ÿþOTL logfile created on: 2011-11-30 11:27:44 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\1\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 5,98 Gb Total Physical Memory | 4,15 Gb Available Physical Memory | 69,41% Memory free 11,97 Gb Paging File | 10,22 Gb Available in Paging File | 85,42% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 148,05 Gb Total Space | 69,28 Gb Free Space | 46,79% Space Free | Partition Type: NTFS Drive D: | 148,04 Gb Total Space | 85,14 Gb Free Space | 57,51% Space Free | Partition Type: NTFS Drive K: | 15,01 Gb Total Space | 10,81 Gb Free Space | 72,04% Space Free | Partition Type: FAT32 Computer Name: 1-KOMPUTER | User Name: 1 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-11-30 11:26:35 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\1\Desktop\OTL.exe PRC - [2011-11-29 21:42:40 | 015,201,376 | ---- | M] (Sharpcast, Inc.) -- C:\ProgramData\WRData\PKG\WRSyncManager.exe PRC - [2011-11-29 21:38:00 | 000,633,088 | ---- | M] (Webroot) -- C:\Program Files\Webroot\WRSA.exe PRC - [2011-11-17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\1\AppData\Local\Akamai\netsession_win.exe PRC - [2011-09-29 08:19:26 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2011-09-29 08:19:16 | 003,508,112 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe PRC - [2011-08-05 17:51:58 | 000,379,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011-06-06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-02-02 13:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe PRC - [2010-12-23 11:08:47 | 002,005,608 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2008-02-29 09:16:16 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\ZasobyPL\Firebird2_1_PRUSZYNSKI\bin\fbguard.exe PRC - [2008-02-29 09:14:48 | 002,719,744 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\ZasobyPL\Firebird2_1_PRUSZYNSKI\bin\fbserver.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-11-30 08:29:45 | 000,115,137 | ---- | M] () -- C:\Users\1\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll MOD - [2011-11-29 21:42:40 | 007,446,528 | ---- | M] () -- C:\ProgramData\WRData\PKG\QtGui4.dll MOD - [2011-11-29 21:42:40 | 002,027,520 | ---- | M] () -- C:\ProgramData\WRData\PKG\QtCore4.dll MOD - [2011-11-29 21:42:40 | 000,671,744 | ---- | M] () -- C:\ProgramData\WRData\PKG\QtNetwork4.dll MOD - [2011-11-29 21:42:40 | 000,364,544 | ---- | M] () -- C:\ProgramData\WRData\PKG\QtXml4.dll MOD - [2011-10-14 13:51:47 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\ab1a41d184118635218d38da3f4bcae8\System.Management.ni.dll MOD - [2011-10-14 13:50:08 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\4d72e6878b73da48f7a6953a5e0b9332\System.Runtime.Remoting.ni.dll MOD - [2011-10-14 13:49:38 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\2b0b477db8f5a19d6365b93106b26651\System.Xaml.ni.dll MOD - [2011-10-14 13:11:45 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2011-10-14 12:44:35 | 018,019,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\401a9dbeaad6b6ca70c90ae4fbd2e0b8\PresentationFramework.ni.dll MOD - [2011-10-14 12:44:22 | 011,470,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b540398c49e7c32ab58666de7f09f645\PresentationCore.ni.dll MOD - [2011-10-14 12:44:20 | 013,138,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\fa45e7d581b80c34cb0d5518491c7387\System.Windows.Forms.ni.dll MOD - [2011-10-14 12:44:16 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a48e483c6b13da563725d72ec518a0bb\System.Xml.ni.dll MOD - [2011-10-14 12:44:15 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\90223e809b1ff291a7f65509702e2fa1\System.Core.ni.dll MOD - [2011-10-14 12:44:12 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\c0afb5fbfbc7a8d670b430672c5fd578\WindowsBase.ni.dll MOD - [2011-10-14 12:44:11 | 001,652,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\fd0f015bc4324d8b9716ae38083a4e4d\System.Drawing.ni.dll MOD - [2011-10-14 12:44:10 | 000,311,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\501fd1ad792d628a88e0d9d10d15f92f\PresentationFramework.Classic.ni.dll MOD - [2011-10-14 12:44:09 | 009,086,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\69adb8f9940fa1330f6f1b706e3dc31e\System.ni.dll MOD - [2011-10-14 12:44:03 | 014,409,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\2b1af7649e57195b4b85bbf4c5cb7c90\mscorlib.ni.dll MOD - [2011-09-29 08:19:26 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MOD - [2011-05-04 23:04:44 | 001,558,120 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011-11-29 21:38:00 | 000,633,088 | ---- | M] (Webroot) [Auto | Running] -- C:\Program Files\Webroot\WRSA.exe -- (WRSVC) SRV:[b]64bit:[/b] - [2011-06-21 09:28:23 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2010-09-22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2009-10-27 05:49:32 | 006,807,656 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service) SRV:[b]64bit:[/b] - [2009-08-11 17:02:06 | 000,150,016 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe -- (BrcmMgmtAgent) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2008-07-29 12:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90) SRV - [2011-11-18 08:47:34 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_d768ebc.dll -- (Akamai) SRV - [2011-08-05 17:51:58 | 000,379,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011-06-16 15:54:37 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-06-06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-02-02 13:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service) SRV - [2010-12-23 11:08:47 | 002,005,608 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008-06-13 03:05:48 | 001,539,224 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service) SRV - [2008-02-29 09:16:16 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files (x86)\ZasobyPL\Firebird2_1_PRUSZYNSKI\bin\fbguard.exe -- (FirebirdGuardianPruszynski) SRV - [2008-02-29 09:14:48 | 002,719,744 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Program Files (x86)\ZasobyPL\Firebird2_1_PRUSZYNSKI\bin\fbserver.exe -- (FirebirdServerPruszynski) SRV - [2007-05-31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-11-29 21:38:04 | 000,108,896 | ---- | M] (Webroot) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WRkrn.sys -- (WRkrn) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-12-21 06:55:02 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm) DRV:[b]64bit:[/b] - [2010-12-21 06:55:02 | 000,128,000 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bserd.sys -- (ss_bserd) DRV:[b]64bit:[/b] - [2010-12-21 06:55:02 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM) DRV:[b]64bit:[/b] - [2010-12-21 06:55:02 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-09-27 16:42:10 | 000,131,072 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge) DRV:[b]64bit:[/b] - [2010-09-27 16:42:06 | 000,075,648 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf) DRV:[b]64bit:[/b] - [2010-01-05 18:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur) DRV:[b]64bit:[/b] - [2009-12-17 06:10:38 | 000,053,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akshasp.sys -- (akshasp) DRV:[b]64bit:[/b] - [2009-12-17 06:10:34 | 000,025,344 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aksusb.sys -- (aksusb) DRV:[b]64bit:[/b] - [2009-09-09 09:13:26 | 000,024,208 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\OlyCamComm.sys -- (OlyCamComm) DRV:[b]64bit:[/b] - [2009-08-27 14:01:30 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-08-07 06:24:00 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-30 13:17:36 | 000,102,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\basp.sys -- (Blfp) DRV:[b]64bit:[/b] - [2009-06-10 21:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-03-13 10:55:38 | 000,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found IE - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\1\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) [2011-11-16 18:57:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011-11-03 15:18:16 | 000,000,000 | ---D | M] (G Data CloudSecurity) -- C:\Program Files (x86)\mozilla firefox\extensions\cloudsecurity@gdata.de [2011-02-02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\pdf.dll CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: vshare plugin = C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\ O1 HOSTS File: ([2011-11-02 19:32:23 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (G Data CloudSecurity) - {AADAC261-4EE9-473A-AB95-D8E153424C38} - C:\Program Files (x86)\G Data\G Data CloudSecurity\CloudSecurityIE64.dll (G Data Software AG) O2:[b]64bit:[/b] - BHO: (no name) - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - No CLSID value found. O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O2 - BHO: (G Data CloudSecurity) - {AADAC261-4EE9-473A-AB95-D8E153424C38} - C:\Program Files (x86)\G Data\G Data CloudSecurity\CloudSecurityIE.dll (G Data Software AG) O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll (IDM) O2 - BHO: (no name) - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - No CLSID value found. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {97ab88ef-346b-4179-a0b1-7445896547a5} - No CLSID value found. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (G Data CloudSecurity) - {AADAC261-4EE9-473A-AB95-D8E153424C38} - C:\Program Files (x86)\G Data\G Data CloudSecurity\CloudSecurityIE64.dll (G Data Software AG) O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKLM\..\Toolbar: (no name) - {97ab88ef-346b-4179-a0b1-7445896547a5} - No CLSID value found. O3 - HKLM\..\Toolbar: (G Data CloudSecurity) - {AADAC261-4EE9-473A-AB95-D8E153424C38} - C:\Program Files (x86)\G Data\G Data CloudSecurity\CloudSecurityIE.dll (G Data Software AG) O3 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] "%windir%\WindowsMobile\wmdc.exe" File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe () O4 - HKLM..\Run: [WRSVC] C:\Program Files\Webroot\WRSA.exe (Webroot) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000..\Run: [Akamai NetSession Interface] C:\Users\1\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung) O4 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1004..\RunOnce: [mctadmin] "C:\Windows\System32\mctadmin.exe" File not found O4 - Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall Webroot RunOnce.lnk = C:\Users\UpdatusUser\AppData\Roaming\wruninstall.exe (Webroot Software, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O7 - HKU\S-1-5-21-4079559278-3190467497-1880461687-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O8:[b]64bit:[/b] - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab (DLM Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} https://www.plaxo.com/activex/plx_upldr-2k-xp.cab (Plaxo Auto-Import Utility) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A48B248-A64D-4508-BF50-E0E982D08343}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{969ABE13-7C48-462A-8BC2-1B1A85134B57}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4F460EA-1560-4094-AD65-EDEF404FA026}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA0823A1-EB31-4D36-9EF2-092A26BD89AD}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F893772B-E758-4956-9A65-DA55D85974AD}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\text/xml - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29:[b]64bit:[/b] - HKLM SecurityProviders - (msapsspc.dll) - File not found O29:[b]64bit:[/b] - HKLM SecurityProviders - (digest.dll) - File not found O29:[b]64bit:[/b] - HKLM SecurityProviders - (msnsspc.dll) - File not found O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found O29 - HKLM SecurityProviders - (digest.dll) - File not found O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-11-29 14:06:05 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2011-11-29 15:43:35 | 000,000,000 | ---D | M] - D:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2011-06-21 17:13:07 | 000,000,000 | ---D | M] - D:\AUTODESK_COM_FOLDER -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-11-30 11:26:31 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\1\Desktop\OTL.exe [2011-11-29 21:38:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere [2011-11-29 21:38:04 | 000,141,272 | ---- | C] (Webroot) -- C:\Windows\SysWow64\WRusr.dll [2011-11-29 21:38:04 | 000,108,896 | ---- | C] (Webroot) -- C:\Windows\SysNative\drivers\WRkrn.sys [2011-11-29 21:38:04 | 000,091,832 | ---- | C] (Webroot) -- C:\Windows\SysNative\WRusr.dll [2011-11-29 21:38:00 | 000,000,000 | ---D | C] -- C:\Program Files\Webroot [2011-11-29 21:09:31 | 000,000,000 | ---D | C] -- C:\Panda Software [2011-11-29 21:01:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Multiplicar Negocios [2011-11-29 20:54:31 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\BeAnywhere_Drive [2011-11-29 20:54:29 | 000,000,000 | ---D | C] -- C:\Windows\FltMgr [2011-11-29 20:52:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Backup [2011-11-29 20:52:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security [2011-11-29 20:50:42 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\CrashDumps [2011-11-29 20:36:42 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\Macromedia [2011-11-29 16:10:59 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\ElevatedDiagnostics [2011-11-29 14:28:35 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2011-11-29 14:28:35 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2011-11-29 14:28:35 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2011-11-29 14:28:35 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2011-11-29 14:28:34 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2011-11-29 14:28:34 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2011-11-29 14:28:33 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2011-11-29 14:28:33 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2011-11-29 14:28:25 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2011-11-29 14:28:25 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2011-11-29 13:55:55 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\lptmp18207 [2011-11-29 12:41:00 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\lptmp1336 [2011-11-29 12:40:55 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\lptmp23225 [2011-11-26 14:44:56 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCFR.DLL [2011-11-26 14:44:56 | 000,027,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ctl3dv2.dll [2011-11-26 14:44:56 | 000,016,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SCRRNFR.DLL [2011-11-23 16:03:13 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\WinLockr [2011-11-21 18:32:21 | 000,525,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll [2011-11-21 18:32:21 | 000,190,752 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe [2011-11-21 18:32:21 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe [2011-11-21 18:32:21 