OTL20_50.Txt

XP Home - Przekierowania IE, i Firefoxa 24 na qv06.com

Dzieki serdeczne(podwójne~!) za zainteresowanie. Troche trwalo, zanim obrobiłem te zalączniki. Bateria w lapie sie wychechłała i musiałem "dojechać" do 'elektrowni". Załączam log Adw cleanera po czyszczeniu, OTL z czyszczenia i po czyszczeniu.

OTL logfile created on: 2013-10-24 20:45:46 - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Pan\My Documents\Pobieranie
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 65,05% Memory free
3,34 Gb Paging File | 2,83 Gb Available in Paging File | 84,94% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,38 Gb Total Space | 3,24 Gb Free Space | 5,55% Space Free | Partition Type: NTFS
Drive D: | 5,28 Gb Total Space | 0,85 Gb Free Space | 16,20% Space Free | Partition Type: FAT32
Drive E: | 20,68 Gb Total Space | 20,12 Gb Free Space | 97,30% Space Free | Partition Type: NTFS
Drive F: | 8,82 Gb Total Space | 7,64 Gb Free Space | 86,70% Space Free | Partition Type: NTFS

Computer Name: LENOVO | User Name: Pan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013-10-20 23:19:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pan\My Documents\Pobieranie\OTL.exe
PRC - [2013-07-26 21:43:46 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013-07-26 21:43:44 | 001,564,016 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2013-06-30 02:09:02 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012-03-23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010-07-11 11:42:46 | 002,199,040 | ---- | M] () -- F:\Program Files\Rainlendar\Rainlendar2.exe
PRC - [2010-06-09 01:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2007-06-26 14:11:42 | 000,675,913 | ---- | M] () -- C:\Program Files\IRReceive\IRReceive.exe
PRC - [2007-04-20 16:55:58 | 000,258,048 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
PRC - [2006-02-28 09:20:44 | 002,076,672 | ---- | M] () -- C:\Program Files\Softex\OmniPass\scureapp.exe
PRC - [2006-02-28 09:20:02 | 000,013,312 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
PRC - [2006-02-28 09:18:32 | 000,032,768 | ---- | M] (Softex Inc.) -- C:\Program Files\Softex\OmniPass\OmniServ.exe
PRC - [2006-02-01 07:24:28 | 000,147,456 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
PRC - [2006-02-01 07:23:08 | 000,040,960 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
PRC - [2006-02-01 07:19:26 | 000,409,600 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
PRC - [2006-02-01 07:12:04 | 000,098,304 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
PRC - [2006-01-17 19:37:24 | 000,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
PRC - [2006-01-06 18:42:16 | 000,024,576 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\PMHandler.exe
PRC - [2006-01-03 20:27:08 | 000,057,344 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\PMSveH.exe
PRC - [2005-12-22 03:34:58 | 000,077,824 | ---- | M] () -- C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
PRC - [2005-12-22 03:27:00 | 000,032,768 | ---- | M] () -- C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
PRC - [2005-12-22 03:20:56 | 001,384,448 | ---- | M] () -- C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
PRC - [2005-12-22 03:08:06 | 001,988,144 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauthe.exe
PRC - [2005-12-21 05:47:48 | 000,094,208 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe
PRC - [2005-12-10 17:29:08 | 000,024,064 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
PRC - [2005-12-07 10:00:00 | 000,106,496 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE
PRC - [2005-08-02 02:32:40 | 000,040,960 | ---- | M] () -- C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
PRC - [2004-08-04 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003-08-12 21:50:40 | 001,376,360 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\acsd.exe
PRC - [2003-01-11 02:13:04 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013-08-25 22:28:43 | 017,281,024 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Theme\41a344fd2ec33704e8677127a32cb376\Kies.Theme.ni.dll
MOD - [2013-08-25 22:28:41 | 000,306,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\0a16f9e10b186cf3bfb3443b07a9fb18\DummyStorePlugin.ni.dll
MOD - [2013-08-25 22:28:39 | 000,117,248 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceStoryAlbum\7450538064de20a9474fe02f2d5ceb00\DeviceStoryAlbum.ni.dll
MOD - [2013-08-25 22:28:38 | 000,603,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePodcast\2488b12c91276e54df2004082cbef552\DevicePodcast.ni.dll
MOD - [2013-08-25 22:28:36 | 000,289,792 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceVideo\4989a988cbedfb5733e93aeec37027f6\DeviceVideo.ni.dll
MOD - [2013-08-25 22:28:35 | 000,351,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePhoto\6211622e0c12d9ed7bab09130dca1728\DevicePhoto.ni.dll
MOD - [2013-08-25 22:28:34 | 000,300,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceMusic\dfa62219dd686a20b21f665d993c9a06\DeviceMusic.ni.dll
MOD - [2013-08-25 22:28:33 | 000,453,120 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\VideoManager\b62204d6d6815340dfabaf3ad5dc39f3\VideoManager.ni.dll
MOD - [2013-08-25 22:28:29 | 000,770,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PhotoManager\1682625a7cbc71ebee3b0afe186bf736\PhotoManager.ni.dll
MOD - [2013-08-25 22:28:27 | 001,937,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Phonebook\cccc62ec7c18d7339165350a2fe2e15f\Phonebook.ni.dll
MOD - [2013-08-25 22:28:19 | 000,202,240 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\StoryAlbumManager\4c041f491250794d2feec2d80c668fc5\StoryAlbumManager.ni.dll
MOD - [2013-08-25 22:28:18 | 000,908,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MusicManager\5132f7c6328552c0bfa3dfd432468a19\MusicManager.ni.dll
MOD - [2013-08-25 22:28:16 | 000,394,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BATPlugin\e4c1e7c0665e47a676a6adc6095ba9aa\BATPlugin.ni.dll
MOD - [2013-08-25 22:27:13 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\fa172d4a268135ecb4a7d2a6fd8c205a\Kies.Common.StoreManager.ni.dll
MOD - [2013-08-25 22:27:11 | 000,527,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\26a3b44330bae33c53234b4527232ba0\Kies.Common.MediaDB.ni.dll
MOD - [2013-08-25 22:27:04 | 000,231,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\cb34d3670a2c8a087d1e2e76e2d24d90\ASF_cSharpAPI.ni.dll
