OTL logfile created on: 2012-07-22 18:10:51 - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = D:\Pobrane 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 5,98 Gb Total Physical Memory | 3,38 Gb Available Physical Memory | 56,53% Memory free 11,98 Gb Paging File | 9,06 Gb Available in Paging File | 75,63% Paging File free Paging file location(s): C:\pagefile.sys 6142 6142 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 100,49 Gb Total Space | 10,61 Gb Free Space | 10,56% Space Free | Partition Type: NTFS Drive D: | 365,17 Gb Total Space | 216,12 Gb Free Space | 59,18% Space Free | Partition Type: NTFS Computer Name: USER-KOMPUTER | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-22 10:39:28 | 000,596,480 | ---- | M] (OldTimer Tools) -- D:\Pobrane\OTL.exe PRC - [2012-07-03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-07-03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-07-03 18:21:27 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe PRC - [2012-02-23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2011-09-15 13:06:04 | 000,088,576 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe PRC - [2010-12-09 07:27:50 | 001,025,616 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2010-12-09 07:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2010-12-09 07:27:50 | 000,287,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2010-11-22 20:23:00 | 001,993,320 | R--- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2010-10-26 11:24:08 | 001,765,484 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe PRC - [2010-10-25 15:38:36 | 000,319,574 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe PRC - [2010-10-06 06:08:48 | 002,655,768 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010-10-06 06:08:44 | 000,325,656 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010-09-13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010-09-13 19:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2009-12-03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe PRC - [2009-05-14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe PRC - [2009-01-26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2007-03-06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe PRC - [2006-12-19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-07-13 12:13:59 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll MOD - [2012-07-10 06:09:00 | 000,438,296 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll MOD - [2012-07-10 06:08:59 | 003,972,120 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll MOD - [2012-07-10 06:07:39 | 000,554,520 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\20.0.1132.57\libglesv2.dll MOD - [2012-07-10 06:07:37 | 000,117,784 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\20.0.1132.57\libegl.dll MOD - [2012-07-10 06:07:22 | 000,140,328 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\20.0.1132.57\avutil-51.dll MOD - [2012-07-10 06:07:21 | 000,262,184 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\20.0.1132.57\avformat-54.dll MOD - [2012-07-10 06:07:19 | 002,386,984 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll MOD - [2012-07-10 04:17:27 | 009,255,112 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll MOD - [2012-07-10 04:17:27 | 009,255,112 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\APPLIC~1\200113~1.57\gcswf32.dll MOD - [2012-06-15 09:50:10 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll MOD - [2012-06-14 22:26:46 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll MOD - [2012-06-14 22:25:47 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012-06-14 22:25:30 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012-05-14 12:53:43 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll MOD - [2012-05-09 21:01:42 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll MOD - [2012-05-09 20:59:52 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll MOD - [2012-05-09 20:59:39 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012-05-09 20:59:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012-05-09 20:59:29 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012-05-09 20:59:16 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012-01-08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll MOD - [2011-06-24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011-06-24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll MOD - [2011-03-17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll MOD - [2010-11-13 04:37:37 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2009-07-14 19:55:02 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pl_b77a5c561934e089\System.Runtime.Remoting.resources.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-07-13 12:14:00 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-06-23 22:22:19 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService) SRV - [2012-03-06 16:05:36 | 000,148,480 | ---- | M] (Two Pilots) [Auto | Running] -- C:\Windows\VPDAgent_x64.exe -- (Agent) SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-09-15 13:06:04 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2010-12-09 07:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2010-11-22 20:23:00 | 001,993,320 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2010-10-26 11:24:08 | 001,765,484 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS) SRV - [2010-10-25 15:40:36 | 000,192,000 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS) SRV - [2010-10-06 06:08:48 | 002,655,768 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010-10-06 06:08:44 | 000,325,656 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010-09-13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-05-14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0) SRV - [2008-09-08 07:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2007-03-06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service) SRV - [2006-12-19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService) SRV - [2005-02-09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- C:\Windows\SysWOW64\drivers\Pclepci.sys -- (PCLEPCI) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=112555&tt=060612_7_&babsrc=HP_ss&mntrId=12b536490000000000000015834ca5ad IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\..\URLSearchHook: {0D52B2CA-C02E-4EC1-8E80-0A5CD2A640BD} - No CLSID value found IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\..\URLSearchHook: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - No CLSID value found IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\..\URLSearchHook: {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files (x86)\Minibar\Froggy.dll (TODO: <название компании>) IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\..\SearchScopes,DefaultScope = {2A10370C-36C6-46F0-ACAC-A01CFDAEF0BA} IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112555&tt=060612_7_&babsrc=SP_ss&mntrId=12b536490000000000000015834ca5ad IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\..\SearchScopes\{2A10370C-36C6-46F0-ACAC-A01CFDAEF0BA}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\..\SearchScopes\{5A7A4523-AAA0-4151-97D3-21F0B8E86D22}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3106777 IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\..\SearchScopes\{7325b495-12c4-4dc9-9115-7230c92fb059}: "URL" = IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\..\SearchScopes\{C86CCDA2-F3A0-4BAB-91B7-867FD167F605}: "URL" = http://search.igeared.com/dispatcher.aspx?i=63&tp=chrome&q={searchTerms} IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3106777 IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\..\URLSearchHook: {0D52B2CA-C02E-4EC1-8E80-0A5CD2A640BD} - No CLSID value found IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\..\URLSearchHook: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - No CLSID value found IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\..\URLSearchHook: {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files (x86)\Minibar\Froggy.dll (TODO: <название компании>) IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110055&babsrc=SP_ss&mntrId=12b536490000000000009a9ffa938278 IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\..\SearchScopes\{5A7A4523-AAA0-4151-97D3-21F0B8E86D22}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3106777 IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\..\SearchScopes\{7325b495-12c4-4dc9-9115-7230c92fb059}: "URL" = IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\..\SearchScopes\{C86CCDA2-F3A0-4BAB-91B7-867FD167F605}: "URL" = http://search.igeared.com/dispatcher.aspx?i=63&tp=chrome&q={searchTerms} IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)" FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=112555&tt=060612_7_&babsrc=HP_ss&mntrId=12b536490000000000000015834ca5ad" FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=112555&tt=060612_7_&babsrc=KW_ss&mntrId=12b536490000000000000015834ca5ad&q=" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "SweetIM Search" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "SweetIM Search" FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com/?barid={76BE293D-BA19-11E0-8618-1C7508DD946E}" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://mystart.incredimail.com/mb68/?loc=ff_address_bar&u=92260378066379236&search=" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-07-06 09:10:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-11-14 16:14:39 | 000,000,000 | ---D | M] [2011-08-10 22:03:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions [2011-08-10 22:03:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012-04-04 20:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\qqyhmlru.default\extensions [2011-11-12 11:14:52 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\qqyhmlru.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516} [2012-04-04 20:42:22 | 000,000,000 | ---D | M] (WinZipBar Community Toolbar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\qqyhmlru.default\extensions\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37} [2011-11-12 11:15:09 | 000,000,000 | ---D | M] (FaceSmooch) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\qqyhmlru.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF} [2011-11-14 16:17:45 | 000,000,000 | ---D | M] (IncrediMail MediaBar 2 Toolbar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\qqyhmlru.default\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} [2011-11-12 11:14:53 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\qqyhmlru.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} [2012-05-16 18:10:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\qqyhmlru.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2012-06-14 12:30:09 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\qqyhmlru.default\extensions\ffxtlbr@babylon.com [2012-04-03 16:26:22 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\qqyhmlru.default\extensions\plugin@yontoo.com [2011-11-14 16:15:06 | 000,002,207 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\qqyhmlru.default\searchplugins\MyStart Search.xml [2012-05-26 15:05:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-03-09 00:43:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-08-12 08:32:21 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011-08-12 05:51:25 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-06-17 15:22:02 | 000,002,352 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2011-08-12 05:51:25 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2011-08-12 05:51:25 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011-08-12 05:51:25 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2011-09-08 04:49:14 | 000,001,482 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SpeedUp_igeared.xml [2011-08-12 05:51:25 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-08-12 05:51:25 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.google.pl/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://www.google.pl/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - Extension: DealPly = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\ CHR - Extension: avast! WebRep = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\ O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (no name) - {0D52B2CA-C02E-4EC1-8E80-0A5CD2A640BD} - No CLSID value found. O2 - BHO: (no name) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - No CLSID value found. O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (MrFroggy Class) - {856E12B5-22D7-4E22-9ACA-EA9A008DD65B} - C:\Program Files (x86)\Minibar\Froggy.dll (TODO: <название компании>) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd) O2 - BHO: (MinibarBHO) - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Kango.dll (KangoExtensions) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (no name) - {005B8FC3-0F7E-45DD-8A2F-E352D67EDBFC} - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found. O3 - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\..\Toolbar\WebBrowser: (no name) - {005B8FC3-0F7E-45DD-8A2F-E352D67EDBFC} - No CLSID value found. O3 - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\..\Toolbar\WebBrowser: (no name) - {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} - No CLSID value found. O3 - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\..\Toolbar\WebBrowser: (no name) - {005B8FC3-0F7E-45DD-8A2F-E352D67EDBFC} - No CLSID value found. O3 - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\..\Toolbar\WebBrowser: (no name) - {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BtTray] C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe (IVT Corporation) O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-577605133-2275961513-2443662652-1000..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) O4 - HKU\S-1-5-21-577605133-2275961513-2443662652-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-577605133-2275961513-2443662652-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKU\S-1-5-21-577605133-2275961513-2443662652-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKU\S-1-5-21-577605133-2275961513-2443662652-1001..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) O4 - HKU\S-1-5-21-577605133-2275961513-2443662652-1001..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-577605133-2275961513-2443662652-1001..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKU\S-1-5-21-577605133-2275961513-2443662652-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-577605133-2275961513-2443662652-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-577605133-2275961513-2443662652-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-577605133-2275961513-2443662652-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra Button: Share Your Mood - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files (x86)\Minibar\MinibarButton.dll (TODO: ) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.233.233.233 87.204.204.204 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01B60378-665D-461F-B9B0-45C04BD01EE9}: DhcpNameServer = 62.233.233.233 87.204.204.204 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6915BA27-62D6-43E1-B0CD-77BA8AF28F3B}: DhcpNameServer = 194.204.159.1 194.204.152.34 O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies) O18 - Protocol\Handler\speeduptoolbar - No CLSID value found O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-11-13 22:17:38 | 000,000,108 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{306c7a31-87d8-11e0-8df1-1c7508dd946e}\Shell - "" = AutoRun O33 - MountPoints2\{306c7a31-87d8-11e0-8df1-1c7508dd946e}\Shell\AutoRun\command - "" = G:\autorun.exe O33 - MountPoints2\{ddfbdf93-0c5e-11e1-b223-1c7508dd946e}\Shell - "" = AutoRun O33 - MountPoints2\{ddfbdf93-0c5e-11e1-b223-1c7508dd946e}\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\{ddfbdf9e-0c5e-11e1-b223-1c7508dd946e}\Shell - "" = AutoRun O33 - MountPoints2\{ddfbdf9e-0c5e-11e1-b223-1c7508dd946e}\Shell\AutoRun\command - "" = I:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-13 09:33:55 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012-07-13 08:47:05 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012-07-13 08:47:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012-07-13 08:47:01 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012-07-13 08:47:00 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012-07-13 08:46:57 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012-07-13 08:46:55 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012-07-11 14:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 [2012-07-11 13:18:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012-07-11 13:18:04 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012-06-26 11:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security [2012-06-25 16:04:24 | 001,394,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4.dll [2012-06-22 19:42:31 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Paint.NET [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-22 18:13:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-07-22 18:04:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-577605133-2275961513-2443662652-1000UA.job [2012-07-22 17:31:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-07-22 09:53:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-07-22 09:28:25 | 000,005,359 | ---- | M] () -- C:\Windows\SysWow64\LOCALSERVICE.INI [2012-07-22 09:27:12 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-07-22 09:26:48 | 000,001,104 | ---- | M] () -- C:\Windows\SysWow64\bscs.ini [2012-07-22 09:25:57 | 522,604,543 | -HS- | M] () -- C:\hiberfil.sys [2012-07-21 09:04:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-577605133-2275961513-2443662652-1000Core.job [2012-07-20 12:00:00 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\One-Click Tweak.job [2012-07-14 21:37:48 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI [2012-07-13 12:13:59 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-07-13 12:13:59 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-07-13 09:43:23 | 000,000,105 | ---- | M] () -- C:\Windows\SysWow64\LOCALDEVICE.INI [2012-07-11 19:00:46 | 000,002,354 | ---- | M] () -- C:\Users\User\Desktop\Google Chrome.lnk [2012-07-11 14:17:18 | 000,011,264 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-11 14:01:09 | 000,000,532 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk [2012-07-06 09:10:45 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012-07-03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2012-07-03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012-07-01 22:04:19 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLev.DAT [2012-06-26 11:29:32 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk [2012-06-25 16:04:24 | 001,394,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4.dll [2012-06-24 13:33:08 | 000,016,145 | ---- | M] () -- C:\Users\User\Documents\2012-06-24.hrf [2012-06-23 22:22:19 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe [2012-06-23 22:22:19 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\srvany.exe [2012-06-22 19:43:19 | 000,001,176 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk [2012-06-22 19:37:25 | 000,000,751 | ---- | M] () -- C:\Users\Public\Desktop\PhotoInstrument.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-11 14:01:09 | 000,000,532 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk [2012-06-26 11:29:32 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk [2012-06-24 13:33:08 | 000,016,145 | ---- | C] () -- C:\Users\User\Documents\2012-06-24.hrf [2012-06-23 22:22:59 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe [2012-06-22 19:43:19 | 000,001,188 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk [2012-06-22 19:43:19 | 000,001,176 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk [2012-06-03 17:42:08 | 000,001,125 | ---- | C] () -- C:\Windows\SysWow64\SHORTCUT.INI [2012-06-03 17:41:56 | 000,000,267 | ---- | C] () -- C:\Windows\SysWow64\REMOTEDEVICE.INI [2012-06-03 16:31:50 | 000,005,359 | ---- | C] () -- C:\Windows\SysWow64\LOCALSERVICE.INI [2012-06-03 16:31:49 | 000,000,105 | ---- | C] () -- C:\Windows\SysWow64\LOCALDEVICE.INI [2012-06-03 16:27:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\BSPRINT.INI [2012-05-26 16:31:07 | 000,030,601 | ---- | C] () -- C:\Users\User\x.exe [2012-05-26 15:46:22 | 000,004,606 | ---- | C] () -- C:\Users\User\.recently-used.xbel [2012-05-26 12:19:17 | 000,000,082 | ---- | C] () -- C:\Windows\BsMobileModel.ini [2012-05-25 16:42:49 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012-05-11 21:35:21 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Work - Home [2012-05-11 21:35:21 | 000,000,268 | RH-- | C] () -- C:\Users\User\AppData\Roaming\WebServer [2012-05-11 21:35:21 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT [2012-05-11 21:35:21 | 000,000,012 | RH-- | C] () -- C:\ProgramData\vhosts [2012-05-11 21:34:33 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Workflows [2012-05-11 21:34:32 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Woodwinds [2012-05-11 21:34:32 | 000,000,268 | RH-- | C] () -- C:\Users\User\AppData\Roaming\Widgets [2012-05-11 21:34:32 | 000,000,268 | RH-- | C] () -- C:\Users\User\AppData\Roaming\Vocals [2012-05-11 21:34:32 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT [2012-05-11 21:34:32 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT [2012-05-11 21:34:32 | 000,000,012 | RH-- | C] () -- C:\ProgramData\manual [2012-05-03 17:27:57 | 000,000,600 | ---- | C] () -- C:\Users\User\AppData\Local\PUTTY.RND [2012-04-22 22:12:22 | 004,424,704 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll [2012-04-09 01:39:46 | 000,260,608 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll [2012-04-09 01:39:32 | 000,158,720 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll [2012-04-09 01:39:32 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll [2012-04-09 01:39:30 | 001,525,248 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll [2012-04-09 01:39:30 | 000,146,944 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll [2012-04-09 01:39:28 | 000,212,480 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll [2012-04-09 01:39:28 | 000,115,200 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll [2012-04-09 01:39:26 | 000,328,704 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll [2012-03-29 16:21:26 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll [2012-03-29 16:21:18 | 006,582,226 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll [2012-03-29 16:21:18 | 001,152,365 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll [2012-03-29 16:21:18 | 000,374,152 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll [2012-03-29 16:21:18 | 000,207,872 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll [2012-03-29 16:21:18 | 000,144,523 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-2.dll [2012-03-11 14:13:52 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011-12-21 19:52:51 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-11-13 23:22:49 | 000,000,017 | ---- | C] () -- C:\Windows\MovingPicture.ini [2011-11-13 22:17:38 | 000,196,096 | ---- | C] () -- C:\Windows\SysWow64\macd32.dll [2011-11-13 22:17:38 | 000,138,752 | ---- | C] () -- C:\Windows\SysWow64\mase32.dll [2011-11-13 22:17:38 | 000,136,192 | ---- | C] () -- C:\Windows\SysWow64\mamc32.dll [2011-11-13 22:17:38 | 000,057,856 | ---- | C] () -- C:\Windows\SysWow64\masd32.dll [2011-11-13 22:17:38 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\ma32.dll [2011-11-10 03:24:46 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011-09-14 15:14:06 | 000,004,930 | ---- | C] () -- C:\ProgramData\ojobkspa.ako [2011-09-08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll [2011-09-08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll [2011-09-08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll [2011-09-08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll [2011-09-08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe [2011-09-08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll [2011-09-08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe [2011-09-08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe [2011-09-08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll [2011-09-08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll [2011-08-02 23:40:40 | 000,075,776 | ---- | C] () -- C:\Windows\cadkasdeinst01pol.exe [2011-07-27 22:07:26 | 000,093,671 | ---- | C] () -- C:\Users\User\AppData\Roaming\Uninstal.exe [2011-07-17 12:55:39 | 000,011,264 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-06-25 18:26:27 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini [2011-06-25 17:18:12 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe [2011-05-29 19:13:24 | 000,000,026 | ---- | C] () -- C:\Windows\CDE DX5000.ini [2011-05-29 16:10:21 | 001,603,254 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-05-27 16:33:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011-05-23 16:53:44 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-05-23 16:52:26 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2011-03-08 21:14:39 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011-03-08 21:14:39 | 000,206,952 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011-03-08 21:14:39 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011-03-08 14:44:42 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2011-03-03 13:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll [2011-03-03 13:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll [2011-03-03 13:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll [2010-10-26 11:04:50 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\bscs.ini [2010-10-25 15:34:42 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\BsMobileCSps.dll [2010-08-18 21:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini [color=#E56717]========== LOP Check ==========[/color] [2011-08-03 19:25:17 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.minecraft [2011-07-13 11:30:50 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.wtw [2012-06-14 12:29:29 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Babylon [2011-11-12 11:05:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BeSpotted [2011-08-02 23:40:52 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\CAD-KAS [2011-07-23 21:08:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012-05-25 12:51:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\driveridentifier [2011-06-05 20:32:41 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\EPSON [2011-05-27 18:23:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\EurekaLog [2012-05-18 17:10:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FileZilla [2011-09-18 14:26:20 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Gadu-Gadu 10 [2012-04-22 18:32:40 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\gtk-2.0 [2012-01-19 12:56:24 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\HTC [2012-01-10 21:05:38 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2011-12-30 17:08:50 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ipla [2011-09-18 15:30:46 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Kadu [2011-10-08 13:03:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Mobilny Internet [2011-09-14 15:14:08 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MOVAVI [2012-07-01 22:04:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nikon [2011-05-30 08:59:14 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nitro PDF [2012-07-01 22:09:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ObviousIdea [2011-08-22 18:01:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Opera [2012-01-11 17:13:20 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Outlook [2011-07-24 10:18:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PDAppFlex [2011-05-30 08:59:01 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PrimoPDF [2011-11-13 23:21:29 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\proDAD [2011-09-18 16:38:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ProtectDISC [2011-05-28 21:16:14 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Qrix [2011-05-27 22:40:22 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ResizeMe_ [2011-11-09 13:18:38 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Rovio [2011-11-09 22:36:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\StoneLoopsRE [2011-11-09 13:16:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Thinstall [2011-08-10 22:03:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TomTom [2011-07-18 22:16:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ulead Systems [2011-10-07 21:21:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wildfire [2012-05-16 16:58:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wise Registry Cleaner [2012-06-17 15:23:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\YourFileDownloader [2012-07-20 12:00:00 | 000,000,522 | ---- | M] () -- C:\Windows\Tasks\One-Click Tweak.job [2012-06-02 18:52:04 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012-06-07 20:56:13 | 000,000,464 | ---- | M] () -- C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job [color=#E56717]========== Purity Check ==========[/color] < End of report >