31:08 | 001,175,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._core_.pyd
 
< MOD - [2013/11/14 20:31:08 | 000,108,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32security.pyd >
Invalid Switch: 14 20:31:08 | 000,108,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32security.pyd
 
< MOD - [2013/11/14 20:31:06 | 001,153,024 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_ssl.pyd >
Invalid Switch: 14 20:31:06 | 001,153,024 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_ssl.pyd
 
< MOD - [2013/11/14 20:31:04 | 000,035,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32process.pyd >
Invalid Switch: 14 20:31:04 | 000,035,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32process.pyd
 
< MOD - [2013/11/14 20:31:04 | 000,025,600 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32pdh.pyd >
Invalid Switch: 14 20:31:04 | 000,025,600 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32pdh.pyd
 
< MOD - [2013/11/14 20:31:03 | 000,711,680 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_hashlib.pyd >
Invalid Switch: 14 20:31:03 | 000,711,680 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_hashlib.pyd
 
< MOD - [2013/11/14 20:31:02 | 000,811,008 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._windows_.pyd >
Invalid Switch: 14 20:31:02 | 000,811,008 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._windows_.pyd
 
< MOD - [2013/11/14 20:31:01 | 000,122,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._wizard.pyd >
Invalid Switch: 14 20:31:01 | 000,122,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._wizard.pyd
 
< MOD - [2013/11/14 20:31:01 | 000,119,808 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32file.pyd >
Invalid Switch: 14 20:31:01 | 000,119,808 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32file.pyd
 
< MOD - [2013/11/14 20:30:59 | 000,038,912 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32inet.pyd >
Invalid Switch: 14 20:30:59 | 000,038,912 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32inet.pyd
 
< MOD - [2013/11/14 20:30:32 | 001,062,400 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._controls_.pyd >
Invalid Switch: 14 20:30:32 | 001,062,400 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._controls_.pyd
 
< MOD - [2013/11/14 20:30:29 | 000,018,432 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32event.pyd >
Invalid Switch: 14 20:30:29 | 000,018,432 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32event.pyd
 
< MOD - [2013/11/14 20:30:27 | 000,686,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\unicodedata.pyd >
Invalid Switch: 14 20:30:27 | 000,686,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\unicodedata.pyd
 
< MOD - [2013/11/14 20:30:27 | 000,127,488 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pyexpat.pyd >
Invalid Switch: 14 20:30:27 | 000,127,488 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pyexpat.pyd
 
< MOD - [2013/11/14 20:30:26 | 000,010,240 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\select.pyd >
Invalid Switch: 14 20:30:26 | 000,010,240 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\select.pyd
 
< SRV - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe -- (PackageTracer_69Service) >
Invalid Switch: 07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe -- (PackageTracer_69Service)
 
< SRV - [2013/10/29 08:24:24 | 002,886,464 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files\Common Files\Umbrella\Umbrella.exe -- (SProtection) >
Invalid Switch: 29 08:24:24 | 002,886,464 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files\Common Files\Umbrella\Umbrella.exe -- (SProtection)
 
< IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...Date=14/11/2013 >
 
< IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent...q={searchTerms} >
 
< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-sea...120007&tsp=5027 >
Invalid Switch: www.delta-sea...120007&tsp=5027
 
< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...Date=14/11/2013 >
 
< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.c...Date=14/11/2013 >
 
< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.tb.ask.c...CFQ7LtAodBmcAtQ >
Invalid Switch: home.tb.ask.c...CFQ7LtAodBmcAtQ
 
< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.c...Date=14/11/2013 >
 
< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.c...Date=14/11/2013 >
 
< IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found >
 
< IE - HKCU\..\URLSearchHook: {97ef77e6-97be-4204-a890-2485903c5624} - No CLSID value found >
 
< IE - HKCU\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} >
 
< IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...Date=14/11/2013 >
 
< IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent...q={searchTerms} >
 
< FF - prefs.js..browser.search.order.1: "Secure Search" >
 
< FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.c...FQ7LtAodBmcAtQ" >
 
< FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com...34&searchterm=" >
 
< FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.c...FQ7LtAodBmcAtQ" >
 
< FF - prefs.js..keyword.URL: "http://search.tb.ask...AtQ&searchfor=" >
 
< FF - HKLM\Software\MozillaPlugins\@PackageTracer_69.com/Plugin: C:\Program Files\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark) >
Invalid Switch: Plugin: C:\Program Files\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark)
 
< [2013/02/04 17:29:55 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} >
Invalid Switch: 04 17:29:55 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
 
< [2013/11/07 09:05:56 | 000,000,000 | ---D | M] (PackageTracer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\69ffxtbr@PackageTracer_69.com >
Invalid Switch: 07 09:05:56 | 000,000,000 | ---D | M] (PackageTracer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\69ffxtbr@PackageTracer_69.com
 
< [2012/07/02 13:29:47 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@funmoods.com >
Invalid Switch: 02 13:29:47 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@funmoods.com
 
< [2013/11/15 17:25:48 | 000,000,000 | ---D | M] (Iminent Toolbar) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@iminent.com >
Invalid Switch: 15 17:25:48 | 000,000,000 | ---D | M] (Iminent Toolbar) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@iminent.com
 
< CHR - homepage: http://start.iminent...01-ECBD2E108515 >
Invalid Switch: start.iminent...01-ECBD2E108515
 
< CHR - homepage: http://start.iminent...01-ECBD2E108515 >
Invalid Switch: start.iminent...01-ECBD2E108515
 
< O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll File not found >
 
< O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found >
 
< O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found >
 
< O2 - BHO: (DataMngr) - {7DA17D5A-5718-4130-A605-FC316C827836} - C:\Program Files\Searchcore Toolbar\Datamngr\BrowserConnection.dll (Discordia , LTD) >
 
< O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc) >
 
< O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll File not found >
 
< O2 - BHO: (no name) - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - No CLSID value found. >
 
< O2 - BHO: (no name) - {CF28D96E-985F-43A6-B320-C2186B551472} - No CLSID value found. >
 
< O2 - BHO: (Toolbar BHO) - {87011c4e-fcde-4476-9348-ecf16134fc1f} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark) >
 
< O2 - BHO: (Search Assistant BHO) - {87eab57c-d0b7-4ca9-8e26-191bfc989e26} - C:\Program Files\PackageTracer_69\bar\1.bin\69SrcAs.dll (MindSpark) >
 
< O3 - HKLM\..\Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found. >
 
< O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found. >
 
< O3 - HKLM\..\Toolbar: (no name) - !{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. >
 
< O3 - HKLM\..\Toolbar: (Searchcore Toolbar) - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - C:\Program Files\Searchcore Toolbar\Datamngr\ToolBar\searchcoredtx.dll () >
 
< O3 - HKLM\..\Toolbar: (PackageTracer) - {ff343558-d5a5-454a-bdd8-c5c81e179fed} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark) >
 
< O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. >
 
< O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. >
 
< O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. >
 
< O4 - HKLM..\Run: [PackageTracer Search Scope Monitor] C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe (MindSpark) >
 
< O4 - HKLM..\Run: [PackageTracer_69 Browser Plugin Loader] C:\Program Files\PackageTracer_69\bar\1.bin\69brmon.exe (VER_COMPANY_NAME) >
 
< O4 - HKLM..\Run: [updater] C:\ProgramData\Updater\updater.exe (Updater) >
 
< O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found >
Invalid Switch: ActionTU.htm File not found
 
< O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found >
Invalid Switch: Action.htm File not found
 
< [2013/11/15 17:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\IminentToolbar >
Invalid Switch: 15 17:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\IminentToolbar
 
< [2013/11/15 17:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\IminentToolbar >
Invalid Switch: 15 17:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\IminentToolbar
 
< [2013/11/15 17:25:10 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Iminent >
Invalid Switch: 15 17:25:10 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Iminent
 
< [2013/11/15 17:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent >
Invalid Switch: 15 17:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent
 
< [2013/11/15 17:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent >
Invalid Switch: 15 17:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
 
< [2013/11/15 17:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella >
Invalid Switch: 15 17:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella
 
< [2013/11/15 17:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent >
Invalid Switch: 15 17:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent
 
