OTL logfile created on: 2012-07-26 20:53:42 - Run 2 OTL by OldTimer - Version 3.2.54.1 Folder = C:\Documents and Settings\Administrator\Desktop 64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation Internet Explorer (Version = 6.0.3790.1830) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,92 Gb Available Physical Memory | 73,10% Memory free 5,75 Gb Paging File | 4,92 Gb Available in Paging File | 85,57% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 149,04 Gb Total Space | 11,14 Gb Free Space | 7,48% Space Free | Partition Type: NTFS Drive D: | 223,17 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive F: | 39,06 Gb Total Space | 1,47 Gb Free Space | 3,77% Space Free | Partition Type: NTFS Drive G: | 72,72 Gb Total Space | 1,86 Gb Free Space | 2,55% Space Free | Partition Type: NTFS Drive L: | 36,39 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: AZARIEL | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-26 19:59:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL(1).exe PRC - [2012-06-14 04:08:56 | 027,595,032 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe PRC - [2012-05-02 01:42:31 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012-05-02 00:34:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012-05-02 00:31:38 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012-04-24 02:11:59 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe PRC - [2011-12-30 23:15:32 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe PRC - [2011-12-30 23:15:19 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\ouc.exe PRC - [2011-12-28 23:18:55 | 000,075,136 | ---- | M] () -- C:\WINDOWS\SysWOW64\PnkBstrA.exe PRC - [2011-10-08 06:51:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-08-15 12:17:03 | 001,036,104 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe PRC - [2011-08-15 12:17:03 | 000,528,832 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe PRC - [2011-02-28 21:59:29 | 000,629,336 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe PRC - [2011-02-28 21:59:03 | 000,178,176 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2009-12-28 09:28:14 | 000,561,263 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe PRC - [2009-09-22 09:30:38 | 000,499,796 | ---- | M] (Atheros) -- C:\WINDOWS\SysWOW64\acs.exe PRC - [2009-05-19 20:41:36 | 000,079,360 | ---- | M] (Autodesk) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe PRC - [2008-06-24 16:06:06 | 001,840,424 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe PRC - [2008-03-10 00:08:42 | 000,065,536 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe PRC - [2008-03-10 00:04:52 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe PRC - [2008-02-28 11:59:18 | 000,074,408 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe PRC - [2008-02-28 11:57:36 | 000,058,024 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmon.exe PRC - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2006-12-19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\SysWOW64\IoctlSvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-04-16 23:11:02 | 000,398,288 | ---- | M] () -- C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll MOD - [2011-12-30 23:15:32 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe MOD - [2011-12-30 23:15:21 | 009,515,520 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\QtGui4.dll MOD - [2011-12-30 23:15:21 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\QtNetwork4.dll MOD - [2011-12-30 23:15:21 | 001,148,416 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll MOD - [2011-12-30 23:15:21 | 000,808,960 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SMSUIPlugin.dll MOD - [2011-12-30 23:15:21 | 000,670,720 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SmsAppPlugin.dll MOD - [2011-12-30 23:15:21 | 000,398,336 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\QtXml4.dll MOD - [2011-12-30 23:15:21 | 000,384,512 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\USSDUIPlugin.dll MOD - [2011-12-30 23:15:21 | 000,384,512 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\QueryStrategy.dll MOD - [2011-12-30 23:15:21 | 000,370,176 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qtiff4.dll MOD - [2011-12-30 23:15:21 | 000,308,224 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\StatusBarMgrPlugin.dll MOD - [2011-12-30 23:15:21 | 000,261,632 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\sdk.dll MOD - [2011-12-30 23:15:21 | 000,240,128 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\ToolBarMgrPlugin.dll MOD - [2011-12-30 23:15:21 | 000,217,600 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SmsSrvPlugin.dll MOD - [2011-12-30 23:15:21 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\XFramePlugin.dll MOD - [2011-12-30 23:15:21 | 000,159,232 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\XCodec.dll MOD - [2011-12-30 23:15:21 | 000,156,672 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\STKSrvPlugin.dll MOD - [2011-12-30 23:15:21 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\USSDSrvPlugin.dll MOD - [2011-12-30 23:15:21 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Trace.dll MOD - [2011-12-30 23:15:21 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Win7Support.dll MOD - [2011-12-30 23:15:20 | 002,415,104 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\QtCore4.dll MOD - [2011-12-30 23:15:20 | 002,415,104 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\QtCore4.dll MOD - [2011-12-30 23:15:20 | 001,101,824 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NDISAPI.dll MOD - [2011-12-30 23:15:20 | 000,545,280 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PluginContainer.dll MOD - [2011-12-30 23:15:20 | 000,483,328 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetInfoUIExPlugin.dll MOD - [2011-12-30 23:15:20 | 000,381,952 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Proxy.dll MOD - [2011-12-30 23:15:20 | 000,350,720 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qmng4.dll MOD - [2011-12-30 23:15:20 | 000,334,848 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\MainpagePlugin.dll MOD - [2011-12-30 23:15:20 | 000,333,312 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetConnectPlugin.dll MOD - [2011-12-30 23:15:20 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetInfoSrvPlugin.dll MOD - [2011-12-30 23:15:20 | 000,269,824 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\LiveUpdateInterface.dll MOD - [2011-12-30 23:15:20 | 000,249,344 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\MenuMgrPlugin.dll MOD - [2011-12-30 23:15:20 | 000,235,008 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetSrvPlugin.dll MOD - [2011-12-30 23:15:20 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qjpeg4.dll MOD - [2011-12-30 23:15:20 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NDISPlugin.dll MOD - [2011-12-30 23:15:20 | 000,158,720 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetConnectSrvPlugin.dll MOD - [2011-12-30 23:15:20 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSDialup.dll MOD - [2011-12-30 23:15:20 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSNDIS.dll MOD - [2011-12-30 23:15:20 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\LayoutPlugin.dll MOD - [2011-12-30 23:15:20 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSAdapt.dll MOD - [2011-12-30 23:15:20 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NotifyServicePlugin.dll MOD - [2011-12-30 23:15:20 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qgif4.dll MOD - [2011-12-30 23:15:20 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qico4.dll MOD - [2011-12-30 23:15:20 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSPowerMgr.dll MOD - [2011-12-30 23:15:20 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSCall.dll MOD - [2011-12-30 23:15:20 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\libgcc_s_dw2-1.dll MOD - [2011-12-30 23:15:20 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll MOD - [2011-12-30 23:15:20 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\mingwm10.dll MOD - [2011-12-30 23:15:20 | 000,011,362 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\mingwm10.dll MOD - [2011-12-30 23:15:19 | 001,077,248 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AddrBookPlugin.dll MOD - [2011-12-30 23:15:19 | 000,739,328 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AddrBookUIPlugin.dll MOD - [2011-12-30 23:15:19 | 000,550,400 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\CallAppPlugin.dll MOD - [2011-12-30 23:15:19 | 000,547,840 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\CallLogSrvPlugin.dll MOD - [2011-12-30 23:15:19 | 000,495,104 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceMgrUIPlugin.dll MOD - [2011-12-30 23:15:19 | 000,428,032 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\core.dll MOD - [2011-12-30 23:15:19 | 000,427,008 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DialupUIPlugin.dll MOD - [2011-12-30 23:15:19 | 000,338,432 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceAppPlugin.dll MOD - [2011-12-30 23:15:19 | 000,301,056 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceSrvPlugin.dll MOD - [2011-12-30 23:15:19 | 000,264,704 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AddrBookSrvPlugin.dll MOD - [2011-12-30 23:15:19 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\ouc.exe MOD - [2011-12-30 23:15:19 | 000,238,080 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AtCodec.dll MOD - [2011-12-30 23:15:19 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Common.dll MOD - [2011-12-30 23:15:19 | 000,211,968 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DialUpPlugin.dll MOD - [2011-12-30 23:15:19 | 000,176,128 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\CallSrvPlugin.dll MOD - [2011-12-30 23:15:19 | 000,157,184 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DataServicePlugin.dll MOD - [2011-12-30 23:15:19 | 000,123,392 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\ATR2SMgr.dll MOD - [2011-12-28 23:18:55 | 000,075,136 | ---- | M] () -- C:\WINDOWS\SysWOW64\PnkBstrA.exe MOD - [2011-08-15 12:17:08 | 001,640,216 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Resources.dll MOD - [2011-08-15 12:17:07 | 000,256,424 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Ad-Aware\RPAPI.dll MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll MOD - [2011-02-28 21:59:29 | 000,629,336 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe MOD - [2011-02-28 21:59:03 | 000,178,176 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll MOD - [2010-01-05 17:28:14 | 000,077,824 | ---- | M] () -- C:\WINDOWS\SysWOW64\wgapiloc.dll MOD - [2010-01-04 10:17:38 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\twculoc.dll MOD - [2009-12-28 09:28:14 | 000,561,263 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe MOD - [2009-12-28 09:28:00 | 000,422,000 | ---- | M] () -- C:\WINDOWS\SysWOW64\wgapi.dll MOD - [2009-09-22 09:30:52 | 000,163,840 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\oemresloc.dll MOD - [2008-09-11 00:00:05 | 000,168,960 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Ad-Aware\unrar.dll MOD - [2008-03-10 00:08:42 | 000,065,536 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe MOD - [2008-03-10 00:04:52 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe MOD - [2007-02-18 14:00:00 | 000,061,440 | ---- | M] () -- C:\WINDOWS\SysWOW64\devenum.dll MOD - [2007-02-18 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\SysWOW64\msdmo.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010-10-13 12:41:06 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV:[b]64bit:[/b] - [2010-10-13 12:41:04 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV:[b]64bit:[/b] - [2009-05-19 19:12:55 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2008-03-10 00:08:42 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe -- (mi-raysat_3dsMax2009_64) SRV - [2012-07-19 20:48:18 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-05-02 01:42:31 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012-05-02 00:34:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012-02-28 18:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-02-14 17:49:12 | 000,736,104 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2012-01-31 22:30:46 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint) SRV - [2012-01-31 22:30:40 | 000,375,176 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2011-12-30 23:15:19 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc) SRV - [2011-12-28 23:18:55 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011-10-08 06:51:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-09-16 15:10:50 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn) SRV - [2011-08-15 12:17:03 | 001,036,104 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2011-03-28 21:51:25 | 004,323,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\GameMon.des -- (npggsvc) SRV - [2011-03-16 11:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-03-14 17:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe) SRV - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009-09-22 09:30:38 | 000,499,796 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\SysWOW64\acs.exe -- (ACS) SRV - [2009-05-19 20:41:36 | 000,079,360 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2009-05-19 19:08:07 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008-08-15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4) SRV - [2008-07-25 12:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008-03-10 00:04:52 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe -- (mi-raysat_3dsMax2009_32) SRV - [2008-02-19 09:12:18 | 000,537,256 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\SysWOW64\lxbkcoms.exe -- (lxbk_device) SRV - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2007-02-18 14:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler) SRV - [2007-02-18 14:00:00 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc) SRV - [2007-02-18 14:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\wdfmgr.exe -- (UMWdf) SRV - [2006-12-19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\WINDOWS\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-09-16 15:10:50 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo) DRV - [2009-04-06 11:08:04 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\npptNT2.sys -- (NPPTNT2) DRV - [2008-08-14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SysWow64\drivers\adfs.sys -- (adfs) DRV - [2007-02-18 14:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysWow64\mnmdd.dll -- (mnmdd) DRV - [2007-02-18 14:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\WINDOWS\SysWow64\winsock.dll -- (Winsock) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\URLSearchHook: {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\Program Files (x86)\DAP\SBSearch.dll (SpeedBit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "about:blank" FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.2.0.5 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.4.0024 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll () FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll File not found FF - HKLM\Software\MozillaPlugins\@fileplanet.com/fpdlm: C:\Program Files (x86)\Download Manager\npfpdlm.dll (IGN Entertainment) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@thrixxx.com/WebLaunch: C:\Program Files (x86)\thriXXX\WebLaunch\Binaries\npWebLaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKCU\Software\MozillaPlugins\@thrixxx.com/WebLaunch: C:\Program Files (x86)\thriXXX\WebLaunch\Binaries\npWebLaunch.dll File not found FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-07-19 20:48:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-05-11 23:42:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-06-30 23:29:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files (x86)\DAP\DAPFireFox [2009-11-07 13:43:52 | 000,000,000 | ---D | M] [2011-04-16 13:23:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions [2011-04-16 13:23:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012-07-26 20:23:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\59qwop0k.default\extensions [2012-07-10 07:31:33 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\59qwop0k.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2012-05-09 19:37:52 | 000,000,000 | ---D | M] (FT SleekDark) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\59qwop0k.default\extensions\{a21cd440-41d6-11e0-9207-0800200c9a66} [2012-01-17 08:56:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-07-19 20:48:19 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2009-03-05 18:08:04 | 000,049,664 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\components\FFComm.dll [2011-10-03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2006-08-09 12:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npWebLaunch.dll [2012-06-18 07:29:11 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-06-18 07:29:11 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-06-18 07:29:11 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-06-18 07:29:11 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-06-18 07:29:11 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-06-18 07:29:11 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.google.com Hosts file not found O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files (x86)\DAP\dapieloader.dll (SpeedBit Ltd.) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O4:[b]64bit:[/b] - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4:[b]64bit:[/b] - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [lxbkbmgr.exe] C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup File not found O4:[b]64bit:[/b] - HKLM..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login File not found O4:[b]64bit:[/b] - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4:[b]64bit:[/b] - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Ad-Watch] C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe () O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [TWCU] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe () O4 - HKCU..\Run: [Bamboo Dock] C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe () O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe (IGN Entertainment) O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKCU..\RunOnce: [AutoLaunch] C:\Program Files (x86)\Lavasoft\Ad-Aware\AutoLaunch.exe () O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:[b]64bit:[/b] - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm () O8:[b]64bit:[/b] - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm () O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 File not found O8:[b]64bit:[/b] - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm () O8 - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm () O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm () O9:[b]64bit:[/b] - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - %SystemRoot%\System32\mswsock.dll File not found O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - %SystemRoot%\System32\mswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - %SystemRoot%\system32\mswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - %SystemRoot%\system32\mswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - %SystemRoot%\system32\mswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - %SystemRoot%\system32\mswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - %SystemRoot%\system32\mswsock.dll File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.108.195.21 89.108.202.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{477196F9-2BC5-4386-9554-C09B015F19C3}: DhcpNameServer = 89.108.195.21 89.108.202.21 O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\system32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\http\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\http\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\https\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\https\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\system32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\system32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\system32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\system32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:[b]64bit:[/b] - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - File not found O20:[b]64bit:[/b] - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - File not found O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: System - (lsass.exe) - File not found O20 - HKLM Winlogon: UserInit - (userinit) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found O21:[b]64bit:[/b] - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found O21:[b]64bit:[/b] - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found O21:[b]64bit:[/b] - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %SystemRoot%\system32\webcheck.dll File not found O22:[b]64bit:[/b] - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found O22:[b]64bit:[/b] - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-05-11 17:36:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2002-06-26 18:16:20 | 000,110,840 | R--- | M] () - D:\AutorunPro.EXE -- [ CDFS ] O32 - AutoRun File - [2007-11-23 21:40:30 | 000,000,086 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2006-12-13 18:50:16 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-03-15 01:27:21 | 000,148,320 | R--- | M] () - L:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2008-10-07 19:12:34 | 000,000,045 | R--- | M] () - L:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{26103976-3faa-11de-b401-001d7d9a3d9a}\Shell - "" = Autorun O33 - MountPoints2\{26103976-3faa-11de-b401-001d7d9a3d9a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{26103976-3faa-11de-b401-001d7d9a3d9a}\Shell\AutoRun\command - "" = K:\setup.exe O33 - MountPoints2\{6b1c17c7-180e-11e1-9da3-54e6fcd74634}\Shell - "" = AutoRun O33 - MountPoints2\{6b1c17c7-180e-11e1-9da3-54e6fcd74634}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{6b1c17c7-180e-11e1-9da3-54e6fcd74634}\Shell\AutoRun\command - "" = M:\AutoRun.exe O33 - MountPoints2\{8497d5ec-7e7c-11de-9922-001d7d9a3d9a}\Shell - "" = Autorun O33 - MountPoints2\{8497d5ec-7e7c-11de-9922-001d7d9a3d9a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{8497d5ec-7e7c-11de-9922-001d7d9a3d9a}\Shell\AutoRun\command - "" = L:\setup.exe O33 - MountPoints2\{8b6bf26b-9c4b-11de-95d9-001d7d9a3d9a}\Shell - "" = Autorun O33 - MountPoints2\{8b6bf26b-9c4b-11de-95d9-001d7d9a3d9a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{8b6bf26b-9c4b-11de-95d9-001d7d9a3d9a}\Shell\AutoRun\command - "" = C:\WINDOWS\SysWow64\setup.exe -- [2007-02-18 14:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) O33 - MountPoints2\{90312ed8-3e46-11de-8c0e-806e6f6e6963}\Shell - "" = Autorun O33 - MountPoints2\{90312ed8-3e46-11de-8c0e-806e6f6e6963}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{90312ed8-3e46-11de-8c0e-806e6f6e6963}\Shell\AutoRun\command - "" = K:\setup.exe O33 - MountPoints2\{9403d346-1835-11e1-89bd-54e6fcd74634}\Shell - "" = AutoRun O33 - MountPoints2\{9403d346-1835-11e1-89bd-54e6fcd74634}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{9403d346-1835-11e1-89bd-54e6fcd74634}\Shell\AutoRun\command - "" = M:\AutoRun.exe O33 - MountPoints2\{9403d34b-1835-11e1-89bd-001d7d9a3d9a}\Shell - "" = AutoRun O33 - MountPoints2\{9403d34b-1835-11e1-89bd-001d7d9a3d9a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{9403d34b-1835-11e1-89bd-001d7d9a3d9a}\Shell\AutoRun\command - "" = M:\AutoRun.exe O33 - MountPoints2\{9403d351-1835-11e1-89bd-001d7d9a3d9a}\Shell - "" = AutoRun O33 - MountPoints2\{9403d351-1835-11e1-89bd-001d7d9a3d9a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{9403d351-1835-11e1-89bd-001d7d9a3d9a}\Shell\AutoRun\command - "" = L:\AutoRun.exe -- [2011-03-15 01:27:21 | 000,148,320 | R--- | M] () O33 - MountPoints2\{9403d35b-1835-11e1-89bd-001e101f66e0}\Shell - "" = AutoRun O33 - MountPoints2\{9403d35b-1835-11e1-89bd-001e101f66e0}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{9403d35b-1835-11e1-89bd-001e101f66e0}\Shell\AutoRun\command - "" = L:\AutoRun.exe -- [2011-03-15 01:27:21 | 000,148,320 | R--- | M] () O33 - MountPoints2\{9403d360-1835-11e1-89bd-001e101f66e0}\Shell - "" = AutoRun O33 - MountPoints2\{9403d360-1835-11e1-89bd-001e101f66e0}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{9403d360-1835-11e1-89bd-001e101f66e0}\Shell\AutoRun\command - "" = L:\AutoRun.exe -- [2011-03-15 01:27:21 | 000,148,320 | R--- | M] () O33 - MountPoints2\{bb3b9d6a-5a42-11de-bfea-001d7d9a3d9a}\Shell - "" = Autorun O33 - MountPoints2\{bb3b9d6a-5a42-11de-bfea-001d7d9a3d9a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{bb3b9d6a-5a42-11de-bfea-001d7d9a3d9a}\Shell\AutoRun\command - "" = K:\setup.exe O33 - MountPoints2\{d5d8c7c7-7be1-11e1-a43e-001d7d9a3d9a}\Shell - "" = AutoRun O33 - MountPoints2\{d5d8c7c7-7be1-11e1-a43e-001d7d9a3d9a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{d5d8c7c7-7be1-11e1-a43e-001d7d9a3d9a}\Shell\AutoRun\command - "" = L:\AutoRun.exe -- [2011-03-15 01:27:21 | 000,148,320 | R--- | M] () O33 - MountPoints2\{d5d8c7ce-7be1-11e1-a43e-001d7d9a3d9a}\Shell - "" = AutoRun O33 - MountPoints2\{d5d8c7ce-7be1-11e1-a43e-001d7d9a3d9a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{d5d8c7ce-7be1-11e1-a43e-001d7d9a3d9a}\Shell\AutoRun\command - "" = L:\AutoRun.exe -- [2011-03-15 01:27:21 | 000,148,320 | R--- | M] () O33 - MountPoints2\{e178b7ec-4aea-11de-99f1-001d7d9a3d9a}\Shell - "" = Autorun O33 - MountPoints2\{e178b7ec-4aea-11de-99f1-001d7d9a3d9a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{e178b7ec-4aea-11de-99f1-001d7d9a3d9a}\Shell\AutoRun\command - "" = K:\setup.exe O33 - MountPoints2\{e72b79eb-c603-11de-b011-001d7d9a3d9a}\Shell - "" = Autorun O33 - MountPoints2\{e72b79eb-c603-11de-b011-001d7d9a3d9a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{e72b79eb-c603-11de-b011-001d7d9a3d9a}\Shell\AutoRun\command - "" = M:\setup.exe O33 - MountPoints2\{fd2b948c-8a2f-11de-9f5a-001d7d9a3d9a}\Shell - "" = Autorun O33 - MountPoints2\{fd2b948c-8a2f-11de-9f5a-001d7d9a3d9a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{fd2b948c-8a2f-11de-9f5a-001d7d9a3d9a}\Shell\AutoRun\command - "" = L:\setup.exe O33 - MountPoints2\L\Shell - "" = AutoRun O33 - MountPoints2\L\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\AutoRun.exe -- [2011-03-15 01:27:21 | 000,148,320 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-26 20:01:22 | 000,000,000 | ---D | C] -- C:\_OTL [2012-07-26 19:59:41 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL(1).exe [2012-07-23 22:29:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Avira [2012-07-23 22:24:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira [2012-07-23 22:23:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012-07-23 22:23:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2012-07-23 22:16:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-07-23 20:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\dog grooming [2012-07-22 20:47:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\New Folder (5) [2012-07-22 20:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\New Folder (4) [2012-07-22 11:59:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\knighted logo [2012-07-21 17:01:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\pasjo [2012-07-16 20:53:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\mpayz [2012-07-14 18:04:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\mobinte maps [2012-07-14 17:13:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\New Folder (3) [2012-07-05 17:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\lost [2012-07-04 18:08:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\yeti [2012-07-03 15:04:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Zdjęcia0001 [2012-07-03 14:50:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Arnold Tsang [2012-07-03 14:37:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\mn [2012-07-02 13:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\pasjo redesign [2012-06-29 18:02:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Luxtorpeda - Robaki (2012) [2012-06-29 18:01:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Luxtorpeda - Luxtorpeda 2011.MP3TLRG [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-26 20:48:58 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-07-26 20:48:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-07-26 20:46:00 | 000,632,049 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe [2012-07-26 20:40:03 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-07-26 19:59:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL(1).exe [2012-07-24 22:38:17 | 000,165,376 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\SystemLook_x64.exe [2012-07-24 00:22:22 | 000,000,968 | -H-- | M] () -- C:\aaw7boot.cmd [2012-07-23 22:24:51 | 000,001,761 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk [2012-07-22 20:41:03 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012-07-22 20:21:28 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-11 22:13:42 | 000,001,052 | ---- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Dropbox.lnk [2012-07-07 16:13:00 | 004,564,146 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Czas Na E-Biznes Piotr Majewski.pdf (peĹ‚na wersja).pdf [2012-07-04 18:07:49 | 001,445,696 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\yeti.cdr [2012-07-04 18:02:17 | 001,440,785 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Backup_of_yeti.cdr [2012-07-03 11:29:17 | 000,245,381 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\knighted www.jpg [2012-07-02 12:17:00 | 000,000,496 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2012-06-30 21:50:09 | 001,384,936 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\pasjonarnia.cdr [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-26 20:45:59 | 000,632,049 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe [2012-07-24 22:47:21 | 000,165,376 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\SystemLook_x64.exe [2012-07-23 22:24:51 | 000,001,761 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk [2012-07-21 20:26:18 | 004,564,146 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Czas Na E-Biznes Piotr Majewski.pdf (peĹ‚na wersja).pdf [2012-07-11 22:13:42 | 000,001,052 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Dropbox.lnk [2012-07-08 20:34:21 | 072,882,316 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Gasnace Slonca - Podrecznik Gracza.pdf [2012-07-08 20:34:10 | 148,939,343 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Podrecznik.Podstawowy.pdf [2012-07-04 16:07:37 | 001,440,785 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Backup_of_yeti.cdr [2012-07-04 15:58:31 | 001,445,696 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\yeti.cdr [2012-07-03 11:29:12 | 000,245,381 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\knighted www.jpg [2012-06-30 21:50:08 | 001,384,936 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\pasjonarnia.cdr [2011-12-28 23:18:57 | 000,189,248 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe [2011-12-28 23:18:55 | 000,075,136 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe [2011-09-08 12:56:10 | 000,000,019 | ---- | C] () -- C:\WINDOWS\cie12.ini [2011-09-08 12:52:20 | 000,001,452 | ---- | C] () -- C:\WINDOWS\unins000.dat [2011-07-30 22:48:50 | 000,262,216 | ---- | C] () -- C:\WINDOWS\SysWow64\IPTests.dll [2011-07-30 22:48:27 | 000,422,000 | ---- | C] () -- C:\WINDOWS\SysWow64\wgapi.dll [2011-07-30 22:48:27 | 000,077,824 | ---- | C] () -- C:\WINDOWS\SysWow64\wgapiloc.dll [2011-05-05 19:35:20 | 000,175,616 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll [2011-05-05 19:35:20 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2011-05-05 19:35:19 | 000,631,808 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll [2011-05-05 19:35:19 | 000,243,200 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll [2011-05-05 19:35:18 | 000,080,896 | ---- | C] () -- C:\WINDOWS\SysWow64\ff_vfw.dll [2010-12-13 09:05:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\Access.dat [2010-11-27 02:24:10 | 006,918,512 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2009-11-12 14:29:18 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\9F427AF323.sys [2009-11-12 14:28:50 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys [2009-05-12 13:19:53 | 000,061,440 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1EE00E38 @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D74B6CF5 < End of report >