OTL logfile created on: 2012-07-27 18:30:55 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = D:\Downloads 64bit- Ultimate Edition (Version = 6.1.7100) - Type = NTWorkstation Internet Explorer (Version = 8.0.7100.0) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 65,37% Memory free 4,00 Gb Paging File | 3,33 Gb Available in Paging File | 83,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 19,53 Gb Total Space | 1,53 Gb Free Space | 7,81% Space Free | Partition Type: NTFS Drive D: | 249,03 Gb Total Space | 136,39 Gb Free Space | 54,77% Space Free | Partition Type: NTFS Drive E: | 29,52 Gb Total Space | 12,15 Gb Free Space | 41,15% Space Free | Partition Type: NTFS Computer Name: DUN-PC | User Name: Dun | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-27 18:01:20 | 000,597,504 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe PRC - [2012-07-19 16:03:29 | 000,913,888 | ---- | M] (Mozilla Corporation) -- D:\Programy\firefox2\firefox.exe PRC - [2012-07-19 16:03:28 | 000,016,864 | ---- | M] (Mozilla Corporation) -- D:\Programy\firefox2\plugin-container.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-07-19 16:03:29 | 002,003,424 | ---- | M] () -- D:\Programy\firefox2\mozjs.dll MOD - [2012-02-19 11:12:49 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-07-27 17:49:13 | 000,108,392 | ---- | M] (SurfRight B.V.) [Auto | Stopped] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler) SRV:[b]64bit:[/b] - [2012-04-13 10:17:04 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:[b]64bit:[/b] - [2011-12-06 05:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-04-22 07:40:14 | 001,011,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-04-22 07:38:59 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-07-15 18:52:08 | 000,018,360 | ---- | M] (Overwolf Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdaterService) SRV - [2012-07-03 21:34:37 | 000,670,816 | ---- | M] (Wellbia.com Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\xsherlock.xem -- (xsherlock) SRV - [2012-06-15 12:26:32 | 000,103,472 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service) SRV - [2012-04-13 10:17:10 | 002,143,552 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2012-04-13 10:17:04 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2011-12-05 23:15:08 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- D:\Programy\hdati\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2011-07-07 20:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011-06-15 18:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate) SRV - [2011-03-28 21:51:25 | 004,323,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc) SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009-04-04 22:05:06 | 000,067,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2006-10-27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Programy\Office2007\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-07-27 17:53:12 | 000,030,496 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hitmanpro36.sys -- (hitmanpro36) DRV:[b]64bit:[/b] - [2012-05-20 11:27:43 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2011-12-06 05:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2011-12-06 05:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2011-12-06 04:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2010-02-18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:[b]64bit:[/b] - [2009-04-22 07:53:06 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-04-22 07:53:04 | 000,105,040 | ---- | M] (AMD) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-04-22 07:52:53 | 000,028,752 | ---- | M] (AMD) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-04-22 07:48:16 | 000,077,904 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-04-22 07:48:15 | 000,065,616 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-04-22 07:48:04 | 000,023,120 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2009-04-22 07:45:20 | 000,024,640 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-04-22 07:38:39 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (1394hub) DRV:[b]64bit:[/b] - [2009-03-17 06:35:14 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-03-06 09:43:49 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-03-06 09:43:48 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-02-06 05:41:49 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-01-24 06:08:24 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2011-11-08 12:47:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2011-06-24 07:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- D:\Programy\hdati\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV - [2009-04-22 07:23:43 | 000,019,024 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2005-01-02 23:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) DRV - [2002-04-26 13:04:16 | 000,095,484 | ---- | M] (DATOM Dariusz Cielebąk) [Kernel | Auto | Stopped] -- C:\Windows\SysWow64\drivers\KMM4XNT.SYS -- (Kmm4xNT) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ogplanet.com/npOGPPlugin: C:\Windows\system32\npOGPPlugin.dll (OGPlanet) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes) FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll File not found FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dun\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009-04-22 11:45:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012-07-17 22:28:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: D:\Programy\firefox2\components [2012-07-19 16:03:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: D:\Programy\firefox2\plugins [2012-06-19 19:40:50 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: D:\Programy\firefox2\components [2012-07-19 16:03:29 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: D:\Programy\firefox2\plugins [2012-06-19 19:40:50 | 000,000,000 | ---D | M] [2012-02-11 18:20:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dun\AppData\Roaming\Mozilla\Extensions [2012-05-26 14:18:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dun\AppData\Roaming\Mozilla\Firefox\Profiles\jpndh546.default\extensions [2012-03-30 07:37:55 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Dun\AppData\Roaming\Mozilla\Firefox\Profiles\jpndh546.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-04-18 16:01:39 | 000,000,000 | ---D | M] (Bcool) -- C:\Users\Dun\AppData\Roaming\Mozilla\Firefox\Profiles\jpndh546.default\extensions\4f8daf3712e0a@4f8daf3712e0c.info [2012-05-07 19:56:21 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Users\Dun\AppData\Roaming\Mozilla\Firefox\Profiles\jpndh546.default\extensions\ietab@ip.cn [2012-05-26 14:18:19 | 000,000,000 | ---D | M] (Epuap Sign Plugin) -- C:\Users\Dun\AppData\Roaming\Mozilla\Firefox\Profiles\jpndh546.default\extensions\SignPlugin@epuap.com O1 HOSTS File: ([2009-02-24 05:35:22 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\Office2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Dun\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (Trend Media Group) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O4 - HKLM..\Run: [GrooveMonitor] D:\Programy\Office2007\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [StartCCC] D:\Programy\hdati\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000..\Run: [Akamai NetSession Interface] C:\Users\Dun\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000..\Run: [DAEMON Tools Lite] D:\Programy\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000..\Run: [FlashGet 3] D:\Programy\flashget\FlashGet 3\FlashGet3.exe (Trend Media Corporation Limited) O4 - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe (Overwolf) O4 - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000..\Run: [rnhiszfkejksqfh] C:\ProgramData\rnhiszfk.exe () O4 - HKU\S-1-5-21-1664460829-1821031617-1176298176-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] D:\Programy\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Dun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: Download all links by FlashGet3 - D:\Programy\flashget\FlashGet 3\BHO\fdgetallurl.htm () O8:[b]64bit:[/b] - Extra context menu item: Download by FlashGet3 - D:\Programy\flashget\FlashGet 3\BHO\fdgeturl.htm () O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Programy\Office2007\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Download all links by FlashGet3 - D:\Programy\flashget\FlashGet 3\BHO\fdgetallurl.htm () O8 - Extra context menu item: Download by FlashGet3 - D:\Programy\flashget\FlashGet 3\BHO\fdgeturl.htm () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Programy\Office2007\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\Office2007\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\Office2007\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\Office2007\Office12\REFIEBAR.DLL (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} http://www.netgame.com/mplugin/mglaunch_USAv1005.cab (MGLaunch_v1004 Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.177.196.14 195.177.196.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8EE302CB-73BD-45D4-9668-0C8C5A4CC4CC}: DhcpNameServer = 195.177.196.14 195.177.196.4 O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\Office2007\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~2.DLL (Skype Technologies) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O27:[b]64bit:[/b] - HKLM IFEO\dtlite.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\flashget3.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\quickstart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\sbase.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\scalc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\sdraw.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\simpress.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\smath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\soffice.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\swriter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\dtlite.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\flashget3.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\quickstart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\sbase.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\scalc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\sdraw.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\simpress.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\smath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\soffice.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\swriter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programy\Office2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-11-28 20:07:25 | 000,000,051 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-11-28 20:07:25 | 000,000,051 | RHS- | M] () - E:\autorun.inf -- [ NTFS ] O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe O33 - MountPoints2\H\Shell\install\command - "" = H:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-27 17:57:53 | 000,000,000 | ---D | C] -- C:\Users\Dun\AppData\Roaming\Malwarebytes [2012-07-27 17:57:44 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012-07-27 17:57:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-07-27 17:57:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-07-27 17:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro [2012-07-27 17:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro [2012-07-27 17:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2012-07-27 17:12:15 | 000,000,000 | ---D | C] -- C:\ProgramData\mebqaqnseidrxbc [2012-07-26 16:30:53 | 000,000,000 | ---D | C] -- C:\Users\Dun\AppData\Local\CrashRpt [2012-07-26 16:22:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEVENCORE [2012-07-23 20:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAESTIA [2012-07-18 21:50:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012-07-18 21:50:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Overwolf [2012-07-17 22:27:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Overwolf [2012-07-03 21:34:26 | 000,000,000 | ---D | C] -- C:\Users\Dun\Documents\C9 [2012-07-03 21:30:33 | 000,000,000 | ---D | C] -- C:\Users\Dun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webzen Hub [2012-07-03 21:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Overwolf [2012-07-03 21:28:15 | 000,000,000 | ---D | C] -- C:\Users\Dun\AppData\Local\Overwolf [2012-07-03 21:27:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2012-07-03 