OTL logfile created on: 2012-08-10 07:12:33 - Run 1
OTL by OldTimer - Version 3.2.56.0     Folder = F:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd
 
1,96 Gb Total Physical Memory | 1,51 Gb Available Physical Memory | 77,03% Memory free
3,81 Gb Paging File | 3,60 Gb Available in Paging File | 94,37% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 46,61 Gb Free Space | 20,01% Space Free | Partition Type: NTFS
Drive F: | 3,73 Gb Total Space | 3,44 Gb Free Space | 92,24% Space Free | Partition Type: FAT32
 
Computer Name: IT1452 | User Name: Samsung | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-08-09 20:35:42 | 000,596,480 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2012-07-28 15:55:58 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-08-20 09:47:43 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011-04-07 13:32:09 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2011-04-07 13:31:44 | 001,839,776 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2009-09-09 07:50:00 | 003,514,112 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE
PRC - [2008-04-14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-08-04 08:57:37 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
MOD - [2012-07-28 15:55:57 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-08-04 08:57:39 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-07-28 15:55:58 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-01-13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011-08-20 09:47:43 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011-04-26 10:14:04 | 000,253,952 | ---- | M] (Ryan Conrad) [Auto | Stopped] -- C:\Program Files\Droid Explorer\DroidExplorer.Service.exe -- (DroidExplorerService)
SRV - [2011-04-07 13:32:09 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2011-04-07 13:32:09 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2011-04-07 13:31:49 | 001,893,728 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2011-04-07 13:31:46 | 000,357,744 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2011-04-07 13:31:44 | 001,839,776 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2010-09-07 16:05:51 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2010-07-04 20:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Stopped] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008-03-18 05:27:12 | 000,013,312 | R--- | M] (Agere Systems) [Auto | Stopped] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008-01-16 17:37:38 | 000,031,248 | ---- | M] (Syntek America Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\StkCSrv.exe -- (StkSSrv)
SRV - [2007-04-13 02:50:00 | 000,590,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2007-04-13 02:50:00 | 000,251,256 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\CCM\clicomp\RemCtrl\Wuser32.exe -- (Wuser32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\easytthr.sys -- (easytether)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012-08-08 10:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012-08-08 10:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012-05-21 04:09:00 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2012-05-21 04:09:00 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012-05-21 04:09:00 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012-05-15 10:00:00 | 001,589,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20120808.034\NAVEX15.SYS -- (NAVEX15)
DRV - [2012-05-15 10:00:00 | 000,087,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20120808.034\NAVENG.SYS -- (NAVENG)
DRV - [2011-12-23 21:58:18 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2011-12-10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011-10-27 03:25:56 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2011-10-27 03:25:56 | 000,100,352 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssceserd.sys -- (ssceserd)
DRV - [2011-10-27 03:25:56 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscebus.sys -- (sscebus)
DRV - [2011-10-27 03:25:56 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2011-10-27 03:25:52 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2011-10-27 03:25:52 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2011-10-27 03:25:52 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2011-10-27 03:25:44 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2011-10-27 03:25:44 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2011-10-27 03:25:44 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2011-10-27 03:25:40 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011-10-27 03:25:40 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011-10-27 03:25:40 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011-10-27 03:25:40 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011-10-27 03:25:40 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011-08-15 18:40:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011-08-15 18:40:22 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011-06-21 17:46:10 | 000,167,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpshelper.sys -- (WpsHelper)
DRV - [2011-04-07 13:36:27 | 000,125,488 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011-04-07 13:32:14 | 000,043,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS)
DRV - [2011-04-07 13:32:12 | 000,320,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2011-04-07 13:32:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2011-04-07 13:32:11 | 000,284,720 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2011-04-07 13:31:53 | 000,067,472 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2)
DRV - [2010-10-08 10:37:56 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2010-06-14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010-04-08 13:15:01 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2010-04-08 13:15:01 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2010-03-29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010-03-28 19:56:49 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010-02-17 20:15:58 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009-08-11 08:14:39 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-06-26 06:15:34 | 003,630,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32)
DRV - [2008-06-13 07:26:06 | 000,110,080 | R--- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008-05-20 10:53:00 | 004,800,000 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008-04-25 10:31:26 | 000,146,688 | R--- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV)
DRV - [2008-04-15 10:16:44 | 000,244,368 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress)
DRV - [2008-03-28 19:19:52 | 001,363,088 | ---- | M] (Syntek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkCMini.sys -- (StkCMini)
DRV - [2008-03-21 05:13:00 | 001,203,776 | R--- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007-08-08 20:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007-07-24 00:59:12 | 000,041,216 | R--- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2007-04-13 02:50:00 | 000,023,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2007-03-31 06:02:42 | 000,876,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007-03-23 03:50:42 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007-03-23 03:50:36 | 000,037,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2007-03-23 03:50:24 | 000,149,123 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007-03-23 03:50:08 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007-03-23 03:49:54 | 000,539,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006-11-02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006-07-24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2005-11-28 11:44:06 | 000,011,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kbstuff5.sys -- (kbstuff)
DRV - [2005-11-28 11:44:04 | 000,008,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\idisw2km.sys -- (idisw2km)
DRV - [2003-05-01 14:26:34 | 000,005,220 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2000-08-24 01:19:38 | 000,004,300 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{BBCAF0CC-EF46-4795-946F-6DA3F01F4291}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-21-4192319393-1702428328-1919773330-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-21-4192319393-1702428328-1919773330-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4192319393-1702428328-1919773330-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=8228b8ee-2f9b-11e1-8f1b-002269ccf2e5&q={searchTerms}
IE - HKU\S-1-5-21-4192319393-1702428328-1919773330-1006\..\SearchScopes\{BBCAF0CC-EF46-4795-946F-6DA3F01F4291}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4192319393-1702428328-1919773330-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {eaf8a4ef-d221-45ca-9deb-d0934b45fa34}:1.3.0.3
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-28 15:55:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-06-22 08:32:54 | 000,000,000 | ---D | M]
 
