OTL logfile created on: 11/07/2012 18:07:14 - Run 1
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\kenzo.damian-PC.001\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd
 
764.05 Mb Total Physical Memory | 93.18 Mb Available Physical Memory | 12.20% Memory free
1.75 Gb Paging File | 0.26 Gb Available in Paging File | 15.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 136.95 Gb Total Space | 76.31 Gb Free Space | 55.72% Space Free | Partition Type: NTFS
 
Computer Name: DAMIAN-PC | User Name: damian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/07/11 17:00:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\kenzo.damian-PC.001\Desktop\OTL (1).exe
PRC - [2012/07/09 15:39:14 | 000,207,554 | ---- | M] () -- C:\Users\kenzo.damian-PC.001\AppData\Roaming\Yzcaa\decog.exe
PRC - [2012/04/26 14:08:24 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012/04/26 14:08:24 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2012/02/26 16:01:44 | 000,295,728 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2012/02/23 11:44:13 | 000,307,824 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/02/16 15:29:02 | 000,114,992 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
PRC - [2012/02/13 21:19:20 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
PRC - [2012/01/20 11:51:30 | 000,276,704 | ---- | M] () -- C:\Program Files (x86)\Przyspiesz Komputer\PCSUService.exe
PRC - [2012/01/17 11:07:58 | 000,505,736 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/12/21 11:19:50 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/09/15 16:56:58 | 013,093,736 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Ralink\Common\RaUI.exe
PRC - [2011/08/09 12:36:31 | 001,598,392 | ---- | M] (MusicLab, LLC) -- C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2011/05/10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/03/31 11:45:18 | 000,375,872 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
PRC - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
PRC - [2009/08/18 11:42:08 | 001,157,128 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012/07/09 15:39:14 | 000,207,554 | ---- | M] () -- C:\Users\kenzo.damian-PC.001\AppData\Roaming\Yzcaa\decog.exe
MOD - [2012/03/28 17:04:59 | 000,140,800 | ---- | M] () -- C:\ProgramData\TheBflix\bhoclass.dll
MOD - [2011/09/15 16:55:58 | 001,066,856 | ---- | M] () -- C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll
MOD - [2009/07/14 03:15:51 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
MOD - [2009/07/14 03:15:51 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - File not found [Auto | Stopped] -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe -- (Updater Service)
SRV:[b]64bit:[/b] - [2011/06/21 18:57:42 | 000,341,296 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV:[b]64bit:[/b] - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2009/09/30 23:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:[b]64bit:[/b] - [2009/07/29 14:03:42 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/14 03:39:46 | 000,006,656 | ---- | M] (Oak Technology Inc.) [Auto | Running] -- C:\Windows\SysNative\dlcc_device.dll -- (FET5X86V)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/26 14:08:24 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2012/02/13 21:19:20 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/13 21:19:20 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/01/20 11:51:30 | 000,276,704 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Przyspiesz Komputer\PCSUService.exe -- (PCSUService)
SRV - [2011/08/18 17:53:38 | 000,625,728 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe -- (RaMediaServer)
SRV - [2011/03/31 11:45:56 | 000,454,208 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe -- (RalinkRegistryWriter64)
SRV - [2011/03/31 11:45:18 | 000,375,872 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012/03/01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/09/09 14:45:30 | 001,660,480 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:[b]64bit:[/b] - [2011/09/06 23:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2011/08/09 10:59:53 | 000,118,400 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ezplay.sys -- (ezplay)
DRV:[b]64bit:[/b] - [2011/05/10 14:04:08 | 000,600,920 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2011/05/10 14:04:07 | 000,287,576 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2011/05/10 14:02:41 | 000,053,592 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2011/05/10 13:59:59 | 000,031,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2011/05/10 13:59:37 | 000,022,360 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2011/03/11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009/08/21 11:18:16 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:[b]64bit:[/b] - [2009/08/10 05:07:14 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2009/07/30 00:11:24 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2009/07/27 09:04:36 | 000,058,880 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:[b]64bit:[/b] - [2009/07/16 13:33:44 | 001,488,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/18 14:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/05/05 10:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:[b]64bit:[/b] - [2009/05/05 10:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:[b]64bit:[/b] - [2009/05/04 15:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:[b]64bit:[/b] - [2009/04/03 07:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2007/09/17 15:53:34 | 000,029,184 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2012/05/22 09:28:14 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/03/26 05:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0415&m=e627&r=273606110205l03e4z175r48723409
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0415&m=e627&r=273606110205l03e4z175r48723409
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://search.bearshare.com//web?src=ieb&appid=0&systemid=2&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.v9.com/idg/idg_1326443195_194952
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&st=10&barid={4A887364-ED15-4430-8909-1309EA71B45D}
IE - HKLM\..\URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://search.bearshare.com//web?src=ieb&appid=0&systemid=2&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&q={searchTerms}&barid={4A887364-ED15-4430-8909-1309EA71B45D}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.v9.com/idg/idg_1326443195_194952
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\..\URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=100478&babsrc=SP_ss&mntrId=845244f5000000000000904ce53e0747
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW_en___PL437
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://search.bearshare.com//web?src=ieb&appid=0&systemid=2&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb119/?search={searchTerms}&loc=IB_DS&a=6R8oD0usFe&i=26
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&q={searchTerms}&barid={4A887364-ED15-4430-8909-1309EA71B45D}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\NitroPDF: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\damian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp498@crossrider.com: C:\Users\damian\AppData\Local\RewardsArcade\498\Firefox [2011/12/03 20:39:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M]
 
[2012/04/01 23:15:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\damian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: RewardsArcade = C:\Users\damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcmagccbogebndpoodhhhafmofelpffh\1.17.87_0\
CHR - Extension: TheBflix = C:\Users\damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjakmojkcnhgipgkkbiempkfdndcnlah\5.0_0\
CHR - Extension: SweetIM for Facebook = C:\Users\damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of 
CHR - Extension: SweetIM for Facebook = C:\Users\damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: Skype Click to Call = C:\Users\damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\
CHR - Extension: RewardsArcade = C:\Users\damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcmagccbogebndpoodhhhafmofelpffh\1.17.87_0\
CHR - Extension: TheBflix = C:\Users\damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjakmojkcnhgipgkkbiempkfdndcnlah\5.0_0\
CHR - Extension: SweetIM for Facebook = C:\Users\damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of 
CHR - Extension: SweetIM for Facebook = C:\Users\damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: Skype Click to Call = C:\Users\damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\
 
Hosts file not found
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\x64\IEBHO.dll (MusicLab, LLC)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (NCH EN Toolbar) - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll File not found
O2 - BHO: (RewardsArcade) - {597A9974-8CB0-4f41-B61F-ED065738A397} - C:\Program Files (x86)\RewardsArcade\RewardsArcade.dll (215 Apps)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TheBflix Class) - {E17E56D7-788D-4090-B351-569FA59EA153} - C:\ProgramData\TheBflix\bhoclass.dll ()
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.5.24.3\bh\Softonic.dll (Softonic.com)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (NCH EN Toolbar) - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.5.24.3\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Acer ePower Management] C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe (Acer Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe (MusicLab, LLC)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [{1A1FDF39-6FC4-4445-8300-ECBA010B4B04}] C:\Windows\system32\rundll32.exe "C:\Users\Public\{1A1FDF39-6FC4-4445-8300-ECBA010B4B04}.dll",AppStartup UserRun File not found
O4 - HKCU..\Run: [{5AC4FC23-B5AF-4256-45EA-0A9AA5584EA8}] C:\Users\damian\AppData\Roaming\Quwe\rise.exe File not found
O4 - HKCU..\Run: [aqev4zvigy] C:\Users\damian\aqev4zvigy.exe File not found
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [cdmwpqubguhouns] C:\ProgramData\cdmwpqub.exe ()
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKCU..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro)
O4 - HKCU..\Run: [PCSpeedUp] C:\Program Files (x86)\Przyspiesz Komputer\PCSUNotifier.exe ()
O4 - HKCU..\Run: [ylxkrwhfv3] C:\Users\damian\ylxkrwhfv3.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm File not found
O8:[b]64bit:[/b] - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm File not found
O8:[b]64bit:[/b] - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm File not found
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm File not found
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm File not found
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm File not found
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 File not found
O9 - Extra Button: WPT Poker - {D85B4BE2-07C3-422f-ADE9-B1A2C7D25224} - C:\Users\damian\Desktop\WPT Poker.lnk File not found
O9 - Extra 'Tools' menuitem : WPT Poker - {D85B4BE2-07C3-422f-ADE9-B1A2C7D25224} - C:\Users\damian\Desktop\WPT Poker.lnk File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\pnrpnsp.dll File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.62 62.179.1.63
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E807CD5E-96A6-46FF-875A-195D75B29AE8}: DhcpNameServer = 62.179.1.62 62.179.1.63
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\x64\datamngr.dll (MusicLab, LLC)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\x64\IEBHO.dll (MusicLab, LLC)
O20 - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC)
O20 - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\jtskyee: DllName - (C:\Windows\system32\config\systemprofile\AppData\Local\jtskyee.dll) - C:\Windows\SysWOW64\config\systemprofile\AppData\Local\jtskyee.dll ()
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=consrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:[b]64bit:[/b] FET5X86V - C:\Windows\SysNative\dlcc_device.dll (Oak Technology Inc.)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/07/09 13:54:26 | 000,000,000 | ---D | C] -- C:\ProgramData\nkeizudgbpavass
[2012/07/02 18:58:34 | 000,000,000 | ---D | C] -- C:\Users\damian\Desktop\Damian działka
[2012/07/02 11:11:29 | 000,000,000 | ---D | C] -- C:\Users\damian\Desktop\Darmowe-torrenty.pl The Hangover Part ll
[2012/07/02 09:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink
[2012/07/02 09:36:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ralink Wireless
[2012/07/02 09:35:07 | 000,327,008 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2012/07/02 09:35:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink Driver
[2012/07/02 09:34:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012/07/02 09:33:52 | 001,121,856 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RAIHV.dll
[2012/07/02 09:33:51 | 002,403,392 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RaCertMgr.dll
[2012/07/02 09:33:51 | 001,121,856 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAIHV.dll
[2012/07/02 09:33:51 | 000,128,864 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAEXTUI.dll
[2012/07/02 09:33:51 | 000,128,864 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RAEXTUI.dll
[2012/07/02 09:33:50 | 001,608,768 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RaCertMgr.dll
[2012/07/02 09:33:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ralink
[2012/07/02 09:32:44 | 000,000,000 | ---D | C] -- C:\Users\damian\AppData\Roaming\InstallShield
[2012/07/01 13:13:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softonic
[2012/07/01 13:12:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gadu-Gadu 10
[2012/07/01 13:11:30 | 001,669,184 | ---- | C] (Softonic) -- C:\Users\damian\Desktop\softonic_ggl_1.5.24.3.exe
[2012/06/24 09:22:05 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/24 09:22:04 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/24 09:22:04 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/24 09:20:24 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/24 09:20:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/20 12:07:15 | 000,000,000 | ---D | C] -- C:\Users\damian\AppData\Roaming\Downloaded Installations
[2012/06/20 11:44:40 | 000,000,000 | ---D | C] -- C:\Users\damian\AppData\Roaming\EurekaLog
[2012/06/15 20:59:40 | 000,000,000 | ---D | C] -- C:\Users\damian\AppData\Local\ElevatedDiagnostics
[2012/06/14 19:39:47 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV
[2012/06/14 08:47:23 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/06/14 08:47:22 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/14 08:47:20 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/06/14 08:47:20 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/14 08:47:13 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/06/14 08:47:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/14 08:47:11 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/06/14 08:47:11 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/06/14 08:47:05 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/06/14 08:47:04 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/06/14 08:47:02 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/06/14 08:47:01 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/14 08:46:59 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/06/13 17:28:46 | 005,505,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/06/13 17:28:45 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/06/13 17:28:45 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/06/13 17:28:38 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/06/13 17:28:28 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/06/13 17:28:28 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/06/13 17:28:28 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/06/13 17:21:16 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/06/13 17:21:15 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/06/13 16:11:22 | 000,000,000 | -HSD | C] -- C:\found.003
[2011/08/09 10:59:52 | 000,118,400 | ---- | C] (VSO Software) -- C:\Users\damian\AppData\Roaming\ezplay.sys
[2009/10/23 23:44:31 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/07/11 18:20:31 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/11 18:04:20 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At85.job
[2012/07/11 18:04:20 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At38.job
[2012/07/11 18:04:20 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At84.job
[2012/07/11 18:01:01 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Messager.job
[2012/07/11 17:41:42 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/11 17:41:42 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/11 17:41:42 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/11 17:37:23 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/11 17:37:23 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/11 17:31:26 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/11 17:28:39 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
[2012/07/11 17:26:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/11 17:26:41 | 600,870,912 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/11 16:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At81.job
[2012/07/11 16:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At34.job
[2012/07/11 16:04:01 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At80.job
[2012/07/11 16:01:32 | 000,000,005 | ---- | M] () -- C:\Program Files (x86)\is.dat
[2012/07/11 15:30:49 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At79.job
[2012/07/11 15:30:49 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At32.job
[2012/07/11 15:30:49 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At78.job
[2012/07/11 14:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At77.job
[2012/07/11 14:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At30.job
[2012/07/11 14:04:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At76.job
[2012/07/11 13:04:02 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At75.job
[2012/07/11 13:04:02 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At28.job
[2012/07/11 13:04:02 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At74.job
[2012/07/11 12:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At73.job
[2012/07/11 12:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At26.job
[2012/07/11 12:04:01 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At72.job
[2012/07/11 11:06:24 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At24.job
[2012/07/11 11:06:04 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At70.job
[2012/07/11 11:05:03 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At71.job
[2012/07/11 10:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At69.job
[2012/07/11 10:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At22.job
[2012/07/11 10:04:01 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At68.job
[2012/07/11 09:32:40 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At67.job
[2012/07/11 09:32:40 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At20.job
[2012/07/11 09:32:40 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At66.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At8.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At65.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At63.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At61.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At6.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At59.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At57.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At55.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At53.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At51.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At49.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At4.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At2.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At18.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At16.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At14.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At12.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At10.job
[2012/07/11 09:32:39 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At64.job
[2012/07/11 09:32:39 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At62.job
[2012/07/11 09:32:39 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At60.job
[2012/07/11 09:32:39 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At58.job
[2012/07/11 09:32:39 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At56.job
[2012/07/11 09:32:39 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At54.job
[2012/07/11 09:32:39 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At52.job
[2012/07/11 09:32:38 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At50.job
[2012/07/11 09:32:38 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At1.job
[2012/07/10 23:36:30 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At95.job
[2012/07/10 23:36:30 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At48.job
[2012/07/10 23:36:30 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At94.job
[2012/07/10 22:04:37 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At93.job
[2012/07/10 22:04:37 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At46.job
[2012/07/10 22:04:37 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At92.job
[2012/07/10 21:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At91.job
[2012/07/10 21:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At44.job
[2012/07/10 21:04:01 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At90.job
[2012/07/10 20:04:02 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At89.job
[2012/07/10 20:04:02 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At42.job
[2012/07/10 20:04:02 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At88.job
[2012/07/10 19:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At87.job
[2012/07/10 19:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At40.job
[2012/07/10 19:04:01 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At86.job
[2012/07/10 19:00:00 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2012/07/10 17:04:48 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At83.job
[2012/07/10 17:04:48 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At36.job
[2012/07/10 17:04:48 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At82.job
[2012/07/10 15:03:22 | 000,001,389 | ---- | M] () -- C:\Users\damian\Desktop\Saloon Gier Interia.pl.lnk
[2012/07/09 13:54:29 | 000,000,051 | ---- | M] () -- C:\ProgramData\taipauwxndmemcg
[2012/07/09 13:54:13 | 000,061,440 | ---- | M] () -- C:\ProgramData\cdmwpqub.exe
[2012/07/09 13:54:13 | 000,061,440 | ---- | M] () -- C:\Users\damian\0.6082902952888133.exe
[2012/07/02 10:44:26 | 000,001,041 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
[2012/07/01 13:13:21 | 000,003,544 | ---- | M] () -- C:\user.js
[2012/07/01 13:12:49 | 000,001,041 | ---- | M] () -- C:\Users\Public\Desktop\OpenFM.lnk
[2012/07/01 13:12:49 | 000,001,012 | ---- | M] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk
[2012/07/01 13:11:45 | 001,669,184 | ---- | M] (Softonic) -- C:\Users\damian\Desktop\softonic_ggl_1.5.24.3.exe
[2012/06/14 11:11:00 | 000,341,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/07/09 13:54:29 | 000,061,440 | ---- | C] () -- C:\ProgramData\cdmwpqub.exe
[2012/07/09 13:54:20 | 000,000,051 | ---- | C] () -- C:\ProgramData\taipauwxndmemcg
[2012/07/09 13:54:13 | 000,061,440 | ---- | C] () -- C:\Users\damian\0.6082902952888133.exe
[2012/07/02 09:36:33 | 000,001,041 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
[2012/07/02 09:35:07 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012/07/02 09:35:07 | 000,014,119 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat
[2012/07/02 09:33:52 | 000,000,451 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.ini
[2012/07/02 09:33:52 | 000,000,451 | ---- | C] () -- C:\Windows\SysNative\DiagFunc.ini
[2012/07/02 09:33:50 | 000,792,416 | ---- | C] () -- C:\Windows\SysNative\DiagFunc.dll
[2012/07/02 09:33:47 | 000,792,416 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.dll
[2012/07/01 13:12:49 | 000,001,012 | ---- | C] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk
[2012/07/01 13:12:27 | 000,001,020 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadu-Gadu 10.lnk
[2012/05/27 18:43:58 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/04/16 19:52:30 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2012/04/02 11:51:15 | 000,000,169 | ---- | C] () -- C:\Windows\wininit.ini
[2012/02/18 20:37:03 | 000,087,176 | ---- | C] () -- C:\Windows\SysWow64\82YK8H.com_
[2012/01/03 09:59:50 | 000,000,000 | ---- | C] () -- C:\Users\damian\AppData\Local\{8D0213AC-BA6E-4ACC-84D8-BF4C4B6556E9}
[2011/12/07 18:56:25 | 000,000,000 | ---- | C] () -- C:\Users\damian\AppData\Local\{5424A7F4-ECFA-4991-BD07-D42C471CD21C}
[2011/12/07 18:54:23 | 000,000,000 | ---- | C] () -- C:\Users\damian\AppData\Local\{A417400E-B17B-4DF4-8887-B065D95D9199}
[2011/12/03 14:21:14 | 000,000,040 | ---- | C] () -- C:\Windows\2pic.ini
[2011/11/29 09:47:38 | 000,000,000 | ---- | C] () -- C:\Users\damian\AppData\Local\{A9B1F28B-FCCC-4F57-9709-92E2DEA655C2}
[2011/11/24 18:58:28 | 000,000,000 | ---- | C] () -- C:\Users\damian\AppData\Local\{518D4FB3-1DC8-4D6B-9D2A-E1F114432316}
[2011/11/24 18:56:36 | 000,000,000 | ---- | C] () -- C:\Users\damian\AppData\Local\{66CEC560-C9AC-4209-91FF-6567A9EBF95B}
[2011/11/16 17:41:57 | 000,000,000 | ---- | C] () -- C:\Users\damian\AppData\Local\{328DC5AC-02A8-4EBC-AA75-2AA3AEE7ACAE}
[2011/11/16 11:56:37 | 000,000,112 | ---- | C] () -- C:\ProgramData\M4H4UM7m.dat
[2011/11/02 18:41:50 | 000,016,384 | ---- | C] () -- C:\Program Files (x86)\uik.dat
[2011/11/02 18:40:52 | 000,000,005 | ---- | C] () -- C:\Program Files (x86)\is.dat
[2011/08/09 10:59:53 | 000,099,384 | ---- | C] () -- C:\Users\damian\AppData\Roaming\inst.exe
[2011/08/09 10:59:53 | 000,007,833 | ---- | C] () -- C:\Users\damian\AppData\Roaming\ezplay.cat
[2011/08/09 10:59:52 | 000,001,126 | ---- | C] () -- C:\Users\damian\AppData\Roaming\ezplay.inf
[2011/08/09 10:59:52 | 000,000,125 | ---- | C] () -- C:\Users\damian\AppData\Roaming\ezplay.ini
[2011/07/27 15:49:59 | 000,000,000 | ---- | C] () -- C:\Users\damian\AppData\Local\{3E9C317B-4776-4563-BD6A-1E4D1E3ACB6D}
[2011/06/29 09:53:13 | 000,019,456 | ---- | C] () -- C:\Users\damian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/10/26 21:22:51 | 000,000,000 | -HSD | M] -- C:\Users\damian\AppData\Roaming\.#
[2012/06/03 13:25:40 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\.minecraft
[2011/08/12 19:30:18 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\Ashampoo
[2011/12/03 20:38:44 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\Babylon
[2012/06/08 17:27:35 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\BitComet
[2011/10/29 11:04:09 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\BitSpirit
[2011/08/11 17:46:19 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\Canneverbe Limited
[2011/08/12 12:24:18 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\DeepBurner
[2012/06/20 12:07:15 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\Downloaded Installations
[2012/07/02 10:42:10 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\EurekaLog
[2012/07/02 08:12:31 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\Gadu-Gadu 10
[2011/07/28 17:56:04 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\GameConsole
[2012/02/18 15:24:50 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\Hynyu
[2011/11/04 10:56:32 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\MusicNet
[2012/06/03 12:07:43 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\Nitro PDF
[2011/08/11 17:45:32 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\OpenCandy
[2012/04/02 13:53:52 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\OpenFM
[2012/04/01 23:22:07 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\Optimizer Pro
[2012/05/22 09:34:44 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\PC Suite
[2011/09/24 10:49:12 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\PlayFirst
[2012/02/18 16:16:56 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\Quwe
[2012/05/27 19:07:24 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\Registry Mechanic
[2012/05/20 08:13:59 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\Samsung
[2011/12/03 20:38:58 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\SumatraPDF
[2011/08/09 19:52:27 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\Vso
[2012/05/04 18:09:48 | 000,000,000 | ---D | M] -- C:\Users\damian\AppData\Roaming\Windows Live Writer
[2012/07/11 09:32:38 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At10.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At12.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At14.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At16.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At18.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2012/07/11 09:32:40 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At20.job
[2012/07/11 10:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At22.job
[2012/07/11 11:06:24 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At24.job
[2012/07/11 12:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At26.job
[2012/07/11 13:04:02 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At28.job
[2012/07/11 14:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At30.job
[2012/07/11 15:30:49 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At32.job
[2012/07/11 16:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At34.job
[2012/07/10 17:04:48 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At36.job
[2012/07/11 18:04:20 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At38.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2012/07/10 19:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At40.job
[2012/07/10 20:04:02 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At42.job
[2012/07/10 21:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At44.job
[2012/07/10 22:04:37 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At46.job
[2012/07/10 23:36:30 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At48.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At49.job
[2012/07/11 09:32:38 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At50.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At51.job
[2012/07/11 09:32:39 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At52.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At53.job
[2012/07/11 09:32:39 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At54.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At55.job
[2012/07/11 09:32:39 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At56.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At57.job
[2012/07/11 09:32:39 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At58.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At59.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At6.job
[2012/07/11 09:32:39 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At60.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At61.job
[2012/07/11 09:32:39 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At62.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At63.job
[2012/07/11 09:32:39 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At64.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At65.job
[2012/07/11 09:32:40 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At66.job
[2012/07/11 09:32:40 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At67.job
[2012/07/11 10:04:01 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At68.job
[2012/07/11 10:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At69.job
[2012/07/11 11:06:04 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At70.job
[2012/07/11 11:05:03 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At71.job
[2012/07/11 12:04:01 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At72.job
[2012/07/11 12:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At73.job
[2012/07/11 13:04:02 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At74.job
[2012/07/11 13:04:02 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At75.job
[2012/07/11 14:04:00 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At76.job
[2012/07/11 14:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At77.job
[2012/07/11 15:30:49 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At78.job
[2012/07/11 15:30:49 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At79.job
[2012/07/11 09:32:39 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At8.job
[2012/07/11 16:04:01 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At80.job
[2012/07/11 16:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At81.job
[2012/07/10 17:04:48 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At82.job
[2012/07/10 17:04:48 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At83.job
[2012/07/11 18:04:20 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At84.job
[2012/07/11 18:04:20 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At85.job
[2012/07/10 19:04:01 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At86.job
[2012/07/10 19:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At87.job
[2012/07/10 20:04:02 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At88.job
[2012/07/10 20:04:02 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At89.job
[2012/07/10 21:04:01 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At90.job
[2012/07/10 21:04:01 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At91.job
[2012/07/10 22:04:37 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At92.job
[2012/07/10 22:04:37 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At93.job
[2012/07/10 23:36:30 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\At94.job
[2012/07/10 23:36:30 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At95.job
[2012/07/11 17:28:39 | 000,000,286 | ---- | M] () -- C:\Windows\Tasks\RMAutoUpdate.job
[2012/07/10 19:00:00 | 000,000,288 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job
[2012/04/17 21:03:16 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color]
[C:\Windows\system64] -> \systemroot\system32 -> Mount Point
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:ABE89FFE
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:E3C56885
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:E1F04E8D
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:5D7E5A8F
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:AB689DEA
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:0B9176C0
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:4D066AD2
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:93DE1838

< End of report >