OTL logfile created on: 2014-05-22 12:44:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Natalia\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,74 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 54,85% Memory free
5,49 Gb Paging File | 2,72 Gb Available in Paging File | 49,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 281,09 Gb Total Space | 15,73 Gb Free Space | 5,60% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 3,37 Gb Free Space | 22,44% Space Free | Partition Type: NTFS
Drive E: | 1,99 Gb Total Space | 1,98 Gb Free Space | 99,54% Space Free | Partition Type: FAT32
 
Computer Name: LAPTOP | User Name: Natalia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014-05-22 12:44:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Natalia\Downloads\OTL.exe
PRC - [2014-05-18 13:27:55 | 001,176,632 | ---- | M] (Spotify Ltd) -- C:\Users\Natalia\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014-05-12 14:43:24 | 003,582,992 | ---- | M] (Aztec Media Inc) -- C:\Program Files\Settings Manager\systemk\systemku.exe
PRC - [2014-05-12 14:43:14 | 003,543,056 | ---- | M] (Aztec Media Inc) -- C:\Program Files\Settings Manager\systemk\SystemkService.exe
PRC - [2014-05-12 02:59:36 | 000,549,008 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\WPM\wprotectmanager.exe
PRC - [2014-05-08 01:29:35 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014-04-21 20:07:50 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2014-04-11 04:05:52 | 000,705,136 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\IePluginService\PluginService.exe
PRC - [2014-04-08 11:55:09 | 006,510,592 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
PRC - [2014-04-08 11:55:09 | 000,040,960 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
PRC - [2014-04-08 11:55:07 | 005,217,280 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
PRC - [2014-04-01 16:11:12 | 000,049,464 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
PRC - [2014-01-10 07:26:44 | 001,861,968 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2013-08-02 02:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013-04-29 23:24:04 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011-03-16 01:54:24 | 000,376,832 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011-03-16 01:53:58 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 14:17:21 | 000,233,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
PRC - [2010-03-17 04:48:42 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010-03-17 04:48:42 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\stacsv.exe
PRC - [2009-07-14 03:14:28 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
PRC - [2009-03-03 02:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\AEstSrv.exe
PRC - [2008-01-02 06:54:40 | 000,042,734 | ---- | M] () -- C:\Users\Natalia\AppData\Local\winlogon.exe
PRC - [2008-01-02 06:54:40 | 000,042,734 | ---- | M] () -- C:\Users\Natalia\AppData\Local\services.exe
PRC - [2008-01-02 06:54:40 | 000,042,734 | ---- | M] () -- C:\Users\Natalia\AppData\Local\lsass.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2014-05-12 14:43:30 | 000,490,000 | ---- | M] () -- C:\Program Files\Settings Manager\systemk\sysapcrt.dll
MOD - [2014-05-12 14:43:21 | 000,020,496 | ---- | M] () -- C:\Program Files\Settings Manager\systemk\syskldr.dll
MOD - [2014-05-08 01:29:33 | 000,390,472 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.137\ppgooglenaclpluginchrome.dll
MOD - [2014-05-08 01:29:31 | 004,081,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.137\pdf.dll
MOD - [2014-05-08 01:29:27 | 000,674,632 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.137\libglesv2.dll
MOD - [2014-05-08 01:29:27 | 000,093,000 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.137\libegl.dll
MOD - [2014-05-08 01:29:26 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll
MOD - [2014-05-08 01:29:24 | 000,065,352 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll
MOD - [2014-04-21 21:13:52 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014-04-21 21:13:33 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014-04-08 11:57:29 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\GAC_32\bcmwlrmt\5.100.82.0__6d6a20262490fcdc\bcmwlrmt.dll
MOD - [2014-03-04 07:57:21 | 005,287,936 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2014-03-04 07:57:21 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2014-01-10 07:28:18 | 000,100,688 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2014-01-10 07:26:44 | 001,861,968 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2013-09-05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013-07-08 14:39:08 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008-01-02 06:54:40 | 000,042,734 | ---- | M] () -- C:\Users\Natalia\AppData\Local\winlogon.exe
MOD - [2008-01-02 06:54:40 | 000,042,734 | ---- | M] () -- C:\Users\Natalia\AppData\Local\services.exe
MOD - [2008-01-02 06:54:40 | 000,042,734 | ---- | M] () -- C:\Users\Natalia\AppData\Local\lsass.exe
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2014-05-12 14:43:14 | 003,543,056 | ---- | M] (Aztec Media Inc) [Auto | Running] -- C:\Program Files\Settings Manager\systemk\SystemkService.exe -- (SystemkService)
SRV - [2014-05-12 02:59:36 | 000,549,008 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\WPM\wprotectmanager.exe -- (Wpm)