MOD - [2013-08-25 22:27:01 | 000,062,976 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\08f9e395e47dec49a62ed03f1209f570\Kies.Common.AllShare.ni.dll
MOD - [2013-08-25 22:26:50 | 000,066,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\48dbfaf821d8b752126098f164d75c17\Kies.Common.DBManager.ni.dll
MOD - [2013-08-25 22:26:41 | 000,109,056 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\8134c588a201fe9bdfb1c0e2382b6e78\Kies.Common.CRMManager.ni.dll
MOD - [2013-08-25 22:26:30 | 001,092,096 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Podcaster\1283d9004143c42f18c358ac696257ab\Podcaster.ni.dll
MOD - [2013-08-25 22:26:19 | 000,281,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\b689c1f31ce445ea4171a70f7d5ac1d8\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2013-08-25 22:26:14 | 000,189,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\8daf86daa0cf7c772a3819448811a4d8\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2013-08-25 22:25:59 | 000,178,688 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\84bb3a8a775ef8b903577b8af02701aa\Interop.DevFileServiceLib.ni.dll
MOD - [2013-08-25 22:25:55 | 000,572,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\06c0b7e8d597825c68dbe7a00f74b4ae\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2013-08-25 22:25:42 | 001,201,152 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\ddcfbc05d800b9fd9903531bfd2e43bd\Kies.Common.DeviceService.ni.dll
MOD - [2013-08-25 22:25:18 | 000,981,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\aca034bce184541bb3057c7a89eca651\DeviceCommonLib.ni.dll
MOD - [2013-08-25 22:25:00 | 000,728,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\8fa09365775a4f7a54593792cd069c8b\Kies.Plugin.ContentsManagerLib.ni.dll
MOD - [2013-08-25 22:24:17 | 000,198,144 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\2cf0c72c2a3ad367b72958810e961784\Kies.Common.MainUI.ni.dll
MOD - [2013-08-25 22:22:28 | 000,046,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a9953f0cb02615f20d3b64c7744301e7\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2013-08-25 22:22:26 | 000,920,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\093d677594ebf34e67f5a77bc9991bad\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2013-08-25 22:22:16 | 000,052,224 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\264c1653641f1c23c69360519b509335\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2013-08-25 22:22:16 | 000,032,256 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\59b4b3f2d5220d5d211f2d2ee1171127\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2013-08-25 22:22:16 | 000,030,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\69149f472720f775952479558a77e8b3\Interop.PRPLAYERCORELib.ni.dll
MOD - [2013-08-25 22:22:15 | 000,171,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\c554f87102e1b75c73c850530b16a5b6\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2013-08-25 22:22:12 | 002,186,240 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\9a97f1b0cbbc3edd582af609a953ad5c\Kies.Common.Multimedia.ni.dll
MOD - [2013-08-25 22:22:06 | 000,635,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\d388aef99c3a91ab0373e2b48f7b470e\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2013-08-25 22:22:06 | 000,186,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bd190587ff60af9f33ed077bb1d5e5a2\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2013-08-25 22:21:55 | 007,019,008 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceHost\f9670a3d2f71a8ea619349143d574d52\DeviceHost.ni.dll
MOD - [2013-08-25 22:21:32 | 000,394,240 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CabLib\bf7d84702d92e3ab0f320a82d16c9a4a\CabLib.ni.dll
MOD - [2013-08-25 22:21:31 | 000,309,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\89427a749e338d5de10e4ed8b2bf6830\Kies.Common.Util.ni.dll
MOD - [2013-08-25 22:21:29 | 001,675,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Locale\6301f0cda43ceb40e34b6c6b41fccbc0\Kies.Locale.ni.dll
MOD - [2013-08-25 22:21:29 | 000,052,224 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\ddd1316c6036823ea1e4bdc4827d5418\Interop.DeviceSearchLib.ni.dll
MOD - [2013-08-25 22:21:28 | 000,078,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\4c14ac39397cd817e8a397ddcbc97e49\Kies.MVVM.ni.dll
MOD - [2013-08-25 22:21:27 | 001,787,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.UI\3517b18d3bfc9f440c9a5141dc9e23d5\Kies.UI.ni.dll
MOD - [2013-08-25 22:21:24 | 000,154,112 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\d7c5594e092123d20a438d56e5ff15cb\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2013-08-25 22:21:22 | 001,273,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Interface\8b69580df111999685b67f7ea7948710\Kies.Interface.ni.dll
MOD - [2013-08-25 22:20:28 | 000,767,488 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\423d873fc534c5a104683990f4644bfe\System.Runtime.Remoting.ni.dll
MOD - [2013-08-25 22:20:13 | 002,121,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies\73250a5133408180632135bb2717a9a8\Kies.ni.exe
MOD - [2013-08-25 22:08:23 | 017,632,256 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c5076f9a8ecf90a4c86ac5cfcb9e5528\PresentationFramework.ni.dll
MOD - [2012-03-23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
MOD - [2011-06-01 21:38:18 | 000,220,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\3f1613bcf5b9cf536359bfff7bd18a5a\System.ServiceProcess.ni.dll
MOD - [2011-06-01 20:57:29 | 001,776,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\d85a3d6ed5bb77f5603e098cccf60bfa\System.Xaml.ni.dll
MOD - [2011-06-01 20:15:46 | 005,571,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\2d7c29ad77c15abfa6a8fe6d24840a91\System.Xml.ni.dll
MOD - [2011-06-01 20:15:37 | 000,973,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\ac2cd19f2159d48684e17cbdecfaa3b7\System.Configuration.ni.dll
MOD - [2011-06-01 20:14:49 | 011,057,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\7a1eeb425f9318f432afead4b2da965a\PresentationCore.ni.dll
MOD - [2011-06-01 20:14:27 | 003,779,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\f1f3a74eb37b27b7d05b8ffa941f8473\WindowsBase.ni.dll
MOD - [2011-06-01 20:14:01 | 007,025,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\85693dfd9ba4905b0fd947fdb51446d5\System.Core.ni.dll
MOD - [2011-06-01 20:13:40 | 009,000,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\161c6f80ad93b0505054d244f1c6243c\System.ni.dll
MOD - [2011-06-01 20:13:25 | 014,415,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\4ff1f12a08d455f195ba996fe77497c6\mscorlib.ni.dll
MOD - [2010-07-11 11:42:52 | 000,193,024 | ---- | M] () -- F:\Program Files\Rainlendar\Plugins\iCalendarPlugin.dll
MOD - [2010-07-11 11:42:46 | 002,199,040 | ---- | M] () -- F:\Program Files\Rainlendar\Rainlendar2.exe
MOD - [2010-05-23 20:25:48 | 000,501,760 | ---- | M] () -- F:\Program Files\Rainlendar\wxmsw28u_xrc_vc_rny.dll
MOD - [2010-05-23 20:25:36 | 000,131,072 | ---- | M] () -- F:\Program Files\Rainlendar\wxbase28u_xml_vc_rny.dll
MOD - [2010-05-23 20:25:32 | 000,485,376 | ---- | M] () -- F:\Program Files\Rainlendar\wxmsw28u_html_vc_rny.dll
MOD - [2010-05-23 20:25:20 | 000,707,584 | ---- | M] () -- F:\Program Files\Rainlendar\wxmsw28u_adv_vc_rny.dll
MOD - [2010-05-23 20:25:12 | 002,629,120 | ---- | M] () -- F:\Program Files\Rainlendar\wxmsw28u_core_vc_rny.dll
MOD - [2010-05-23 20:24:20 | 001,202,688 | ---- | M] () -- F:\Program Files\Rainlendar\wxbase28u_vc_rny.dll
MOD - [2010-05-23 20:20:08 | 000,012,288 | ---- | M] () -- F:\Program Files\Rainlendar\lfs.dll
MOD - [2010-05-23 20:20:04 | 000,126,976 | ---- | M] () -- F:\Program Files\Rainlendar\lua51.dll
MOD - [2010-05-23 19:17:46 | 000,060,416 | ---- | M] () -- F:\Program Files\Rainlendar\zlib1.dll
MOD - [2008-03-25 06:50:40 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
MOD - [2007-08-31 15:47:44 | 000,143,360 | ---- | M] () -- C:\Program Files\IRReceive\RmCard.dll
MOD - [2007-07-21 13:50:04 | 000,053,248 | ---- | M] () -- C:\Program Files\IRReceive\lwext.dll
MOD - [2007-06-26 14:11:42 | 000,675,913 | ---- | M] () -- C:\Program Files\IRReceive\IRReceive.exe
MOD - [2006-02-28 09:21:50 | 000,025,024 | ---- | M] () -- C:\Program Files\Softex\OmniPass\hdddrv.dll
MOD - [2006-02-28 09:21:08 | 000,049,152 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPGina.dll
MOD - [2006-02-28 09:20:44 | 002,076,672 | ---- | M] () -- C:\Program Files\Softex\OmniPass\scureapp.exe
MOD - [2006-02-28 09:20:02 | 000,013,312 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
MOD - [2006-02-28 09:19:40 | 000,122,880 | ---- | M] () -- C:\Program Files\Softex\OmniPass\ginastub.dll
MOD - [2006-02-28 09:15:26 | 000,053,248 | ---- | M] () -- C:\Program Files\Softex\OmniPass\scuredll.dll
MOD - [2006-02-28 09:14:56 | 000,327,680 | ---- | M] () -- C:\Program Files\Softex\OmniPass\userdata.dll
MOD - [2006-02-28 09:14:40 | 000,790,528 | ---- | M] () -- C:\Program Files\Softex\OmniPass\autheng.dll
MOD - [2006-02-28 09:14:30 | 000,012,288 | ---- | M] () -- C:\Program Files\Softex\OmniPass\cryptodll.dll
MOD - [2006-02-28 09:14:28 | 000,434,176 | ---- | M] () -- C:\Program Files\Softex\OmniPass\storeng.dll
MOD - [2006-02-28 09:14:12 | 000,010,752 | ---- | M] () -- C:\Program Files\Softex\OmniPass\SSPLogon.dll
MOD - [2006-02-28 09:10:46 | 002,179,504 | ---- | M] () -- C:\Program Files\Softex\OmniPass\sftxtgp.dll
MOD - [2006-02-01 07:24:24 | 000,413,696 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvcHlpr.dll
MOD - [2006-02-01 07:24:00 | 000,057,344 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\AcBroadcom.dll
MOD - [2006-02-01 07:23:24 | 000,114,688 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\AcLocMigrator.dll
MOD - [2006-02-01 07:23:08 | 000,073,728 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll
MOD - [2006-02-01 07:23:08 | 000,040,960 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
MOD - [2006-02-01 07:22:56 | 000,499,712 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\ACon.dll
MOD - [2006-02-01 07:19:06 | 000,007,680 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll
MOD - [2006-02-01 07:14:36 | 000,094,208 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\ThinQCon.dll
MOD - [2006-02-01 07:02:14 | 000,090,112 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll
MOD - [2006-02-01 07:00:02 | 000,143,360 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll
MOD - [2006-02-01 06:59:56 | 000,077,824 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll
MOD - [2006-02-01 06:59:50 | 000,151,552 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll
MOD - [2006-02-01 06:59:26 | 000,069,632 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll
MOD - [2006-01-06 15:51:00 | 000,266,303 | ---- | M] () -- C:\Program Files\ArcSoft\TotalMedia 3\magengin.dll
MOD - [2005-12-30 22:43:12 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\PMHlerIO.dll
MOD - [2005-12-23 22:47:32 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\PMEBLib.dll
MOD - [2005-12-22 03:34:58 | 000,077,824 | ---- | M] () -- C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
MOD - [2005-12-22 03:27:00 | 000,032,768 | ---- | M] () -- C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
MOD - [2005-12-22 03:23:06 | 000,139,264 | ---- | M] () -- C:\Program Files\IBM ThinkVantage\Rescue and Recovery\CDRecord.dll
MOD - [2005-12-22 03:20:56 | 001,384,448 | ---- | M] () -- C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
MOD - [2005-12-22 03:19:10 | 000,155,648 | ---- | M] () -- C:\Program Files\IBM ThinkVantage\Rescue and Recovery\ui.dll
MOD - [2005-12-22 03:19:02 | 000,069,632 | ---- | M] () -- C:\Program Files\IBM ThinkVantage\Rescue and Recovery\zlib.dll
MOD - [2005-12-22 03:15:14 | 000,671,744 | ---- | M] () -- C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rr_res.dll
MOD - [2005-12-21 05:47:48 | 000,094,208 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe
MOD - [2005-12-21 05:46:04 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\tphklock.dll
MOD - [2005-12-10 17:29:08 | 000,024,064 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
MOD - [2005-12-10 17:28:40 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\TpWAudHk.dll
MOD - [2005-12-07 10:00:00 | 000,057,344 | ---- | M] () -- C:\Program Files\Lenovo\LenovoCare\US\LPRESMGR.DLL
MOD - [2005-11-16 05:42:22 | 000,010,752 | ---- | M] () -- C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll
MOD - [2005-10-13 05:14:04 | 000,208,896 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\tpfnf7.dll
MOD - [2005-08-18 16:26:46 | 000,270,336 | ---- | M] () -- C:\Program Files\IRReceive\Gethardinfo.dll
MOD - [2005-08-05 17:24:00 | 000,028,672 | ---- | M] () -- C:\Program Files\ArcSoft\TotalMedia 3\uPiApi.dll
MOD - [2005-08-02 02:32:40 | 000,040,960 | ---- | M] () -- C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
MOD - [2005-08-02 02:32:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherCommon.dll
MOD - [2005-07-20 12:34:28 | 000,126,976 | ---- | M] () -- C:\Program Files\ThinkVantage\AMSG\ahlprunl.dll
MOD - [2005-06-30 12:54:50 | 000,180,224 | ---- | M] () -- C:\Program Files\ThinkVantage\AMSG\AcpPollingEngine.dll
MOD - [2004-12-14 13:00:00 | 000,430,080 | ---- | M] () -- C:\Program Files\ArcSoft\TotalMedia 3\FPXLIB.DLL
MOD - [2004-12-01 18:21:22 | 000,180,224 | ---- | M] () -- C:\Program Files\ArcSoft\TotalMedia 3\kgl.dll
MOD - [2004-08-04 14:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004-08-04 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\qagentrt.dll -- (napagent)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\kmsvc.dll -- (hkmsvc)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\eapsvc.dll -- (EapHost)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\dot3svc.dll -- (Dot3svc)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013-10-19 12:35:26 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-10-07 12:56:00 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-06-30 02:09:02 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-03-23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010-06-14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006-02-28 09:18:32 | 000,032,768 | ---- | M] (Softex Inc.) [Auto | Running] -- C:\Program Files\Softex\OmniPass\OmniServ.exe -- (omniserv)
SRV - [2006-02-01 07:24:28 | 000,147,456 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2006-02-01 07:23:08 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2006-01-17 19:37:24 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2006-01-03 20:27:08 | 000,057,344 | ---- | M] (Lenovo) [Auto | Running] -- C:\WINDOWS\system32\PMSveH.exe -- (PMSveH)
SRV - [2005-12-22 03:34:58 | 000,077,824 | ---- | M] () [Auto | Running] -- C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2005-12-22 03:20:56 | 001,384,448 | ---- | M] () [Auto | Running] -- C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
SRV - [2005-12-14 20:51:12 | 000,622,700 | ---- | M] (Diskeeper Corporation) [Disabled | Stopped] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2005-08-02 02:32:40 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe -- (UCLauncherService)
SRV - [2003-08-12 21:50:40 | 001,376,360 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\acsd.exe -- (AOL ACS)
SRV - [2003-01-11 02:13:04 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [File_System | Boot | Stopped] -- System32\drivers\ANCSQ.sys -- (ANCSQ)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\adiusbaw.sys -- (adiusbaw)
DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\adildr.sys -- (ADILOADER)
DRV - [2013-06-21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013-06-21 02:07:52 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011-06-02 11:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2010-06-22 18:01:52 | 000,021,248 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010-05-21 13:56:04 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-02-26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010-02-26 14:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010-02-11 13:08:25 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010-01-05 03:31:32 | 001,714,176 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\athuw.sys -- (AR9271)
DRV - [2009-12-10 13:34:08 | 000,040,560 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2009-06-10 15:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-04-03 20:07:34 | 000,010,240 | ---- | M] (Atola) [Kernel | On_Demand | Stopped] -- C:\Program Files\A-FF Find and Mount\slicedisk.sys -- (SliceDisk5)
DRV - [2007-07-09 14:17:36 | 000,095,744 | ---- | M] (Option NV) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Gt51Ip.sys -- (GT72NDISIPXP)
DRV - [2007-06-26 13:38:46 | 000,051,968 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt72ubus.sys -- (GT72UBUS)
DRV - [2007-04-23 15:54:50 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mgmt.sys -- (s115mgmt)
DRV - [2007-04-23 15:54:50 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115obex.sys -- (s115obex)
DRV - [2007-04-23 15:54:48 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdm.sys -- (s115mdm)
DRV - [2007-04-23 15:54:48 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdfl.sys -- (s115mdfl)
DRV - [2007-04-23 15:54:46 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115bus.sys -- (s115bus)
DRV - [2007-03-30 13:38:14 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtptser.sys -- (GTPTSER)
DRV - [2006-11-10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006-09-28 05:47:48 | 000,283,776 | R--- | M] (AfaTech ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2006-05-27 19:56:38 | 000,016,256 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2006-03-01 13:22:24 | 000,173,056 | ---- | M] (Funk Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\odysseyIM4.sys -- (odysseyIM4)
DRV - [2006-01-17 19:21:52 | 000,328,061 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006-01-17 19:18:22 | 000,850,474 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006-01-17 19:15:36 | 000,030,459 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006-01-17 19:15:26 | 000,030,285 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006-01-17 19:14:52 | 000,065,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006-01-17 19:11:56 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006-01-13 09:33:22 | 000,006,016 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\IBMBLDID.sys -- (IBMTPCHK)
DRV - [2006-01-11 11:42:00 | 000,007,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2005-12-22 02:14:58 | 000,012,544 | ---- | M] (IBM) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ibmfilter.sys -- (ibmfilter)
DRV - [2005-12-21 23:09:50 | 000,010,240 | ---- | M] (Lenovo ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PMHler.sys -- (PMHler)
DRV - [2005-12-15 08:10:10 | 000,425,216 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005-12-13 01:08:44 | 001,124,097 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005-11-17 05:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005-11-08 18:27:20 | 000,011,520 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ANC.sys -- (ANC)
DRV - [2005-11-02 03:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005-11-02 02:54:50 | 000,051,584 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005-09-30 20:11:42 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005-03-30 03:02:22 | 000,116,594 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATSwpDrv.sys -- (ATSWPDRV)
DRV - [2005-02-12 05:46:22 | 000,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTWL5.SYS -- (GT43xx)
DRV - [2005-01-08 02:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004-12-15 11:32:04 | 000,032,782 | R--- | M] (USB Com port.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser120.sys -- (SER120)
DRV - [2004-09-29 18:07:44 | 000,107,904 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDG.sys -- (GTEDGWModem)
DRV - [2004-09-29 18:07:44 | 000,052,864 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDGNet.sys -- (GTEDGWWNIC)
DRV - [2004-09-29 18:07:44 | 000,021,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDGSC.sys -- (OptionWWSC)
DRV - [2004-08-04 14:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004-08-04 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004-08-04 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004-08-04 07:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004-08-04 00:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2003-01-11 02:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: " URL " = http://www.google.com/search?q={searchTerms} & rls=com.microsoft:{language}:{referrer:source?} & ie={inputEncoding} & oe={outputEncoding} & sourceid=ie7


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-107764297-1135023587-818665055-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKU\S-1-5-21-107764297-1135023587-818665055-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-107764297-1135023587-818665055-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-107764297-1135023587-818665055-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-107764297-1135023587-818665055-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms} & sourceid=ie7 & rls=com.microsoft:en-US & ie=utf8 & oe=utf8
IE - HKU\S-1-5-21-107764297-1135023587-818665055-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-107764297-1135023587-818665055-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-107764297-1135023587-818665055-1006\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-107764297-1135023587-818665055-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: " URL " = http://www.google.com/search?q={searchTerms} & rls=com.microsoft:{language}:{referrer:source?} & ie={inputEncoding} & oe={outputEncoding} & sourceid=ie7
IE - HKU\S-1-5-21-107764297-1135023587-818665055-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0
IE - HKU\S-1-5-21-107764297-1135023587-818665055-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyOverride " = & lt; local & gt;

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: " "
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4
FF - prefs.js..extensions.enabledAddons: %7Ba7c6cf7f-112c-4500-a7ea-39801a327e5f%7D:2.0.16
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-07-27 19:20:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: F:\Program Files\Firefox\components [2013-10-07 12:55:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: F:\Program Files\Firefox\plugins [2013-10-07 12:55:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-07-27 19:20:55 | 000,000,000 | ---D | M]

[2010-06-17 09:49:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pan\Application Data\Mozilla\Extensions
[2013-10-24 20:40:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pan\Application Data\Mozilla\Firefox\Profiles\zm8kircu.default\extensions
[2012-12-04 19:29:37 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\Pan\Application Data\Mozilla\Firefox\Profiles\zm8kircu.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2013-06-18 01:32:01 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Pan\Application Data\Mozilla\Firefox\Profiles\zm8kircu.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2012-09-06 08:28:13 | 000,000,000 | ---D | M] (Snip It! Button for eBay) -- C:\Documents and Settings\Pan\Application Data\Mozilla\Firefox\Profiles\zm8kircu.default\extensions\{aab35b56-0206-4472-9993-9cb5c09bb722}
[2012-11-22 11:31:23 | 000,000,000 | ---D | M] (Change Referer Button) -- C:\Documents and Settings\Pan\Application Data\Mozilla\Firefox\Profiles\zm8kircu.default\extensions\{c71ff04d-f001-1fc1-1fc1-c71ff04df001}
[2010-07-29 08:52:32 | 000,000,000 | ---D | M] (Ovi maps browser plugin) -- C:\Documents and Settings\Pan\Application Data\Mozilla\Firefox\Profiles\zm8kircu.default\extensions\maps@ovi.com
[2011-05-19 08:50:56 | 000,000,000 | ---D | M] (VideoSurf Videos at a Glance) -- C:\Documents and Settings\Pan\Application Data\Mozilla\Firefox\Profiles\zm8kircu.default\extensions\videosurf_enhanced@videosurf.com
[2013-10-24 20:40:05 | 000,534,765 | ---- | M] () (No name found) -- C:\Documents and Settings\Pan\Application Data\Mozilla\Firefox\Profiles\zm8kircu.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013-06-16 20:55:11 | 000,868,738 | ---- | M] () (No name found) -- C:\Documents and Settings\Pan\Application Data\Mozilla\Firefox\Profiles\zm8kircu.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
[2012-11-22 11:31:22 | 000,020,390 | ---- | M] () (No name found) -- C:\Documents and Settings\Pan\Application Data\Mozilla\Firefox\Profiles\zm8kircu.default\extensions\{c71ff04d-f001-1fc1-1fc1-c71ff04df001}.xpi
[2013-10-10 14:27:43 | 000,915,554 | ---- | M] () (No name found) -- C:\Documents and Settings\Pan\Application Data\Mozilla\Firefox\Profiles\zm8kircu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-10-07 12:10:14 | 000,001,274 | ---- | M] () -- C:\Documents and Settings\Pan\Application Data\Mozilla\Firefox\Profiles\zm8kircu.default\searchplugins\pwn-sjp.xml

O1 HOSTS File: ([2011-12-22 16:11:00 | 000,000,732 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Application Data\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKU\S-1-5-21-107764297-1135023587-818665055-1006\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-107764297-1135023587-818665055-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-107764297-1135023587-818665055-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-107764297-1135023587-818665055-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-107764297-1135023587-818665055-1006\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo)
O4 - HKLM..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [cssauthe] C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauthe.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IRReceive] C:\Program Files\IRReceive\IRReceive.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LPManager] C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe ()
O4 - HKLM..\Run: [PMHandler] C:\WINDOWS\system32\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [suScheduler] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe ()
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe ()
O4 - HKLM..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe ()
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-21-107764297-1135023587-818665055-1006..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-107764297-1135023587-818665055-1006..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-107764297-1135023587-818665055-1006..\Run: [Rainlendar2] F:\Program Files\Rainlendar\Rainlendar2.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe (ArcSoft, Inc.)
O4 - Startup: C:\Documents and Settings\Pan\Start Menu\Programs\Startup\TotalMedia 3.lnk = C:\Program Files\ArcSoft\TotalMedia 3\TotalMedia.exe (ArcSoft, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-107764297-1135023587-818665055-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-107764297-1135023587-818665055-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-107764297-1135023587-818665055-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-107764297-1135023587-818665055-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O8 - Extra context menu item: Add to Google Photos Screensa & ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E & ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Save Page As PDF ... - C:\Program Files\Nitro PDF\PDF Download\nitroweb.htm ()
O8 - Extra context menu item: Send to & Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Wyślij & do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Enable/Disable PDF Download for this site - {96538116-AB8C-4879-9F21-BD2BFE22A414} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : PDF Download - Options - {AD9E6088-E00B-42f9-9F0C-8480525D234E} - Reg Error: Key error. File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{132F1E9C-7C58-4154-9A0B-543519535056}: DhcpNameServer = 192.168.0.1 217.30.129.149 217.30.149.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA50564B-D02F-4B12-ACDC-454EB66EE704}: DhcpNameServer = 192.168.43.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ACNotify: DllName - (ACNotify.dll) - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo)
O20 - Winlogon\Notify\dimsntfy: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\OPXPGina: DllName - (C:\Program Files\Softex\OmniPass\opxpgina.dll) - C:\Program Files\Softex\OmniPass\OPXPGina.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - (tphklock.dll) - C:\WINDOWS\System32\tphklock.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Pan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-06-10 18:06:24 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011-03-22 14:50:05 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2003-10-20 15:35:04 | 000,000,042 | ---- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2003-10-20 15:35:04 | 000,000,042 | -H-- | M] () - D:\AUTOEXEC.ICR -- [ FAT32 ]
O32 - AutoRun File - [2011-03-22 13:50:08 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2011-03-22 14:50:05 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-03-22 14:50:06 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{0ba45d03-e929-11df-8f20-0016cef2d942}\Shell\AutoRun\command - " " = M:\
O33 - MountPoints2\{0ba45d03-e929-11df-8f20-0016cef2d942}\Shell\linuxlive\command - " " = M:\VirtualBox\Virtualize_This_Key.exe
O33 - MountPoints2\{0ba45d03-e929-11df-8f20-0016cef2d942}\Shell\linuxlive2\command - " " = M:\VirtualBox\VirtualBox.exe
O33 - MountPoints2\{74f6729c-adf0-11df-8efa-00f1d000f1d0}\Shell\AutoRun\command - " " = H:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- " %1 " %*
O35 - HKLM\..exefile [open] -- " %1 " %*
O37 - HKLM\...com [@ = comfile] -- " %1 " %*
O37 - HKLM\...exe [@ = exefile] -- " %1 " %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013-10-24 20:43:44 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-10-24 19:53:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Foxit Software
[2013-10-24 19:52:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader
[2013-10-24 19:52:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pan\Application Data\Foxit Software
[2013-10-24 19:52:04 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2013-10-19 10:55:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pan\Application Data\eTeks
[2013-10-13 01:04:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\eTeks Sweet Home 3D
[2013-10-10 15:39:20 | 000,000,000 | ---D | C] -- C:\Temp projects
[2013-10-10 12:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pan\Desktop\Zdjecia i tematy z Traugutta
[2013-09-29 23:07:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pan\Desktop\Reklamacje_Poradnik
[2013-09-25 17:01:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pan\Desktop\Reklamacja PLAY
[2008-07-26 09:38:59 | 000,064,544 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Pan\MSSSerif96.fon
[2008-07-24 08:30:48 | 000,440,320 | ---- | C] (Irfan Skiljan) -- C:\Program Files\i_view32.exe
[2006-06-18 19:03:00 | 000,089,680 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Pan\MSSSerif120.fon
[1 C:\WINDOWS\System32\*.tmp files - & gt; C:\WINDOWS\System32\*.tmp - & gt; ]
[1 C:\*.tmp files - & gt; C:\*.tmp - & gt; ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013-10-24 20:52:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B674C8C0-A6C5-4BB6-A262-B0A29FD997AE}.job
[2013-10-24 20:51:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{308F5698-F5B7-4664-A656-154B508AA8AD}.job
[2013-10-24 20:34:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-10-24 20:34:12 | 2144,980,992 | -HS- | M] () -- C:\hiberfil.sys
[2013-10-24 20:05:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-10-24 19:52:19 | 000,001,746 | ---- | M] () -- C:\Documents and Settings\Pan\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2013-10-24 19:52:19 | 000,001,728 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2013-10-24 19:33:55 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\Pan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk
[2013-10-24 19:18:28 | 000,000,888 | ---- | M] () -- C:\Documents and Settings\Pan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-10-24 19:17:30 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\Pan\Desktop\Mozilla Firefox (2).lnk
[2013-10-21 03:32:11 | 000,855,100 | ---- | M] () -- C:\Documents and Settings\Pan\My Documents\K_Lm_LD.sh3d
[2013-10-19 13:26:26 | 000,002,337 | ---- | M] () -- C:\Documents and Settings\Pan\Application Data\Microsoft\Internet Explorer\Quick Launch\The Bat! E-Mail Client.lnk
[2013-10-19 12:35:26 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013-10-19 12:35:24 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013-10-16 10:41:30 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-10-10 22:17:26 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Pan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-09-25 01:38:44 | 000,378,448 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[1 C:\WINDOWS\System32\*.tmp files - & gt; C:\WINDOWS\System32\*.tmp - & gt; ]
[1 C:\*.tmp files - & gt; C:\*.tmp - & gt; ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013-10-24 19:52:19 | 000,001,746 | ---- | C] () -- C:\Documents and Settings\Pan\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2013-10-24 19:52:19 | 000,001,728 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2013-10-24 19:52:18 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\gcapi_dll.dll
[2013-10-21 00:36:10 | 000,855,100 | ---- | C] () -- C:\Documents and Settings\Pan\My Documents\K_Lm_LD.sh3d
[2013-09-06 10:53:00 | 000,000,238 | ---- | C] () -- C:\WINDOWS\System32\AF15IRTBL.bin
[2013-07-27 00:00:18 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2013-07-18 14:32:38 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2013-07-18 14:32:34 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2013-07-18 14:32:34 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2013-07-18 14:32:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2013-07-18 14:32:34 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2013-07-09 12:47:10 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013-07-09 12:47:10 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013-07-09 12:47:08 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013-04-15 18:40:06 | 000,422,000 | ---- | C] () -- C:\WINDOWS\System32\wgapi.dll
[2013-04-15 18:40:06 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\wgapiloc.dll
[2013-02-27 21:32:17 | 000,000,060 | ---- | C] () -- C:\WINDOWS\Viewer.INI
[2012-09-21 01:54:57 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012-04-30 09:30:00 | 011,919,360 | ---- | C] () -- C:\Documents and Settings\Pan\s-1-5-21-107764297-1135023587-818665055-1006.rrr
[2012-03-31 14:26:08 | 000,875,740 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-107764297-1135023587-818665055-1007-0.dat
[2012-01-28 21:42:14 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2012-01-06 22:02:09 | 000,549,892 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-107764297-1135023587-818665055-1008-0.dat
[2011-10-12 15:26:58 | 005,008,046 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-107764297-1135023587-818665055-1006-0.dat
[2011-06-12 00:10:15 | 002,052,096 | ---- | C] () -- C:\Documents and Settings\Pan\Iranska_bomba2.pps
[2011-06-01 22:12:51 | 000,375,278 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010-11-08 01:09:19 | 000,462,911 | ---- | C] () -- C:\Documents and Settings\Pan\ZbyszekCzytajacy.jpg
[2010-09-09 09:59:13 | 000,257,024 | ---- | C] () -- C:\Program Files\FLV PlayerATBSetup.exe
[2010-09-08 16:57:30 | 000,756,040 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010-06-09 10:58:11 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2008-07-24 23:18:07 | 000,003,421 | ---- | C] () -- C:\Program Files\i_view32.ini
[2006-11-01 09:15:32 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Pan\Application Data\$_hpcst$.hpc
[2006-07-02 10:28:51 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\fusioncache.dat
[2006-06-21 09:03:20 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Pan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006-06-19 18:00:42 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Pan\Application Data\PFP120JPR.{PB
[2006-06-19 18:00:42 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Pan\Application Data\PFP120JCM.{PB
[2006-06-10 18:06:05 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Pan\Local Settings\Application Data\fusioncache.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2012-07-14 19:11:12 | 000,000,596 | ---- | M] () -- C:\Documents and Settings\Pani\Application Data\Mozilla\Firefox\Profiles\a0zdj5e7.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\icons\@.png
[2006-05-27 19:23:02 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
" " = %SystemRoot%\system32\shdocvw.dll -- [2008-04-21 08:56:58 | 001,499,136 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
" " = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 12:01:53 | 000,473,088 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
" " = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-04 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Both

[color=#E56717]========== LOP Check ==========[/color]

[2006-05-27 19:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.LENOVO\Application Data\IBM
[2010-12-19 14:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ALLConverter
[2010-11-13 22:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2013-08-28 10:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ashampoo
[2012-09-21 02:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2013-07-22 22:27:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010-06-09 20:34:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland
[2010-11-02 11:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\clonehdd
[2011-05-12 12:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\copypart
[2010-06-09 20:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\createpart
[2010-06-09 19:29:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\explauncher
[2010-06-11 19:28:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gadu-Gadu 10
[2011-10-09 00:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010-07-11 09:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GlobeTrotter Mobility Manager
[2010-11-19 02:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ipla
[2010-06-09 20:28:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\launcher
[2006-05-27 19:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo
[2010-08-17 14:44:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\mergeparts
[2010-07-27 19:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2011-02-20 14:38:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OpenFM
[2011-03-16 18:01:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2010-07-28 08:37:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011-11-30 22:41:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PDF Writer
[2010-06-09 20:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\redistpart
[2013-08-25 22:17:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2010-06-09 20:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaskMgr
[2010-08-23 00:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Teleca
[2013-07-24 09:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006-06-10 18:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ThinkVantage
[2013-04-15 18:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TP-LINK
[2006-05-27 19:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\IBM
[2013-10-24 19:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Foxit Software
[2011-07-30 13:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Muoda\Application Data\Gadu-Gadu 10
[2011-11-26 03:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Muoda\Application Data\Garmin
[2012-09-15 12:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Muoda\Application Data\HTC
[2006-05-27 19:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Muoda\Application Data\IBM
[2010-11-03 00:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Muoda\Application Data\Teleca
[2007-06-13 04:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Muoda\Application Data\ThinkVantage
[2006-07-02 02:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\AcWizard
[2013-04-16 13:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\anpo.republika.pl
[2012-09-21 02:07:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\Autodesk
[2007-08-12 20:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\DeepBurner
[2013-07-25 13:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\ElevatedDiagnostics
[2013-10-19 10:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\eTeks
[2013-04-16 13:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\fltk.org
[2010-12-02 14:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\foobar2000
[2013-10-24 19:53:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\Foxit Software
[2011-04-15 14:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\Gadu-Gadu 10
[2013-02-21 13:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\GARMIN
[2011-09-14 14:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\GlarySoft
[2012-06-11 15:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\HTC
[2012-06-11 14:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2006-05-27 19:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\IBM
[2006-06-29 08:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\InterVideo
[2013-07-14 19:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\ipla
[2010-08-30 15:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\IrfanView
[2006-06-18 19:03:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\Leadertech
[2010-07-29 08:52:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\Nokia
[2010-06-12 09:43:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\OpenFM
[2010-06-15 12:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\OpenOffice.org
[2010-07-27 23:34:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\PC Suite
[2011-11-30 22:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\PDF Writer
[2010-11-02 02:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\progeSOFT
[2006-06-18 23:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\QcWizard
[2013-08-25 22:20:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\Samsung
[2012-06-11 18:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\SumatraPDF
[2013-07-26 23:58:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\SystemRequirementsLab
[2010-08-23 01:04:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\Teleca
[2013-10-19 13:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\The Bat!
[2006-06-10 18:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\ThinkVantage
[2010-09-08 17:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan\Application Data\VDownloader
[2012-12-11 23:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan.LENOVO\Application Data\HTC
[2006-05-27 19:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan.LENOVO\Application Data\IBM
[2012-12-11 23:17:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pan.LENOVO\Application Data\ThinkVantage
[2010-07-24 11:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pani\Application Data\Gadu-Gadu 10
[2012-01-06 12:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pani\Application Data\GARMIN
[2012-07-11 16:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pani\Application Data\HTC
[2006-05-27 19:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pani\Application Data\IBM
[2011-07-18 21:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pani\Application Data\OpenOffice.org
[2012-06-03 00:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pani\Application Data\PC Suite
[2011-07-16 20:25:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pani\Application Data\Teleca
[2012-06-08 12:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pani\Application Data\The Bat!
[2006-07-08 04:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pani\Application Data\ThinkVantage

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 139 bytes - & gt; C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 105 bytes - & gt; C:\Documents and Settings\All Users\Application Data\TEMP:346465CA

& lt; End of report & gt;