OTL logfile created on: 27/02/2013 09:42:42 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Prz3mek\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.96 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 32.49% Memory free 6.16 Gb Paging File | 3.91 Gb Available in Paging File | 63.43% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 72.66 Gb Total Space | 12.85 Gb Free Space | 17.69% Space Free | Partition Type: NTFS Drive D: | 14.65 Gb Total Space | 0.82 Gb Free Space | 5.56% Space Free | Partition Type: NTFS Drive G: | 61.70 Gb Total Space | 24.73 Gb Free Space | 40.09% Space Free | Partition Type: NTFS Computer Name: PRZ3MEK-PC | User Name: Prz3mek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/02/27 09:42:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Prz3mek\Desktop\OTL.exe PRC - [2013/02/10 16:00:14 | 000,013,824 | ---- | M] (Smartbar) -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\QuickShare.exe PRC - [2013/01/16 16:27:06 | 002,550,224 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe PRC - [2012/11/28 21:54:32 | 000,100,864 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\StrongVault\StrongVaultBrowser.exe PRC - [2012/10/04 15:34:36 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe PRC - [2012/09/07 19:04:41 | 000,359,424 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\StrongVaultApp.exe PRC - [2012/08/15 18:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe PRC - [2012/07/27 20:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/07/19 20:57:32 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2012/07/14 10:42:15 | 000,874,384 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2012/07/14 10:42:15 | 000,800,656 | ---- | M] (Opera Software) -- C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe PRC - [2012/06/28 15:41:58 | 002,206,888 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winamp.exe PRC - [2011/09/15 10:38:54 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\O2 Assistant\bin\sprtsvc.exe PRC - [2011/09/15 10:38:54 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\O2 Assistant\bin\tgsrvc.exe PRC - [2011/09/15 10:38:52 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\O2 Assistant\bin\sprtcmd.exe PRC - [2011/01/17 18:50:30 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2011/01/17 18:50:30 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2010/04/05 19:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe PRC - [2008/11/18 19:19:28 | 000,483,420 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe PRC - [2008/11/17 18:22:44 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.exe PRC - [2008/10/29 06:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/08/01 22:12:24 | 000,200,704 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe PRC - [2008/06/30 09:36:44 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe PRC - [2008/03/21 19:32:04 | 000,046,376 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe PRC - [2008/01/21 02:24:43 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe PRC - [2008/01/21 02:24:13 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2007/10/25 16:23:36 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/02/26 22:25:15 | 014,718,320 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_171.dll MOD - [2013/02/10 16:00:12 | 000,023,040 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll MOD - [2013/02/10 16:00:10 | 001,575,424 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll MOD - [2013/02/10 16:00:10 | 000,037,888 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll MOD - [2013/02/10 16:00:08 | 000,007,680 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll MOD - [2013/02/10 15:57:20 | 000,650,240 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll MOD - [2013/02/10 15:57:16 | 000,040,960 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\MACTrackBarLib.dll MOD - [2013/02/10 15:57:12 | 000,044,032 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll MOD - [2013/02/10 15:57:10 | 000,051,200 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll MOD - [2013/02/10 15:57:08 | 000,073,728 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll MOD - [2013/02/10 15:57:06 | 000,062,976 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll MOD - [2013/02/10 15:57:06 | 000,018,944 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll MOD - [2013/02/10 15:57:06 | 000,013,312 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll MOD - [2013/02/10 15:57:06 | 000,006,144 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll MOD - [2013/02/10 15:57:04 | 000,012,800 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll MOD - [2013/02/10 15:57:02 | 000,074,752 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll MOD - [2013/02/10 15:57:02 | 000,012,288 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll MOD - [2013/02/10 15:57:02 | 000,009,728 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll MOD - [2013/02/10 15:57:02 | 000,007,168 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll MOD - [2013/02/10 15:57:02 | 000,007,168 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll MOD - [2013/01/25 13:55:33 | 000,911,432 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll MOD - [2013/01/16 16:27:06 | 002,550,224 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe MOD - [2013/01/16 16:26:01 | 002,212,304 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll MOD - [2012/11/28 21:54:32 | 000,100,864 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\StrongVault\StrongVaultBrowser.exe MOD - [2012/10/25 21:57:37 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll MOD - [2012/09/07 19:04:41 | 000,359,424 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\StrongVaultApp.exe MOD - [2012/07/28 11:55:52 | 000,181,760 | ---- | M] () -- C:\Program Files\Winamp\System\vp6.w5s MOD - [2012/07/28 11:55:52 | 000,091,136 | ---- | M] () -- C:\Program Files\Winamp\System\xml.w5s MOD - [2012/07/28 11:55:52 | 000,083,968 | ---- | M] () -- C:\Program Files\Winamp\tataki.dll MOD - [2012/07/28 11:55:52 | 000,064,512 | ---- | M] () -- C:\Program Files\Winamp\zlib.dll MOD - [2012/07/28 11:55:52 | 000,035,328 | ---- | M] () -- C:\Program Files\Winamp\System\timer.w5s MOD - [2012/07/28 11:55:51 | 000,656,384 | ---- | M] () -- C:\Program Files\Winamp\System\h264.w5s MOD - [2012/07/28 11:55:51 | 000,623,616 | ---- | M] () -- C:\Program Files\Winamp\System\jnetlib.w5s MOD - [2012/07/28 11:55:51 | 000,201,728 | ---- | M] () -- C:\Program Files\Winamp\System\mp4v.w5s MOD - [2012/07/28 11:55:51 | 000,174,080 | ---- | M] () -- C:\Program Files\Winamp\System\auth.w5s MOD - [2012/07/28 11:55:51 | 000,154,624 | ---- | M] () -- C:\Program Files\Winamp\System\jpeg.w5s MOD - [2012/07/28 11:55:51 | 000,087,552 | ---- | M] () -- C:\Program Files\Winamp\System\png.w5s MOD - [2012/07/28 11:55:51 | 000,084,480 | ---- | M] () -- C:\Program Files\Winamp\System\playlist.w5s MOD - [2012/07/28 11:55:51 | 000,044,544 | ---- | M] () -- C:\Program Files\Winamp\System\devices.w5s MOD - [2012/07/28 11:55:51 | 000,023,552 | ---- | M] () -- C:\Program Files\Winamp\System\albumart.w5s MOD - [2012/07/28 11:55:51 | 000,021,504 | ---- | M] () -- C:\Program Files\Winamp\System\tagz.w5s MOD - [2012/07/28 11:55:51 | 000,019,456 | ---- | M] () -- C:\Program Files\Winamp\System\gif.w5s MOD - [2012/07/28 11:55:51 | 000,019,456 | ---- | M] () -- C:\Program Files\Winamp\System\bmp.w5s MOD - [2012/07/28 11:55:51 | 000,016,896 | ---- | M] () -- C:\Program Files\Winamp\System\dlmgr.w5s MOD - [2012/07/28 11:55:51 | 000,016,384 | ---- | M] () -- C:\Program Files\Winamp\System\gracenote.w5s MOD - [2012/07/28 11:55:51 | 000,014,336 | ---- | M] () -- C:\Program Files\Winamp\System\filereader.w5s MOD - [2012/07/28 11:55:51 | 000,013,824 | ---- | M] () -- C:\Program Files\Winamp\System\primo.w5s MOD - [2012/07/28 11:55:51 | 000,012,288 | ---- | M] () -- C:\Program Files\Winamp\System\pcm.w5s MOD - [2012/07/28 11:55:50 | 000,922,112 | ---- | M] () -- C:\Program Files\Winamp\System\aacdec.w5s MOD - [2012/07/28 11:55:50 | 000,015,872 | ---- | M] () -- C:\Program Files\Winamp\System\adpcm.w5s MOD - [2012/07/28 11:55:49 | 000,170,496 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_ipod.dll MOD - [2012/07/28 11:55:49 | 000,118,272 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_p4s.dll MOD - [2012/07/28 11:55:49 | 000,113,664 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_wifi.dll MOD - [2012/07/28 11:55:49 | 000,053,760 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_usb.dll MOD - [2012/07/28 11:55:49 | 000,020,480 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_njb.dll MOD - [2012/07/28 11:55:48 | 000,060,928 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_android.dll MOD - [2012/07/28 11:55:48 | 000,052,224 | ---- | M] () -- C:\Program Files\Winamp\Plugins\out_ds.dll MOD - [2012/07/28 11:55:48 | 000,022,528 | ---- | M] () -- C:\Program Files\Winamp\Plugins\out_disk.dll MOD - [2012/07/28 11:55:48 | 000,018,432 | ---- | M] () -- C:\Program Files\Winamp\Plugins\out_wave.dll MOD - [2012/07/28 11:55:47 | 000,240,640 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_pmp.dll MOD - [2012/07/28 11:55:47 | 000,084,480 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_playlists.dll MOD - [2012/07/28 11:55:47 | 000,083,456 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_plg.dll MOD - [2012/07/28 11:55:47 | 000,033,792 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_rg.dll MOD - [2012/07/28 11:55:47 | 000,032,256 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_transcode.dll MOD - [2012/07/28 11:55:46 | 000,294,912 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_local.dll MOD - [2012/07/28 11:55:46 | 000,201,728 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_disc.dll MOD - [2012/07/28 11:55:46 | 000,124,928 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_online.dll MOD - [2012/07/28 11:55:46 | 000,057,344 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_impex.dll MOD - [2012/07/28 11:55:46 | 000,052,224 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_history.dll MOD - [2012/07/28 11:55:45 | 000,313,344 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_wm.dll MOD - [2012/07/28 11:55:45 | 000,249,856 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_devices.dll MOD - [2012/07/28 11:55:45 | 000,028,672 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_bookmarks.dll MOD - [2012/07/28 11:55:45 | 000,028,672 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_autotag.dll MOD - [2012/07/28 11:55:45 | 000,016,896 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_wave.dll MOD - [2012/07/28 11:55:44 | 000,290,816 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_mp3.dll MOD - [2012/07/28 11:55:44 | 000,253,440 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_vorbis.dll MOD - [2012/07/28 11:55:44 | 000,164,864 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_mod.dll MOD - [2012/07/28 11:55:44 | 000,109,568 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_midi.dll MOD - [2012/07/28 11:55:44 | 000,102,400 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_cdda.dll MOD - [2012/07/28 11:55:44 | 000,075,264 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_nsv.dll MOD - [2012/07/28 11:55:44 | 000,072,192 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_dshow.dll MOD - [2012/07/28 11:55:44 | 000,068,608 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_avi.dll MOD - [2012/07/28 11:55:44 | 000,061,440 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_flac.dll MOD - [2012/07/28 11:55:44 | 000,052,736 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_mp4.dll MOD - [2012/07/28 11:55:44 | 000,049,152 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_mkv.dll MOD - [2012/07/28 11:55:44 | 000,043,008 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_flv.dll MOD - [2012/07/28 11:55:44 | 000,023,552 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_swf.dll MOD - [2012/07/28 11:55:44 | 000,007,168 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_linein.dll MOD - [2012/07/28 11:55:43 | 000,318,976 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_ml.dll MOD - [2012/07/28 11:55:43 | 000,057,344 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_orgler.dll MOD - [2012/07/28 11:55:43 | 000,025,600 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_tray.dll MOD - [2012/07/28 11:55:42 | 001,737,728 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_ff.dll MOD - [2012/07/28 11:55:42 | 000,340,992 | ---- | M] () -- C:\Program Files\Winamp\Plugins\freeform\wacs\freetype\freetype.wac MOD - [2012/07/28 11:55:42 | 000,185,344 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_jumpex.dll MOD - [2012/07/28 11:55:42 | 000,028,160 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_hotkeys.dll MOD - [2012/07/28 11:55:41 | 000,417,280 | ---- | M] () -- C:\Program Files\Winamp\nsutil.dll MOD - [2012/07/28 11:55:41 | 000,078,848 | ---- | M] () -- C:\Program Files\Winamp\nde.dll MOD - [2012/07/28 11:55:40 | 000,253,440 | ---- | M] () -- C:\Program Files\Winamp\libsndfile.dll MOD - [2012/07/17 02:07:26 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e3180b4230f052996adb81da3dc64ad0\System.Management.ni.dll MOD - [2012/07/17 02:06:34 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\80bd17388778c90f301746ad88700758\CustomMarshalers.ni.dll MOD - [2012/07/17 02:06:03 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\81a310f5bd696b74485a513680672a5e\System.Web.Services.ni.dll MOD - [2012/07/17 02:06:03 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll MOD - [2012/07/17 02:06:01 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll MOD - [2012/07/17 02:06:00 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\1c06ada12457242969cdc35d5af12b01\System.EnterpriseServices.ni.dll MOD - [2012/07/17 02:05:59 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\fdbb4d76b37aada9010c49a6e09da067\System.Transactions.ni.dll MOD - [2012/07/17 02:05:58 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll MOD - [2012/07/17 02:05:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll MOD - [2012/07/16 22:41:24 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll MOD - [2012/07/16 22:41:04 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll MOD - [2012/07/16 22:40:53 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll MOD - [2012/07/16 22:40:35 | 006,616,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ca69ec9d6589d3526ee38212ef28e2bb\System.Data.ni.dll MOD - [2012/07/16 22:40:29 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\f4767076b1a225e440db402bbabf5a14\System.Core.ni.dll MOD - [2012/07/16 22:39:41 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll MOD - [2012/07/16 22:39:33 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll MOD - [2012/07/14 10:42:16 | 000,783,360 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll MOD - [2012/07/14 10:42:16 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll MOD - [2012/07/14 10:42:16 | 000,276,480 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll MOD - [2012/07/14 10:42:16 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll MOD - [2012/07/14 10:42:16 | 000,099,840 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll MOD - [2012/07/14 10:42:16 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll MOD - [2012/07/14 10:42:16 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll MOD - [2012/07/14 10:42:16 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll MOD - [2012/07/14 10:42:16 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll MOD - [2012/07/14 10:42:16 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll MOD - [2012/07/14 10:42:16 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll MOD - [2012/07/14 10:42:16 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll MOD - [2012/07/14 10:42:16 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll MOD - [2012/05/15 18:00:00 | 003,449,344 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax MOD - [2008/11/17 06:29:10 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll MOD - [2008/07/27 18:03:15 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2008/07/27 18:03:15 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MOD - [2008/07/27 18:03:11 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013/02/26 22:25:17 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/01/16 16:27:06 | 002,550,224 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect) SRV - [2013/01/09 20:11:54 | 000,109,064 | ---- | M] (Wajam) [On_Demand | Stopped] -- C:\Program Files\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater) SRV - [2012/07/27 20:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/07/03 12:19:28 | 000,160,944 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011/09/15 10:38:58 | 000,383,408 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist) SRV - [2011/09/15 10:38:54 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\O2 Assistant\bin\sprtsvc.exe -- (sprtsvc_O2DA) SRV - [2011/09/15 10:38:54 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\O2 Assistant\bin\tgsrvc.exe -- (tgsrvc_O2DA) SRV - [2010/04/05 19:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) SRV - [2008/11/18 19:19:28 | 000,241,746 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.exe -- (STacSV) SRV - [2008/11/17 18:22:44 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.exe -- (AESTFilters) SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme) DRV - [2010/07/12 12:49:18 | 000,060,104 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS) DRV - [2009/10/22 14:09:34 | 000,072,520 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K) DRV - [2009/03/19 16:02:00 | 000,271,552 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA009Vid.sys -- (OA009Vid) DRV - [2009/03/06 06:30:08 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA009Ufd.sys -- (OA009Ufd) DRV - [2008/11/18 19:19:28 | 000,393,216 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008/11/17 06:29:08 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY) DRV - [2008/07/24 17:42:48 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idd&from=idd&uid=5VC4X2PJ_ST9160314AS&ts=1351202013 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=110825&babsrc=HP_ss&mntrId=621ff50400000000000000256449a2a4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=GB&userid=eed2ff79-5fcf-4d0f-89b5-07da542a89d5&searchtype=ds&q={searchTerms}&installDate=01/01/1970 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=GB&userid=eed2ff79-5fcf-4d0f-89b5-07da542a89d5&searchtype=ds&q={searchTerms}&installDate=01/01/1970 IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=GB&userid=eed2ff79-5fcf-4d0f-89b5-07da542a89d5&searchtype=ds&q={searchTerms}&installDate=01/01/1970 IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=121240&babsrc=SP_ss&mntrId=621ff50400000000000000256449a2a4 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/02/24 12:13:25 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.6.6\FF [2012/08/04 13:57:12 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013/01/25 13:58:53 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013/02/08 16:30:02 | 000,037,909 | ---- | M] () [2012/11/11 15:57:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=GB&userid=eed2ff79-5fcf-4d0f-89b5-07da542a89d5&searchtype=hp&installDate=01/01/1970 CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=GB&userid=eed2ff79-5fcf-4d0f-89b5-07da542a89d5&searchtype=hp&installDate=01/01/1970 CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: QuickShare Widget = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\ CHR - Extension: PriceGong = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.6_0\ CHR - Extension: Delta Toolbar = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\ CHR - Extension: SweetIM for Facebook = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ CHR - Extension: Wajam = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\ CHR - Extension: Giant Savings = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndkhncnongaclekkbelchmeafffimifj\1.20.43_0\crossrider CHR - Extension: Giant Savings = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndkhncnongaclekkbelchmeafffimifj\1.20.43_0\ CHR - Extension: Yontoo = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\ CHR - Extension: BrowserProtect = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\ CHR - Extension: QuickShare Widget = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\ CHR - Extension: PriceGong = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.6_0\ CHR - Extension: Delta Toolbar = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\ CHR - Extension: SweetIM for Facebook = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ CHR - Extension: Wajam = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\ CHR - Extension: Giant Savings = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndkhncnongaclekkbelchmeafffimifj\1.20.43_0\crossrider CHR - Extension: Giant Savings = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndkhncnongaclekkbelchmeafffimifj\1.20.43_0\ CHR - Extension: Yontoo = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\ CHR - Extension: BrowserProtect = C:\Users\Prz3mek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\ O1 HOSTS File: ([2013/02/25 21:36:04 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [O2DA] C:\Program Files\O2 Assistant\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\Prz3mek\AppData\Local\Smartbar\Application\QuickShare.exe (Smartbar) O4 - HKCU..\Run: [ODJvPpaotTb.exe] C:\ProgramData\ODJvPpaotTb.exe File not found O4 - Startup: C:\Users\Prz3mek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3FCE73CA-B6C0-4F5A-A1B2-4DECA8AC9BA1}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D19E473C-281E-4AB6-982E-8A2BFB640D89}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (egistry\Machine\Software\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Prz3mek\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Prz3mek\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/02/27 09:42:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Prz3mek\Desktop\OTL.exe [2013/02/25 21:58:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013/02/25 21:45:54 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013/02/25 21:36:10 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/02/25 20:55:25 | 000,000,000 | ---D | C] -- C:\ComboFix [2013/02/25 06:21:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [2013/02/25 06:16:38 | 000,000,000 | ---D | C] -- C:\Users\Prz3mek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam [2013/02/25 06:16:34 | 000,000,000 | ---D | C] -- C:\Users\Prz3mek\AppData\Local\Wajam [2013/02/25 06:16:32 | 000,000,000 | ---D | C] -- C:\Program Files\Wajam [2013/02/25 06:15:19 | 000,000,000 | ---D | C] -- C:\Program Files\Delta [2013/02/25 06:15:02 | 000,000,000 | ---D | C] -- C:\Users\Prz3mek\AppData\Roaming\Delta [2013/02/24 21:42:26 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2013/02/24 21:38:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2013/02/24 13:52:25 | 000,000,000 | ---D | C] -- C:\Users\Prz3mek\AppData\Local\temp [2013/02/24 11:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETOS [2013/02/19 11:22:29 | 000,000,000 | ---D | C] -- C:\Users\Prz3mek\AppData\Roaming\RealNetworks [2013/02/15 19:26:12 | 000,000,000 | ---D | C] -- C:\Users\Prz3mek\Desktop\New Folder [2013/02/15 11:25:45 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll [2013/02/15 11:25:43 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2013/02/11 21:38:37 | 000,000,000 | ---D | C] -- C:\Users\Prz3mek\Desktop\kubus [2013/02/04 20:55:30 | 000,000,000 | ---D | C] -- C:\Users\Prz3mek\Desktop\ebbay [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2098/01/01 02:00:00 | 000,398,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System\VBRUN300.DLL [2013/02/27 09:42:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Prz3mek\Desktop\OTL.exe [2013/02/27 09:22:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/02/27 09:12:14 | 367,749,120 | ---- | M] () -- C:\Users\Prz3mek\Desktop\Cobra 11 S26E09 202 Ukochany wróg.avi [2013/02/27 08:59:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/02/27 08:45:13 | 367,933,440 | ---- | M] () -- C:\Users\Prz3mek\Desktop\Cobra 11 S26E08 201 ren w płomieniach.avi [2013/02/27 08:21:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/02/27 00:09:07 | 000,003,712 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013/02/27 00:09:07 | 000,003,712 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013/02/26 22:25:16 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013/02/26 22:25:16 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013/02/26 15:59:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/02/25 21:55:30 | 000,609,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/02/25 21:55:30 | 000,108,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/02/25 21:48:53 | 3181,760,512 | -HS- | M] () -- C:\hiberfil.sys [2013/02/25 21:36:04 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2013/02/24 11:47:50 | 000,000,168 | ---- | M] () -- C:\ProgramData\-ODJvPpaotTbr [2013/02/24 11:47:50 | 000,000,152 | ---- | M] () -- C:\ProgramData\-ODJvPpaotTb [2013/02/24 09:51:02 | 000,006,525 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\4a97b932-1518-4a51-adff-15dba9fce71d.crx [2013/02/20 22:44:50 | 735,221,760 | ---- | M] () -- C:\Users\Prz3mek\Desktop\Mroczna dzielnica (PL 2001).avi [2013/02/19 15:04:42 | 010,865,664 | ---- | M] () -- C:\Users\Prz3mek\Documents\Kalendarz.wps [2013/02/19 15:04:42 | 000,008,874 | ---- | M] () -- C:\Users\Prz3mek\AppData\Roaming\wklnhst.dat [2013/02/16 17:23:40 | 000,010,353 | ---- | M] () -- C:\Users\Prz3mek\Desktop\thumb801241154408654.jpg [2013/02/16 14:12:20 | 000,135,946 | ---- | M] () -- C:\Users\Prz3mek\Desktop\$(KGrHqRHJBgE-Qyj9ZQ!BPmfz)gZYQ~~60_12.JPG [2013/02/16 14:12:12 | 000,152,421 | ---- | M] () -- C:\Users\Prz3mek\Desktop\$(KGrHqNHJEoE912FcOh1BPmfzop2lg~~60_12.JPG [2013/02/16 14:11:29 | 001,198,907 | ---- | M] () -- C:\Users\Prz3mek\Desktop\organizer_after.png [2013/02/16 13:15:09 | 000,106,639 | ---- | M] () -- C:\Users\Prz3mek\Desktop\przybornik-na-biurko.jpg [2013/02/16 13:13:36 | 000,105,729 | ---- | M] () -- C:\Users\Prz3mek\Desktop\DSCF6482.jpg [2013/02/15 11:26:08 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2013/02/12 20:27:43 | 032,904,504 | ---- | M] () -- C:\Users\Prz3mek\Desktop\setuppol.exe [2013/02/10 18:37:05 | 000,009,241 | ---- | M] () -- C:\Users\Prz3mek\Desktop\780979.jpg [2013/02/10 18:34:21 | 000,039,819 | ---- | M] () -- C:\Users\Prz3mek\Desktop\$(KGrHqN,!n8FD-vP8Nv0BRECRYmb(Q~~60_12.JPG [2013/02/09 22:43:46 | 012,719,616 | ---- | M] () -- C:\Users\Prz3mek\Documents\Kalendarzl.wps [2013/02/08 18:05:23 | 000,005,632 | ---- | M] () -- C:\Users\Prz3mek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/02/08 11:07:52 | 000,006,658 | ---- | M] () -- C:\Users\Prz3mek\Desktop\ff.jpeg [2013/02/07 10:50:50 | 000,010,124 | ---- | M] () -- C:\Users\Prz3mek\Desktop\f.jpeg [2013/02/05 13:42:53 | 000,004,316 | ---- | M] () -- C:\Users\Prz3mek\Desktop\u.jpeg [2013/02/05 13:42:31 | 000,005,485 | ---- | M] () -- C:\Users\Prz3mek\Desktop\default5.jpeg [2013/02/05 13:42:17 | 000,007,521 | ---- | M] () -- C:\Users\Prz3mek\Desktop\default.jpeg [2013/02/05 13:42:11 | 000,042,553 | ---- | M] () -- C:\Users\Prz3mek\Desktop\lego-duplo-passenger-plane.jpg [2013/02/03 19:36:51 | 000,629,763 | ---- | M] () -- C:\Users\Prz3mek\Desktop\SOCZEWKI Receipt _ WeLoveLenses.mht [2013/01/29 13:43:51 | 000,000,744 | ---- | M] () -- C:\Users\Prz3mek\Desktop\Listen to the phonic sounds - Shortcut.lnk [2013/01/29 13:41:33 | 000,000,764 | ---- | M] () -- C:\Users\Prz3mek\Desktop\JP WYMOWA WSZYSTKICH KOMBINACJI - Shortcut.lnk [2013/01/29 13:37:05 | 000,000,889 | ---- | M] () -- C:\Users\Prz3mek\Desktop\Hear the letter sounds « « Jolly Learning Jolly Learning - Shortcut.lnk [2013/01/29 13:35:27 | 000,000,699 | ---- | M] () -- C:\Users\Prz3mek\Desktop\Hear it The Sounds - Shortcut.lnk [2013/01/29 13:34:11 | 000,000,819 | ---- | M] () -- C:\Users\Prz3mek\Desktop\GAMES STARRRRRRRRRRRRRRRR Learning Phonics - Shortcut.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/02/27 08:51:51 | 367,749,120 | ---- | C] () -- C:\Users\Prz3mek\Desktop\Cobra 11 S26E09 202 Ukochany wróg.avi [2013/02/27 08:23:54 | 367,933,440 | ---- | C] () -- C:\Users\Prz3mek\Desktop\Cobra 11 S26E08 201 ren w płomieniach.avi [2013/02/24 21:21:14 | 3181,760,512 | -HS- | C] () -- C:\hiberfil.sys [2013/02/24 11:47:50 | 000,000,168 | ---- | C] () -- C:\ProgramData\-ODJvPpaotTbr [2013/02/24 11:47:50 | 000,000,152 | ---- | C] () -- C:\ProgramData\-ODJvPpaotTb [2013/02/24 09:40:45 | 000,006,525 | ---- | C] () -- C:\Users\Prz3mek\AppData\Local\4a97b932-1518-4a51-adff-15dba9fce71d.crx [2013/02/20 22:04:28 | 735,221,760 | ---- | C] () -- C:\Users\Prz3mek\Desktop\Mroczna dzielnica (PL 2001).avi [2013/02/16 17:23:40 | 000,010,353 | ---- | C] () -- C:\Users\Prz3mek\Desktop\thumb801241154408654.jpg [2013/02/16 14:12:20 | 000,135,946 | ---- | C] () -- C:\Users\Prz3mek\Desktop\$(KGrHqRHJBgE-Qyj9ZQ!BPmfz)gZYQ~~60_12.JPG [2013/02/16 14:12:12 | 000,152,421 | ---- | C] () -- C:\Users\Prz3mek\Desktop\$(KGrHqNHJEoE912FcOh1BPmfzop2lg~~60_12.JPG [2013/02/16 14:11:29 | 001,198,907 | ---- | C] () -- C:\Users\Prz3mek\Desktop\organizer_after.png [2013/02/16 13:15:08 | 000,106,639 | ---- | C] () -- C:\Users\Prz3mek\Desktop\przybornik-na-biurko.jpg [2013/02/16 13:13:36 | 000,105,729 | ---- | C] () -- C:\Users\Prz3mek\Desktop\DSCF6482.jpg [2013/02/12 20:24:33 | 032,904,504 | ---- | C] () -- C:\Users\Prz3mek\Desktop\setuppol.exe [2013/02/10 18:37:05 | 000,009,241 | ---- | C] () -- C:\Users\Prz3mek\Desktop\780979.jpg [2013/02/10 18:34:21 | 000,039,819 | ---- | C] () -- C:\Users\Prz3mek\Desktop\$(KGrHqN,!n8FD-vP8Nv0BRECRYmb(Q~~60_12.JPG [2013/02/08 11:07:52 | 000,006,658 | ---- | C] () -- C:\Users\Prz3mek\Desktop\ff.jpeg [2013/02/07 10:50:49 | 000,010,124 | ---- | C] () -- C:\Users\Prz3mek\Desktop\f.jpeg [2013/02/06 22:06:33 | 012,719,616 | ---- | C] () -- C:\Users\Prz3mek\Documents\Kalendarzl.wps [2013/02/05 13:42:52 | 000,004,316 | ---- | C] () -- C:\Users\Prz3mek\Desktop\u.jpeg [2013/02/05 13:42:30 | 000,005,485 | ---- | C] () -- C:\Users\Prz3mek\Desktop\default5.jpeg [2013/02/05 13:42:17 | 000,007,521 | ---- | C] () -- C:\Users\Prz3mek\Desktop\default.jpeg [2013/02/05 13:42:11 | 000,042,553 | ---- | C] () -- C:\Users\Prz3mek\Desktop\lego-duplo-passenger-plane.jpg [2013/02/03 19:36:51 | 000,629,763 | ---- | C] () -- C:\Users\Prz3mek\Desktop\SOCZEWKI Receipt _ WeLoveLenses.mht [2013/01/29 13:43:51 | 000,000,744 | ---- | C] () -- C:\Users\Prz3mek\Desktop\Listen to the phonic sounds - Shortcut.lnk [2013/01/29 13:41:33 | 000,000,764 | ---- | C] () -- C:\Users\Prz3mek\Desktop\JP WYMOWA WSZYSTKICH KOMBINACJI - Shortcut.lnk [2013/01/29 13:37:05 | 000,000,889 | ---- | C] () -- C:\Users\Prz3mek\Desktop\Hear the letter sounds « « Jolly Learning Jolly Learning - Shortcut.lnk [2013/01/29 13:35:27 | 000,000,699 | ---- | C] () -- C:\Users\Prz3mek\Desktop\Hear it The Sounds - Shortcut.lnk [2013/01/29 13:34:11 | 000,000,819 | ---- | C] () -- C:\Users\Prz3mek\Desktop\GAMES STARRRRRRRRRRRRRRRR Learning Phonics - Shortcut.lnk [2013/01/25 13:59:31 | 000,086,016 | ---- | C] () -- C:\Windows\System32\custmon32i.dll [2013/01/25 13:56:43 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2013/01/24 23:04:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013/01/24 23:04:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013/01/24 23:04:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013/01/24 23:04:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013/01/24 23:04:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/12/04 23:34:21 | 000,188,980 | ---- | C] () -- C:\Users\Prz3mek\Podsumowanie.pdf [2012/11/19 18:14:49 | 000,679,857 | ---- | C] () -- C:\Users\Prz3mek\ch2-online.pdf [2012/10/29 18:17:15 | 000,009,954 | ---- | C] () -- C:\Users\Prz3mek\kot.jpeg [2012/10/29 18:16:17 | 000,009,954 | ---- | C] () -- C:\Users\Prz3mek\images.jpeg [2012/10/28 21:54:09 | 000,075,441 | ---- | C] () -- C:\Users\Prz3mek\Muffiny - Halloween.jpeg [2012/10/28 21:48:29 | 000,119,141 | ---- | C] () -- C:\Users\Prz3mek\24767.jpg [2012/10/28 21:47:32 | 000,134,496 | ---- | C] () -- C:\Users\Prz3mek\24764.jpg [2012/10/25 22:33:37 | 000,048,854 | ---- | C] () -- C:\Users\Prz3mek\PPI-consumer-questionnaire lloyds.odt [2012/09/02 05:00:52 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2012/09/02 05:00:52 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2012/07/31 18:51:23 | 000,305,908 | ---- | C] () -- C:\Windows\ETOSU.EXE [2012/07/31 18:50:19 | 000,000,139 | ---- | C] () -- C:\Windows\ETOSP.INI [2012/07/25 21:31:08 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012/07/25 21:24:23 | 000,005,632 | ---- | C] () -- C:\Users\Prz3mek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/07/15 02:36:52 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2012/07/15 02:36:52 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2012/07/14 15:49:01 | 000,008,874 | ---- | C] () -- C:\Users\Prz3mek\AppData\Roaming\wklnhst.dat [2012/07/14 09:46:48 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll [2012/07/14 09:35:02 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll [2012/07/14 09:35:01 | 000,026,112 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE [2012/07/14 09:24:48 | 002,026,604 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2012/07/14 09:24:48 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1576.dll [2012/07/14 09:24:48 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin [2012/07/14 09:24:47 | 000,445,796 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2012/07/14 08:31:09 | 000,001,356 | ---- | C] () -- C:\Users\Prz3mek\AppData\Local\d3d9caps.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2006/11/02 12:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 15:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 04:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/21 02:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:373E1720 < End of report >