OTL logfile created on: 2012-09-10 09:40:46 - Run 2 OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\Ewelina\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 69,02% Memory free 4,23 Gb Paging File | 3,26 Gb Available in Paging File | 76,99% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 99,07 Gb Total Space | 55,81 Gb Free Space | 56,34% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 5,66 Gb Free Space | 56,61% Space Free | Partition Type: NTFS Drive F: | 15,64 Gb Total Space | 0,16 Gb Free Space | 1,02% Space Free | Partition Type: FAT32 Computer Name: EWELINA-PC | User Name: Ewelina | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-09-09 22:07:10 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Ewelina\Desktop\OTL.exe PRC - [2012-08-07 07:25:12 | 000,021,432 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2012-08-07 07:25:02 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe PRC - [2012-08-07 07:25:02 | 000,960,440 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe PRC - [2012-07-09 16:31:54 | 000,513,888 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MAT\McPvTray.exe PRC - [2012-06-22 07:55:08 | 000,166,320 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe PRC - [2012-06-22 07:51:34 | 000,168,368 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe PRC - [2012-06-22 07:49:14 | 000,200,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe PRC - [2012-06-21 21:28:02 | 001,271,968 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe PRC - [2012-05-11 06:31:28 | 000,168,280 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe PRC - [2012-02-29 06:09:34 | 000,078,664 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\Core\mchost.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010-04-13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2007-09-20 14:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe PRC - [2007-09-13 14:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe PRC - [2007-09-13 14:44:48 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe PRC - [2007-07-02 13:29:22 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe PRC - [2007-06-06 16:44:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe PRC - [2007-05-22 14:18:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe PRC - [2007-05-10 01:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe PRC - [2007-02-12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007-02-12 14:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2006-09-08 15:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-09-10 08:14:10 | 000,115,137 | ---- | M] () -- C:\Users\Ewelina\AppData\Local\Temp\d6ebea43-a7f6-428d-ab33-ddb1ea1983ec\CliSecureRT.dll MOD - [2012-08-14 09:35:38 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\c3d59993b2b35083568bef373b520960\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll MOD - [2012-08-14 09:35:37 | 014,336,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\0ae08e063ed98e3153ef4e6b8e787132\Kies.Theme.ni.dll MOD - [2012-08-14 09:35:33 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\ce3aaf287ad4244e13e4f7d1bb368178\Kies.Common.StoreManager.ni.dll MOD - [2012-08-14 09:35:32 | 000,506,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\a42d7ed7a5c984a67c542420e56e7c20\Kies.Common.MediaDB.ni.dll MOD - [2012-08-14 09:35:31 | 000,235,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\03d42d5bd957a5de215101b505c1d0b4\ASF_cSharpAPI.ni.dll MOD - [2012-08-14 09:35:30 | 000,062,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\4bb4a9b48e180862dcb2961faf13f419\Kies.Common.AllShare.ni.dll MOD - [2012-08-14 09:35:28 | 000,278,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\20632fca2e2193544442b2c258be46b9\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll MOD - [2012-08-14 09:35:27 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e3fade03a37a0d75955bea196d399ab7\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll MOD - [2012-08-14 09:35:26 | 000,565,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a90f3330269211fac9f7a5e215c33f81\Kies.Common.DeviceServiceLib.FileService.ni.dll MOD - [2012-08-14 09:35:26 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\6a17fec4d2ae415e7089effee3902c21\Interop.DevFileServiceLib.ni.dll MOD - [2012-08-14 09:35:24 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\929f313ad4beff6cdcbd668e8eaa1b72\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll MOD - [2012-08-14 09:35:22 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\470aed8e8df943f507633559d97a21ef\Kies.Common.DeviceServiceLib.Interface.ni.dll MOD - [2012-08-14 09:35:21 | 000,894,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\9e106be7d6e07d6d56833a3721557250\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll MOD - [2012-08-14 09:35:19 | 001,016,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f46dc85783f75b36277a183f9035e8d0\Kies.Common.DeviceService.ni.dll MOD - [2012-08-14 09:35:17 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\9dc3e0ae616c7239c74ce82a970ca743\Interop.P3MPINTERFACECTRLLib.ni.dll MOD - [2012-08-14 09:35:17 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\575a049dfe13964db34d62b6f1bdad5f\Interop.MP3FileInfoCOMLib.ni.dll MOD - [2012-08-14 09:35:17 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\2cf68dad9c88a16fd18460345d855124\Interop.OGGFileInfoCOMLib.ni.dll MOD - [2012-08-14 09:35:17 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\3ae55196d98000fdc1248a69f2de9ac1\Interop.PRPLAYERCORELib.ni.dll MOD - [2012-08-14 09:35:14 | 002,188,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\f0b6ef90fc82c4cc5aed6d60b5700132\Kies.Common.Multimedia.ni.dll MOD - [2012-08-14 09:35:10 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\93159db047bad70c2f12ed7e96aec700\Kies.Common.MainUI.ni.dll MOD - [2012-08-14 09:35:09 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\2108b7e9bf14c1d4fbcb4a5fdad56cc2\Kies.Common.DBManager.ni.dll MOD - [2012-08-14 09:35:08 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\116f694385a15386804af59028de6f7f\CabLib.ni.dll MOD - [2012-08-14 09:35:07 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\15f2a04d54b0d8b38bdf0f9d5b2ea990\ICSharpCode.SharpZipLib.ni.dll MOD - [2012-08-14 09:35:06 | 000,201,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\92c756a1bc2799f162a3cf940a7cc109\Kies.Common.Util.ni.dll MOD - [2012-08-14 09:35:05 | 001,392,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\5887388bb659b219a27f6a5eeb7a96ca\Kies.Locale.ni.dll MOD - [2012-08-14 09:35:05 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\969020374a914259cb60a8b3ec928928\Interop.DeviceSearchLib.ni.dll MOD - [2012-08-14 09:35:04 | 001,709,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\f93adab5111ff30347db3a3c978a179c\Kies.UI.ni.dll MOD - [2012-08-14 09:35:04 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\67c698a6d0db3f22b470a20eea9632d7\Kies.MVVM.ni.dll MOD - [2012-08-14 09:35:01 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\8d959268f6c6a3a4f1d3da78ebcfa50a\GongSolutions.Wpf.DragDrop.ni.dll MOD - [2012-08-14 09:34:58 | 001,182,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\00d1a2bb1c6b76dcf5d8080ee44aadd9\Kies.Interface.ni.dll MOD - [2012-08-14 09:34:43 | 000,771,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\313422d72f54628fc052bc054b0725ec\System.Runtime.Remoting.ni.dll MOD - [2012-08-14 09:34:41 | 001,661,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\37982633fc5cb792b732857c8cd33394\Kies.ni.exe MOD - [2012-08-07 07:25:12 | 000,021,432 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MOD - [2012-07-14 14:45:10 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll MOD - [2012-07-14 14:39:26 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll MOD - [2012-07-14 14:39:01 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll MOD - [2012-07-14 11:28:46 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\0e56badd6e20e2dc81c45cdff2326f6b\System.ServiceProcess.ni.dll MOD - [2012-07-14 11:27:21 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0189f9fb0ff0476b570aeadfc036ddd6\System.Management.ni.dll MOD - [2012-07-14 11:08:11 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\367837cb7f83c9e52f09278f4e6c3ccd\System.Runtime.Remoting.ni.dll MOD - [2012-07-14 11:07:42 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f91c92735c4a913143a0914c8cb531f2\System.Xaml.ni.dll MOD - [2012-07-14 10:01:05 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\d55bed00e3d36b0db5bd3994c77fe850\System.Windows.Forms.ni.dll MOD - [2012-07-14 09:54:03 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\063174e87d258ef1db040cbfbdd4cd31\PresentationFramework.ni.dll MOD - [2012-07-14 09:53:41 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\984f8802a334d2ae862b66bf71332c10\PresentationCore.ni.dll MOD - [2012-07-14 09:53:24 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\fd52e266873de847aea40b1d0715e0bb\PresentationFramework.Aero.ni.dll MOD - [2012-07-14 09:53:23 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\697786bb51408d41d980263d90a56d03\WindowsBase.ni.dll MOD - [2012-07-14 09:48:51 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9abdaeea6a61127606bbc324d9177579\System.Drawing.ni.dll MOD - [2012-07-14 09:32:32 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b54a85f8f8f5ac297357c80b95834a90\System.Xml.ni.dll MOD - [2012-07-14 09:32:23 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\d131eefaea0ca120aaf11568d8e44cad\System.Configuration.ni.dll MOD - [2012-07-14 09:32:14 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\500ffaf6258746eaf0bfc333ab534a51\System.Core.ni.dll MOD - [2012-07-14 09:31:20 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\360d70391adff56f1d029b1a538d2431\System.ni.dll MOD - [2012-07-14 09:31:04 | 014,415,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\97d737762adec957a2d7c80fafb4703a\mscorlib.ni.dll MOD - [2007-12-08 14:34:10 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012-09-07 14:48:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-08-26 22:33:24 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-08-24 23:42:02 | 000,279,584 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV - [2012-06-22 07:55:08 | 000,166,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp) SRV - [2012-06-22 07:51:34 | 000,168,368 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire) SRV - [2012-06-22 07:49:14 | 000,200,816 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV - [2012-05-11 06:31:28 | 000,168,280 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service) SRV - [2012-05-11 06:31:28 | 000,168,280 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy) SRV - [2012-05-11 06:31:28 | 000,168,280 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc) SRV - [2012-05-11 06:31:28 | 000,168,280 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV - [2012-05-11 06:31:28 | 000,168,280 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc) SRV - [2012-05-11 06:31:28 | 000,168,280 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV - [2012-05-11 06:31:28 | 000,168,280 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service) SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010-04-13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup) SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-09-20 14:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters) SRV - [2007-09-13 14:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV) SRV - [2007-02-12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2012-06-22 07:58:12 | 000,060,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids) DRV - [2012-06-22 07:55:18 | 000,206,784 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk) DRV - [2012-06-22 07:53:48 | 000,092,192 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet) DRV - [2012-06-22 07:52:38 | 000,554,048 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk) DRV - [2012-06-22 07:51:46 | 000,360,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek) DRV - [2012-06-22 07:51:16 | 000,061,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk) DRV - [2012-06-22 07:50:56 | 000,230,224 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2012-06-22 07:50:24 | 000,127,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk) DRV - [2012-06-15 12:04:06 | 000,064,832 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\McPvDrv.sys -- (McPvDrv) DRV - [2012-05-21 04:09:00 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudobex.sys -- (ssudobex) DRV - [2012-05-21 04:09:00 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) DRV - [2012-05-21 04:09:00 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) DRV - [2012-04-20 16:40:44 | 000,146,872 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK) DRV - [2010-04-13 20:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\MOBK.sys -- (MOBKFilter) DRV - [2009-04-11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB) DRV - [2007-10-11 01:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev) DRV - [2007-09-13 14:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2007-08-23 23:45:00 | 007,617,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2007-06-25 18:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2007-03-05 18:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx) DRV - [2007-02-07 16:50:32 | 000,118,552 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adiusbaw.sys -- (adiusbaw) DRV - [2007-02-07 16:50:14 | 000,056,088 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\adildr.sys -- (ELOADER) DRV - [2006-11-21 04:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006-11-15 00:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2006-11-14 19:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006-11-14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2006-08-04 16:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.idg.pl/start" FF - prefs.js..extensions.enabledAddons: me@paprikka.pl:0.7 FF - prefs.js..extensions.enabledAddons: {dd05fd3d-18df-4ce4-ae53-e795339c5f01}:1.21 FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.5.0 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p=" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll () FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Ewelina\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012-08-23 13:06:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-09-07 14:48:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012-08-16 17:08:23 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-09-07 14:48:12 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-09-09 10:49:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ewelina\AppData\Roaming\Mozilla\Extensions [2012-09-10 08:52:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ewelina\AppData\Roaming\Mozilla\Firefox\Profiles\wvnc6tnq.default\extensions [2011-10-30 20:58:54 | 000,186,953 | ---- | M] () (No name found) -- C:\Users\Ewelina\AppData\Roaming\Mozilla\Firefox\Profiles\wvnc6tnq.default\extensions\me@paprikka.pl.xpi [2011-09-10 22:52:48 | 000,089,388 | ---- | M] () (No name found) -- C:\Users\Ewelina\AppData\Roaming\Mozilla\Firefox\Profiles\wvnc6tnq.default\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}.xpi [2012-09-07 14:48:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-09-07 14:48:01 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-08-23 13:06:50 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR [2011-09-10 11:58:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2012-09-07 14:48:12 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-03-05 16:57:59 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-03-05 16:57:59 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-09-26 21:15:46 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml [2012-03-05 16:57:59 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-03-05 16:57:59 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-03-05 16:57:59 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-03-05 16:57:59 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\TEXTware\QUICKfind\PlugIns\IEHelp.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [FineReader7NewsReaderPro] C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe (ABBYY (BIT Software)) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation) O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h File not found O4 - HKCU..\Run: [Facebook Update] C:\Users\Ewelina\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.1) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.1) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00F66C76-6486-46E0-9FF0-5BDC50CF3994}: DhcpNameServer = 88.199.79.3 88.199.79.6 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B261179-AD64-4761-BE88-EECB7B36A3A3}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Ewelina\Downloads\4497611-ilustracja-mloda-dama-w-kolorze-rozowym-auto.jpg O24 - Desktop BackupWallPaper: C:\Users\Ewelina\Downloads\4497611-ilustracja-mloda-dama-w-kolorze-rozowym-auto.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{75003f04-da31-11e0-9ca5-001d09cccbf0}\Shell - "" = AutoRun O33 - MountPoints2\{75003f04-da31-11e0-9ca5-001d09cccbf0}\Shell\AutoRun\command - "" = G:\SETUP.EXE O33 - MountPoints2\{75003f04-da31-11e0-9ca5-001d09cccbf0}\Shell\configure\command - "" = G:\SETUP.EXE O33 - MountPoints2\{75003f04-da31-11e0-9ca5-001d09cccbf0}\Shell\install\command - "" = G:\SETUP.EXE O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-09-10 08:08:21 | 000,000,000 | ---D | C] -- C:\_OTL [2012-09-09 22:18:01 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Ewelina\Desktop\OTL.exe [2012-09-09 13:58:35 | 000,000,000 | ---D | C] -- C:\Users\Ewelina\Desktop\ojciec [2012-09-07 14:47:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012-09-07 14:23:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2012-09-07 14:22:40 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information [2012-09-07 14:22:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP510 [2012-09-07 14:20:27 | 001,298,432 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNCC510.DLL [2012-09-07 14:20:27 | 000,135,168 | ---- | C] (Canon Inc.) -- C:\Windows\System32\CNCL510.DLL [2012-09-07 14:20:27 | 000,106,496 | ---- | C] (Canon Inc.) -- C:\Windows\System32\cnco510.dll [2012-09-07 14:20:27 | 000,057,344 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNCI510.DLL [2012-09-07 14:20:22 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ [2012-09-07 14:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [2012-09-07 14:01:59 | 000,000,000 | ---D | C] -- C:\Program Files\Canon [2012-09-04 19:33:30 | 000,000,000 | ---D | C] -- C:\Users\Ewelina\AppData\Local\Facebook [2012-08-30 10:07:43 | 000,000,000 | ---D | C] -- C:\Users\Ewelina\AppData\Roaming\ABBYY [2012-08-30 10:07:43 | 000,000,000 | ---D | C] -- C:\Users\Ewelina\AppData\Local\ABBYY [2012-08-30 10:07:03 | 000,000,000 | ---D | C] -- C:\ProgramData\ABBYY [2012-08-30 10:07:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 7.0 [2012-08-30 10:06:40 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 7.0 Professional Edition [2012-08-30 09:50:40 | 000,000,000 | ---D | C] -- C:\Users\Ewelina\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012-08-30 09:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant [2012-08-30 09:50:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2012-08-16 15:51:13 | 000,064,832 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\McPvDrv.sys [2012-08-16 15:50:06 | 000,146,872 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\HipShieldK.sys [2012-08-16 09:20:19 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012-08-16 09:20:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012-08-16 09:20:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012-08-16 09:20:15 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-08-16 09:20:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012-08-16 09:20:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012-08-16 09:20:04 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012-08-16 09:18:18 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-09-10 09:13:45 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-09-10 09:13:45 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-09-10 09:05:17 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-09-10 08:58:48 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk [2012-09-10 08:54:28 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-09-10 08:54:28 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-09-10 08:54:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-09-09 22:07:10 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Ewelina\Desktop\OTL.exe [2012-09-09 20:55:13 | 000,367,672 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-09-09 20:24:15 | 000,020,480 | ---- | M] () -- C:\Users\Ewelina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-09-09 20:04:46 | 000,512,399 | ---- | M] () -- C:\Users\Ewelina\Desktop\adwcleaner.exe [2012-09-09 17:13:15 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite [2012-09-09 16:38:03 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1308591795-720010979-952464367-1000UA.job [2012-09-09 16:35:48 | 000,078,030 | ---- | M] () -- C:\ProgramData\foeylwfpvsvscdt [2012-09-08 19:38:01 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1308591795-720010979-952464367-1000Core.job [2012-09-07 14:02:32 | 000,001,838 | ---- | M] () -- C:\Users\Public\Desktop\Easy-PhotoPrint.lnk [2012-08-26 22:33:24 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-08-26 22:33:24 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-09-09 20:24:07 | 000,512,399 | ---- | C] () -- C:\Users\Ewelina\Desktop\adwcleaner.exe [2012-09-09 17:13:15 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite [2012-09-09 16:35:38 | 000,078,030 | ---- | C] () -- C:\ProgramData\foeylwfpvsvscdt [2012-09-07 14:02:32 | 000,001,838 | ---- | C] () -- C:\Users\Public\Desktop\Easy-PhotoPrint.lnk [2012-09-04 19:33:41 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1308591795-720010979-952464367-1000UA.job [2012-09-04 19:33:38 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1308591795-720010979-952464367-1000Core.job [2012-08-30 09:50:35 | 000,000,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk [2012-04-16 22:46:51 | 000,021,494 | ---- | C] () -- C:\Program Files\0x0409.ini [2012-04-16 22:46:51 | 000,003,584 | ---- | C] () -- C:\Program Files\1033.MST [2012-04-16 22:46:35 | 092,196,864 | ---- | C] () -- C:\Program Files\Samsung Kies.msi [2012-03-28 22:11:08 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012-03-28 22:11:06 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2012-03-28 22:11:06 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2012-03-28 22:11:06 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2012-03-28 22:11:06 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2012-03-12 18:45:10 | 000,054,522 | ---- | C] () -- C:\Users\Ewelina\cukry artykul.pdf [2012-02-15 12:26:27 | 000,000,061 | ---- | C] () -- C:\Windows\TEXTware.ini [2012-02-15 12:26:23 | 000,147,456 | ---- | C] () -- C:\Windows\System32\Twavbx32.dll [2012-02-15 12:26:23 | 000,088,064 | ---- | C] () -- C:\Windows\System32\idiom010227.dll [2012-02-15 12:26:21 | 000,115,200 | ---- | C] () -- C:\Windows\System32\UnzDll.dll [2012-02-15 12:26:17 | 000,099,092 | ---- | C] () -- C:\Windows\System32\bass.dll [2012-02-15 12:26:08 | 000,143,360 | ---- | C] () -- C:\Windows\System32\ILXTBS.DLL [2011-11-09 21:15:16 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2011-10-19 18:00:58 | 000,020,480 | ---- | C] () -- C:\Users\Ewelina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-10-16 19:02:53 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2011-09-11 15:29:58 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2011-09-11 15:29:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2011-09-09 08:36:34 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2011-09-08 19:18:22 | 000,000,168 | ---- | C] () -- C:\Windows\adidsl.ini [2011-09-08 19:18:22 | 000,000,021 | ---- | C] () -- C:\Windows\Fast800.ini [2011-09-08 19:13:36 | 000,253,008 | ---- | C] () -- C:\Windows\adirasx64.exe [2011-09-08 19:13:36 | 000,194,128 | ---- | C] () -- C:\Windows\adiras.exe [2011-09-08 19:13:36 | 000,001,094 | ---- | C] () -- C:\Windows\adiras.ini [2011-09-08 19:13:35 | 000,127,456 | ---- | C] () -- C:\Windows\System32\IPDETECT.EXE [2011-09-08 19:13:32 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9P2.BIN [2011-09-08 19:13:31 | 000,046,892 | ---- | C] () -- C:\Windows\System32\ADADIX16.DLL [2011-09-08 19:13:31 | 000,024,576 | ---- | C] () -- C:\Windows\enddisk32.exe [2011-09-08 19:13:30 | 000,152,220 | ---- | C] () -- C:\Windows\System32\drivers\L1E4I2.BIN [2011-09-08 19:13:30 | 000,152,220 | ---- | C] () -- C:\Windows\System32\drivers\L1E4I1.BIN [2011-09-08 19:13:30 | 000,152,220 | ---- | C] () -- C:\Windows\System32\drivers\L1E4I0.BIN [2011-09-08 19:13:30 | 000,152,132 | ---- | C] () -- C:\Windows\System32\drivers\L1E4P2.BIN [2011-09-08 19:13:30 | 000,152,132 | ---- | C] () -- C:\Windows\System32\drivers\L1E4P1.BIN [2011-09-08 19:13:30 | 000,152,132 | ---- | C] () -- C:\Windows\System32\drivers\L1E4P0.BIN [2011-09-08 19:13:30 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9P1.BIN [2011-09-08 19:13:30 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9P0.BIN [2011-09-08 19:13:30 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9I2.BIN [2011-09-08 19:13:30 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9I1.BIN [2011-09-08 19:13:30 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9I0.BIN [2011-09-08 19:13:30 | 000,152,036 | ---- | C] () -- C:\Windows\System32\drivers\L1E4D2.BIN [2011-09-08 19:13:30 | 000,152,034 | ---- | C] () -- C:\Windows\System32\drivers\L1E4D1.BIN [2011-09-08 19:13:30 | 000,152,034 | ---- | C] () -- C:\Windows\System32\drivers\L1E4D0.BIN [2011-09-08 19:13:30 | 000,022,395 | ---- | C] () -- C:\Windows\System32\drivers\fpga.bin [2011-09-08 19:07:21 | 000,000,021 | ---- | C] () -- C:\Windows\kit.ini [2011-09-08 17:05:29 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll [2011-09-08 17:05:28 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE [2011-09-08 16:38:32 | 000,000,680 | ---- | C] () -- C:\Users\Ewelina\AppData\Local\d3d9caps.dat < End of report >