ADVERTISEMENT

OTL.Txt1.txt

Błąd po odinstalowaniu Registry Booster - brak PYYTHON26.DLL

log z usuwania All processes killed ========== OTL ========== Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\msnmsgr\ not found. Folder C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}\ not found. Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\ not found. Folder C:\Program Files (x86)\Uniblue\ not found. File C:\Windows\tasks\RegistryBooster.job not found. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ not found. ========== COMMANDS ========== Restore point Set: OTL Restore Point User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: karina adm ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: user ->Temp folder emptied: 86016 bytes ->Temporary Internet Files folder emptied: 192059669 bytes ->Java cache emptied: 0 bytes ->Opera cache emptied: 2167277 bytes ->Flash cache emptied: 1533 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 2872650 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50592 bytes RecycleBin emptied: 24370377 bytes Total Files Cleaned = 211.00 mb OTL by OldTimer - Version 3.2.24.1 log created on 06232011_143354 Files\Folders moved on Reboot... File\Folder C:\Users\user\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XZINF8TI\search.htm not found! File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QP2MSZ43\search.htm not found! File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MXODDH8J\advdyn.htm not found! File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MXODDH8J\advdyn.htm not found! File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MXODDH8J\communicator.htm not found! File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IUTU2RMN\index.htm not found! File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9GWA7SE7\search.htm not found! C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7WJQM3DH\ads.htm moved successfully. C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7WJQM3DH\problem-odinstalowaniu-programu-t451015.htm moved successfully. C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6P1S5ZXS\viewtopic.htm moved successfully. C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully. C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully. C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully. Registry entries deleted on Reboot...


Download file - link to post

OTL logfile created on: 6/23/2011 12:05:22 PM - Run 2
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\user\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4.00 Gb Total Physical Memory | 2.30 Gb Available Physical Memory | 57.53% Memory free
8.00 Gb Paging File | 6.06 Gb Available in Paging File | 75.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 81.46 Gb Free Space | 69.96% Space Free | Partition Type: NTFS
Drive D: | 334.67 Gb Total Space | 334.63 Gb Free Space | 99.99% Space Free | Partition Type: NTFS

Computer Name: USER-KOMPUTER | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011/06/23 12:04:52 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\OTL (2).exe
PRC - [2011/05/19 20:10:48 | 000,240,288 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10q_ActiveX.exe
PRC - [2011/04/17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe
PRC - [2009/11/01 16:21:05 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/09/03 20:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/08/13 00:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/06/24 22:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/19 20:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 03:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/19 01:59:10 | 000,428,600 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
PRC - [2009/05/19 01:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/12/23 03:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 07:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/14 06:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/07/19 05:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008/03/31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2008/03/20 12:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files (x86)\Gadu-Gadu\gg.exe
PRC - [2007/11/30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 10:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011/06/23 12:04:52 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\OTL (2).exe
MOD - [2010/11/20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2009/09/17 21:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2007/08/08 10:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/04/17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS)
SRV - [2010/12/08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/15 03:03:42 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009/06/16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2011/05/11 16:48:29 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2011/03/31 05:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2011/03/31 05:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:[b]64bit:[/b] - [2011/03/22 02:39:49 | 000,382,584 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2011/03/15 04:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/01/27 08:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.sys -- (SymDS)
DRV:[b]64bit:[/b] - [2011/01/27 07:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2010/07/30 15:18:04 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:[b]64bit:[/b] - [2010/07/30 15:18:02 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:[b]64bit:[/b] - [2010/07/30 15:18:00 | 000,026,624 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:[b]64bit:[/b] - [2010/07/30 15:17:56 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:[b]64bit:[/b] - [2009/10/15 18:23:20 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2009/10/05 17:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009/07/20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:[/b] - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/06/05 12:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:[b]64bit:[/b] - [2009/05/22 16:52:29 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009/05/13 03:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2009/05/01 04:13:33 | 000,081,440 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2008/08/28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:[b]64bit:[/b] - [2008/05/24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:[b]64bit:[/b] - [2007/07/24 21:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2011/06/22 16:58:43 | 002,011,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110622.052\EX64.SYS -- (NAVEX15)
DRV - [2011/06/22 16:58:43 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110622.052\ENG64.SYS -- (NAVENG)
DRV - [2011/06/03 03:08:18 | 000,488,056 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110623.001\IDSviA64.sys -- (IDSVia64)
DRV - [2011/05/19 21:37:05 | 001,143,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110616.003\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/05/10 16:42:10 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/05/10 16:42:10 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0



IE - HKU\S-1-5-21-2936054414-3315380304-3472545884-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2936054414-3315380304-3472545884-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2936054414-3315380304-3472545884-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2936054414-3315380304-3472545884-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.pl/
IE - HKU\S-1-5-21-2936054414-3315380304-3472545884-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2936054414-3315380304-3472545884-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2936054414-3315380304-3472545884-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: " Winamp Search "
FF - prefs.js..browser.search.defaulturl: " http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685 & invocationType=tb50ffwinampie7 & query= "
FF - prefs.js..browser.search.selectedEngine: " Winamp Search "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..keyword.URL: " http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685 & invocationType=tb50ffwinampab & query= "

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2011/06/22 17:26:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn\ [2011/05/10 16:41:51 | 000,000,000 | ---D | M]

[2010/07/05 16:35:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2011/06/22 16:54:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\ymmvzku6.default\extensions
[2011/06/22 16:54:16 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\ymmvzku6.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010/10/24 19:01:37 | 000,001,244 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ymmvzku6.default\searchplugins\winamp-search.xml
[2010/11/11 20:56:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/09/25 17:49:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
File not found (No name found) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\COFFPLGN
File not found (No name found) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPLGN
[2010/09/25 17:48:46 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\user\AppData\Roaming\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2936054414-3315380304-3472545884-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2936054414-3315380304-3472545884-1000..\Run: [Gadu-Gadu] C:\Program Files (x86)\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2936054414-3315380304-3472545884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-2936054414-3315380304-3472545884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: Add to Google Photos Screensa & ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.6.3 172.16.6.2 213.241.79.38 8.8.4.4 217.17.34.10
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9e33d5ef-ddff-11df-8bd8-90e6baa12876}\Shell - " " = AutoRun
O33 - MountPoints2\{9e33d5ef-ddff-11df-8bd8-90e6baa12876}\Shell\AutoRun\command - " " = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- " %1 " %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- " %1 " %*
O35 - HKLM\..comfile [open] -- " %1 " %*
O35 - HKLM\..exefile [open] -- " %1 " %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- " %1 " %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- " %1 " %*
O37 - HKLM\...com [@ = comfile] -- " %1 " %*
O37 - HKLM\...exe [@ = exefile] -- " %1 " %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011/06/22 17:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/06/22 17:57:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011/06/22 17:57:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011/06/22 17:54:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/06/22 17:53:17 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/06/22 17:17:34 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/22 17:17:34 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/22 17:17:34 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/22 17:17:33 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/06/22 17:17:33 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/06/22 17:17:33 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/06/22 17:17:33 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/22 17:17:33 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/22 17:06:32 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2011/06/22 17:03:27 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011/06/22 17:03:27 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011/06/22 17:03:10 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/21 20:10:18 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\NPE
[2011/06/21 18:55:15 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Macromedia
[2011/06/18 14:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ToniArts
[2011/06/18 14:16:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyCleaner
[2011/06/18 14:13:08 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\myuninst
[2011/06/17 21:54:20 | 000,000,000 | -H-D | C] -- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011/06/17 21:54:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2011/06/17 21:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2011/06/13 20:24:47 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\grześ
[2011/06/13 17:39:57 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\RUMUNIA 2011
[2011/05/29 18:23:23 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\z telefonu-1
[2011/05/25 16:43:39 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011/05/24 16:49:47 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011/05/24 16:49:47 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011/06/23 11:39:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/23 10:39:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/23 10:23:57 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/23 10:23:57 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/23 10:17:46 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2011/06/23 10:16:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/23 10:16:18 | 000,420,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/23 10:16:00 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/22 17:31:15 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/22 17:31:15 | 000,697,912 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2011/06/22 17:31:15 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/22 17:31:15 | 000,134,990 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2011/06/22 17:31:15 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/22 17:06:32 | 000,001,230 | ---- | M] () -- C:\Users\user\Desktop\Revo Uninstaller.lnk
[2011/06/22 16:57:23 | 000,002,030 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/06/18 20:19:09 | 000,002,368 | ---- | M] () -- C:\{B54D3BFD-3A60-4E1D-A9D2-64CA5D380C5D}
[2011/06/15 21:11:20 | 000,001,449 | ---- | M] () -- C:\Users\user\Desktop\P1040246 — skrót.lnk
[2011/06/15 21:11:03 | 000,001,449 | ---- | M] () -- C:\Users\user\Desktop\P1040183 — skrót.lnk
[2011/05/26 17:35:52 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/06/21 21:09:29 | 000,001,230 | ---- | C] () -- C:\Users\user\Desktop\Revo Uninstaller.lnk
[2011/06/18 20:19:03 | 000,002,368 | ---- | C] () -- C:\{B54D3BFD-3A60-4E1D-A9D2-64CA5D380C5D}
[2011/06/17 21:54:23 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job
[2011/06/15 21:11:20 | 000,001,449 | ---- | C] () -- C:\Users\user\Desktop\P1040246 — skrót.lnk
[2011/06/15 21:11:03 | 000,001,449 | ---- | C] () -- C:\Users\user\Desktop\P1040183 — skrót.lnk
[2011/01/24 18:53:23 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011/01/16 14:37:06 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/11/27 14:40:29 | 000,000,017 | ---- | C] () -- C:\Users\user\AppData\Local\resmon.resmoncfg
[2010/11/06 17:10:34 | 000,000,022 | -HS- | C] () -- C:\Users\user\AppData\Roaming\Sys6925.Config Collection.sys
[2010/11/06 17:10:34 | 000,000,022 | -HS- | C] () -- C:\Windows\Sys3390 SettingsCollection.bin
[2010/01/10 14:41:09 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009/11/01 16:22:03 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/11/01 16:02:28 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/08/19 10:33:09 | 000,018,432 | ---- | C] () -- C:\Windows\OOBEPlayer.exe
[2009/08/19 10:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.DLL
[2009/07/29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/01 10:10:50 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[color=#E56717]========== LOP Check ==========[/color]

[2010/01/02 13:10:01 | 000,000,000 | ---D | M] -- C:\Users\karina adm\AppData\Roaming\Asus WebStorage
[2009/12/08 16:42:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Asus WebStorage
[2010/11/13 17:58:46 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG10
[2011/01/20 19:14:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\CleanMyPC Software
[2010/07/23 19:30:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Gadu-Gadu
[2010/07/10 23:07:35 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Gadu-Gadu 10
[2010/01/03 22:20:30 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GameConsole
[2011/06/22 16:55:32 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ipla
[2010/11/01 14:40:41 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Mobile Master
[2011/03/13 14:18:24 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Nokia
[2010/03/17 18:41:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Opera
[2010/08/14 20:11:24 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PC Suite
[2010/05/15 14:06:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PhotoFiltre
[2010/12/08 20:10:42 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\RDRM
[2011/06/22 16:55:33 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SlimBrowser
[2010/05/23 16:13:28 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Spik
[2009/12/31 23:53:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Systweak
[2009/12/11 22:47:52 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Tific
[2011/06/15 21:14:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\VSO
[2010/11/22 18:27:25 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Windows Live Writer
[2011/06/23 10:17:46 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2010/11/27 16:52:49 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(17).TXT
[2010/06/16 15:17:55 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(43).TXT
[2010/11/27 16:52:49 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC] & lt; OTL & gt; [/color]

[color=#A23BEC] & lt; FF - prefs.js..browser.search.defaultenginename: " Winamp Search " & gt; [/color]

[color=#A23BEC] & lt; FF - prefs.js..browser.search.defaulturl: " http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685 & invocationType=tb50ffwinampie7 & query= " & gt; [/color]

[color=#A23BEC] & lt; FF - prefs.js..browser.search.selectedEngine: " Winamp Search " & gt; [/color]

[color=#A23BEC] & lt; FF - prefs.js..keyword.URL: " http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685 & invocationType=tb50ffwinampab & query= " & gt; [/color]

[color=#A23BEC] & lt; [2011/06/22 16:54:16 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\ymmvzku6.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} & gt; [/color]
Invalid Switch: 22 16:54:16 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\ymmvzku6.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}


[color=#A23BEC] & lt; [2010/10/24 19:01:37 | 000,001,244 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ymmvzku6.default\searchplugins\winamp-search.xml & gt; [/color]
Invalid Switch: 24 19:01:37 | 000,001,244 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ymmvzku6.default\searchplugins\winamp-search.xml


[color=#A23BEC] & lt; [2011/06/17 21:54:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue & gt; [/color]
Invalid Switch: 17 21:54:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue


[color=#A23BEC] & lt; [2011/06/17 21:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue & gt; [/color]
Invalid Switch: 17 21:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue


[color=#A23BEC] & lt; [2011/06/22 17:34:54 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job & gt; [/color]
Invalid Switch: 22 17:34:54 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job


[color=#A23BEC] & lt; & gt; [/color]

[color=#A23BEC] & lt; :Commands & gt; [/color]

[color=#A23BEC] & lt; [emptytemp] & gt; [/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 137 bytes - & gt; C:\ProgramData\Temp:ECF54A0E

& lt; End of report & gt;