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe [2011-11-21 18:31:56 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011-11-21 14:59:48 | 000,000,000 | ---D | C] -- C:\Program Files\Nightly [2011-11-16 12:22:47 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\Unity [2011-11-12 15:49:30 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2011-11-10 08:08:53 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\Akamai [2011-11-09 22:54:50 | 000,000,000 | R--D | C] -- C:\Users\1\Documents\Scanned Documents [2011-11-09 22:54:49 | 000,000,000 | ---D | C] -- C:\Users\1\Documents\Fax [2011-11-05 18:15:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2011-11-03 15:18:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\G Data [2011-11-03 08:52:06 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\SpyShelter [2011-11-02 21:45:51 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\lptmp14106 [2011-11-02 21:44:06 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\lptmp7550 [2011-11-02 21:42:22 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\lptmp29415 [2011-11-02 21:40:37 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\lptmp16872 [2011-11-02 21:38:53 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\lptmp10945 [2011-11-02 21:37:03 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\lptmp19783 [2011-11-02 21:35:19 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\lptmp25974 [2011-11-02 21:33:35 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\lptmp5246 [2011-11-02 20:54:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Webroot [2011-11-02 19:24:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\{13B9F5E8-C08A-4A36-853C-E98B1B218525} [2011-11-02 18:47:02 | 000,000,000 | ---D | C] -- C:\ProgramData\WRData [2011-10-31 18:32:27 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\IsolatedStorage [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-11-30 11:26:35 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\1\Desktop\OTL.exe [2011-11-30 11:23:19 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-11-30 11:23:19 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-11-30 10:54:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-11-30 10:38:46 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-11-30 10:38:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-11-30 10:38:00 | 523,673,599 | -HS- | M] () -- C:\hiberfil.sys [2011-11-29 21:38:04 | 000,141,272 | ---- | M] (Webroot) -- C:\Windows\SysWow64\WRusr.dll [2011-11-29 21:38:04 | 000,108,896 | ---- | M] (Webroot) -- C:\Windows\SysNative\drivers\WRkrn.sys [2011-11-29 21:38:04 | 000,091,832 | ---- | M] (Webroot) -- C:\Windows\SysNative\WRusr.dll [2011-11-29 21:28:29 | 000,002,297 | ---- | M] () -- C:\Users\1\Documents\acad.err [2011-11-29 21:16:24 | 000,008,627 | ---- | M] () -- C:\Windows\SysWow64\PAV_FOG.OPC [2011-11-29 21:03:12 | 000,405,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011-11-29 20:52:52 | 000,220,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT.bck [2011-11-29 20:52:52 | 000,220,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT [2011-11-29 20:52:52 | 000,101,052 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.rls.bck [2011-11-29 20:52:52 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG.bck [2011-11-29 20:52:52 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG [2011-11-29 20:37:58 | 000,002,510 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD Structural Detailing 2012 - Polski.lnk [2011-11-29 20:32:20 | 000,002,264 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD 2012 - Polski.lnk [2011-11-29 20:28:33 | 001,647,326 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-11-29 20:28:33 | 000,741,196 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2011-11-29 20:28:33 | 000,655,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011-11-29 20:28:33 | 000,155,924 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2011-11-29 20:28:33 | 000,121,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011-11-29 20:28:24 | 001,647,326 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011-11-29 18:54:35 | 000,025,160 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys [2011-11-29 16:10:28 | 000,001,299 | ---- | M] () -- C:\Windows\SysNative\acad.err [2011-11-28 11:21:00 | 000,000,200 | ---- | M] () -- C:\Users\1\intlname.ols [2011-11-26 16:16:19 | 000,000,102 | ---- | M] () -- C:\Windows\launcher.ini [2011-11-26 14:48:53 | 000,002,097 | ---- | M] () -- C:\Users\1\Desktop\EXPERT 2010.lnk [2011-11-26 14:45:55 | 000,000,216 | ---- | M] () -- C:\Windows\rcpn.ini [2011-11-26 14:45:55 | 000,000,088 | ---- | M] () -- C:\Windows\rrr_ab.ini [2011-11-21 21:34:21 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2011-11-21 18:32:01 | 000,190,752 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe [2011-11-21 18:32:01 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe [2011-11-21 18:32:01 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe [2011-11-21 18:31:59 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll [2011-11-21 08:54:01 | 000,000,191 | -H-- | M] () -- C:\Windows\SysNative\Rysunek1.dwl2 [2011-11-21 08:54:01 | 000,000,041 | -H-- | M] () -- C:\Windows\SysNative\Rysunek1.dwl [2011-11-17 10:55:29 | 001,254,994 | ---- | M] () -- C:\acadminidump.dmp [2011-11-17 09:45:40 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2011-11-16 18:42:04 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011-11-16 12:29:38 | 002,531,328 | ---- | M] () -- C:\Windows\Mars Exploration Rovers.scr [2011-11-16 12:28:08 | 002,543,616 | ---- | M] () -- C:\Windows\Cassini-Huygens Photojournal.scr [2011-11-16 12:27:31 | 001,875,968 | ---- | M] () -- C:\Windows\Mars Reconnaissance Orbiter.scr [2011-11-07 13:01:33 | 000,016,059 | ---- | M] () -- C:\Users\1\Desktop\ASD_err.odt [2011-11-05 20:33:48 | 000,000,000 | ---- | M] () -- C:\ProgramData\TEMP [2011-11-05 18:15:52 | 000,002,214 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2011-11-02 19:32:23 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-11-29 21:08:02 | 000,008,627 | ---- | C] () -- C:\Windows\SysWow64\PAV_FOG.OPC [2011-11-29 20:52:52 | 000,220,132 | ---- | C] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT.bck [2011-11-29 20:52:52 | 000,220,132 | ---- | C] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT [2011-11-29 20:52:52 | 000,001,132 | ---- | C] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG.bck [2011-11-29 20:52:52 | 000,001,132 | ---- | C] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG [2011-11-29 20:32:20 | 000,002,510 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD Structural Detailing 2012 - Polski.lnk [2011-11-29 20:32:20 | 000,002,264 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD 2012 - Polski.lnk [2011-11-26 14:48:53 | 000,002,097 | ---- | C] () -- C:\Users\1\Desktop\EXPERT 2010.lnk [2011-11-26 14:45:55 | 000,000,088 | ---- | C] () -- C:\Windows\rrr_ab.ini [2011-11-26 14:44:56 | 000,459,776 | ---- | C] () -- C:\Windows\SysWow64\MSWORD8.OLB [2011-11-21 08:54:01 | 000,000,191 | -H-- | C] () -- C:\Windows\SysNative\Rysunek1.dwl2 [2011-11-21 08:54:01 | 000,000,041 | -H-- | C] () -- C:\Windows\SysNative\Rysunek1.dwl [2011-11-16 12:29:41 | 002,531,328 | ---- | C] () -- C:\Windows\Mars Exploration Rovers.scr [2011-11-16 12:28:15 | 002,543,616 | ---- | C] () -- C:\Windows\Cassini-Huygens Photojournal.scr [2011-11-16 12:27:36 | 001,875,968 | ---- | C] () -- C:\Windows\Mars Reconnaissance Orbiter.scr [2011-11-05 18:15:52 | 000,002,214 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2011-10-29 13:09:46 | 000,156,148 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011-10-06 12:18:00 | 000,002,416 | ---- | C] () -- C:\Windows\SysWow64\pcmkerp.dll [2011-08-05 17:52:12 | 000,305,256 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011-06-21 17:29:38 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2011-06-16 15:55:23 | 000,000,216 | ---- | C] () -- C:\Windows\rcpn.ini [2011-06-16 15:55:23 | 000,000,102 | ---- | C] () -- C:\Windows\launcher.ini [2011-06-07 10:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011-06-07 10:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011-06-07 10:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011-06-07 10:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2011-06-07 10:13:38 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011-05-03 19:02:32 | 000,000,049 | ---- | C] () -- C:\Windows\hpntwksetup.ini [2011-04-05 13:57:37 | 000,000,000 | ---- | C] () -- C:\ProgramData\TEMP [2011-03-31 13:52:08 | 000,000,012 | ---- | C] () -- C:\Windows\RUNTEST.INI [2011-01-18 12:06:51 | 000,000,173 | ---- | C] () -- C:\Users\1\AppData\Local\msmathematics.qat.1 [2010-11-02 15:19:19 | 000,013,304 | ---- | C] () -- C:\Windows\SysWow64\drivers\BTNetFilter.sys [2010-11-02 15:19:19 | 000,011,860 | ---- | C] () -- C:\Windows\SysWow64\drivers\VBTEnum.sys [2010-09-21 16:15:11 | 000,007,636 | ---- | C] () -- C:\Users\1\AppData\Local\Resmon.ResmonCfg [2010-09-14 14:28:48 | 001,647,326 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010-09-14 13:58:26 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2009-07-14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009-07-14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009-07-14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2007-01-23 13:11:20 | 000,141,312 | ---- | C] () -- C:\Windows\SysWow64\QFClient2.dll [2006-11-14 11:03:00 | 000,663,552 | ---- | C] () -- C:\Windows\SysWow64\tx12.dll [2006-02-09 03:20:00 | 000,000,530 | ---- | C] () -- C:\Windows\SysWow64\tx12_ic.ini [2004-12-21 10:13:56 | 000,191,136 | ---- | C] () -- C:\Windows\SysWow64\plx_upldr.dll [2004-01-16 14:10:58 | 000,131,072 | ---- | C] () -- C:\Windows\bioapi_mds300.dll [2004-01-16 14:10:58 | 000,094,208 | ---- | C] () -- C:\Windows\bioapi100.dll [2003-04-08 10:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI [1980-01-03 23:12:34 | 000,000,000 | ---- | C] () -- C:\Users\1\AppData\Local\{09E448E5-0957-4034-A2C6-C710A2CD8E90} [color=#E56717]========== LOP Check ==========[/color] [2010-09-21 10:19:23 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Agito [2011-11-29 20:29:37 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Autodesk [2010-09-28 16:20:25 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\BACS.exe [2011-07-19 11:21:35 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\cald3 [2011-10-24 19:08:17 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Canneverbe Limited [2011-07-19 11:15:33 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\EssentialGrammarInUse [2011-04-06 09:57:44 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Feldmann + Weynand [2010-09-22 08:04:42 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Hilti [2011-01-18 10:56:28 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Ihwyg [2011-07-23 15:09:52 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\OpenCandy [2011-01-10 20:47:47 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\OpenOffice.org [2011-06-30 08:43:10 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Samsung [2011-11-03 09:00:07 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\SpyShelter [2011-01-12 10:37:20 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Thunderbird [2011-02-18 09:17:40 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Windows Live Writer [2011-11-23 16:03:25 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\WinLockr [2011-06-08 15:28:50 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\x-formation [2011-10-15 22:07:45 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] [2010-09-28 16:46:44 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{b0023026-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\4mG7ß{b0023026-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000002.regtrans-ms [2010-09-28 16:46:44 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{b0023026-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\4mG7ß{b0023026-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000001.regtrans-ms [2010-09-28 16:46:44 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{b0023022-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\4mG7ß{b0023022-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000002.regtrans-ms [2010-09-28 16:46:44 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{b0023022-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\4mG7ß{b0023022-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000001.regtrans-ms [2010-09-28 16:46:44 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{b0023026-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\4mG7ß{b0023026-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000002.regtrans-ms [2010-09-28 16:46:44 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{b0023026-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\4mG7ß{b0023026-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000001.regtrans-ms [2010-09-28 16:46:44 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{b0023022-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\4mG7ß{b0023022-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000002.regtrans-ms [2010-09-28 16:46:44 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{b0023022-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\4mG7ß{b0023022-cb00-11df-8f42-f4ce462dab49}.TMContainer00000000000000000001.regtrans-ms [2010-09-28 16:46:44 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G??) -- C:\Windows\SysWow64\4mG7ß [2010-09-28 16:46:44 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G??) -- C:\Windows\SysWow64\4mG7ß [2010-09-28 16:46:44 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G??{b0023026-cb00-11df-8f42-f4ce462dab49}.TM.blf) -- C:\Windows\SysWow64\4mG7ß{b0023026-cb00-11df-8f42-f4ce462dab49}.TM.blf [2010-09-28 16:46:44 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G??{b0023022-cb00-11df-8f42-f4ce462dab49}.TM.blf) -- C:\Windows\SysWow64\4mG7ß{b0023022-cb00-11df-8f42-f4ce462dab49}.TM.blf [2010-09-28 16:46:44 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G??{b0023026-cb00-11df-8f42-f4ce462dab49}.TM.blf) -- C:\Windows\SysWow64\4mG7ß{b0023026-cb00-11df-8f42-f4ce462dab49}.TM.blf [2010-09-28 16:46:44 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G??{b0023022-cb00-11df-8f42-f4ce462dab49}.TM.blf) -- C:\Windows\SysWow64\4mG7ß{b0023022-cb00-11df-8f42-f4ce462dab49}.TM.blf [2010-09-28 16:46:44 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G??.LOG1) -- C:\Windows\SysWow64\4mG7ß.LOG1 [2010-09-28 16:46:44 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G??.LOG1) -- C:\Windows\SysWow64\4mG7ß.LOG1 [2010-09-28 16:46:44 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G??.LOG2) -- C:\Windows\SysWow64\4mG7ß.LOG2 [2010-09-28 16:46:44 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G??.LOG2) -- C:\Windows\SysWow64\4mG7ß.LOG2 [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 188 bytes -> C:\ProgramData\TEMP:905844AA < End of report >