OTL logfile created on: 14-09-2011 18:18:16 - Run 3 OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\User\Desktop\New Folder (2) Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000406 | Country: Denmark | Language: DAN | Date Format: dd-MM-yyyy 3,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 58,01% Memory free 6,19 Gb Paging File | 4,84 Gb Available in Paging File | 78,14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 144,04 Gb Total Space | 84,66 Gb Free Space | 58,77% Space Free | Partition Type: NTFS Drive D: | 137,50 Gb Total Space | 103,69 Gb Free Space | 75,41% Space Free | Partition Type: NTFS Computer Name: USER-PC | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-09-14 18:08:19 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\User\AppData\Local\Temp\RtkBtMnt.exe PRC - [2011-09-12 18:43:20 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\New Folder (2)\OTL.exe PRC - [2011-09-03 14:28:25 | 001,017,912 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2011-09-02 09:12:09 | 000,347,008 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\GameXN\GameXNGO.exe PRC - [2011-07-30 01:33:54 | 000,086,016 | ---- | M] (alch) -- C:\Program Files\ClamWin\bin\ClamTray.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-02-25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE PRC - [2009-11-14 17:52:39 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Users\User\Program Files\DNA\btdna.exe PRC - [2009-06-29 17:05:33 | 003,485,696 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe PRC - [2009-06-29 17:05:24 | 003,520,512 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe PRC - [2009-06-29 17:05:16 | 003,719,680 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-03-18 10:43:20 | 000,173,352 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe PRC - [2008-09-24 13:57:34 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2008-09-24 13:57:14 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe PRC - [2008-09-10 13:11:12 | 000,676,520 | ---- | M] () -- C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe PRC - [2008-09-10 13:11:09 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 5600-6600 Series\lxdumsdmon.exe PRC - [2008-07-30 03:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe PRC - [2008-07-30 03:52:50 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe PRC - [2008-07-21 03:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2008-07-21 03:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2008-06-30 17:56:32 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2008-06-16 11:58:38 | 000,809,480 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe PRC - [2008-06-02 19:25:40 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe PRC - [2008-05-26 05:43:58 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe PRC - [2008-05-23 14:58:34 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxducoms.exe PRC - [2008-05-07 10:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008-05-01 05:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe PRC - [2008-05-01 05:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2008-01-16 18:35:02 | 000,081,504 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe PRC - [2007-12-11 05:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2007-12-07 02:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe PRC - [2007-04-24 18:50:32 | 000,723,760 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-09-03 14:28:23 | 000,400,440 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\13.0.782.220\ppgooglenaclpluginchrome.dll MOD - [2011-09-03 14:28:22 | 004,118,072 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\13.0.782.220\pdf.dll MOD - [2011-09-03 14:26:51 | 000,104,520 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\13.0.782.220\avutil-50.dll MOD - [2011-09-03 14:26:49 | 000,203,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\13.0.782.220\avformat-52.dll MOD - [2011-09-03 14:26:48 | 001,846,344 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\13.0.782.220\avcodec-52.dll MOD - [2011-08-15 16:41:13 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll MOD - [2011-08-15 16:41:05 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll MOD - [2011-08-15 16:40:58 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4c3cda96b8f12220da20f2f8d1b9439c\System.Xml.ni.dll MOD - [2011-08-15 15:51:26 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29c6ef7f07d89496c72a1bbf718aed5d\System.Configuration.ni.dll MOD - [2011-08-15 08:38:23 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll MOD - [2011-08-15 08:38:13 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll MOD - [2009-03-18 10:43:22 | 000,841,000 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll MOD - [2009-03-18 10:43:18 | 000,013,096 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll MOD - [2008-09-10 13:11:12 | 000,676,520 | ---- | M] () -- C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe MOD - [2008-09-10 13:11:09 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 5600-6600 Series\lxdumsdmon.exe MOD - [2008-09-10 12:28:56 | 000,081,920 | ---- | M] () -- C:\Program Files\Lexmark 5600-6600 Series\lxducaps.dll MOD - [2008-09-10 12:28:45 | 000,380,928 | ---- | M] () -- C:\Program Files\Lexmark 5600-6600 Series\lxduscw.dll MOD - [2008-09-10 12:28:44 | 001,036,288 | ---- | M] () -- C:\Program Files\Lexmark 5600-6600 Series\lxdudrs.dll MOD - [2008-09-10 12:08:35 | 000,069,632 | ---- | M] () -- C:\Program Files\Lexmark 5600-6600 Series\lxducnv4.dll MOD - [2008-07-30 03:52:38 | 000,227,888 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll MOD - [2008-06-30 17:56:32 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe MOD - [2008-05-27 05:36:57 | 000,036,864 | ---- | M] () -- C:\Program Files\Lexmark 5600-6600 Series\app4r.monitor.core.dll MOD - [2008-05-27 05:36:57 | 000,028,672 | ---- | M] () -- C:\Program Files\Lexmark 5600-6600 Series\app4r.monitor.common.dll MOD - [2008-05-27 05:35:58 | 000,065,536 | ---- | M] () -- C:\Program Files\Lexmark 5600-6600 Series\app4r.devmons.mcmdevmon.dll MOD - [2008-05-23 14:02:14 | 000,188,416 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxdudatr.dll MOD - [2008-03-25 06:53:10 | 000,012,288 | ---- | M] () -- C:\Program Files\Lexmark 5600-6600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll MOD - [2007-05-05 11:40:34 | 000,128,512 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2007-04-24 18:44:26 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll MOD - [2007-04-24 18:32:56 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll MOD - [2005-02-08 16:23:10 | 000,979,005 | ---- | M] () -- C:\Program Files\ClamWin\bin\python23.dll MOD - [2004-11-20 02:27:54 | 000,106,496 | ---- | M] () -- C:\Program Files\ClamWin\lib\shell.pyd MOD - [2004-11-20 02:27:54 | 000,086,016 | ---- | M] () -- C:\Program Files\ClamWin\lib\win32gui.pyd MOD - [2004-11-20 02:27:54 | 000,077,824 | ---- | M] () -- C:\Program Files\ClamWin\lib\win32file.pyd MOD - [2004-11-20 02:27:54 | 000,069,632 | ---- | M] () -- C:\Program Files\ClamWin\lib\win32api.pyd MOD - [2004-11-20 02:27:54 | 000,065,536 | ---- | M] () -- C:\Program Files\ClamWin\lib\win32security.pyd MOD - [2004-11-20 02:27:54 | 000,036,864 | ---- | M] () -- C:\Program Files\ClamWin\lib\win32process.pyd MOD - [2004-11-20 02:27:54 | 000,024,576 | ---- | M] () -- C:\Program Files\ClamWin\lib\win32pipe.pyd MOD - [2004-11-20 02:27:54 | 000,024,576 | ---- | M] () -- C:\Program Files\ClamWin\lib\win32event.pyd MOD - [2004-10-11 19:22:18 | 000,315,392 | ---- | M] () -- C:\Program Files\ClamWin\lib\pythoncom23.dll MOD - [2004-10-11 19:21:26 | 000,094,208 | ---- | M] () -- C:\Program Files\ClamWin\lib\pywintypes23.dll MOD - [2004-05-25 20:20:30 | 000,036,864 | ---- | M] () -- C:\Program Files\ClamWin\lib\_winreg.pyd MOD - [2004-05-25 20:19:32 | 000,045,117 | ---- | M] () -- C:\Program Files\ClamWin\lib\datetime.pyd MOD - [2004-05-25 20:18:42 | 000,495,616 | ---- | M] () -- C:\Program Files\ClamWin\lib\_ssl.pyd MOD - [2004-05-25 20:18:28 | 000,057,401 | ---- | M] () -- C:\Program Files\ClamWin\lib\_sre.pyd MOD - [2004-05-25 20:18:20 | 000,049,212 | ---- | M] () -- C:\Program Files\ClamWin\lib\_socket.pyd MOD - [2004-05-25 20:17:14 | 000,622,651 | ---- | M] () -- C:\Program Files\ClamWin\lib\_bsddb.pyd MOD - [2004-01-15 13:45:22 | 000,061,440 | ---- | M] () -- C:\Program Files\ClamWin\lib\_ctypes.pyd MOD - [2003-10-01 12:40:00 | 002,240,512 | ---- | M] () -- C:\Program Files\ClamWin\lib\wxc.pyd MOD - [2003-10-01 10:43:02 | 003,239,936 | ---- | M] () -- C:\Program Files\ClamWin\lib\wxmsw24h.dll MOD - [2003-08-10 08:14:40 | 000,061,440 | ---- | M] () -- C:\Program Files\ClamWin\lib\mxDateTime.pyd MOD - [2003-06-07 07:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-05-28 21:44:45 | 000,073,600 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ezGOSvc.dll -- (ezGOSvc) SRV - [2011-02-28 19:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011-02-25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2010-10-26 17:05:24 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009-09-17 11:33:26 | 000,651,776 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009-06-29 17:05:24 | 003,520,512 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC) SRV - [2008-09-24 13:57:34 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2008-09-24 13:57:14 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe -- (PLFlash DeviceIoControl Service) SRV - [2008-07-30 03:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service) SRV - [2008-07-21 03:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2008-06-02 19:25:40 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService) SRV - [2008-05-26 05:43:58 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService) SRV - [2008-05-23 14:58:34 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxducoms.exe -- (lxdu_device) SRV - [2008-05-23 14:58:22 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe -- (lxduCATSCustConnectService) SRV - [2008-05-01 05:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008-05-01 05:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008-01-16 18:35:02 | 000,081,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService) SRV - [2007-12-11 05:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007-12-07 02:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-08-30 19:45:11 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-06-29 17:05:20 | 000,043,184 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF) DRV - [2009-06-22 19:38:24 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-06-22 19:26:06 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev) DRV - [2009-03-19 14:48:18 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2009-03-19 14:48:12 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2009-02-09 08:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-02-09 08:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-02-09 08:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-02-09 08:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008-12-05 12:24:00 | 007,538,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008-09-24 23:39:48 | 000,045,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008-08-26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-07-18 16:05:10 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) DRV - [2008-05-26 05:44:14 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x) DRV - [2008-05-19 18:23:00 | 000,047,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E) DRV - [2008-05-07 12:47:36 | 000,085,136 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008-04-28 00:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008-02-29 09:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008-01-16 18:35:08 | 000,122,368 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel) DRV - [2007-12-18 17:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir) DRV - [2007-01-26 08:32:18 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15) DRV - [2006-11-02 15:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0406&s=2&o=vp32&d=0609&m=aspire_6935 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0406&s=2&o=vp32&d=0609&m=aspire_6935 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0406&s=2&o=vp32&d=0609&m=aspire_6935 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - Reg Error: No CLSID value found. File not found IE - HKCU\..\URLSearchHook: {8532a8b7-c06a-41bb-936a-8ce73e4711ed} - Reg Error: No CLSID value found. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\User\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-05-19 19:26:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\User\Program Files\DNA [2011-09-14 18:08:19 | 000,000,000 | ---D | M] [2009-06-30 21:21:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Extensions [2011-09-14 18:02:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rolax73n.default\extensions [2009-07-06 18:50:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rolax73n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-05-27 10:55:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-05-27 10:55:39 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} File not found (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ROLAX73N.DEFAULT\EXTENSIONS\{7B13EC3E-999A-4B70-B9CB-2617B8323822} File not found (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ROLAX73N.DEFAULT\EXTENSIONS\DTTOOLBAR@TOOLBARNET.COM [2011-05-19 19:26:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010-01-01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Lexmark Værktøjslinje) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis) O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll () O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found O3 - HKLM\..\Toolbar: (Lexmark Værktøjslinje) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Værktøjslinje) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Værktøjslinje) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found. O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found. O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found. O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found. O4 - HKLM..\Run: [ClamWin] C:\Program Files\ClamWin\bin\ClamTray.exe (alch) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated) O4 - HKLM..\Run: [eRecoveryService] File not found O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [lxduamon] C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe () O4 - HKLM..\Run: [lxdumon.exe] C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe () O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero BackItUp 4\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.) O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\User\Program Files\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [GameXN] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS) O4 - HKCU..\Run: [GameXN (news)] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS) O4 - HKCU..\Run: [GameXN (update)] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS) O4 - HKLM..\RunOnce: [removedatamngr] cmd.exe /c RD /S /Q "C:\Program Files\Windows Searchqu Toolbar\" File not found O4 - HKLM..\RunOnce: [removetoolbar] cmd.exe /c RD /S /Q "C:\PROGRA~1\WI9130~1\ToolBar" File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\NPJPI150_09.dll (Sun Microsystems, Inc.) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanner.ikea.com/PL/Core/Player/2020PlayerAX_Win32.cab (20-20 3D Viewer) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09) O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A26C3909-8F63-4D82-9BBB-8FEB5290B635}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDE7E416-E904-41B5-8996-5B75FA5BF01B}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (c:\progra~1\wi9130~1\datamngr\datamngr.dll) -c:\Program Files\Windows Searchqu Toolbar\DataMngr\datamngr.dll (iMesh, Inc) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.) O24 - Desktop WallPaper: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-09-14 18:02:17 | 000,000,000 | ---D | C] -- C:\_OTL [2011-09-13 20:05:26 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\New Folder (2) [2011-09-13 17:28:27 | 000,000,000 | ---D | C] -- C:\Users\User\DoctorWeb [2011-09-02 09:12:07 | 000,000,000 | ---D | C] -- C:\ProgramData\GameXN [2011-08-31 15:19:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images [2011-08-31 14:47:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClamWin Antivirus [2011-08-31 14:47:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\.clamwin [2011-08-31 14:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\.clamwin [2011-08-31 14:46:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011-08-31 14:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011-08-30 20:33:57 | 000,000,000 | ---D | C] -- C:\Program Files\ClamWin [2011-08-30 19:45:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2011-08-30 19:44:45 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2011-08-30 18:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo [2011-08-30 18:28:13 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo [2011-08-24 17:12:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\EnchantedCavern [2011-08-24 17:11:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gry.Pl [2011-08-24 14:27:20 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Template [2011-08-24 07:44:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2011-08-19 09:59:46 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\New Folder [2011-08-17 12:20:21 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Muza [2009-07-17 19:19:53 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDUhcp.dll [2009-07-17 19:19:53 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxduinpa.dll [2009-07-17 19:19:53 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxduiesc.dll [2009-07-17 19:19:52 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxduserv.dll [2009-07-17 19:19:52 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxduusb1.dll [2009-07-17 19:19:52 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdupmui.dll [2009-07-17 19:19:52 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdulmpm.dll [2009-07-17 19:19:51 | 000,328,360 | ---- | C] ( ) -- C:\Windows\System32\lxduih.exe [2009-07-17 19:19:50 | 000,679,936 | ---- | C] ( ) -- C:\Windows\System32\lxduhbn3.dll [2009-07-17 19:19:49 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxducomc.dll [2009-07-17 19:19:49 | 000,594,600 | ---- | C] ( ) -- C:\Windows\System32\lxducoms.exe [2009-07-17 19:19:49 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxducomm.dll [2009-07-17 19:19:49 | 000,369,320 | ---- | C] ( ) -- C:\Windows\System32\lxducfg.exe [2009-01-13 06:39:58 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll [2 C:\Users\User\AppData\Local\*.tmp files -> C:\Users\User\AppData\Local\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-09-14 18:20:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-09-14 18:08:48 | 000,197,040 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011-09-14 18:08:13 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-09-14 18:08:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2011-09-14 18:08:08 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-09-14 18:08:08 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-09-14 18:08:07 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2011-09-14 18:08:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-09-14 18:07:58 | 3218,042,880 | -HS- | M] () -- C:\hiberfil.sys [2011-09-14 18:07:03 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011-09-14 17:10:12 | 000,197,040 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011-09-13 18:53:31 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTIMP3.dll [2011-09-12 20:14:31 | 021,073,936 | ---- | M] () -- C:\Users\User\Documents\vlc-1.1.11-win32.exe [2011-09-12 18:56:47 | 000,604,322 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-09-12 18:56:47 | 000,107,462 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-09-05 09:18:12 | 000,011,264 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-09-05 08:03:27 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2011-09-04 18:17:26 | 000,729,520 | ---- | M] () -- C:\Users\User\Desktop\04092011623.jpg [2011-09-04 18:12:06 | 000,781,597 | ---- | M] () -- C:\Users\User\Desktop\04092011605.jpg [2011-09-04 18:06:40 | 000,662,955 | ---- | M] () -- C:\Users\User\Desktop\04092011597.jpg [2011-09-04 18:04:32 | 000,912,875 | ---- | M] () -- C:\Users\User\Desktop\04092011589.jpg [2011-09-04 17:32:34 | 001,357,926 | ---- | M] () -- C:\Users\User\Desktop\04092011542.jpg [2011-09-04 17:27:36 | 001,389,143 | ---- | M] () -- C:\Users\User\Desktop\04092011527.jpg [2011-09-02 09:12:10 | 000,001,508 | ---- | M] () -- C:\Users\User\Desktop\Play games (GameXN).lnk [2011-08-31 17:41:19 | 000,000,556 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for User.job [2011-08-31 16:49:56 | 000,000,830 | ---- | M] () -- C:\Windows\Rtcw.INI [2011-08-31 14:47:35 | 000,000,914 | ---- | M] () -- C:\Users\Public\Desktop\ClamWin Antivirus.lnk [2011-08-31 14:46:56 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011-08-30 19:45:11 | 000,001,739 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2011-08-30 18:28:34 | 000,000,980 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 9.lnk [2011-08-24 17:11:52 | 000,001,010 | ---- | M] () -- C:\Users\User\Desktop\Zaczarowana Jaskinia.lnk [2011-08-24 17:11:52 | 000,000,341 | ---- | M] () -- C:\Users\User\Desktop\Gry.Pl.lnk [2011-08-24 17:04:35 | 000,000,096 | ---- | M] () -- C:\Users\User\AppData\Roaming\wklnhst.dat [2011-08-16 21:23:43 | 000,066,825 | ---- | M] () -- C:\Users\User\Desktop\1306010047 graf 2.jpg [2011-08-16 21:16:10 | 000,204,987 | ---- | M] () -- C:\Users\User\Desktop\Graffiti_07.jpg [2 C:\Users\User\AppData\Local\*.tmp files -> C:\Users\User\AppData\Local\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-09-12 20:10:58 | 021,073,936 | ---- | C] () -- C:\Users\User\Documents\vlc-1.1.11-win32.exe [2011-09-06 08:47:29 | 001,357,926 | ---- | C] () -- C:\Users\User\Desktop\04092011542.jpg [2011-09-06 08:46:47 | 001,389,143 | ---- | C] () -- C:\Users\User\Desktop\04092011527.jpg [2011-09-06 08:46:03 | 000,912,875 | ---- | C] () -- C:\Users\User\Desktop\04092011589.jpg [2011-09-06 08:45:39 | 000,662,955 | ---- | C] () -- C:\Users\User\Desktop\04092011597.jpg [2011-09-06 08:44:40 | 000,729,520 | ---- | C] () -- C:\Users\User\Desktop\04092011623.jpg [2011-09-05 09:28:38 | 000,781,597 | ---- | C] () -- C:\Users\User\Desktop\04092011605.jpg [2011-09-02 09:12:10 | 000,001,538 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play games (GameXN).lnk [2011-09-02 09:12:10 | 000,001,508 | ---- | C] () -- C:\Users\User\Desktop\Play games (GameXN).lnk [2011-08-31 14:47:35 | 000,000,914 | ---- | C] () -- C:\Users\Public\Desktop\ClamWin Antivirus.lnk [2011-08-31 14:46:56 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011-08-30 19:45:11 | 000,001,739 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2011-08-30 18:28:34 | 000,000,980 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 9.lnk [2011-08-24 17:11:52 | 000,001,010 | ---- | C] () -- C:\Users\User\Desktop\Zaczarowana Jaskinia.lnk [2011-08-24 17:11:52 | 000,000,341 | ---- | C] () -- C:\Users\User\Desktop\Gry.Pl.lnk [2011-08-19 09:55:30 | 000,936,480 | ---- | C] () -- C:\Users\User\Desktop\24072011484.jpg [2011-08-16 21:23:52 | 000,066,825 | ---- | C] () -- C:\Users\User\Desktop\1306010047 graf 2.jpg [2011-08-16 21:16:17 | 000,204,987 | ---- | C] () -- C:\Users\User\Desktop\Graffiti_07.jpg [2011-07-24 17:37:26 | 000,000,096 | ---- | C] () -- C:\Users\User\AppData\Roaming\wklnhst.dat [2011-07-18 10:48:40 | 000,073,600 | ---- | C] () -- C:\Windows\System32\ezGOSvc.dll [2010-12-10 22:26:38 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010-12-10 22:26:38 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-12-10 22:26:37 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010-12-10 22:26:37 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010-12-10 22:26:36 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-07-08 19:32:40 | 000,000,680 | ---- | C] () -- C:\Users\User\AppData\Local\d3d9caps.dat [2010-05-25 16:51:32 | 000,000,483 | ---- | C] () -- C:\Windows\Disney.ini [2010-02-26 01:17:15 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI [2010-02-26 00:45:33 | 000,000,000 | ---- | C] () -- C:\Windows\PhotoNow.INI [2009-11-20 20:08:05 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2009-11-20 20:07:48 | 000,079,360 | ---- | C] () -- C:\Windows\System32\mkzlib.dll [2009-11-20 20:07:48 | 000,023,552 | ---- | C] () -- C:\Windows\System32\mkunicode.dll [2009-08-18 21:50:22 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009-08-18 21:50:22 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009-08-03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009-08-03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe [2009-07-31 10:00:26 | 000,000,000 | ---- | C] () -- C:\Users\User\AppData\Roaming\downloads.m3u [2009-07-25 16:38:15 | 000,000,830 | ---- | C] () -- C:\Windows\Rtcw.INI [2009-07-22 20:35:15 | 000,000,143 | ---- | C] () -- C:\Users\User\AppData\Roaming\default.rss [2009-07-22 20:34:32 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2009-07-22 19:19:19 | 000,000,039 | ---- | C] () -- C:\Windows\Irremote.ini [2009-07-17 19:29:54 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxducoin.dll [2009-07-17 19:28:42 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxduvs.dll [2009-07-17 19:27:15 | 001,036,288 | ---- | C] () -- C:\Windows\System32\lxdudrs.dll [2009-07-17 19:27:15 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxducaps.dll [2009-07-17 19:27:15 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxducnv4.dll [2009-07-17 19:26:57 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXDUPMON.DLL [2009-07-17 19:26:57 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXDUFXPU.DLL [2009-07-17 19:26:37 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxduoem.dll [2009-07-17 19:21:28 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdurwrd.ini [2009-07-17 19:19:54 | 000,389,120 | ---- | C] () -- C:\Windows\System32\LXDUinst.dll [2009-07-17 19:19:51 | 000,106,496 | ---- | C] () -- C:\Windows\System32\lxduinsr.dll [2009-07-17 19:19:50 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdugrd.dll [2009-07-07 21:46:01 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2009-07-01 20:13:46 | 000,011,264 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-07-01 16:08:12 | 000,000,119 | ---- | C] () -- C:\Windows\wininit.ini [2009-07-01 13:20:51 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009-06-30 21:20:55 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009-06-30 17:27:23 | 000,197,040 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009-06-30 17:27:20 | 000,197,040 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009-06-29 17:09:29 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2009-06-29 17:09:29 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe [2009-06-29 17:09:29 | 000,009,216 | ---- | C] () -- C:\Windows\usbvideo_reg.exe [2009-06-29 17:09:29 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini [2009-06-29 17:05:45 | 000,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll [2009-01-13 09:15:04 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll [2009-01-13 09:15:04 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll [2009-01-13 08:42:01 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll [2009-01-13 08:24:16 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2009-01-13 08:24:16 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat [2009-01-13 08:24:16 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat [2009-01-13 08:22:13 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat [2009-01-13 07:21:54 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009-01-13 06:36:28 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007-11-14 16:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll [2007-04-24 18:32:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2007-01-26 08:32:18 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys [2006-11-02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006-11-02 14:47:37 | 000,425,688 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 12:33:01 | 000,604,322 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006-11-02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006-11-02 12:33:01 | 000,107,462 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006-11-02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006-11-02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006-11-02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006-11-02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001-12-27 02:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001-11-14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [2001-09-04 09:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001-07-31 02:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001-07-24 08:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:05113FB9 @Alternate Data Stream - 64 bytes -> C:\Users\User\Documents\Capture.mpg:TOC.WMV @Alternate Data Stream - 64 bytes -> C:\Users\User\Desktop\SDV_0496.MP4:TOC.WMV @Alternate Data Stream - 64 bytes -> C:\Users\User\Desktop\SDV_0495.MP4:TOC.WMV @Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:4D066AD2 @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:4CF61E54 @Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:5D7E5A8F @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:4220A65C @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:A42A9F39 @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:798A3728 @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:73933431 @Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:7CACEF61 @Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:C99F6ECA @Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:793F316E @Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:E36F5B57 @Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:F880DE59 @Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:F3176E45 @Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:F65733F1 @Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:AB689DEA @Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:753F86A9 < End of report >