SRV - [2014-04-16 22:14:41 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2014-04-11 04:05:52 | 000,705,136 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginService\PluginService.exe -- (IePluginService)
SRV - [2014-04-08 11:55:09 | 000,040,960 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2014-04-01 16:11:12 | 000,049,464 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2014-03-06 09:38:10 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013-12-19 00:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013-05-27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013-04-29 23:24:04 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011-03-16 01:53:58 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010-03-17 04:48:42 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\stacsv.exe -- (STacSV)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-03-03 02:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\AEstSrv.exe -- (AESTFilters)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2014-05-12 14:43:14 | 000,031,120 | ---- | M] (Aztec Media Inc) [Kernel | System | Running] -- C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg -- (F06DEFF2-5B9C-490D-910F-35D3A91196222)
DRV - [2014-04-08 11:55:07 | 000,018,536 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2012-05-14 08:12:28 | 000,086,656 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2012-03-05 16:04:30 | 000,045,184 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.1)
DRV - [2011-03-16 02:13:46 | 005,590,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011-03-16 01:19:52 | 000,210,432 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-03-17 04:48:42 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2010-03-09 22:03:50 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009-07-14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1400414405&from=sof&uid=SAMSUNGXHM321HI_S25WJ9DB112496
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1400414405&from=sof&uid=SAMSUNGXHM321HI_S25WJ9DB112496&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1400414405&from=sof&uid=SAMSUNGXHM321HI_S25WJ9DB112496&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1400414405&from=sof&uid=SAMSUNGXHM321HI_S25WJ9DB112496
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.sweet-page.com/web/?type=ds&ts=1400414405&from=sof&uid=SAMSUNGXHM321HI_S25WJ9DB112496&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}: "URL" = http://www.default-search.net/search?sid=476&aid=175&itype=a&ver=12627&tm=350&src=ds&p={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1400414405&from=sof&uid=SAMSUNGXHM321HI_S25WJ9DB112496
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1400414405&from=sof&uid=SAMSUNGXHM321HI_S25WJ9DB112496
IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.sweet-page.com/web/?type=ds&ts=1400414405&from=sof&uid=SAMSUNGXHM321HI_S25WJ9DB112496&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}: "URL" = http://www.default-search.net/search?sid=476&aid=175&itype=a&ver=12627&tm=350&src=ds&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
 
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.default-search.net?sid=476&aid=175&itype=n&ver=12349&tm=350&src=hmp
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Dysk Google = C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014-05-18 13:35:52 | 000,012,393 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
O1 - Hosts: <html lang='en'>
O1 - Hosts: <head>
O1 - Hosts:             <meta name="description" content="Yahoo! GeoCities offers you a free web site and all the tools you need to build a dynamic site. Features include easy-to-use site building tools, online help, web site statistics, secure and reliable hosting, and an intuitive control panel.">
O1 - Hosts:             <title>Yahoo! GeoCities: Get a web site with easy-to-use site building tools.</title>
O1 - Hosts:             <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/combo?yui/2.5.2/build/reset-fonts-grids/reset-fonts-grids.css&smbiz/css/headfoot_6.css&smbiz/css/ysbs_glossary_1.css"> 
O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/lib/smbiz/css/geocities_84954.css"> 
O1 - Hosts: <style>
O1 - Hosts: h1 { line-height:30px;height:30px; padding-left:15px; font-weight:bold;font-size:1.6em;color:#1f296a;}
O1 - Hosts: .services li { margin-left:1.0em; padding-left:0.5em; background:url("http://l.yimg.com/a/lib/smbiz/i/geo_bullet_3x3_1.gif") no-repeat 0 0.5em; margin-bottom:0.5em;margin-left:1.5em;margin-right:0.5em;width:6em}
O1 - Hosts: .services li {float:left; width:17em; font-size:116%;margin-top:0.8em}
O1 - Hosts:  .services {  font-size:116%; padding-bottom:20px }
O1 - Hosts: .learnmore a {color:#2882DE;font-size:16px}
O1 - Hosts: .image_web  {float:right; margin:15px 0 0 15px}
O1 - Hosts: p {margin:20px;font-size:1em;}
O1 - Hosts: h2 {margin:20px 0 0 20px;color:#1F296;font-weight:bold;font-size:1.25em;color:#1f296a;}
O1 - Hosts: h3 {margin:20px;color:#1F296;font-weight:bold;font-size:1.15em;color:#1f296a;}
O1 - Hosts: li.rule {border-top:solid 1px #DBE1E6;}
O1 - Hosts: </style>
O1 - Hosts: </head>
O1 - Hosts: <body>
O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE -->
O1 - Hosts:  <div class="ez-mw" style ="height:900px;width:905px">
O1 - Hosts:     <div class="ez-wri ez-oh" style="width:900px">
O1 - Hosts: 90 more lines...
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
O2 - BHO: (Linkey) - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Program Files\Linkey\IEExtension\iedll.dll (Aztec Media Inc)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [AMD AVT] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE (Broadcom Corporation)
O4 - HKLM..\Run: [Bron-Spizaetus] C:\Windows\ShellNew\sempalong.exe ()
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [Spotify] C:\Users\Natalia\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Natalia\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Tok-Cirrhatus] C:\Users\Natalia\AppData\Local\smss.exe ()
O4 - Startup: C:\Users\Natalia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A58F711-ECC4-49E6-BD04-C3A12E70661C}: DhcpNameServer = 192.168.1.1 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - ("C:\Windows\eksplorasi.exe") - C:\Windows\eksplorasi.exe ()
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\dprotectsvc.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\jumpflip: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchinstaller.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotector.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings64.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\umbrella.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\utiljumpflip.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\volaro: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\vonteera: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroids.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroidsservice.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014-05-22 11:29:54 | 000,000,007 | -HS- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2014-04-07 23:27:09 | 000,000,123 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2014-04-08 09:14:15 | 000,000,105 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2014-04-08 09:14:18 | 000,000,105 | RHS- | M] () - E:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\settings manager\systemk\x64\sysapcrt.dll) -  File not found
O36 - AppCertDlls: x86 - (C:\Program Files\Settings Manager\systemk\sysapcrt.dll) - C:\Program Files\Settings Manager\systemk\sysapcrt.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014-05-22 11:29:55 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Local\Bron.tok-11-22
[2014-05-21 15:16:01 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Local\Bron.tok-11-21
[2014-05-20 10:36:10 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Local\Bron.tok-11-20
[2014-05-19 22:12:37 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Roaming\driveridentifier
[2014-05-19 22:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Identifier
[2014-05-19 22:12:29 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Identifier
[2014-05-19 21:43:01 | 000,000,000 | R--D | C] -- C:\Users\Natalia\Desktop\Aktywator
[2014-05-19 21:34:59 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Local\Bron.tok-11-19
[2014-05-18 16:57:34 | 000,000,000 | ---D | C] -- C:\Users\Natalia\Documents\SPSSInc
[2014-05-18 16:50:05 | 000,000,000 | ---D | C] -- C:\Users\Natalia\Application Data
[2014-05-18 16:49:41 | 000,000,000 | ---D | C] -- C:\Users\Natalia\.spss
[2014-05-18 16:49:33 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Local\IBM
[2014-05-18 16:49:30 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Local\javasharedresources
[2014-05-18 16:41:22 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel
[2014-05-18 16:40:12 | 000,000,000 | ---D | C] -- C:\ProgramData\SPSS
[2014-05-18 16:39:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
[2014-05-18 16:38:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\IBM
[2014-05-18 16:37:15 | 000,000,000 | ---D | C] -- C:\Program Files\IBM
[2014-05-18 16:27:12 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Roaming\WinRAR
[2014-05-18 16:26:44 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014-05-18 16:26:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014-05-18 16:26:41 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014-05-18 14:00:29 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Roaming\SupTab
[2014-05-18 14:00:28 | 000,000,000 | ---D | C] -- C:\Program Files\SupTab
[2014-05-18 14:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginService
[2014-05-18 14:00:21 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM
[2014-05-18 14:00:11 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Roaming\sweet-page
[2014-05-18 13:41:22 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Local\Loc.Mail.Bron.Tok
[2014-05-18 13:40:49 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Local\Ok-SendMail-Bron-tok
[2014-05-18 13:35:20 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Local\Bron.tok-11-18
[2014-05-17 14:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014-05-17 14:23:28 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014-05-17 14:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\systemk
[2014-05-17 14:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\Linkey
[2014-05-17 14:16:49 | 000,000,000 | ---D | C] -- C:\Program Files\Settings Manager
[2014-05-17 11:25:14 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014-05-17 11:25:13 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014-05-17 11:24:51 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014-05-17 11:24:51 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014-05-17 11:24:47 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll
[2014-05-17 11:24:46 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cngprovider.dll
[2014-05-17 11:24:46 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adprovider.dll
[2014-05-17 11:24:46 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capiprovider.dll
[2014-05-17 11:24:46 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapiprovider.dll
[2014-05-17 11:24:46 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2014-05-17 11:24:44 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wincredprovider.dll
[2014-05-17 11:24:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2014-05-06 20:00:49 | 000,000,000 | --SD | C] -- C:\Windows\System32\CompatTel
[2014-05-04 21:53:07 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Local\Blizzard
[2014-05-01 12:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Hearthstone
[2014-05-01 12:17:32 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Local\Blizzard Entertainment
[2014-05-01 12:17:29 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Roaming\Battle.net
[2014-05-01 12:17:29 | 000,000,000 | ---D | C] -- C:\Users\Natalia\AppData\Local\Battle.net
[2014-05-01 12:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2014-05-01 12:17:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2014-05-01 12:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2014-05-01 12:17:14 | 000,000,000 | ---D | C] -- C:\Program Files\Battle.net
[2014-05-01 12:14:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2014-05-01 00:57:34 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014-05-01 00:57:27 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014-05-01 00:57:27 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014-05-01 00:57:27 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014-05-01 00:57:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014-05-01 00:57:26 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014-05-01 00:57:26 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014-05-01 00:57:25 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014-05-01 00:57:25 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014-05-01 00:57:25 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014-05-01 00:57:24 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014-05-01 00:57:24 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014-05-01 00:57:24 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014-05-01 00:57:24 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014-05-01 00:57:24 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014-05-01 00:57:24 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014-05-01 00:57:23 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014-05-01 00:57:20 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014-05-01 00:57:16 | 004,254,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014-04-22 21:58:03 | 000,000,000 | ---D | C] -- C:\Users\Natalia\Desktop\kopia asus
[2014-04-22 21:33:27 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014-04-22 21:29:57 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2014-04-22 21:29:55 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014-04-22 21:29:53 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014-04-22 21:29:53 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014-04-22 21:26:42 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014-04-22 21:26:42 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2014-04-22 21:26:42 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014-04-22 21:26:42 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014-04-22 21:26:42 | 000,238,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014-04-22 21:26:42 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014-04-22 21:26:42 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2014-04-22 21:26:42 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014-04-22 21:26:42 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014-04-22 21:26:42 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014-04-22 21:26:42 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014-04-22 21:26:42 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014-04-22 21:26:42 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014-04-22 21:26:42 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014-04-22 21:26:42 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014-04-22 21:26:42 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014-04-22 21:26:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014-04-22 21:26:42 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014-04-22 21:26:42 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014-04-22 21:26:42 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014-04-22 21:26:42 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014-04-22 21:26:42 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014-04-22 21:26:42 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014-04-22 21:25:29 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[1 C:\Users\Natalia\Desktop\*.tmp files -> C:\Users\Natalia\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014-05-22 12:47:02 | 000,012,393 | ---- | M] () -- C:\Users\Natalia\AppData\Local\Bron.tok.A11.em.bin
[2014-05-22 12:21:01 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-05-22 11:36:57 | 000,022,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-05-22 11:36:57 | 000,022,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-05-22 11:29:54 | 000,000,007 | -HS- | M] () -- C:\autoexec.bat
[2014-05-22 11:29:45 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-05-22 11:29:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-05-22 11:29:26 | 2209,529,856 | -HS- | M] () -- C:\hiberfil.sys
[2014-05-19 21:44:57 | 000,363,629 | RHS- | M] () -- C:\DYLHP
[2014-05-19 21:34:32 | 000,419,944 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014-05-18 16:36:56 | 000,001,025 | ---- | M] () -- C:\Windows\System32\sysprs7.tgz
[2014-05-18 16:36:56 | 000,001,025 | ---- | M] () -- C:\Windows\System32\sysprs7.dll
[2014-05-18 16:36:56 | 000,000,219 | ---- | M] () -- C:\Windows\System32\lsprst7.tgz
[2014-05-18 16:36:56 | 000,000,205 | ---- | M] () -- C:\Windows\System32\lsprst7.dll
[2014-05-18 16:36:56 | 000,000,016 | -H-- | M] () -- C:\Windows\System32\servdat.slm
[2014-05-18 14:00:11 | 000,002,321 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-05-18 13:58:34 | 940,731,271 | ---- | M] () -- C:\Users\Natalia\Desktop\CI3HVML[1].zip
[2014-05-18 13:35:52 | 000,012,393 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014-05-17 14:16:09 | 940,731,271 | ---- | M] () -- C:\Users\Natalia\Desktop\CI3HVML.zip
[2014-05-09 09:06:23 | 000,369,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014-05-09 09:04:12 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014-05-06 05:07:39 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014-05-01 12:17:25 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2014-04-26 20:24:39 | 000,752,400 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014-04-26 20:24:39 | 000,658,006 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-04-26 20:24:39 | 000,159,714 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014-04-26 20:24:39 | 000,125,686 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-04-23 17:37:36 | 000,079,759 | ---- | M] () -- C:\Users\Natalia\Desktop\RTEmagicC_38af4c09b3.jpg.jpg
[2014-04-22 21:26:42 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014-04-22 21:26:42 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2014-04-22 21:26:42 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014-04-22 21:26:42 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014-04-22 21:26:42 | 000,238,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014-04-22 21:26:42 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014-04-22 21:26:42 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2014-04-22 21:26:42 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014-04-22 21:26:42 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014-04-22 21:26:42 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014-04-22 21:26:42 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014-04-22 21:26:42 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014-04-22 21:26:42 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014-04-22 21:26:42 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014-04-22 21:26:42 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014-04-22 21:26:42 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014-04-22 21:26:42 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014-04-22 21:26:42 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014-04-22 21:26:42 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014-04-22 21:26:42 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014-04-22 21:26:42 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014-04-22 21:26:42 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014-04-22 21:26:42 | 000,016,284 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014-04-22 21:26:42 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014-04-22 21:25:29 | 000,619,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[1 C:\Users\Natalia\Desktop\*.tmp files -> C:\Users\Natalia\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014-05-22 12:47:02 | 000,012,393 | ---- | C] () -- C:\Users\Natalia\AppData\Local\Bron.tok.A11.em.bin
[2014-05-19 21:44:57 | 000,363,629 | RHS- | C] () -- C:\DYLHP
[2014-05-18 16:36:56 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.tgz
[2014-05-18 16:36:56 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2014-05-18 16:36:56 | 000,000,219 | ---- | C] () -- C:\Windows\System32\lsprst7.tgz
[2014-05-18 16:36:56 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2014-05-18 16:36:56 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\servdat.slm
[2014-05-18 13:35:54 | 940,731,271 | ---- | C] () -- C:\Users\Natalia\Desktop\CI3HVML[1].zip
[2014-05-17 13:55:56 | 940,731,271 | ---- | C] () -- C:\Users\Natalia\Desktop\CI3HVML.zip
[2014-05-01 12:17:25 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2014-04-23 17:37:34 | 000,079,759 | ---- | C] () -- C:\Users\Natalia\Desktop\RTEmagicC_38af4c09b3.jpg.jpg
[2014-04-22 21:26:42 | 000,016,284 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014-04-10 18:07:05 | 000,042,734 | -H-- | C] () -- C:\Windows\eksplorasi.exe
[2014-04-10 18:07:05 | 000,042,734 | ---- | C] () -- C:\Users\Natalia\AppData\Local\winlogon.exe
[2014-04-10 18:07:05 | 000,042,734 | ---- | C] () -- C:\Users\Natalia\AppData\Local\smss.exe
[2014-04-10 18:07:05 | 000,042,734 | ---- | C] () -- C:\Users\Natalia\AppData\Local\services.exe
[2014-04-10 18:07:05 | 000,042,734 | ---- | C] () -- C:\Users\Natalia\AppData\Local\lsass.exe
[2014-04-10 18:07:05 | 000,042,734 | ---- | C] () -- C:\Users\Natalia\AppData\Local\inetinfo.exe
[2014-04-10 18:07:05 | 000,042,734 | ---- | C] () -- C:\Users\Natalia\AppData\Local\csrss.exe
[2014-04-08 12:40:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014-04-08 11:55:59 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2013-04-30 04:30:54 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2013-04-30 04:30:54 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2013-04-29 23:36:28 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-03-25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >