OTL logfile created on: 2012-06-02 11:39:48 - Run 1 OTL by OldTimer - Version 3.2.45.0 Folder = D:\Documents and Settings\Damian\Desktop Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 62,17% Memory free 3,97 Gb Paging File | 3,20 Gb Available in Paging File | 80,64% Paging File free Paging file location(s): d:\pagefile.sys 2048 2048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = D:\Program Files Drive C: | 29,45 Gb Total Space | 12,70 Gb Free Space | 43,14% Space Free | Partition Type: NTFS Drive D: | 104,91 Gb Total Space | 26,54 Gb Free Space | 25,29% Space Free | Partition Type: NTFS Computer Name: TOJA-B4 | User Name: Damian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-06-02 11:38:37 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Damian\Desktop\OTL.exe PRC - [2012-05-03 19:18:30 | 000,924,600 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-02-28 18:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2012-02-24 05:27:08 | 000,099,840 | ---- | M] (PostgreSQL Global Development Group) -- D:\Program Files\PostgreSQL\9.1\bin\pg_ctl.exe PRC - [2012-02-24 05:26:27 | 005,234,688 | ---- | M] (PostgreSQL Global Development Group) -- D:\Program Files\PostgreSQL\9.1\bin\postgres.exe PRC - [2011-12-22 22:45:46 | 010,234,880 | ---- | M] (Creative Team S.A.) -- D:\Program Files\Wapster\WapSter AQQ\AQQ.exe PRC - [2011-04-25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe PRC - [2011-03-04 17:32:16 | 000,671,552 | ---- | M] (TuneUp Software) -- D:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe PRC - [2011-03-04 17:30:34 | 001,523,008 | ---- | M] (TuneUp Software) -- D:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe PRC - [2011-02-01 16:27:40 | 003,265,944 | ---- | M] (Tonec Inc.) -- D:\Program Files\Internet Download Manager\IDMan.exe PRC - [2010-11-25 09:44:02 | 002,404,168 | ---- | M] (O&O Software GmbH) -- D:\Program Files\OO Software\Defrag\oodag.exe PRC - [2010-05-25 17:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- D:\Program Files\Internet Download Manager\IEMonitor.exe PRC - [2010-05-18 16:13:58 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009-01-05 17:16:12 | 000,069,632 | ---- | M] () -- D:\Program Files\TP LINK\TP-LINK\TL-WN321G\COMMON\RegistryWriter.exe PRC - [2008-04-14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-10-23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe PRC - [2006-10-16 21:13:28 | 000,230,944 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-05-03 19:18:28 | 001,952,696 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011-12-09 20:25:48 | 001,182,720 | ---- | M] () -- D:\Program Files\Wapster\WapSter AQQ\System\Shared\Plugins\GGNet.dll MOD - [2011-11-09 14:18:20 | 000,983,552 | ---- | M] () -- D:\Program Files\Wapster\WapSter AQQ\System\Shared\Plugins\SMS.dll MOD - [2011-04-25 00:13:30 | 007,008,656 | ---- | M] () -- D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll MOD - [2011-04-25 00:13:28 | 000,192,912 | ---- | M] () -- D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll MOD - [2011-04-25 00:13:26 | 001,270,160 | ---- | M] () -- D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll MOD - [2011-04-25 00:13:26 | 000,758,160 | ---- | M] () -- D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll MOD - [2011-04-25 00:13:24 | 002,118,032 | ---- | M] () -- D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll MOD - [2011-04-25 00:13:24 | 002,089,360 | ---- | M] () -- D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll MOD - [2011-04-20 20:56:28 | 000,025,088 | ---- | M] () -- D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll MOD - [2010-08-25 11:41:20 | 000,304,640 | ---- | M] () -- D:\Program Files\Wapster\WapSter AQQ\System\Shared\Plugins\Contact.dll MOD - [2009-01-05 17:16:12 | 000,069,632 | ---- | M] () -- D:\Program Files\TP LINK\TP-LINK\TL-WN321G\COMMON\RegistryWriter.exe MOD - [2008-08-06 09:04:08 | 000,332,800 | ---- | M] () -- D:\Program Files\Wapster\WapSter AQQ\System\Shared\Plugins\AQQNet.dll MOD - [2005-06-21 22:22:06 | 000,483,328 | ---- | M] () -- C:\WINDOWS\system32\dlcdlmpm.dll MOD - [2005-06-06 17:59:00 | 000,065,536 | R--- | M] () -- C:\WINDOWS\system32\dlcdcfg.dll MOD - [2005-05-18 00:17:52 | 000,061,440 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 944\dlcdcnv4.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- c:\xampp\mysql\bin\mysqld-nt.exe -- (mysql) SRV - File not found [Disabled | Stopped] -- D:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate) Usługa Google Update (gupdate) SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart) SRV - [2012-05-03 19:18:30 | 000,129,976 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-02-28 18:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-02-24 05:27:08 | 000,099,840 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- D:\Program Files\PostgreSQL\9.1\bin\pg_ctl.exe -- (postgresql-9.1) SRV - [2011-08-01 18:24:00 | 003,889,424 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc) SRV - [2011-04-25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP) SRV - [2011-03-04 17:30:34 | 001,523,008 | ---- | M] (TuneUp Software) [Auto | Running] -- D:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2011-03-04 17:28:08 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2010-11-25 09:44:02 | 002,404,168 | ---- | M] (O&O Software GmbH) [Auto | Running] -- D:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent) SRV - [2010-05-18 16:13:58 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2010-03-18 14:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2009-10-20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- D:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2009-07-09 12:22:18 | 000,144,712 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009-01-30 17:46:12 | 000,913,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2009-01-05 17:16:12 | 000,069,632 | ---- | M] () [Auto | Running] -- D:\Program Files\TP LINK\TP-LINK\TL-WN321G\COMMON\RegistryWriter.exe -- (RalinkRegistryWriter) SRV - [2008-12-12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- D:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2008-09-19 03:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Stopped] -- D:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3) SRV - [2008-04-14 02:12:35 | 000,089,600 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog) SRV - [2008-04-14 02:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm) SRV - [2008-04-14 02:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE) SRV - [2008-04-14 02:12:08 | 000,185,856 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost) SRV - [2008-04-14 02:12:04 | 000,059,904 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry) SRV - [2008-04-14 02:11:59 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger) SRV - [2008-04-14 02:11:57 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess) SRV - [2008-04-14 02:11:50 | 000,077,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser) SRV - [2008-04-14 02:11:49 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter) SRV - [2007-03-23 01:57:30 | 000,035,840 | ---- | M] () [Disabled | Stopped] -- D:\Program Files\Advanced Registry Doctor\RegManServ.exe -- (RegManServ) SRV - [2006-10-26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006-10-23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe -- (AOL ACS) SRV - [2006-10-16 21:13:28 | 000,230,944 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2005-06-21 22:19:38 | 000,491,520 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\dlcdcoms.exe -- (dlcd_device) SRV - [2005-06-02 15:54:34 | 000,086,606 | ---- | M] (Canon Inc.) [On_Demand | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8) SRV - [2003-04-07 08:21:46 | 000,065,795 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2002-10-16 20:56:00 | 000,176,128 | ---- | M] (Executive Software International, Inc.) [Disabled | Stopped] -- D:\Program Files\DiskeeperLite\DKService.exe -- (Diskeeper) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKPcFtHk.sys -- (TKPcFt) DRV - File not found [File_System | On_Demand | Stopped] -- system32\TKFsFt.sys -- (TkFsFtM) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKFsAv.sys -- (TKFsAvM) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKCtrl2k.sys -- (TKCtrl) DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Program Files\A-FF Find and Mount\slicedisk.sys -- (SliceDisk5) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\NPIDS.SYS -- (NPIDS) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\NPFWFLT.SYS -- (NPFWFLT) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\NPFW.SYS -- (NPFW) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- c:\huadio.tmp -- (autorun) DRV - [2012-03-15 23:26:20 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HssDrv.sys -- (HssDrv) DRV - [2012-03-15 23:26:18 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss) DRV - [2012-02-19 14:49:15 | 000,565,552 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2011-08-19 02:46:06 | 000,026,112 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tapoas.sys -- (tapoas) DRV - [2011-05-21 12:40:06 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-05-11 19:57:51 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K) DRV - [2011-04-17 18:22:02 | 000,022,000 | ---- | M] (SoftEther Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Neo_0123.sys -- (Neo_VPN) DRV - [2011-04-17 18:09:11 | 000,022,000 | ---- | M] (SoftEther Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Neo_0054.sys -- (Neo_JPN) DRV - [2011-03-10 19:34:46 | 000,034,608 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2011-03-04 14:23:20 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2) DRV - [2011-03-04 14:23:14 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (KL1) DRV - [2011-02-10 10:22:58 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- D:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2011-01-27 01:34:30 | 006,406,656 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2011-01-25 12:40:06 | 000,097,112 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI) DRV - [2010-02-25 18:51:02 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901) DRV - [2009-11-02 21:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-10-20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) DRV - [2009-06-26 16:53:54 | 000,685,816 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008-06-28 11:39:42 | 000,332,928 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187.sys -- (RTLWUSB) DRV - [2008-05-06 18:06:42 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM) DRV - [2008-04-13 21:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat) DRV - [2008-04-13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008-04-13 20:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot) DRV - [2008-04-13 20:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia) DRV - [2008-04-13 20:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs) DRV - [2008-01-25 13:40:20 | 000,015,453 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlashUSB.sys -- (FlashUSB) DRV - [2008-01-15 14:50:52 | 000,459,520 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73) DRV - [2007-08-20 09:11:22 | 000,395,744 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter) DRV - [2007-08-20 09:11:22 | 000,039,264 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter) DRV - [2007-08-20 09:11:11 | 000,114,048 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman) DRV - [2007-07-20 18:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2007-04-23 13:54:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) DRV - [2007-04-23 13:54:50 | 000,098,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115obex.sys -- (s115obex) DRV - [2007-04-23 13:54:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdm.sys -- (s115mdm) DRV - [2007-04-23 13:54:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdfl.sys -- (s115mdfl) DRV - [2007-04-23 13:54:46 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM) DRV - [2006-05-26 08:59:12 | 001,177,032 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2006-01-13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vd_filedisk.sys -- (VD_FileDisk) DRV - [2005-12-02 18:38:04 | 000,041,728 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32) DRV - [2005-11-03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV - [2005-08-10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2005-05-16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2004-12-03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x) DRV - [2004-08-10 13:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k) DRV - [2004-08-10 13:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC) DRV - [2004-03-24 04:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\nsndis5.sys -- (NSNDIS5) DRV - [2004-01-21 03:14:46 | 000,005,915 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter) DRV - [2004-01-21 03:14:42 | 000,271,360 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) Labtec WebCam Pro(PID_08A0) DRV - [2003-01-10 23:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKU\S-1-5-21-515967899-1604221776-725345543-1003\..\URLSearchHook: {8c8e8536-8109-4f86-bea9-42136665f8f2} - D:\Program Files\DDPL.net\prxtbDDP0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-515967899-1604221776-725345543-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-515967899-1604221776-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-515967899-1604221776-725345543-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={EEC188B6-00C5-4490-9E10-58DF5004555C}&mid=2e865f984dee47d1864bd14acce4e9e6-e513e0859ee31055e65f5180ff008ff4ab19731a&lang=en&ds=ins11&pr=sa&d=2012-02-20 16:03:13&v=10.0.0.7&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-515967899-1604221776-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-515967899-1604221776-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 196.32.0.74:8080 IE - HKU\S-1-5-21-515967899-1604221776-725345543-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultthis.engineName: "EasyHits4U Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1700241&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/firefox" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4 FF - prefs.js..extensions.enabledItems: smartbookmarksbar@remy.juteau:1.4.3 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2 FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5 FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.8.0 FF - prefs.js..extensions.enabledItems: support@free-hideip.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.9.8 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.2.1 FF - prefs.js..extensions.enabledItems: {9e06d377-8c36-46df-9e57-0f6f3f5ee23e}:3.3.2.1 FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7B8465e610-c602-43f0-b136-9685e4ea873b%7D&mid=2e865f984dee47d1864bd14acce4e9e6-e513e0859ee31055e65f5180ff008ff4ab19731a&ds=ins11&v=10.0.0.7&lang=en&pr=sa&d=2012-02-20%2016%3A03%3A13&sap=ku&q=" FF - prefs.js..network.proxy.backup.ftp: "212.88.118.181" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.socks: "212.88.118.181" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "212.88.118.181" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "77.13.135.30" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.http: "77.13.135.30" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "77.13.135.30" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.socks_remote_dns: true FF - prefs.js..network.proxy.ssl: "77.13.135.30" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: D:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: D:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: D:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\DOCUME~1\Damian\APPLIC~1\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB) FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\Damian\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll File not found FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Damian\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012-05-02 13:44:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012-05-02 13:44:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012-05-02 13:44:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012-05-03 19:18:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011-08-21 11:32:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.20\extensions\\Components: D:\Program Files\Mozilla Thunderbird\components [2012-03-20 20:23:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.20\extensions\\Plugins: D:\Program Files\Mozilla Thunderbird\plugins [2011-08-21 11:32:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{8C17574E-F5C5-41b8-8B36-333FC7E67980}: D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\THBExt_2_x [2012-02-19 14:50:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{FD9B3EC6-8265-41fb-8A2F-4C5A22A95A7B}: D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\THBExt_3_1_x [2012-02-19 14:50:19 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\Damian\Application Data\IDM\idmmzcc3 [2012-02-19 14:23:30 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\Damian\Application Data\IDM\idmmzcc3 [2012-02-19 14:23:30 | 000,000,000 | ---D | M] [2010-12-24 12:22:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Damian\Application Data\Mozilla\Extensions [2010-12-24 12:22:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Damian\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012-05-27 20:46:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Damian\Application Data\Mozilla\Firefox\Profiles\c371q8tt.default\extensions [2012-03-30 15:54:28 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Damian\Application Data\Mozilla\Firefox\Profiles\c371q8tt.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-05-27 20:46:30 | 000,000,000 | ---D | M] (Roomy Bookmarks Toolbar) -- C:\Documents and Settings\Damian\Application Data\Mozilla\Firefox\Profiles\c371q8tt.default\extensions\ALone-live@ya.ru [2012-05-17 16:16:46 | 000,000,000 | ---D | M] (IDM CC) -- C:\Documents and Settings\Damian\Application Data\Mozilla\Firefox\Profiles\c371q8tt.default\extensions\mozilla_cc@internetdownloadmanager.com [2011-03-12 22:14:19 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Damian\Application Data\Mozilla\Firefox\Profiles\c371q8tt.default\extensions\personas@christopher.beard [2009-09-30 15:27:55 | 000,004,153 | ---- | M] () -- C:\Documents and Settings\Damian\Application Data\Mozilla\Firefox\Profiles\c371q8tt.default\searchplugins\youtube.xml [2012-03-23 21:39:08 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions [2011-05-28 11:05:52 | 000,000,000 | ---D | M] (vShare Add-On) -- D:\Program Files\Mozilla Firefox\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01} [2012-03-24 10:31:59 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2012-02-19 14:51:07 | 000,000,000 | ---D | M] (Anti-Banner) -- D:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2012-02-19 14:51:02 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- D:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2012-05-17 16:16:46 | 000,086,131 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\DAMIAN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\C371Q8TT.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI [2012-01-05 17:38:55 | 000,634,964 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\DAMIAN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\C371Q8TT.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012-01-21 20:20:10 | 000,138,614 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\DAMIAN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\C371Q8TT.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI [2011-09-18 16:57:28 | 000,087,923 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\DAMIAN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\C371Q8TT.DEFAULT\EXTENSIONS\{DD05FD3D-18DF-4CE4-AE53-E795339C5F01}.XPI [2012-02-11 22:37:16 | 000,709,293 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\DAMIAN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\C371Q8TT.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI [2011-08-21 17:20:50 | 000,010,043 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\DAMIAN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\C371Q8TT.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI [2010-08-15 15:13:09 | 000,000,000 | ---D | M] (Java Quick Starter) -- D:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2012-05-03 19:18:30 | 000,097,208 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll [2010-08-15 15:13:09 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-02-12 20:43:30 | 000,002,767 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-20 17:03:02 | 000,003,749 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2012-02-12 20:43:30 | 000,001,406 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-12 20:43:30 | 000,000,917 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-12 20:43:30 | 000,000,858 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-12 20:43:30 | 000,001,183 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-12 20:43:30 | 000,001,683 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google () CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} O1 HOSTS File: ([2012-05-12 16:30:20 | 000,000,066 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 googlesyndication.com O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (DDPL.net Toolbar) - {8c8e8536-8109-4f86-bea9-42136665f8f2} - D:\Program Files\DDPL.net\prxtbDDP0.dll (Conduit Ltd.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKLM\..\Toolbar: (DDPL.net Toolbar) - {8c8e8536-8109-4f86-bea9-42136665f8f2} - D:\Program Files\DDPL.net\prxtbDDP0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-515967899-1604221776-725345543-1003\..\Toolbar\WebBrowser: (DDPL.net Toolbar) - {8C8E8536-8109-4F86-BEA9-42136665F8F2} - D:\Program Files\DDPL.net\prxtbDDP0.dll (Conduit Ltd.) O4 - HKLM..\Run: [AVP] D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO) O4 - HKU\S-1-5-21-515967899-1604221776-725345543-1003..\Run: [AQQ] D:\Program Files\Wapster\WapSter AQQ\AQQ.exe (Creative Team S.A.) O4 - HKU\S-1-5-21-515967899-1604221776-725345543-1003..\Run: [IDMan] D:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-515967899-1604221776-725345543-1010..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-515967899-1604221776-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-515967899-1604221776-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-515967899-1604221776-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-515967899-1604221776-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-21-515967899-1604221776-725345543-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-515967899-1604221776-725345543-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: Add to Anti-Banner - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm () O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Ściągnij przez IDM - D:\Program Files\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - D:\Program Files\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - D:\Program Files\Internet Download Manager\IEGetVL.htm () O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-21-515967899-1604221776-725345543-1003\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA6FD0A8-BAD4-468C-B625-2F8AF8DAAFB5}: DhcpNameServer = 217.172.224.160 89.231.1.206 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO) O24 - Desktop WallPaper: C:\Documents and Settings\Damian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Damian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007-07-30 17:30:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (OODBS) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-06-02 11:38:37 | 000,595,968 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Damian\Desktop\OTL.exe [2012-06-01 12:22:09 | 003,507,784 | ---- | C] (Piriform Ltd) -- D:\Documents and Settings\Damian\Desktop\dfsetup210.exe [2012-05-25 17:54:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\P5JavaClientSettings [2012-05-25 17:54:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Damian\Local Settings\Application Data\P5 [2012-05-24 17:55:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Damian\Desktop\KIS [2012-05-03 19:18:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla [2012-05-03 19:18:45 | 000,000,000 | ---D | C] -- D:\Program Files\Mozilla Maintenance Service [2011-01-31 20:12:32 | 001,011,784 | ---- | C] (LogMeIn Inc.) -- C:\Documents and Settings\Damian\Local Settings\Application Data\HamachiSetup-1.0.3.0-en.exe [8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-06-02 11:38:37 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Damian\Desktop\OTL.exe [2012-06-02 11:33:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-06-02 11:33:05 | 000,278,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-06-02 11:33:00 | 001,034,836 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor [2012-06-02 11:14:53 | 000,302,592 | ---- | M] () -- D:\Documents and Settings\Damian\Desktop\ht5zsuf2.exe [2012-06-01 12:22:09 | 003,507,784 | ---- | M] (Piriform Ltd) -- D:\Documents and Settings\Damian\Desktop\dfsetup210.exe [2012-05-30 10:07:48 | 000,508,192 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-05-30 10:07:48 | 000,090,778 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-05-24 15:26:55 | 000,127,488 | ---- | M] () -- C:\Documents and Settings\Damian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-06-02 11:14:53 | 000,302,592 | ---- | C] () -- D:\Documents and Settings\Damian\Desktop\ht5zsuf2.exe [2012-02-20 23:19:31 | 000,175,608 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2012-02-19 14:55:02 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Damian\Local Settings\Application Data\WebpageIcons.db [2012-02-19 14:51:12 | 000,115,369 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2012-02-19 14:51:11 | 000,097,961 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2012-02-17 20:42:12 | 000,000,200 | ---- | C] () -- C:\WINDOWS\LODERUNN.INI [2012-02-17 20:33:11 | 000,000,530 | ---- | C] () -- C:\WINDOWS\sierra.ini [2011-08-21 11:33:04 | 000,207,360 | ---- | C] () -- C:\WINDOWS\System32\evrprop.dll [2011-08-21 11:20:35 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2011-05-27 15:10:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\IFinst27.exe [2011-05-11 20:41:32 | 000,020,458 | ---- | C] () -- C:\WINDOWS\hpoins01.dat.temp [2011-05-11 20:41:32 | 000,016,622 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat.temp [2011-05-11 19:47:48 | 000,020,458 | ---- | C] () -- C:\WINDOWS\hpoins01.dat [2011-05-11 19:47:48 | 000,016,622 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat [2011-03-27 11:15:46 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2011-03-27 11:15:45 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2011-03-27 10:51:06 | 000,227,587 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2011-03-11 13:43:54 | 000,029,763 | ---- | C] () -- C:\WINDOWS\System32\drivers\klopp.dat [2011-01-31 20:12:32 | 001,420,256 | ---- | C] () -- C:\Documents and Settings\Damian\Local Settings\Application Data\libeay32.dll [2011-01-31 20:12:32 | 000,306,052 | ---- | C] () -- C:\Documents and Settings\Damian\Local Settings\Application Data\libssl32.dll [2011-01-31 20:12:32 | 000,091,648 | ---- | C] () -- C:\Documents and Settings\Damian\Local Settings\Application Data\stunnel.exe [2011-01-31 20:12:32 | 000,074,240 | ---- | C] () -- C:\Documents and Settings\Damian\Local Settings\Application Data\zlib1.dll [2011-01-31 20:12:32 | 000,065,024 | ---- | C] () -- C:\Documents and Settings\Damian\Local Settings\Application Data\GoalServer2009.exe [2011-01-31 20:12:32 | 000,041,984 | ---- | C] () -- C:\Documents and Settings\Damian\Local Settings\Application Data\GoalWebServer2009.exe [2011-01-31 20:12:32 | 000,029,061 | ---- | C] () -- C:\Documents and Settings\Damian\Local Settings\Application Data\stunnel.html [2011-01-31 20:12:32 | 000,001,375 | ---- | C] () -- C:\Documents and Settings\Damian\Local Settings\Application Data\pes09.crt [2011-01-31 20:12:32 | 000,001,177 | ---- | C] () -- C:\Documents and Settings\Damian\Local Settings\Application Data\stunnel.conf [2011-01-31 20:12:32 | 000,000,887 | ---- | C] () -- C:\Documents and Settings\Damian\Local Settings\Application Data\pes09.key [2011-01-31 20:12:31 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Damian\Local Settings\Application Data\crt.vbs [2011-01-31 20:12:31 | 000,000,495 | ---- | C] () -- C:\Documents and Settings\Damian\Local Settings\Application Data\check.vbs [2011-01-26 16:09:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HMHud.INI [2011-01-17 18:13:09 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe [2010-12-11 12:08:00 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Damian\Application Data\PnkBstrK.sys [2010-12-11 12:07:40 | 002,434,856 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_bc2.exe [2010-12-08 17:07:08 | 000,000,042 | ---- | C] () -- C:\WINDOWS\oodjobd.INI [2010-12-04 00:12:46 | 000,324,384 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-515967899-1604221776-725345543-1003-0.dat [2010-12-04 00:12:30 | 000,287,982 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2010-11-04 16:26:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2010-09-26 16:23:23 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\Zlib.dll [2010-09-26 16:21:57 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\shellses.dll [2010-09-26 16:18:45 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2010-08-24 12:20:18 | 000,005,077 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bltofzsb.qlf [2010-07-12 12:51:27 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll [color=#E56717]========== LOP Check ==========[/color] [2007-08-04 22:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis [2010-03-17 17:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\All-Pro Software [2012-02-20 17:02:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files [2011-05-21 12:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2011-05-21 13:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts [2010-11-27 19:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit [2009-08-21 19:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ipla [2010-08-20 18:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS [2011-08-21 13:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mirillis [2012-03-05 20:30:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC1Data [2012-01-20 16:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010-01-05 15:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TP-LINK Driver [2011-04-08 15:00:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software [2011-04-08 14:57:54 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} [2009-04-10 20:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2007-08-25 13:27:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Acronis [2011-08-21 11:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\AIMP [2012-04-09 15:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Babylon [2010-06-21 16:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\BILEVSE [2011-05-21 12:43:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\DAEMON Tools Lite [2010-12-03 20:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Dev-Cpp [2012-06-02 11:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\DMCache [2009-05-18 19:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Docx2Rtf [2008-10-05 20:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Echo Software [2007-08-02 13:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\EFSoftware [2011-06-19 12:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\EurekaLog [2007-08-25 21:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Filter Forge [2008-06-24 15:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\fltk.org [2008-09-03 21:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Gadu-Gadu [2010-10-31 13:00:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\GetRightToGo [2009-12-13 12:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\gtk-2.0 [2011-08-05 10:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\HandBrake [2011-07-13 09:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\HEM Data [2008-12-30 17:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\HEXelon [2012-02-20 16:42:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\IDM [2009-08-31 10:02:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\ipla [2008-01-05 22:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Leadertech [2011-07-10 19:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Microgaming [2011-08-21 13:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Mirillis [2008-05-24 10:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\MSNInstaller [2009-08-08 13:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Music Recognition [2011-03-01 16:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\New Technology Studio [2009-05-18 19:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\NwDocx [2008-06-24 09:14:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Opera [2012-03-05 20:30:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\PC Cleaners [2012-03-05 20:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\PCPro [2010-02-14 11:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Piechnat Soft [2010-06-27 10:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\PowerChallenge [2007-12-01 23:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\PrevxCSI [2010-04-28 18:32:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\qs [2011-01-26 16:11:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Roaming [2011-03-20 21:28:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Stellarium [2011-05-28 09:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\SystemRequirementsLab [2009-02-01 22:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Teleca [2011-10-23 15:59:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Thinstall [2010-12-24 12:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Thunderbird [2012-04-22 17:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Topckit [2011-06-16 09:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Transcend [2011-04-08 15:12:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\TuneUp Software [2011-03-02 22:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Unity [2011-12-26 18:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Utherverse [2012-05-12 11:39:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\uTorrent [2008-02-02 17:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\ViStart [2007-12-08 12:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Vso [2009-08-27 21:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\Webcammax [2010-08-08 11:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Application Data\YoudaGames [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CEFE51A @Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C4252FE0 < End of report >