OTL logfile created on: 2012-03-02 09:07:38 - Run 4 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\RW-KS\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 77,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 58,59 Gb Total Space | 17,41 Gb Free Space | 29,71% Space Free | Partition Type: NTFS Drive D: | 229,63 Gb Total Space | 115,53 Gb Free Space | 50,31% Space Free | Partition Type: NTFS Computer Name: RW-KS-KOMPUTER | User Name: RW-KS | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-03-02 09:04:57 | 001,593,856 | ---- | M] (Gemius) -- C:\Program Files\NetPanel\NetPanel.exe PRC - [2012-03-01 19:47:19 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RW-KS\Downloads\OTL.exe PRC - [2012-02-02 02:44:30 | 003,329,824 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\RW-KS\AppData\Local\Akamai\netsession_win.exe PRC - [2011-10-26 22:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\realplayer\Update\realsched.exe PRC - [2011-04-22 13:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe PRC - [2009-12-29 22:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe PRC - [2009-12-15 21:14:22 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe PRC - [2009-10-14 17:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe PRC - [2009-09-30 13:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009-09-30 13:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009-06-24 22:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe PRC - [2007-03-06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2012-03-01 19:47:19 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RW-KS\Downloads\OTL.exe MOD - [2010-11-20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010-09-22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2009-12-18 02:57:06 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-10-09 13:52:16 | 000,092,160 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV:[b]64bit:[/b] - [2009-08-17 21:09:52 | 000,868,128 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b]64bit:[/b] - [2009-07-17 17:06:00 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012-02-10 11:30:44 | 003,340,064 | ---- | M] () [On_Demand | Stopped] -- c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll -- (Akamai) SRV - [2011-07-03 13:15:10 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-04-22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-01-26 11:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe -- (FTRTSVC) SRV - [2009-09-30 13:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009-09-30 13:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007-03-06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service) SRV - [2006-10-26 23:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-08-17 09:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:[b]64bit:[/b] - [2011-06-10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-09-22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2009-12-18 03:30:28 | 006,178,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009-11-19 03:30:56 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2009-10-26 21:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:[b]64bit:[/b] - [2009-09-17 20:54:00 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:[b]64bit:[/b] - [2009-09-16 14:47:00 | 000,267,312 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:[b]64bit:[/b] - [2009-08-04 10:04:26 | 000,110,592 | ---- | M] (Option NV) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Gt51Ip.sys -- (GT72NDISIPXP) DRV:[b]64bit:[/b] - [2009-08-04 10:04:26 | 000,070,656 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gt72ubus.sys -- (GT72UBUS) DRV:[b]64bit:[/b] - [2009-08-04 10:04:26 | 000,010,624 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtptser.sys -- (GTPTSER) DRV:[b]64bit:[/b] - [2009-07-17 17:06:00 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2009-07-17 17:06:00 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY) DRV:[b]64bit:[/b] - [2009-07-17 04:14:00 | 000,220,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 01:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan) DRV:[b]64bit:[/b] - [2009-07-09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:[b]64bit:[/b] - [2009-07-01 12:46:52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2009-07-01 12:46:48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2009-07-01 12:46:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2009-06-15 19:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt) DRV:[b]64bit:[/b] - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2009-06-10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R) DRV:[b]64bit:[/b] - [2009-06-10 21:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-04-07 15:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3193909142-2362725303-3282110413-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=pl&l=pl&s=pad IE - HKU\S-1-5-21-3193909142-2362725303-3282110413-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-3193909142-2362725303-3282110413-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3193909142-2362725303-3282110413-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1 FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-26 22:02:47 | 000,000,000 | ---D | M] [2011-02-28 10:40:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RW-KS\AppData\Roaming\mozilla\Extensions [2011-02-28 10:40:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RW-KS\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2011-07-11 02:25:04 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES (X86)\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM O1 HOSTS File: ([2012-02-28 20:27:06 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - File not found O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - File not found O2 - BHO: (IEHlprObj Class) - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\NetPanel\IEHelper.dll (Gemius) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - File not found O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-3193909142-2362725303-3282110413-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3:[b]64bit:[/b] - HKU\S-1-5-21-3193909142-2362725303-3282110413-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] C:\Program Files (x86)\OrangeBS\BEWInternet-PL-IEW\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [BEWINTERNET-PLSessionManager] File not found O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA) O4 - HKLM..\Run: [CorelDRAW Graphics Suite 11b] D:\Programy\Corel\Corel Graphics 12\Languages\PL\Programs\registration.exe (Corel Corporation) O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [NetPanel] C:\Program Files\NetPanel\Starter.exe (Gemius) O4 - HKLM..\Run: [ORAHSSSessionManager] File not found O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\realplayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [UVS11 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 11\uvPL.exe (InterVideo Digital Technology Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3193909142-2362725303-3282110413-1000..\Run: [Akamai NetSession Interface] C:\Users\RW-KS\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Expression\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://eic.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab (DjVuCtl Class) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control) O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{0c49f01e-3b9a-11e1-9ce8-b8ac6f5a4ef6}\Shell - "" = AutoRun O33 - MountPoints2\{0c49f01e-3b9a-11e1-9ce8-b8ac6f5a4ef6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{31c67079-0453-11e0-a19b-5063138f0407}\Shell - "" = AutoRun O33 - MountPoints2\{31c67079-0453-11e0-a19b-5063138f0407}\Shell\AutoRun\command - "" = F:\MicroLauncher.exe O33 - MountPoints2\{5f7ebff4-9a44-11df-8416-5063138f0407}\Shell - "" = AutoRun O33 - MountPoints2\{5f7ebff4-9a44-11df-8416-5063138f0407}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe O33 - MountPoints2\{c1fb8d83-5a0c-11df-a163-b8ac6f5a4ef6}\Shell - "" = AutoRun O33 - MountPoints2\{c1fb8d83-5a0c-11df-a163-b8ac6f5a4ef6}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{d991bd63-62e7-11e1-bd3a-b8ac6f5a4ef6}\Shell - "" = AutoRun O33 - MountPoints2\{d991bd63-62e7-11e1-bd3a-b8ac6f5a4ef6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{ecf6260b-9c77-11df-a6db-5063138f0407}\Shell - "" = AutoRun O33 - MountPoints2\{ecf6260b-9c77-11df-a6db-5063138f0407}\Shell\AutoRun\command - "" = F:\MicroLauncher.exe O33 - MountPoints2\{f08a6662-3e85-11e1-8325-b8ac6f5a4ef6}\Shell - "" = AutoRun O33 - MountPoints2\{f08a6662-3e85-11e1-8325-b8ac6f5a4ef6}\Shell\AutoRun\command - "" = F:\MicroLauncher.exe O33 - MountPoints2\{f08a669f-3e85-11e1-8325-b8ac6f5a4ef6}\Shell - "" = AutoRun O33 - MountPoints2\{f08a669f-3e85-11e1-8325-b8ac6f5a4ef6}\Shell\AutoRun\command - "" = F:\MicroLauncher.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-03-01 09:22:48 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012-03-01 09:22:48 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012-03-01 09:22:39 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012-02-29 16:17:28 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll [2012-02-29 16:17:28 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfCoInstaller01007.dll [2012-02-29 15:06:12 | 000,132,648 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys [2012-02-29 15:06:12 | 000,035,104 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwl2cap.sys [2012-02-29 15:06:11 | 000,098,344 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwaudio.sys [2012-02-29 15:06:11 | 000,021,160 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys [2012-02-28 14:57:06 | 000,000,000 | ---D | C] -- C:\Users\RW-KS\AppData\Roaming\Malwarebytes [2012-02-28 14:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-02-28 13:12:32 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-02-28 10:33:18 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012-02-27 08:41:10 | 000,000,000 | ---D | C] -- C:\Users\RW-KS\AppData\Local\Mozilla [2012-02-25 21:51:03 | 000,000,000 | ---D | C] -- C:\Users\RW-KS\Desktop\Bartoszek [2012-02-23 09:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGE [2012-02-23 09:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\LizardTech [2012-02-17 08:34:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo [2012-02-15 10:05:11 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012-02-15 10:05:11 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012-02-15 10:05:09 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012-02-15 10:05:09 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012-02-15 10:05:09 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012-02-15 10:05:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012-02-15 10:05:08 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2012-02-15 10:05:08 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012-02-15 10:05:07 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012-02-15 10:05:07 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012-02-15 10:05:06 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012-02-15 10:05:06 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012-02-15 10:01:55 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2012-02-15 10:01:50 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2012-02-15 10:01:50 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2012-02-15 10:01:49 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2012-02-11 13:16:08 | 000,000,000 | ---D | C] -- C:\Users\RW-KS\AppData\Local\{42697C60-2397-495E-9275-687783084FCF} [2012-02-11 13:15:54 | 000,000,000 | ---D | C] -- C:\Users\RW-KS\AppData\Local\{45BDD020-E5D2-42E2-B63B-B636EBF04A20} [2012-02-09 18:21:55 | 000,000,000 | ---D | C] -- C:\Users\RW-KS\AppData\Local\{70B02E28-C145-48B2-AEB5-12F5B319388E} [2012-02-09 18:21:34 | 000,000,000 | ---D | C] -- C:\Users\RW-KS\AppData\Local\{CD16126D-AFBF-4283-BE03-C500128F933D} [2012-02-07 22:10:52 | 000,000,000 | ---D | C] -- C:\Users\RW-KS\AppData\Local\{7D7CD6EC-D28B-471A-872E-2612E4C3BB5D} [2012-02-07 22:10:37 | 000,000,000 | ---D | C] -- C:\Users\RW-KS\AppData\Local\{E96B5D4D-C147-4842-9775-C1975052696D} [2012-02-01 10:38:30 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012-02-01 10:38:30 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012-02-01 10:38:30 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012-01-07 11:23:39 | 002,161,160 | ---- | C] (DownVision ) -- C:\Users\RW-KS\AppData\Local\setup.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-03-02 09:04:40 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-03-02 09:04:36 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2012-03-02 09:04:30 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-03-02 09:04:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-03-02 09:04:18 | 2356,572,160 | -HS- | M] () -- C:\hiberfil.sys [2012-03-02 09:03:48 | 008,388,608 | -HS- | M] () -- C:\Users\RW-KS\ntuser.dat [2012-03-02 09:03:46 | 001,572,721 | -H-- | M] () -- C:\Users\RW-KS\AppData\Local\IconCache.db [2012-03-02 09:02:30 | 000,602,051 | ---- | M] () -- C:\Users\RW-KS\Desktop\adwcleaner.exe [2012-03-02 08:50:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-03-02 08:40:26 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-03-02 08:40:26 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-03-01 22:33:59 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012-03-01 21:43:42 | 000,302,592 | ---- | M] () -- C:\0302qyz5.exe [2012-03-01 12:59:38 | 002,205,360 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-03-01 12:59:38 | 001,169,952 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-03-01 12:59:38 | 000,667,568 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-03-01 12:59:38 | 000,616,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-03-01 12:59:38 | 000,006,256 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-02-29 16:17:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf [2012-02-29 15:06:32 | 000,000,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-02-28 20:27:06 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2012-02-28 13:12:32 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-02-23 17:23:26 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2012-02-23 17:23:21 | 000,201,352 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012-02-23 10:18:15 | 000,000,516 | ---- | M] () -- C:\log [2012-02-23 10:17:19 | 000,001,842 | ---- | M] () -- C:\Users\Public\Desktop\LATS-Multi.lnk [2012-02-23 09:53:38 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\LATS-MultiV.lnk [2012-02-23 09:27:03 | 001,382,076 | ---- | M] () -- C:\Users\RW-KS\Desktop\Symulator_MULTI_V_III.swf [2012-02-23 09:24:42 | 004,530,411 | ---- | M] () -- C:\Users\RW-KS\Desktop\MULTI_F_FDX_Informacje-ogolne-i-szczegoly-produktu.pdf [2012-02-15 10:23:25 | 000,458,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-02-09 13:20:46 | 000,002,351 | ---- | M] () -- C:\Users\RW-KS\Desktop\Orange Free.lnk [2012-02-03 17:59:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf [2012-02-02 18:35:20 | 000,511,322 | ---- | M] () -- C:\Users\RW-KS\Desktop\DSC03314.jpg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-03-02 09:02:30 | 000,602,051 | ---- | C] () -- C:\Users\RW-KS\Desktop\adwcleaner.exe [2012-03-01 23:16:07 | 001,572,721 | -H-- | C] () -- C:\Users\RW-KS\AppData\Local\IconCache.db [2012-03-01 21:43:38 | 000,302,592 | ---- | C] () -- C:\0302qyz5.exe [2012-02-29 16:17:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf [2012-02-23 10:17:19 | 000,001,842 | ---- | C] () -- C:\Users\Public\Desktop\LATS-Multi.lnk [2012-02-23 09:53:38 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\LATS-MultiV.lnk [2012-02-23 09:26:57 | 001,382,076 | ---- | C] () -- C:\Users\RW-KS\Desktop\Symulator_MULTI_V_III.swf [2012-02-23 09:24:20 | 004,530,411 | ---- | C] () -- C:\Users\RW-KS\Desktop\MULTI_F_FDX_Informacje-ogolne-i-szczegoly-produktu.pdf [2012-02-09 13:20:46 | 000,002,351 | ---- | C] () -- C:\Users\RW-KS\Desktop\Orange Free.lnk [2012-02-03 17:59:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf [2012-02-02 18:35:18 | 000,511,322 | ---- | C] () -- C:\Users\RW-KS\Desktop\DSC03314.jpg [2011-11-01 22:28:18 | 000,210,456 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll [2011-11-01 22:28:18 | 000,206,360 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll [2011-11-01 22:28:18 | 000,198,168 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll [2011-11-01 22:28:18 | 000,198,168 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll [2011-11-01 22:28:18 | 000,194,072 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll [2011-11-01 22:28:18 | 000,026,136 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll [2011-06-16 17:19:05 | 000,000,000 | ---- | C] () -- C:\Users\RW-KS\AppData\Local\{A57321CA-0104-4ACE-8020-E35582AB96FD} [2011-06-16 17:14:08 | 001,639,550 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-01-02 11:58:55 | 000,000,000 | ---- | C] () -- C:\Users\RW-KS\AppData\Roaming\wklnhst.dat [2010-08-25 12:12:24 | 000,000,000 | ---- | C] () -- C:\Users\RW-KS\AppData\Roaming\FileOut.cns [2010-08-25 12:12:24 | 000,000,000 | ---- | C] () -- C:\Users\RW-KS\AppData\Roaming\FileIn.cns [2010-06-23 12:10:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-06-22 19:47:51 | 000,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-06-07 23:29:09 | 000,000,007 | ---- | C] () -- C:\Windows\treeskp.sys [2010-06-07 23:29:09 | 000,000,007 | ---- | C] () -- C:\Windows\sbacknt.bin [2010-05-11 08:07:11 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll [2010-05-10 07:35:31 | 000,007,605 | ---- | C] () -- C:\Users\RW-KS\AppData\Local\resmon.resmoncfg [2010-05-08 08:24:12 | 000,016,896 | ---- | C] () -- C:\Users\RW-KS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-05-07 09:42:30 | 000,126,120 | ---- | C] () -- C:\Users\RW-KS\AppData\Local\GDIPFONTCACHEV1.DAT [2010-04-01 01:37:20 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin [2010-03-31 20:16:09 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2010-03-31 20:16:09 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2010-03-31 20:15:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009-07-14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009-07-14 03:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2009-07-14 03:34:57 | 000,000,497 | ---- | C] () -- C:\Windows\win.ini [2009-07-14 03:34:57 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini [2009-07-14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009-07-14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2009-07-13 22:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin [2009-07-13 22:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin [2009-07-13 22:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2002-03-17 01:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000088.DLL [color=#E56717]========== LOP Check ==========[/color] [2011-11-01 21:37:13 | 000,000,000 | ---D | M] -- C:\Users\RW-KS\AppData\Roaming\avidemux [2011-06-27 08:53:44 | 000,000,000 | ---D | M] -- C:\Users\RW-KS\AppData\Roaming\BESTplayer [2011-05-22 22:30:17 | 000,000,000 | ---D | M] -- C:\Users\RW-KS\AppData\Roaming\Gadu-Gadu 10 [2010-05-29 09:42:56 | 000,000,000 | ---D | M] -- C:\Users\RW-KS\AppData\Roaming\GHISLER [2011-04-19 17:55:35 | 000,000,000 | ---D | M] -- C:\Users\RW-KS\AppData\Roaming\Nokia [2011-04-15 09:44:42 | 000,000,000 | ---D | M] -- C:\Users\RW-KS\AppData\Roaming\Nokia Ovi Suite [2012-01-11 16:27:45 | 000,000,000 | ---D | M] -- C:\Users\RW-KS\AppData\Roaming\Notepad++ [2012-01-30 09:19:21 | 000,000,000 | ---D | M] -- C:\Users\RW-KS\AppData\Roaming\OpenFM [2011-04-15 09:37:25 | 000,000,000 | ---D | M] -- C:\Users\RW-KS\AppData\Roaming\PC Suite [2010-05-09 19:19:30 | 000,000,000 | ---D | M] -- C:\Users\RW-KS\AppData\Roaming\Samsung [2011-01-02 11:58:58 | 000,000,000 | ---D | M] -- C:\Users\RW-KS\AppData\Roaming\Template [2011-02-28 10:40:25 | 000,000,000 | ---D | M] -- C:\Users\RW-KS\AppData\Roaming\TomTom [2011-11-01 22:37:27 | 000,000,000 | ---D | M] -- C:\Users\RW-KS\AppData\Roaming\Ulead Systems [2010-09-27 18:46:12 | 000,000,000 | ---D | M] -- C:\Users\RW-KS\AppData\Roaming\vghd [2010-11-12 19:42:36 | 000,000,000 | ---D | M] -- C:\Users\RW-KS\AppData\Roaming\Windows Live Writer [2012-02-05 18:15:21 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 173 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:A8ADE5D8 < End of report >