< [2013/11/14 18:02:40 | 000,000,000 | ---D | C] -- C:\Users\Robus\Documents\Optimizer Pro >
Invalid Switch: 14 18:02:40 | 000,000,000 | ---D | C] -- C:\Users\Robus\Documents\Optimizer Pro
 
< [2013/11/14 18:02:40 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Optimizer Pro >
Invalid Switch: 14 18:02:40 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Optimizer Pro
 
< [2013/11/14 17:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 >
Invalid Switch: 14 17:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
 
< [2013/11/14 17:57:17 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro >
Invalid Switch: 14 17:57:17 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro
 
< [2013/11/14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater >
Invalid Switch: 14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater
 
< [2013/11/07 09:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\PackageTracer_69 >
Invalid Switch: 07 09:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\PackageTracer_69
 
< [2013/10/29 17:45:32 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard >
Invalid Switch: 29 17:45:32 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
 
< :Commands >
 
< [emptytemp] >
 
========== Files - Unicode (All) ==========
[2013/10/05 12:48:31 | 000,000,000 | ---D | M](C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é
[2013/10/05 12:48:31 | 000,000,000 | ---D | M](C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é
[2013/10/02 13:00:44 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\?t?t????????????????????p???????
[2013/10/02 13:00:44 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\?t?t????????????????????p???????
[2013/10/01 01:13:02 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/10/01 01:13:02 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/09/30 11:36:50 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
[2013/09/30 11:36:50 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
[2013/09/30 02:44:56 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/09/30 02:44:56 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/09/29 19:34:37 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E
[2013/09/29 19:34:37 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E
[2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCĬ?¬) -- C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCĬ?¬
[2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\????
[2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCĬ?¬) -- C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCĬ?¬
[2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\????
[2013/09/22 14:07:55 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\????
[2013/09/22 14:07:55 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\????
[2013/07/20 20:43:37 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\????
[2013/07/20 20:43:37 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\????
[2013/07/20 20:43:33 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/07/20 20:43:33 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/07/20 20:35:19 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
[2013/07/20 20:35:19 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
[2013/06/29 20:42:39 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/06/29 20:42:39 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/06/29 13:28:47 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/06/29 13:28:47 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/06/28 17:07:36 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u
[2013/06/28 17:07:36 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u
[2013/06/28 16:45:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
[2013/06/28 16:45:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
[2013/06/02 16:53:40 | 000,000,000 | ---D | M](C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\?'?'????????????????????p???????
[2013/06/02 16:53:40 | 000,000,000 | ---D | M](C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\?'?'????????????????????p???????
[2013/05/20 11:31:59 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A
[2013/05/20 11:31:59 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A
[2013/05/13 18:34:26 | 000,000,000 | ---D | M](C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\?¯?¯????????????????????p???????
[2013/05/13 18:34:26 | 000,000,000 | ---D | M](C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\?¯?¯????????????????????p???????
[2013/05/07 07:18:32 | 000,000,000 | ---D | M](C:\ProgramData\???S) -- C:\ProgramData\???S
[2013/05/07 07:18:32 | 000,000,000 | ---D | M](C:\ProgramData\???S) -- C:\ProgramData\???S
[2013/05/07 07:18:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/05/07 07:18:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/05/06 20:01:51 | 000,000,000 | ---D | M](C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\?U?U????????????????????p???????
[2013/05/06 20:01:51 | 000,000,000 | ---D | M](C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\?U?U????????????????????p???????
[2013/04/29 17:52:04 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\?t?t????????????????????p???????
[2013/04/29 17:52:04 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\?t?t????????????????????p???????
[2013/04/29 08:25:43 | 000,000,000 | ---D | M](C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò
[2013/04/29 08:25:43 | 000,000,000 | ---D | M](C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò
[2013/04/24 13:20:26 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U
[2013/04/24 13:20:26 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U