21:27:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\C9 [2012-07-01 11:00:24 | 000,000,000 | ---D | C] -- C:\Users\Dun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Red Stone [2012-07-01 11:00:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Stone [2012-07-01 09:54:28 | 000,079,256 | ---- | C] (OGPlanet) -- C:\Windows\SysWow64\npOGPPlugin.dll [2012-07-01 09:54:27 | 000,271,768 | ---- | C] (OGPlanet) -- C:\Windows\SysWow64\OGPIEPlugin.ocx [2012-07-01 09:54:27 | 000,000,000 | ---D | C] -- C:\Users\Dun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OGPlanet [2012-07-01 09:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OGPlanet [2012-06-28 21:42:43 | 000,000,000 | ---D | C] -- C:\Users\Dun\Desktop\konspekty [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-27 18:29:03 | 000,727,362 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-07-27 18:29:03 | 000,615,760 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-07-27 18:29:03 | 000,107,396 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-07-27 18:24:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-07-27 17:57:44 | 000,000,731 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-07-27 17:53:12 | 000,030,496 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro36.sys [2012-07-27 17:52:26 | 000,033,050 | ---- | M] () -- C:\Windows\SysNative\.crusader [2012-07-27 17:49:13 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2012-07-27 17:12:16 | 000,000,051 | ---- | M] () -- C:\ProgramData\twxhpvlxwvmswyk [2012-07-27 17:11:59 | 000,061,440 | ---- | M] () -- C:\ProgramData\rnhiszfk.exe [2012-07-27 17:01:41 | 000,011,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-07-27 17:01:41 | 000,011,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-07-26 16:22:24 | 000,000,521 | ---- | M] () -- C:\Users\Public\Desktop\SEVENCORE.lnk [2012-07-23 20:36:59 | 000,000,614 | ---- | M] () -- C:\Users\Public\Desktop\MAESTIA.lnk [2012-07-23 19:39:36 | 000,232,649 | ---- | M] () -- C:\Users\Dun\Desktop\MaestiaDownloader.exe [2012-07-22 22:15:20 | 000,150,360 | ---- | M] () -- C:\Users\Dun\Desktop\C25169957_3.jpg [2012-07-03 21:34:37 | 000,670,816 | ---- | M] (Wellbia.com Co., Ltd.) -- C:\Windows\SysWow64\xsherlock.xem [2012-07-03 21:30:33 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Webzen Hub.lnk [2012-07-03 21:27:03 | 000,000,086 | ---- | M] () -- C:\Users\Dun\Desktop\C9.url [2012-07-03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012-07-01 11:05:25 | 000,000,022 | ---- | M] () -- C:\clientinfo.ogp [2012-07-01 11:00:28 | 000,001,171 | ---- | M] () -- C:\Users\Dun\Desktop\OGPlanet.lnk [2012-07-01 11:00:24 | 000,000,145 | ---- | M] () -- C:\Users\Dun\Desktop\Red Stone webpage.url [2012-07-01 09:54:27 | 000,001,171 | ---- | M] () -- C:\Users\Dun\Desktop\Game Launcher.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-27 17:57:44 | 000,000,731 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-07-27 17:52:26 | 000,033,050 | ---- | C] () -- C:\Windows\SysNative\.crusader [2012-07-27 17:49:14 | 000,030,496 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro36.sys [2012-07-27 17:49:13 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2012-07-27 17:12:16 | 000,061,440 | ---- | C] () -- C:\ProgramData\rnhiszfk.exe [2012-07-27 17:12:00 | 000,000,051 | ---- | C] () -- C:\ProgramData\twxhpvlxwvmswyk [2012-07-26 16:22:24 | 000,000,521 | ---- | C] () -- C:\Users\Public\Desktop\SEVENCORE.lnk [2012-07-23 20:36:59 | 000,000,614 | ---- | C] () -- C:\Users\Public\Desktop\MAESTIA.lnk [2012-07-23 20:02:30 | 000,232,649 | ---- | C] () -- C:\Users\Dun\Desktop\MaestiaDownloader.exe [2012-07-22 22:15:19 | 000,150,360 | ---- | C] () -- C:\Users\Dun\Desktop\C25169957_3.jpg [2012-07-03 21:30:33 | 000,001,979 | ---- | C] () -- C:\Users\Public\Desktop\Webzen Hub.lnk [2012-07-03 21:27:03 | 000,000,086 | ---- | C] () -- C:\Users\Dun\Desktop\C9.url [2012-07-01 11:00:48 | 000,000,022 | ---- | C] () -- C:\clientinfo.ogp [2012-07-01 11:00:28 | 000,001,171 | ---- | C] () -- C:\Users\Dun\Desktop\OGPlanet.lnk [2012-07-01 11:00:24 | 000,000,145 | ---- | C] () -- C:\Users\Dun\Desktop\Red Stone webpage.url [2012-07-01 09:54:27 | 000,001,171 | ---- | C] () -- C:\Users\Dun\Desktop\Game Launcher.lnk [2012-02-25 23:32:20 | 000,000,091 | ---- | C] () -- C:\Users\Dun\AppData\Local\fusioncache.dat [2012-02-25 23:30:26 | 000,734,870 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-02-18 21:07:46 | 000,001,040 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat [2012-02-18 21:06:13 | 000,005,579 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat [2012-02-18 19:24:57 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI [2012-02-11 18:10:44 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-12-06 04:35:10 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2011-12-06 04:35:10 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011-12-05 23:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011-12-05 23:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011-09-13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [color=#E56717]========== LOP Check ==========[/color] [2012-07-26 16:29:19 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\BITS [2012-05-20 12:00:24 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\DAEMON Tools Lite [2012-02-18 21:07:46 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\FlashGet [2012-02-18 19:24:44 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\FlashGetBHO [2012-02-18 19:24:47 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\FlashgetSetup [2012-04-18 16:07:21 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\Foxit Software [2012-03-12 22:34:21 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\Gadu-Gadu 10 [2012-04-11 17:17:10 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\OpenOffice.org [2012-03-14 19:51:41 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\TS3Client [2012-03-14 19:52:57 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\ts3overlay [2012-06-01 22:06:55 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\TuneUp Software [2012-03-07 18:36:29 | 000,000,000 | ---D | M] -- C:\Users\Dun\AppData\Roaming\Unity [2012-04-26 19:46:30 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >