OTL logfile created on: 2012-04-15 16:21:18 - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Kornelia\Desktop Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1013,42 Mb Total Physical Memory | 398,72 Mb Available Physical Memory | 39,34% Memory free 1,99 Gb Paging File | 1,17 Gb Available in Paging File | 58,73% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 187,67 Gb Total Space | 175,10 Gb Free Space | 93,30% Space Free | Partition Type: NTFS Drive D: | 30,27 Gb Total Space | 29,23 Gb Free Space | 96,56% Space Free | Partition Type: NTFS Computer Name: KORNELIAW | User Name: Kornelia | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-04-15 16:19:07 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Kornelia\Desktop\OTL.exe PRC - [2010-08-01 14:12:42 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-08-01 07:08:09 | 003,122,528 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\VeriFace\PManage.exe PRC - [2010-07-08 12:33:44 | 000,463,912 | R--- | M] (Ericsson AB) -- C:\Program Files\Mobile Broadband drivers\WMCore\mini_WMCore.exe PRC - [2010-05-18 12:04:06 | 001,407,520 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe PRC - [2009-12-29 11:39:22 | 000,331,776 | -H-- | M] (DeviceVM, Inc.) -- C:\QSTART.SYS\config\DVMExportService.exe PRC - [2009-10-23 04:17:10 | 004,114,288 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe PRC - [2009-10-23 04:16:26 | 005,064,560 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe PRC - [2009-09-22 21:34:48 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe PRC - [2009-09-22 21:34:48 | 000,595,232 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe PRC - [2009-09-15 20:31:30 | 000,536,576 | ---- | M] (Vimicro) -- C:\Program Files\USB Camera2\VM332_STI.EXE PRC - [2009-07-14 16:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe PRC - [2009-07-14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IgrsSvcs.exe PRC - [2009-07-14 03:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2009-06-04 21:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009-06-04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2010-08-01 07:08:09 | 001,410,400 | ---- | M] () -- C:\Windows\System32\IcnOvrly.dll MOD - [2010-08-01 07:08:09 | 000,492,896 | ---- | M] () -- C:\Program Files\Lenovo\VeriFace\ChooseLang.dll MOD - [2009-09-22 21:35:00 | 000,132,384 | ---- | M] () -- C:\Program Files\Lenovo\Bluetooth Software\BTKeyInd.dll MOD - [2008-12-20 05:20:50 | 000,063,304 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\KbdHook.dll MOD - [2008-12-20 05:20:08 | 000,051,016 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\HookLib.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-07-08 12:33:44 | 000,463,912 | R--- | M] (Ericsson AB) [Auto | Running] -- C:\Program Files\Mobile Broadband drivers\WMCore\mini_WMCore.exe -- (WMCoreService) SRV - [2009-12-29 11:39:22 | 000,331,776 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\QSTART.SYS\config\DVMExportService.exe -- (DvmMDES) SRV - [2009-09-22 21:34:48 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009-09-22 20:16:32 | 000,579,400 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc) SRV - [2009-08-14 16:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc) SRV - [2009-07-16 05:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP) SRV - [2009-07-14 16:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS) SRV - [2009-07-14 16:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-06-04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-06-29 13:01:48 | 000,231,976 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WwanUsbMp.sys -- (WwanUsbServ) DRV - [2010-04-27 12:02:48 | 000,405,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Mbm3Mdm.sys -- (Mbm3Mdm) DRV - [2010-04-27 12:02:48 | 000,388,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Mbm3DevMt.sys -- (Mbm3DevMt) Mobile Broadband Device Management Driver (WDM) DRV - [2010-04-27 12:02:48 | 000,329,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Mbm3CBus.sys -- (Mbm3CBus) Mobile Broadband Device (WDM) DRV - [2010-04-27 12:02:48 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Mbm3mdfl.sys -- (Mbm3mdfl) DRV - [2010-03-03 13:30:26 | 000,026,152 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wwanussf.sys -- (ecnssndisfltr) DRV - [2010-03-03 13:30:24 | 000,023,592 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wwanuss.sys -- (ecnssndis) DRV - [2010-01-25 22:58:40 | 000,082,984 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e36wgps.sys -- (e36wgps) DRV - [2009-11-19 18:39:02 | 000,185,072 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vm332avs.sys -- (vm332avs) DRV - [2009-10-21 18:47:00 | 000,020,496 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ApsHM86.sys -- (TPDIGIMN) DRV - [2009-10-21 18:46:58 | 000,118,800 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ApsX86.sys -- (Shockprf) DRV - [2009-09-30 03:59:12 | 000,175,104 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2009-07-28 23:09:36 | 000,063,240 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdbridge.sys -- (Bridge0) DRV - [2009-07-21 23:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd) DRV - [2009-07-16 14:37:14 | 000,011,792 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror) DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009-07-14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R) DRV - [2009-07-14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM) DRV - [2009-07-01 06:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt) DRV - [2009-05-19 15:43:08 | 000,021,520 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC) DRV - [2008-08-06 14:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3842934631-2421901155-3512145053-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/ IE - HKU\S-1-5-21-3842934631-2421901155-3512145053-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3842934631-2421901155-3512145053-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE - HKU\S-1-5-21-3842934631-2421901155-3512145053-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [332BigDog] C:\Program Files\USB Camera2\VM332_STI.EXE (Vimicro) O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey File not found O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor) O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFace\PManage.exe (Lenovo) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0951B82C-7516-4ED4-AB56-EB8A518694D7}: DhcpNameServer = 61.13.0.1 61.13.0.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F864071-381D-44FD-B2B0-D23293913855}: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-04-15 16:18:26 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Kornelia\Desktop\OTL.exe [2012-04-15 15:50:07 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MpSigStub.exe [2012-04-15 15:32:06 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012-04-15 14:24:33 | 000,000,000 | ---D | C] -- C:\windows\Minidump [2012-04-15 13:40:45 | 000,000,000 | R--D | C] -- C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-04-15 13:40:45 | 000,000,000 | R--D | C] -- C:\Users\Kornelia\Searches [2012-04-15 13:40:45 | 000,000,000 | R--D | C] -- C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-04-15 13:40:36 | 000,000,000 | ---D | C] -- C:\Users\Kornelia\AppData\Roaming\Identities [2012-04-15 13:40:33 | 000,000,000 | R--D | C] -- C:\Users\Kornelia\Contacts [2012-04-15 13:40:32 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012-04-15 13:40:23 | 000,000,000 | ---D | C] -- C:\Users\Kornelia\AppData\Local\VirtualStore [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\Ustawienia lokalne [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\AppData\Local\Temporary Internet Files [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\Szablony [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\SendTo [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\Recent [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\PrintHood [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\NetHood [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\Documents\Moje wideo [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\Documents\Moje obrazy [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\Moje dokumenty [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\Documents\Moja muzyka [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\Menu Start [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\AppData\Local\Historia [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\Dane aplikacji [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\AppData\Local\Dane aplikacji [2012-04-15 13:40:20 | 000,000,000 | -HSD | C] -- C:\Users\Kornelia\Cookies [2012-04-15 13:40:19 | 000,000,000 | --SD | C] -- C:\Users\Kornelia\AppData\Roaming\Microsoft [2012-04-15 13:40:19 | 000,000,000 | R--D | C] -- C:\Users\Kornelia\Videos [2012-04-15 13:40:19 | 000,000,000 | R--D | C] -- C:\Users\Kornelia\Saved Games [2012-04-15 13:40:19 | 000,000,000 | R--D | C] -- C:\Users\Kornelia\Pictures [2012-04-15 13:40:19 | 000,000,000 | R--D | C] -- C:\Users\Kornelia\Music [2012-04-15 13:40:19 | 000,000,000 | R--D | C] -- C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012-04-15 13:40:19 | 000,000,000 | R--D | C] -- C:\Users\Kornelia\Links [2012-04-15 13:40:19 | 000,000,000 | R--D | C] -- C:\Users\Kornelia\Favorites [2012-04-15 13:40:19 | 000,000,000 | R--D | C] -- C:\Users\Kornelia\Downloads [2012-04-15 13:40:19 | 000,000,000 | R--D | C] -- C:\Users\Kornelia\Documents [2012-04-15 13:40:19 | 000,000,000 | R--D | C] -- C:\Users\Kornelia\Desktop [2012-04-15 13:40:19 | 000,000,000 | R--D | C] -- C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012-04-15 13:40:19 | 000,000,000 | -H-D | C] -- C:\Users\Kornelia\AppData [2012-04-15 13:40:19 | 000,000,000 | ---D | C] -- C:\Users\Kornelia\AppData\Local\Temp [2012-04-15 13:40:19 | 000,000,000 | ---D | C] -- C:\Users\Kornelia\AppData\Local\Microsoft [2012-04-15 13:40:19 | 000,000,000 | ---D | C] -- C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo [2012-04-15 13:39:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework [2012-04-15 13:37:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2012-04-15 13:37:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2012-04-15 13:37:55 | 000,000,000 | -HSD | C] -- C:\Recovery [2012-04-15 13:37:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2012-04-15 13:37:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2012-04-15 13:37:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2012-04-15 13:37:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2012-04-15 13:37:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2012-04-15 13:37:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2012-04-15 13:37:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-04-15 16:26:06 | 000,786,432 | -HS- | M] () -- C:\Users\Kornelia\NTUSER.DAT [2012-04-15 16:19:07 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Kornelia\Desktop\OTL.exe [2012-04-15 16:05:20 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx [2012-04-15 15:45:02 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-04-15 15:45:02 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-04-15 15:37:33 | 000,059,310 | ---- | M] () -- C:\windows\System32\license.rtf [2012-04-15 15:29:00 | 001,523,412 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI [2012-04-15 15:29:00 | 000,687,828 | ---- | M] () -- C:\windows\System32\perfh015.dat [2012-04-15 15:29:00 | 000,607,190 | ---- | M] () -- C:\windows\System32\perfh009.dat [2012-04-15 15:29:00 | 000,131,382 | ---- | M] () -- C:\windows\System32\perfc015.dat [2012-04-15 15:29:00 | 000,103,568 | ---- | M] () -- C:\windows\System32\perfc009.dat [2012-04-15 15:24:44 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT [2012-04-15 15:23:01 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012-04-15 15:22:58 | 166,653,302 | ---- | M] () -- C:\windows\MEMORY.DMP [2012-04-15 15:22:57 | 796,987,392 | -HS- | M] () -- C:\hiberfil.sys [2012-04-15 15:11:34 | 001,357,506 | -H-- | M] () -- C:\Users\Kornelia\AppData\Local\IconCache.db [2012-04-15 14:10:11 | 000,524,288 | -HS- | M] () -- C:\Users\Kornelia\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012-04-15 14:10:11 | 000,524,288 | -HS- | M] () -- C:\Users\Kornelia\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012-04-15 14:10:11 | 000,065,536 | -HS- | M] () -- C:\Users\Kornelia\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012-04-15 13:40:58 | 000,060,368 | ---- | M] () -- C:\Users\Kornelia\AppData\Local\GDIPFONTCACHEV1.DAT [2012-04-15 13:40:20 | 000,000,020 | -HS- | M] () -- C:\Users\Kornelia\ntuser.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-04-15 15:32:00 | 796,987,392 | -HS- | C] () -- C:\hiberfil.sys [2012-04-15 14:24:27 | 166,653,302 | ---- | C] () -- C:\windows\MEMORY.DMP [2012-04-15 14:10:05 | 001,357,506 | -H-- | C] () -- C:\Users\Kornelia\AppData\Local\IconCache.db [2012-04-15 13:40:58 | 000,060,368 | ---- | C] () -- C:\Users\Kornelia\AppData\Local\GDIPFONTCACHEV1.DAT [2012-04-15 13:40:48 | 000,001,425 | ---- | C] () -- C:\Users\Kornelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012-04-15 13:40:20 | 000,524,288 | -HS- | C] () -- C:\Users\Kornelia\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012-04-15 13:40:20 | 000,524,288 | -HS- | C] () -- C:\Users\Kornelia\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012-04-15 13:40:20 | 000,065,536 | -HS- | C] () -- C:\Users\Kornelia\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012-04-15 13:40:20 | 000,000,020 | -HS- | C] () -- C:\Users\Kornelia\ntuser.ini [2012-04-15 13:40:19 | 000,786,432 | -HS- | C] () -- C:\Users\Kornelia\NTUSER.DAT [2012-04-15 13:40:19 | 000,002,257 | ---- | C] () -- C:\Users\Kornelia\Desktop\OneKey Recovery.lnk [2010-08-01 14:02:23 | 000,687,828 | ---- | C] () -- C:\windows\System32\perfh015.dat [2010-08-01 14:02:23 | 000,337,158 | ---- | C] () -- C:\windows\System32\perfi015.dat [2010-08-01 14:02:23 | 000,131,382 | ---- | C] () -- C:\windows\System32\perfc015.dat [2010-08-01 14:02:23 | 000,038,710 | ---- | C] () -- C:\windows\System32\perfd015.dat [2010-08-01 07:25:53 | 000,016,648 | R--- | C] () -- C:\windows\System32\LogAPI.dll [2010-08-01 07:08:18 | 001,410,400 | ---- | C] () -- C:\windows\System32\IcnOvrly.dll [2010-08-01 07:08:18 | 000,660,832 | ---- | C] () -- C:\windows\System32\EncIcons.dll [2010-08-01 07:08:18 | 000,513,376 | ---- | C] () -- C:\windows\System32\SimpleExt.dll [2010-08-01 07:08:17 | 002,110,816 | ---- | C] () -- C:\windows\System32\Apblend.dll [2010-08-01 07:08:17 | 001,171,456 | ---- | C] () -- C:\windows\System32\PicNotify.dll [2010-08-01 07:07:58 | 001,044,480 | ---- | C] () -- C:\windows\System32\3DImageRenderer.dll [2010-08-01 06:45:12 | 000,001,308 | ---- | C] () -- C:\windows\vm332Rmv.ini [2010-08-01 06:43:48 | 000,073,728 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll [2010-08-01 06:40:49 | 000,001,448 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat [2010-08-01 06:34:43 | 001,523,412 | ---- | C] () -- C:\windows\System32\PerfStringBackup.INI [color=#E56717]========== LOP Check ==========[/color] [2009-07-14 06:53:46 | 000,004,840 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >