OTL logfile created on: 2011-10-26 18:36:01 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\gohik\Desktop\Foldery Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 2,75 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 50,36% Memory free 5,71 Gb Paging File | 4,45 Gb Available in Paging File | 77,85% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222,90 Gb Total Space | 120,33 Gb Free Space | 53,98% Space Free | Partition Type: NTFS Drive D: | 9,99 Gb Total Space | 1,74 Gb Free Space | 17,47% Space Free | Partition Type: NTFS Computer Name: GOHIK-PC | User Name: gohik | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-10-26 16:19:31 | 000,612,352 | ---- | M] (OldTimer Tools) -- C:\Users\gohik\Desktop\Foldery\OTL.exe PRC - [2011-10-26 16:00:33 | 001,406,935 | RHS- | M] () -- C:\Windows\System32\ACF7EF\74BE16.EXE PRC - [2010-01-09 02:30:28 | 000,234,032 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe PRC - [2010-01-09 01:42:42 | 000,285,744 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\hsswd.exe PRC - [2010-01-09 01:42:40 | 000,331,824 | ---- | M] (AnchorFree Inc.) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe PRC - [2009-04-09 10:54:32 | 000,088,728 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Nexon\MapleStory\npkcmsvc.exe PRC - [2008-04-16 20:55:02 | 000,249,856 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe PRC - [2008-03-27 00:26:56 | 000,341,328 | ---- | M] () -- C:\Windows\SMINST\BLService.exe PRC - [2008-03-20 12:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu2\gg.exe PRC - [2008-02-12 07:05:54 | 000,102,400 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe PRC - [2008-01-21 04:24:24 | 002,954,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-01-21 04:24:13 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008-01-21 04:23:33 | 000,365,056 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows NT\Accessories\wordpad.exe PRC - [2007-12-11 21:15:04 | 000,040,448 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2007-03-21 20:57:56 | 000,544,768 | ---- | M] (Locktime Software) -- C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-10-26 18:05:40 | 000,323,584 | ---- | M] () -- C:\Users\gohik\AppData\Local\Temp\E_N4\eAPI.fne MOD - [2011-10-26 18:05:40 | 000,184,320 | ---- | M] () -- C:\Users\gohik\AppData\Local\Temp\E_N4\internet.fne MOD - [2011-10-26 18:05:40 | 000,114,688 | ---- | M] () -- C:\Users\gohik\AppData\Local\Temp\E_N4\dp1.fne MOD - [2011-10-26 18:05:40 | 000,040,960 | ---- | M] () -- C:\Users\gohik\AppData\Local\Temp\E_N4\shell.fne MOD - [2011-10-26 18:05:39 | 001,101,824 | ---- | M] () -- C:\Users\gohik\AppData\Local\Temp\E_N4\krnln.fnr MOD - [2011-10-26 18:05:39 | 000,217,088 | ---- | M] () -- C:\Users\gohik\AppData\Local\Temp\E_N4\HtmlView.fne MOD - [2011-10-26 16:00:33 | 001,406,935 | RHS- | M] () -- C:\Windows\System32\ACF7EF\74BE16.EXE MOD - [2011-09-30 17:12:40 | 000,412,728 | ---- | M] () -- C:\Users\gohik\AppData\Local\Google\Chrome\Application\14.0.835.202\ppgooglenaclpluginchrome.dll MOD - [2011-09-30 17:12:39 | 003,696,184 | ---- | M] () -- C:\Users\gohik\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll MOD - [2011-09-30 17:11:13 | 000,142,568 | ---- | M] () -- C:\Users\gohik\AppData\Local\Google\Chrome\Application\14.0.835.202\avutil-51.dll MOD - [2011-09-30 17:11:12 | 000,253,320 | ---- | M] () -- C:\Users\gohik\AppData\Local\Google\Chrome\Application\14.0.835.202\avformat-53.dll MOD - [2011-09-30 17:11:10 | 002,403,240 | ---- | M] () -- C:\Users\gohik\AppData\Local\Google\Chrome\Application\14.0.835.202\avcodec-53.dll MOD - [2011-09-29 22:06:57 | 008,587,936 | ---- | M] () -- C:\Users\gohik\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll MOD - [2009-08-23 19:58:06 | 000,094,208 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll MOD - [2009-01-18 16:50:02 | 000,417,792 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\AdobeXMP.dll MOD - [2008-12-10 08:05:52 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2008-03-20 11:17:48 | 000,106,496 | ---- | M] () -- C:\Program Files\Gadu-Gadu2\libiax2.dll MOD - [2008-03-20 11:17:44 | 000,061,440 | ---- | M] () -- C:\Program Files\Gadu-Gadu2\libjb.dll MOD - [2007-11-16 17:02:18 | 000,479,232 | R--- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ccme_base.dll MOD - [2007-11-16 17:02:18 | 000,401,408 | R--- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\cryptocme2.dll MOD - [2007-10-25 13:51:16 | 000,198,656 | ---- | M] () -- C:\Program Files\Gadu-Gadu2\libcurl.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (eycgl) SRV - [2010-06-14 16:07:14 | 000,643,584 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010-01-09 02:31:04 | 000,057,640 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService) SRV - [2010-01-09 02:30:28 | 000,234,032 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (HotspotShieldService) SRV - [2010-01-09 01:42:42 | 000,285,744 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\hsswd.exe -- (HssWd) SRV - [2010-01-09 01:42:40 | 000,331,824 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv) SRV - [2009-07-28 05:57:51 | 000,682,496 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-05-31 19:05:48 | 000,322,032 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009-04-09 10:54:32 | 000,088,728 | ---- | M] (INCA Internet Co., Ltd.) [Auto | Running] -- C:\Nexon\MapleStory\npkcmsvc.exe -- (npkcmsvc) SRV - [2008-04-16 20:55:02 | 000,249,856 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe -- (STacSV) SRV - [2008-03-27 00:26:56 | 000,341,328 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008-02-12 07:05:54 | 000,102,400 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe -- (AESTFilters) SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-12-11 21:15:04 | 000,040,448 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007-03-21 20:57:56 | 000,544,768 | ---- | M] (Locktime Software) [Auto | Running] -- C:\Program Files\NetLimiter 2 Pro\nlsvc.exe -- (nlsvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Running] -- -- (cpuvis) DRV - [2010-02-26 15:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010-02-26 15:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-02-26 15:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-02-26 15:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009-12-24 12:30:40 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-09-15 22:04:58 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hssdrv.sys -- (HssDrv) DRV - [2009-09-15 22:04:58 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\taphss.sys -- (taphss) DRV - [2009-07-22 21:13:20 | 000,028,592 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901) DRV - [2009-07-07 09:59:50 | 000,052,776 | --S- | M] (GetData Pty Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\MIPv332.sys -- (MIPv332) DRV - [2009-06-28 19:43:59 | 000,015,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Auto | Running] -- C:\Windows\System32\drivers\SymAFR.sys -- (SymAFR) DRV - [2009-06-18 16:06:20 | 000,145,960 | ---- | M] (GetData Pty Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\MIPFSv332.sys -- (MIPFSv332) DRV - [2009-04-09 10:54:18 | 000,054,888 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | Auto | Running] -- C:\Nexon\MapleStory\npkcrypt.sys -- (npkcrypt) DRV - [2009-03-27 18:57:20 | 000,034,048 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsvcom.sys -- (FLSVCOM) DRV - [2009-03-27 18:57:19 | 000,033,404 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\fle5wnnt.sys -- (FLE5WNNT) DRV - [2009-03-27 18:57:19 | 000,016,314 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flspar.sys -- (FLSPAR) DRV - [2009-03-27 18:57:19 | 000,013,440 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsiface.sys -- (FLSIFACE) DRV - [2009-03-27 18:57:19 | 000,008,344 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsser.sys -- (FLSSER) DRV - [2009-03-27 01:16:28 | 000,012,672 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz132_x32.sys -- (cpuz132) DRV - [2008-12-10 09:30:58 | 004,172,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008-10-17 10:50:00 | 000,131,072 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mkd2kfNT.sys -- (Mkd2kfNt) DRV - [2008-10-17 10:50:00 | 000,079,104 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mkd2Nadr.sys -- (Mkd2Nadr) DRV - [2008-08-26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-08-06 16:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008-04-27 20:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008-04-27 17:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2008-04-16 20:58:24 | 000,379,904 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008-04-15 00:56:18 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s) DRV - [2008-03-27 21:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2008-03-27 21:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008-03-01 01:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008-01-23 23:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008-01-07 22:42:04 | 000,015,416 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Amddfltr.sys -- (Amddfltr) DRV - [2007-07-11 19:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007-06-19 02:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007-04-23 13:03:04 | 000,082,200 | ---- | M] (Locktime Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\nltdi.sys -- (nltdi) DRV - [2007-02-11 00:55:50 | 000,013,824 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Amusbprt.sys -- (Amusbprt) DRV - [2007-01-24 18:46:48 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Amfilter.sys -- (Amfilter) DRV - [2006-11-02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006-09-24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan) DRV - [2006-06-23 16:00:26 | 000,031,488 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio) DRV - [2006-02-28 16:57:22 | 000,084,836 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VcommMgr.sys -- (VcommMgr) DRV - [2006-01-19 13:31:34 | 000,010,068 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BtNetDrv.sys -- (BT) DRV - [2005-08-31 10:34:52 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV - [2005-07-30 07:21:32 | 000,011,988 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum) DRV - [2005-05-01 05:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BTHidMgr.sys -- (BTHidMgr) DRV - [2004-10-19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VComm.sys -- (VComm) DRV - [2004-06-10 01:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sacm2A.sys -- (USBCM) DRV - [2003-08-10 02:32:14 | 000,014,336 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NetMotCM.sys -- (ndiscm) DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "AOL Search" FF - prefs.js..browser.search.defaulturl: "http://search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aolTB50CL-chromesbox-en-us" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://google.pl/" FF - prefs.js..extensions.enabledItems: {6614d11d-d21d-b211-ae23-815234e1ebb5}:1.0.23 FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 4 FF - prefs.js..extensions.enabledItems: 9 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: SQLiteManager@mrinalkant.blogspot.com:0.6.6 FF - prefs.js..extensions.enabledItems: alertbox@ajitk.com:0.4.5.20110826 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.5 FF - prefs.js..extensions.enabledItems: lazarus@interclue.com:2.3 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9 FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.8.1 FF - prefs.js..extensions.enabledItems: {7affbfae-c4e2-4915-8c0f-00fa3ec610a1}:5.74.1.7055 FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.4 FF - prefs.js..extensions.enabledItems: lockerzplayextended@flies:2.4.1 FF - prefs.js..extensions.enabledItems: check4change-owner@mozdev.org:1.9 FF - prefs.js..extensions.enabledItems: {20291fcc-1471-46c8-8213-5911f5ce6d67}:1.6.4 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.18 FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&invocationType=tb50-ff-aolTB50CL-ab-en-us&query=" FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 8118 FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1" FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9050 FF - prefs.js..network.proxy.socks_remote_dns: true FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 8118 FF - prefs.js..network.proxy.type: 4 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25aos: C:\Program Files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll (AhnLab, Inc.) FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.) FF - HKCU\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25aos: C:\Program Files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll (AhnLab, Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gohik\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gohik\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008-05-23 04:49:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011-01-10 02:01:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files\Mozilla Firefox 3.6 Beta 1\components [2010-09-10 14:21:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.6 Beta 1\plugins [2011-04-23 05:23:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b1\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 1\components [2010-09-10 14:21:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b1\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 1\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-10-09 12:10:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-10-09 12:10:03 | 000,000,000 | ---D | M] [2008-08-11 18:08:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gohik\AppData\Roaming\Mozilla\Extensions [2011-10-26 17:42:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions [2010-06-22 09:15:35 | 000,000,000 | ---D | M] (Site Launcher) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\{20291fcc-1471-46c8-8213-5911f5ce6d67} [2010-12-24 15:07:08 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-01-25 11:25:32 | 000,000,000 | ---D | M] (Dr.Web anti-virus link checker) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5} [2011-10-09 12:11:09 | 000,000,000 | ---D | M] ("AOL Toolbar") -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1} [2011-10-09 12:10:38 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011-10-09 12:10:39 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-03-23 20:50:59 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2011-10-09 12:10:21 | 000,000,000 | ---D | M] (AlertBox) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\alertbox@ajitk.com [2011-10-09 12:10:25 | 000,000,000 | ---D | M] (Autofill Forms) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\autofillForms@blueimp.net [2011-08-10 23:57:04 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\cacaoweb@cacaoweb.org [2011-10-09 12:10:27 | 000,000,000 | ---D | M] (Check4Change) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\check4change-owner@mozdev.org [2009-11-10 23:32:50 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\firefox@tvunetworks.com [2011-10-09 12:10:35 | 000,000,000 | ---D | M] (Lazarus: Form Recovery) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\lazarus@interclue.com [2010-06-16 22:27:28 | 000,000,000 | ---D | M] (Lockerz Play Extended) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\lockerzplayextended@flies [2011-01-25 11:25:44 | 000,000,000 | ---D | M] (SQLite Manager) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\SQLiteManager@mrinalkant.blogspot.com [2010-11-29 23:12:40 | 000,000,000 | ---D | M] (vShare) -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\extensions\vshare@toolbar [2010-03-13 17:52:07 | 000,002,277 | ---- | M] () -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\searchplugins\aol-search.xml [2009-12-24 12:38:25 | 000,002,055 | ---- | M] () -- C:\Users\gohik\AppData\Roaming\Mozilla\Firefox\Profiles\ni7e3t67.default\searchplugins\daemon-search.xml [2011-10-09 12:10:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-12-06 00:00:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-12-23 17:05:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-03-11 19:48:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-07-30 16:35:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2010-05-09 10:21:17 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX 3.6 BETA 1\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011-01-10 02:01:50 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC [2011-09-27 14:19:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011-09-29 09:30:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2008-01-08 02:45:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll [2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010-06-26 11:43:26 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2009-04-14 17:49:02 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll [2011-09-29 02:52:42 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-09-29 02:52:42 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-09-29 02:52:42 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-09-29 02:52:42 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-09-29 02:52:42 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-09-29 02:52:42 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\gohik\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\gohik\AppData\Local\Google\Chrome\Application\14.0.835.202\gears.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\gohik\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox 3.6 Beta 1\plugins\npFoxitReaderPlugin.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: BitTorrent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll CHR - plugin: Pando Web Installer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: AhnLab MyKeyDefense 2.5 (Enabled) = C:\Program Files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll CHR - plugin: Google Update (Enabled) = C:\Users\gohik\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll CHR - plugin: Media Go Detector (Enabled) = c:\Program Files\Sony\Media Go\npmediago.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O4 - HKLM..\Run: [74BE16] C:\Windows\System32\ACF7EF\74BE16.EXE () O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu2\gg.exe (Gadu-Gadu S.A.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {F9F6A5CD-76C1-4BE7-8F49-5D4183F9FAC5} https://www.otineo.com/resources/com.otineo.survey.ui.personal.softphone.SoftphonePanel/OtineoSoftphone.cab (OtineoSoftphone Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 95.160.170.92 88.156.222.92 82.139.8.40 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7172EF7A-8785-43F0-B6C1-7F415654D23C}: DhcpNameServer = 192.168.1.1 95.160.170.92 88.156.222.92 82.139.8.40 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7172EF7A-8785-43F0-B6C1-7F415654D23C}: NameServer = 208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7DE5B78B-BB61-4D13-B299-4E69F174273F}: NameServer = 208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A7AEA8E9-167B-4FF7-85EE-5005598821F5}: NameServer = 10.4.64.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE2F99EF-5657-47A6-B9C9-AD9DB05F9000}: DhcpNameServer = 10.16.0.1 194.204.159.1 194.204.152.34 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\Userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\LogonInit: DllName - (logonInit.dll) - C:\Program Files\Common Files\logonInit.dll () O24 - Desktop WallPaper: C:\Users\gohik\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\gohik\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-05-23 04:20:45 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011-10-26 17:20:06 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-10-26 17:20:06 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-10-26 18:12:00 | 000,000,000 | ---D | C] -- C:\Qoobox [2011-10-26 18:11:37 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW [2011-10-26 17:52:23 | 000,000,000 | ---D | C] -- C:\!KillBox [2011-10-26 17:20:07 | 000,000,000 | ---D | C] -- C:\UsbFix_Upload_Me [2011-10-26 17:20:06 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2011-10-26 16:52:13 | 000,000,000 | ---D | C] -- C:\UsbFix [2011-10-26 16:20:13 | 000,000,000 | ---D | C] -- C:\_OTL [2011-10-26 16:00:32 | 000,000,000 | -H-D | C] -- C:\Windows\System32\ACF7EF [2011-10-26 16:00:32 | 000,000,000 | -H-D | C] -- C:\Windows\System32\76682F [2011-10-26 16:00:32 | 000,000,000 | -H-D | C] -- C:\Windows\System32\5A8DCC [2011-10-26 16:00:32 | 000,000,000 | -H-D | C] -- C:\Windows\System32\0F6226 [2011-10-19 23:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoME [2011-10-19 23:49:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PhotoME [2011-10-19 23:49:20 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoME [2011-10-09 12:13:40 | 000,000,000 | ---D | C] -- C:\Users\gohik\Documents\My Cheat Tables [2011-10-09 12:13:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.1 [2011-10-09 12:13:33 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine 6.1 [2011-10-08 19:42:23 | 000,000,000 | ---D | C] -- C:\Config.Msi [2011-09-27 14:16:15 | 000,000,000 | ---D | C] -- C:\Users\gohik\AppData\Local\ApplicationHistory [2009-12-10 20:38:08 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\gohik\AppData\Roaming\pcouffin.sys [2008-12-19 21:13:48 | 000,015,429 | ---- | C] ( ) -- C:\Windows\System32\drivers\Sacm2A.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-10-26 18:40:00 | 000,000,388 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9B94419B-8A61-4903-88E1-D42D4E6BFBD8}.job [2011-10-26 18:38:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-10-26 18:25:01 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3942380853-3681612195-1796073330-1000UA.job [2011-10-26 18:05:36 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-10-26 18:05:17 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-10-26 18:05:17 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-10-26 18:05:15 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2011-10-26 18:05:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-10-26 18:05:03 | 2950,520,832 | -HS- | M] () -- C:\hiberfil.sys [2011-10-26 17:46:51 | 000,002,030 | ---- | M] () -- C:\Users\gohik\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2011-10-26 17:44:51 | 000,069,120 | ---- | M] () -- C:\Users\gohik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-10-26 17:41:53 | 000,399,443 | ---- | M] () -- C:\Users\gohik\Desktop\IMG_0112.JPG [2011-10-26 17:41:46 | 000,360,458 | ---- | M] () -- C:\Users\gohik\Desktop\IMG_0145.JPG [2011-10-26 17:41:38 | 000,441,319 | ---- | M] () -- C:\Users\gohik\Desktop\IMG_0141.JPG [2011-10-26 17:41:27 | 000,395,784 | ---- | M] () -- C:\Users\gohik\Desktop\Kopia IMG_0153.JPG [2011-10-26 17:10:16 | 000,008,664 | ---- | M] () -- C:\Users\gohik\Documents\picpic.rtf [2011-10-26 16:55:51 | 000,625,582 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-10-26 16:55:51 | 000,117,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-10-26 16:49:01 | 000,026,066 | -H-- | M] () -- C:\Windows\System32\wmdrtc32.dl_ [2011-10-26 16:48:51 | 000,040,960 | ---- | M] () -- C:\Windows\System32\wmdrtc32.dll [2011-10-26 16:26:08 | 257,195,098 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011-10-25 18:11:56 | 000,451,150 | ---- | M] () -- C:\Users\gohik\Documents\IMG_0203.jpg [2011-10-25 18:01:35 | 001,795,103 | ---- | M] () -- C:\Users\gohik\Desktop\IMG_0203.JPG [2011-10-23 19:25:00 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3942380853-3681612195-1796073330-1000Core.job [2011-10-22 11:07:18 | 000,000,318 | ---- | M] () -- C:\Windows\WPE PRO - modified.INI [2011-10-21 11:38:48 | 000,623,592 | ---- | M] () -- C:\Users\gohik\Desktop\201110212386.jpg [2011-10-20 16:28:38 | 001,848,996 | ---- | M] () -- C:\Users\gohik\Desktop\a.JPG [2011-10-20 16:27:00 | 001,792,252 | ---- | M] () -- C:\Users\gohik\Desktop\IMG_0201.JPG [2011-10-18 15:41:02 | 000,000,269 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2011-10-09 12:10:10 | 000,000,830 | ---- | M] () -- C:\Users\gohik\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011-10-08 19:26:57 | 000,017,408 | ---- | M] () -- C:\Users\gohik\AppData\Local\WebpageIcons.db [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-10-26 17:40:54 | 001,848,996 | ---- | C] () -- C:\Users\gohik\Desktop\a.JPG [2011-10-26 17:40:41 | 001,792,252 | ---- | C] () -- C:\Users\gohik\Desktop\IMG_0201.JPG [2011-10-26 17:40:34 | 000,395,784 | ---- | C] () -- C:\Users\gohik\Desktop\Kopia IMG_0153.JPG [2011-10-26 17:40:22 | 000,360,458 | ---- | C] () -- C:\Users\gohik\Desktop\IMG_0145.JPG [2011-10-26 17:10:15 | 000,008,664 | ---- | C] () -- C:\Users\gohik\Documents\picpic.rtf [2011-10-26 16:00:10 | 000,040,960 | ---- | C] () -- C:\Windows\System32\wmdrtc32.dll [2011-10-26 16:00:10 | 000,026,066 | -H-- | C] () -- C:\Windows\System32\wmdrtc32.dl_ [2011-10-25 18:11:55 | 000,451,150 | ---- | C] () -- C:\Users\gohik\Documents\IMG_0203.jpg [2011-10-25 17:59:38 | 001,782,040 | ---- | C] () -- C:\Users\gohik\Desktop\IMG_0219.JPG [2011-10-25 17:59:36 | 001,795,103 | ---- | C] () -- C:\Users\gohik\Desktop\IMG_0203.JPG [2011-10-25 17:59:35 | 000,441,319 | ---- | C] () -- C:\Users\gohik\Desktop\IMG_0141.JPG [2011-10-25 17:59:33 | 000,399,443 | ---- | C] () -- C:\Users\gohik\Desktop\IMG_0112.JPG [2011-10-21 11:38:48 | 000,623,592 | ---- | C] () -- C:\Users\gohik\Desktop\201110212386.jpg [2011-10-09 12:10:10 | 000,000,818 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011-10-08 19:26:50 | 000,017,408 | ---- | C] () -- C:\Users\gohik\AppData\Local\WebpageIcons.db [2011-10-02 12:08:01 | 000,000,318 | ---- | C] () -- C:\Windows\WPE PRO - modified.INI [2011-09-24 09:43:43 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll [2011-09-07 19:00:05 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2011-06-27 23:54:20 | 000,000,023 | ---- | C] () -- C:\Windows\clofghls.dll [2010-12-28 00:38:26 | 000,000,020 | ---- | C] () -- C:\Windows\mafosav.INI [2010-12-19 15:19:42 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI [2010-12-11 23:50:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\cd.dat [2010-08-20 16:58:43 | 000,027,958 | ---- | C] () -- C:\Program Files\Common Files\logonInit.dll [2010-04-20 12:51:11 | 000,139,264 | ---- | C] () -- C:\Windows\System32\mshic-ocd.dll [2010-03-15 20:23:17 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini [2010-02-02 19:17:44 | 000,118,501 | ---- | C] () -- C:\Windows\D.B. World - Gold 7.92.4 Uninstaller.exe [2009-12-10 20:40:20 | 000,001,173 | ---- | C] () -- C:\Users\gohik\AppData\Roaming\vso_ts_preview.xml [2009-12-10 20:38:08 | 000,007,887 | ---- | C] () -- C:\Users\gohik\AppData\Roaming\pcouffin.cat [2009-12-10 20:38:08 | 000,001,144 | ---- | C] () -- C:\Users\gohik\AppData\Roaming\pcouffin.inf [2009-12-08 23:44:20 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009-12-08 23:44:20 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009-12-08 23:44:19 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2009-11-27 00:31:29 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2009-08-31 22:29:08 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2009-08-24 12:35:03 | 000,118,469 | ---- | C] () -- C:\Windows\D.B. World - Emerald Uninstaller.exe [2009-07-13 17:27:45 | 000,000,198 | ---- | C] () -- C:\Users\gohik\AppData\Roaming\default.rss [2009-07-10 16:53:20 | 000,000,039 | ---- | C] () -- C:\Windows\Irremote.ini [2009-05-04 16:34:57 | 000,000,000 | ---- | C] () -- C:\Windows\System32\msexcr.ini [2009-04-05 11:23:00 | 000,000,806 | ---- | C] () -- C:\Users\gohik\AppData\Roaming\wklnhst.dat [2009-03-31 21:02:32 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat [2009-03-27 18:57:19 | 000,050,736 | ---- | C] () -- C:\Windows\System32\flsuinst.exe [2009-03-27 18:57:19 | 000,004,263 | ---- | C] () -- C:\Windows\System32\flsinst.ini [2009-03-27 18:57:18 | 001,859,584 | ---- | C] () -- C:\Windows\System32\FLSINST.DLL [2009-03-27 18:56:51 | 000,092,984 | ---- | C] () -- C:\Windows\System32\dkcpanel.exe [2009-03-27 18:56:37 | 002,325,304 | ---- | C] () -- C:\Windows\System32\DK2INST.DLL [2009-03-27 18:52:23 | 000,091,696 | ---- | C] () -- C:\Windows\System32\FLSDEVCP.EXE [2009-03-06 20:16:58 | 000,005,120 | ---- | C] () -- C:\Users\gohik\AppData\Roaming\SQLiteManager2.pref [2008-12-19 21:13:48 | 000,163,840 | ---- | C] () -- C:\Windows\UNDPX2A.exe [2008-12-19 21:13:48 | 000,053,693 | ---- | C] () -- C:\Windows\UNDPX2A.sys [2008-10-30 00:45:42 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2008-09-15 14:27:34 | 000,069,120 | ---- | C] () -- C:\Users\gohik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-09-01 07:53:22 | 001,867,776 | ---- | C] () -- C:\Windows\System32\python24.dll [2008-09-01 07:53:01 | 001,867,776 | ---- | C] () -- C:\Windows\python24.dll [2008-08-13 12:13:05 | 000,000,680 | ---- | C] () -- C:\Users\gohik\AppData\Local\d3d9caps.dat [2008-06-20 12:26:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2008-05-23 04:36:31 | 000,101,605 | ---- | C] () -- C:\Windows\hpqins13.dat [2008-04-17 16:48:05 | 000,009,845 | ---- | C] () -- C:\Windows\System32\mswin-oce.dll [2008-03-28 11:19:10 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008-03-28 10:51:08 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2008-03-05 04:38:44 | 000,118,784 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe [2008-01-21 04:24:14 | 000,100,043 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2008-01-21 04:24:13 | 000,154,760 | RHS- | C] () -- C:\Windows\System32\hhcicraq.dll [2007-03-29 22:00:40 | 000,203,264 | ---- | C] () -- C:\Windows\System32\CddbCdda.dll [2006-11-02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006-11-02 14:47:37 | 001,654,704 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 12:33:01 | 000,625,582 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006-11-02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006-11-02 12:33:01 | 000,117,144 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006-11-02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006-11-02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006-11-02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006-11-02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006-11-02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2006-04-14 09:14:12 | 000,014,312 | ---- | C] () -- C:\Windows\System32\drivers\BTNetFilter.sys [2006-03-08 19:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2005-07-30 07:21:32 | 000,011,988 | ---- | C] () -- C:\Windows\System32\drivers\VBTEnum.sys [1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2009-12-28 17:16:14 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\2K Sports [2009-06-28 19:45:48 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\AeroSnapApp [2010-04-06 13:44:54 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Audacity [2010-02-19 20:24:55 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\BitTorrent [2011-10-23 14:42:58 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\cacaoweb [2009-12-08 23:39:54 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Canneverbe_Limited [2009-09-06 16:52:22 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Cream Software [2009-12-24 12:37:29 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\DAEMON Tools Lite [2009-07-31 22:24:44 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\DBM [2009-08-24 20:03:50 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\DBWorld [2008-12-24 21:40:56 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Desktopicon [2011-04-08 19:27:57 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Dev-Cpp [2010-05-09 10:06:33 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\DNA [2010-03-28 15:08:13 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\FMZilla [2008-08-11 18:09:37 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Gadu-Gadu [2010-04-26 12:28:42 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Gadu-Gadu 10 [2011-02-19 15:07:33 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\GetRightToGo [2009-03-10 22:45:26 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Grasssoft [2010-09-27 21:52:22 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\HEXelon [2011-10-18 15:41:25 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\ipla [2011-06-14 07:58:15 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\IrfanView [2011-01-02 17:26:39 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Locktime [2011-03-27 01:59:03 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Magic Collage [2011-01-10 02:09:30 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Nokia [2009-12-27 18:05:15 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Nowe Gadu-Gadu [2008-09-29 18:36:38 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\NSeries [2011-01-01 03:38:31 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\OpenFM [2010-03-28 15:14:19 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Orbit [2008-11-08 00:14:00 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\OTSPW [2008-10-15 22:17:26 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Participatory Culture Foundation [2011-01-27 02:02:57 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\PC Suite [2008-10-15 22:26:57 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\PCF-VLC [2009-02-28 00:50:58 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Remere's Map Editor [2008-10-29 23:33:38 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\SharePod [2010-02-11 23:46:58 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Sony [2010-02-11 23:42:04 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Sony Setup [2011-04-04 22:17:58 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\SystemRequirementsLab [2009-04-05 11:23:01 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Template [2011-07-15 11:58:48 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Thinstall [2009-03-31 21:02:27 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Thunderbird [2010-11-18 00:25:47 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Tibia [2010-06-23 14:03:31 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Tibiacast [2010-08-07 04:04:34 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\TS3Client [2009-12-10 23:47:18 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Vso [2010-03-21 18:45:57 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\WhatPulse [2009-06-24 00:23:35 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\WildTangent [2009-05-07 19:36:34 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\Wypas [2008-12-22 15:11:12 | 000,000,000 | ---D | M] -- C:\Users\gohik\AppData\Roaming\WypasOTS Client [2011-10-26 18:03:28 | 000,032,656 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011-10-26 18:40:00 | 000,000,388 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{9B94419B-8A61-4903-88E1-D42D4E6BFBD8}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP:6BE50C2B @Alternate Data Stream - 205 bytes -> C:\ProgramData\TEMP:8927A071 < End of report >