[2013/04/22 19:10:11 | 000,000,000 | ---D | M](C:\ProgramData\???`) -- C:\ProgramData\???`
[2013/04/22 19:10:11 | 000,000,000 | ---D | M](C:\ProgramData\???`) -- C:\ProgramData\???`
[2013/04/22 19:10:09 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G
[2013/04/22 19:10:09 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G
[2013/04/22 17:52:06 | 000,000,000 | ---D | M](C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\?G?G????????????????????p???????
[2013/04/22 17:52:06 | 000,000,000 | ---D | M](C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\?G?G????????????????????p???????
[2013/04/17 17:31:49 | 000,000,000 | ---D | M](C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x
[2013/04/17 17:31:49 | 000,000,000 | ---D | M](C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x
[2013/04/17 13:10:27 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\????
[2013/04/17 13:10:27 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\????
[2013/04/17 13:10:24 | 000,000,000 | ---D | M](C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š
[2013/04/17 13:10:24 | 000,000,000 | ---D | M](C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š
[2013/04/16 21:12:07 | 000,000,000 | ---D | M](C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\?r?r????????????????????p???????
[2013/04/16 21:12:07 | 000,000,000 | ---D | M](C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\?r?r????????????????????p???????
[2013/04/03 18:02:38 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\????
[2013/04/03 18:02:38 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\????
[2013/04/03 18:02:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/04/03 18:02:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/04/03 17:11:25 | 000,000,000 | ---D | M](C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\?8?8????????????????????p???????
[2013/04/03 17:11:25 | 000,000,000 | ---D | M](C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\?8?8????????????????????p???????
[2013/04/01 13:24:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/04/01 13:24:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/03/29 18:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á
[2013/03/29 18:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á
[2013/03/26 19:21:06 | 000,000,000 | ---D | M](C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k
[2013/03/26 19:21:06 | 000,000,000 | ---D | M](C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k
[2013/03/26 11:34:52 | 000,000,000 | ---D | M](C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?) -- C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?
[2013/03/26 11:34:52 | 000,000,000 | ---D | M](C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?) -- C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?
[2013/03/25 19:46:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\????
[2013/03/25 19:46:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\????
[2013/03/25 19:46:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/03/25 19:46:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/03/25 18:52:03 | 000,000,000 | ---D | M](C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\?˜?˜????????????????????p???????
[2013/03/25 18:52:03 | 000,000,000 | ---D | M](C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\?˜?˜????????????????????p???????
[2013/03/22 03:19:58 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a
[2013/03/22 03:19:58 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a
[2013/03/20 15:54:16 | 000,000,000 | ---D | M](C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i
[2013/03/20 15:54:16 | 000,000,000 | ---D | M](C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i
[2013/03/18 18:52:18 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
[2013/03/18 18:52:18 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
[2013/03/14 03:26:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/03/14 03:26:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/03/08 08:24:34 | 000,000,000 | ---D | M](C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)
[2013/03/08 08:24:34 | 000,000,000 | ---D | M](C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)
[2013/03/04 18:58:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\????
[2013/03/04 18:58:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\????
[2013/03/04 18:58:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/03/04 18:58:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
[2013/03/04 18:52:02 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
[2013/03/04 18:52:02 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
[2013/02/27 20:25:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
[2013/02/27 20:25:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
[2013/02/27 14:22:20 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\?a?a0
[2013/02/27 14:22:20 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\?a?a0
[2013/02/17 19:22:01 | 000,000,000 | ---D | M](C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\?9?9????????????????????p???????
[2013/02/17 19:22:01 | 000,000,000 | ---D | M](C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\?9?9????????????????????p???????
[2013/02/17 07:50:22 | 000,000,000 | ---D | M](C:\ProgramData\?|?|0) -- C:\ProgramData\?|?|0
[2013/02/17 07:50:22 | 000,000,000 | ---D | M](C:\ProgramData\?|?|0) -- C:\ProgramData\?|?|0
[2013/01/06 18:01:43 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
[2013/01/06 18:01:43 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
[2013/01/06 17:59:12 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2013/01/06 17:59:12 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2013/01/04 18:41:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2013/01/04 18:41:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2013/01/02 08:35:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2013/01/02 08:35:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/12/22 06:06:03 | 000,000,000 | ---D | M](C:\ProgramData\?.?.0) -- C:\ProgramData\?.?.0
[2012/12/22 06:06:03 | 000,000,000 | ---D | M](C:\ProgramData\?.?.0) -- C:\ProgramData\?.?.0
[2012/12/14 03:35:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/12/14 03:35:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/12/07 13:21:00 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/12/07 13:21:00 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/12/01 13:18:34 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/12/01 13:18:34 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/11/30 21:04:36 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/11/30 21:04:36 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/11/30 17:56:55 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/11/30 17:56:55 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/11/28 17:41:03 | 000,000,000 | ---D | M](C:\ProgramData\?@?@0) -- C:\ProgramData\?@?@0
[2012/11/28 17:41:03 | 000,000,000 | ---D | M](C:\ProgramData\?@?@0) -- C:\ProgramData\?@?@0
[2012/11/28 14:07:54 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/11/28 14:07:54 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/11/27 13:35:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/11/27 13:35:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/11/26 14:40:33 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/11/26 14:40:33 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/11/25 16:09:01 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/11/25 16:09:01 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/11/17 07:42:48 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
[2012/11/17 07:42:48 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\????0
(C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x
(C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U
(C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u
(C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\?U?U????????????????????p???????
(C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\?t?t????????????????????p???????
(C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\?t?t????????????????????p???????
(C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š
(C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\?r?r????????????????????p???????
(C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò
(C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k
(C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i
(C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G
(C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\?G?G????????????????????p???????
(C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E
(C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é
(C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á
(C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a
(C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A
(C:\ProgramData\?a?a0) -- C:\ProgramData\?a?a0
(C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\?9?9????????????????????p???????
(C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\?8?8????????????????????p???????
(C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?) -- C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCÄ?
(C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCĬ?¬) -- C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCĬ?¬
(C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\?˜?˜????????????????????p???????
(C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\?¯?¯????????????????????p???????
(C:\ProgramData\?|?|0) -- C:\ProgramData\?|?|0
(C:\ProgramData\?@?@0) -- C:\ProgramData\?@?@0
(C:\ProgramData\???S) -- C:\ProgramData\???S
(C:\ProgramData\???`) -- C:\ProgramData\???`
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???
(C:\ProgramData\????0) -- C:\ProgramData\????0
(C:\ProgramData\????0) -- C:\ProgramData\????0
(C:\ProgramData\????0) -- C:\ProgramData\????0
(C:\ProgramData\????0) -- C:\ProgramData\????0
(C:\ProgramData\????0) -- C:\ProgramData\????0
(C:\ProgramData\????0) -- C:\ProgramData\????0
(C:\ProgramData\????0) -- C:\ProgramData\????0
(C:\ProgramData\????0) -- C:\ProgramData\????0
(C:\ProgramData\????0) -- C:\ProgramData\????0
(C:\ProgramData\????0) -- C:\ProgramData\????0
(C:\ProgramData\????0) -- C:\ProgramData\????0
(C:\ProgramData\????0) -- C:\ProgramData\????0
(C:\ProgramData\????0) -- C:\ProgramData\????0
(C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\?'?'????????????????????p???????
(C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
(C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
(C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
(C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
(C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
(C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
(C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\????????????????????????p???????
(C:\ProgramData\????) -- C:\ProgramData\????
(C:\ProgramData\????) -- C:\ProgramData\????
(C:\ProgramData\????) -- C:\ProgramData\????
(C:\ProgramData\????) -- C:\ProgramData\????
(C:\ProgramData\????) -- C:\ProgramData\????
(C:\ProgramData\????) -- C:\ProgramData\????
(C:\ProgramData\????) -- C:\ProgramData\????
(C:\ProgramData\?.?.0) -- C:\ProgramData\?.?.0
(C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:2683706C
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

[piwonia2121]

to wyzej to logi z otl wkleilam na dwa razy jako ze niedalo sie inaczej.nadal jestem na awaryjnym.prosze o wskazowki co dalej

[muzyk75]

@piwonia2121 - wykonuj po kolei wszystko co jest napisane.

 

 

Zobacz czy w "Panel sterowania"-->"Programy i funkcje"-->jest to: PackageTracer_69; MindSpark; COMPANYVERS_NAME; VER_COMPANY_NAME; PC Utilities Pro; Updater;  HiJackThis

Odinstaluj te programy - już raz to pisałem, a w logu z OTL dalej je widać.

 

Kolejne pytanie - skany TFC i Malwarebytes wykonałaś po tym jak w OTL zrobiłaś logi? Potrzebne są logi z OTL po wykonaniu tych wszystkich czynności.

 

Możesz załączyć log ze skanu Malwarebytes?

 

Czy możesz normalnie uruchomić komputer - w zwykłym trybie.

[piwonia2121]

1.pisalam juz ze w panelu sterowania/ programy i funkce--->nie ma packageTracker69(....), ani zadnego PcUtilitiesPro, naprawdee. niewiem czemu widac na otl ze to mam,skoro w panelu sterowania naprawde tego nie ma.

 

2.skany tfc i malwarebytes zrobilam PRZED zrobieniem skanu OTL. wiec logi ktore wkleilam sa PO przeskanowaniu tfc i malwarebytes i PO usunieciu infekcji. moze worcilo dziadostwo?

 

3.juz wykonauje skan przez malwarebytes

 

4.tak,komputer uruchamia sie normalnie,na pierwszy rzut oka nic mu nie jest, ale skoro na logach wychodzi ze cos jest nie tak,tzn ze to kwestia czasu az znow infekcje sie rozprzestrzenia i znow nie bedzie mozna korzystac z komputera.

[muzyk75]

Uruchom OTL --> "Własne opcje skanowania / skrypt" i wklej:

 

:OTL

MOD - [2013/11/19 21:54:02 | 000,557,056 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\pysqlite2._sqlite.pyd
MOD - [2013/11/19 21:54:02 | 000,128,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_elementtree.pyd
MOD - [2013/11/19 21:54:02 | 000,098,816 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32api.pyd
MOD - [2013/11/19 21:54:02 | 000,044,032 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_socket.pyd
MOD - [2013/11/19 21:54:02 | 000,026,624 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_multiprocessing.pyd
MOD - [2013/11/19 21:54:02 | 000,022,528 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32ts.pyd
MOD - [2013/11/19 21:54:01 | 000,805,888 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._gdi_.pyd
MOD - [2013/11/19 21:54:01 | 000,320,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32com.shell.shell.pyd
MOD - [2013/11/19 21:54:01 | 000,070,656 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._html2.pyd
MOD - [2013/11/19 21:54:01 | 000,011,264 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32crypt.pyd
MOD - [2013/11/19 21:54:00 | 000,735,232 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._misc_.pyd
MOD - [2013/11/19 21:54:00 | 000,504,832 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\windows._cacheinvalidation.pyd
MOD - [2013/11/19 21:54:00 | 000,364,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\pythoncom27.dll
MOD - [2013/11/19 21:54:00 | 000,087,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_ctypes.pyd
MOD - [2013/11/19 21:54:00 | 000,017,408 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32profile.pyd
MOD - [2013/11/19 21:53:59 | 000,110,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\pywintypes27.dll
MOD - [2013/11/19 21:53:59 | 000,108,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32security.pyd
MOD - [2013/11/19 21:53:58 | 001,175,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._core_.pyd
MOD - [2013/11/19 21:53:58 | 001,153,024 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_ssl.pyd
MOD - [2013/11/19 21:53:57 | 000,711,680 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\_hashlib.pyd
MOD - [2013/11/19 21:53:57 | 000,035,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32process.pyd
MOD - [2013/11/19 21:53:57 | 000,025,600 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32pdh.pyd
MOD - [2013/11/19 21:53:56 | 000,811,008 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._windows_.pyd
MOD - [2013/11/19 21:53:56 | 000,122,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._wizard.pyd
MOD - [2013/11/19 21:53:55 | 000,119,808 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32file.pyd
MOD - [2013/11/19 21:53:55 | 000,038,912 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32inet.pyd
MOD - [2013/11/19 21:53:52 | 001,062,400 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\wx._controls_.pyd
MOD - [2013/11/19 21:53:50 | 000,018,432 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\win32event.pyd
MOD - [2013/11/19 21:53:49 | 000,686,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\unicodedata.pyd
MOD - [2013/11/19 21:53:49 | 000,127,488 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\pyexpat.pyd
MOD - [2013/11/19 21:53:48 | 000,010,240 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI38162\select.pyd
SRV - File not found [Auto | Stopped] -- c:\progra~1\optimi~1\OptProCrash.exe -- (ca82e1a5)
SRV - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe -- (PackageTracer_69Service)
FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com...34&searchterm="
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.prev: "StartWeb"
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.savedPrev: "true"
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.tb: "Ask Web Search"
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.prev: "StartWeb"
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.savedPrev: "true"
FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.tb: "Ask Web Sear
FF - HKLM\Software\MozillaPlugins\@PackageTracer_69.com/Plugin: C:\Program Files\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark)
[2013/09/29 23:58:59 | 000,000,000 | ---D | M] ("WinToFlash Suggestor") -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}
[2013/11/07 09:05:56 | 000,000,000 | ---D | M] (PackageTracer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\69ffxtbr@PackageTracer_69.com
[2013/11/14 17:56:34 | 000,000,000 | ---D | M] ("Snap.Do ") -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{f35b3d43-735b-29de-1ac7-4e569be965a6}
O2 - BHO: (no name) - {CF28D96E-985F-43A6-B320-C2186B551472} - No CLSID value found.
O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [NPSStartup]  File not found
O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O33 - MountPoints2\{06b5badb-821d-11e1-b0d3-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{06b5badb-821d-11e1-b0d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{06b5bb14-821d-11e1-b0d3-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{06b5bb14-821d-11e1-b0d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{06cd51c8-3f69-11e1-95cc-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{06cd51c8-3f69-11e1-95cc-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{06cd51dd-3f69-11e1-95cc-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{06cd51dd-3f69-11e1-95cc-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{070c50b2-9bdb-11e1-9c13-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{070c50b2-9bdb-11e1-9c13-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{0c7092ad-e55e-11e1-9b1d-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{0c7092ad-e55e-11e1-9b1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{0c7092d8-e55e-11e1-9b1d-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{0c7092d8-e55e-11e1-9b1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{0f0fd768-dbb1-11e1-a0bd-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{0f0fd768-dbb1-11e1-a0bd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{12618484-c74d-11e0-a61f-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{12618484-c74d-11e0-a61f-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{1549a200-68f6-11e1-8edf-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{1549a200-68f6-11e1-8edf-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{1ad50e5b-6529-11e1-a3bf-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{1ad50e5b-6529-11e1-a3bf-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{23075d0c-d15a-11e0-99fd-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{23075d0c-d15a-11e0-99fd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{23075d0f-d15a-11e0-99fd-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{23075d0f-d15a-11e0-99fd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{238bcd28-e77a-11e1-a5d3-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{238bcd28-e77a-11e1-a5d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{238bce2d-e77a-11e1-a5d3-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{238bce2d-e77a-11e1-a5d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{27a83e0d-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{27a83e0d-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{27a842cf-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{27a842cf-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{27a842cf-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{2819ac09-7e3d-11df-af43-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2819ac09-7e3d-11df-af43-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{2819ac5c-7e3d-11df-af43-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{2819ac5c-7e3d-11df-af43-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{28d8d3e7-1819-11e1-94ff-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{28d8d3e7-1819-11e1-94ff-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{360c7105-36ca-11e1-b679-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{360c7105-36ca-11e1-b679-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{362aa6e3-e2ee-11e1-b072-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{362aa6e3-e2ee-11e1-b072-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{362aa6f2-e2ee-11e1-b072-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{362aa6f2-e2ee-11e1-b072-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{364e5016-e212-11e1-9ce9-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{364e5016-e212-11e1-9ce9-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{3912ded5-3c41-11e1-85e6-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{3912ded5-3c41-11e1-85e6-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{3f831bbc-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{3f831bbc-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{3f831bfb-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{3f831bfb-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{3f831bff-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{3f831bff-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4878944f-357c-11e1-bc31-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{4878944f-357c-11e1-bc31-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4a75f172-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{4a75f172-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4a75f1a3-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{4a75f1a3-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4a75f272-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{4a75f272-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{4a75f274-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{4a75f274-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{5bb69e98-5f03-11e1-a466-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{5bb69e98-5f03-11e1-a466-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{5c3c43cc-199b-11e1-a214-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{5c3c43cc-199b-11e1-a214-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{6c783c1e-e1e6-11e1-a55e-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{6c783c1e-e1e6-11e1-a55e-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{6c783c28-e1e6-11e1-a55e-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{6c783c28-e1e6-11e1-a55e-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{7be162aa-23de-11e1-bb6a-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{7be162aa-23de-11e1-bb6a-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{7cef6981-dd45-11e1-9f03-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{7cef6981-dd45-11e1-9f03-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{7cef6ab4-dd45-11e1-9f03-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{7cef6ab4-dd45-11e1-9f03-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{7dbc8846-ad58-11e1-9e48-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{7dbc8846-ad58-11e1-9e48-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{7dbc8897-ad58-11e1-9e48-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{7dbc8897-ad58-11e1-9e48-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{8f9aa80f-837e-11e1-9a1d-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{8f9aa80f-837e-11e1-9a1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{9156b298-4ede-11e1-847c-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{9156b298-4ede-11e1-847c-002454208e82}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{a0e47c3e-e0aa-11e1-99f1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{a0e47c3e-e0aa-11e1-99f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{a0e47c80-e0aa-11e1-99f1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{a0e47c80-e0aa-11e1-99f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ad51c4f4-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ad51c4f4-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ad51c4f8-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ad51c4f8-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ad51ca3a-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ad51ca3a-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ad51cedd-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ad51cedd-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{b163e4d0-eb97-11e1-b121-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{b163e4d0-eb97-11e1-b121-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{b47b40ce-43e7-11e0-ae9c-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{b47b40ce-43e7-11e0-ae9c-002454208e82}\Shell\AutoRun\command - "" = D:\DPFMate.exe
O33 - MountPoints2\{b7f91bcf-f648-11e0-8a5d-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{b7f91bcf-f648-11e0-8a5d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c00643fb-c446-11e1-a099-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c00643fb-c446-11e1-a099-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c050d675-6daa-11e1-8824-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c050d675-6daa-11e1-8824-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c050d677-6daa-11e1-8824-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c050d677-6daa-11e1-8824-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c09ca255-36c1-11e1-b84d-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c09ca255-36c1-11e1-b84d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c363f797-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c363f797-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c363f7c0-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c363f7c0-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c363f7c3-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c363f7c3-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c363f7da-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c363f7da-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c363fcdf-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{c363fcdf-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{cac41099-e432-11df-9781-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{cac41099-e432-11df-9781-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{e4506d49-3142-11e1-884b-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{e4506d49-3142-11e1-884b-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{e7a4db2a-d924-11e1-9bec-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{e7a4db2a-d924-11e1-9bec-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ee298306-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ee298306-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ee298319-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ee298319-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ee29838d-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{ee29838d-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{f10f337d-7f00-11df-924f-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{f10f337d-7f00-11df-924f-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{f55a33eb-9c3e-11e1-8c33-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{f55a33eb-9c3e-11e1-8c33-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{f55a33f8-9c3e-11e1-8c33-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{f55a33f8-9c3e-11e1-8c33-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{fd245ccf-fd7c-11e0-bf19-002454208e82}\Shell - "" = AutoRun
O33 - MountPoints2\{fd245ccf-fd7c-11e0-bf19-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe
[2013/11/18 19:11:43 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\PackageTracer_69
[2013/11/07 09:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\PackageTracer_69
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:2683706C
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:373E1720
:Commands
[emptytemp]
 

Kliknij "Wykonaj skrypt"

 

Używasz antywirusa AVG, Ask - jako wyszukiwarkę ?

 

Odinstaluj: HiJackThis - jest przestarzały, Java 6 Update 22, Adobe Reader X (10.1.4) - to stare wersje.

 

Zaktualizuj Java do wersji 7u45

 

Google Chrome: zresetuj  wtyczeki. W pasku adresów wpisz chrome://plugins i ENTER. Na liście wtyczek wybierz dowolną i kliknij Wyłącz. Następnie wtyczkę ponownie włącz.

 

Firefox reset wtyczek: kliknij pomarańczowy napis "Firefox"-->"Pomoc"-->"Informacje dla pomocy technicznej'-->"Resetuj program Firefox"

 

Jak już zrobisz to wszystko, to wykonaj nowy log w OTL i zobacz czy FRST się uruchomi.