[2009-07-16 09:29:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Samsung\Application Data\mozilla\Extensions
[2012-05-04 08:41:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Samsung\Application Data\mozilla\Firefox\Profiles\2gtlwein.default\extensions
[2010-09-07 18:52:06 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\Samsung\Application Data\mozilla\Firefox\Profiles\2gtlwein.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010-04-28 18:40:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Samsung\Application Data\mozilla\Firefox\Profiles\2gtlwein.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012-03-30 08:07:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Samsung\Application Data\mozilla\Firefox\Profiles\2gtlwein.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009-07-16 09:29:49 | 000,000,000 | ---D | M] (OggX (powered by TIME S.A.)) -- C:\Documents and Settings\Samsung\Application Data\mozilla\Firefox\Profiles\2gtlwein.default\extensions\{eaf8a4ef-d221-45ca-9deb-d0934b45fa34}
[2008-01-24 13:55:02 | 000,002,920 | ---- | M] () -- C:\Documents and Settings\Samsung\Application Data\Mozilla\Firefox\Profiles\2gtlwein.default\searchplugins\daemon-search.xml
[2009-12-20 23:46:34 | 000,005,413 | ---- | M] () -- C:\Documents and Settings\Samsung\Application Data\Mozilla\Firefox\Profiles\2gtlwein.default\searchplugins\fast-browser-search.xml
[2011-12-26 10:28:05 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Samsung\Application Data\Mozilla\Firefox\Profiles\2gtlwein.default\searchplugins\startsear.xml
[2011-03-05 19:33:29 | 000,001,583 | ---- | M] () -- C:\Documents and Settings\Samsung\Application Data\Mozilla\Firefox\Profiles\2gtlwein.default\searchplugins\web-search.xml
[2010-09-06 21:24:19 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Samsung\Application Data\Mozilla\Firefox\Profiles\2gtlwein.default\searchplugins\winamp-search.xml
[2009-06-08 22:23:20 | 000,002,961 | ---- | M] () -- C:\Documents and Settings\Samsung\Application Data\Mozilla\Firefox\Profiles\2gtlwein.default\searchplugins\wwwempetypl.xml
[2012-05-08 22:12:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-07-28 15:55:59 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-10-27 15:45:50 | 000,083,456 | ---- | M] (LiveVDO ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2012-02-21 20:06:10 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-02-21 20:06:10 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-02-21 20:06:10 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-02-21 20:06:10 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-21 20:06:10 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-02-21 20:06:10 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Web Search (Enabled)
CHR - default_search_provider: search_url = http://startsear.ch/?aff=2&src=sp&cf=8228b8ee-2f9b-11e1-8f1b-002269ccf2e5&q={searchTerms}
CHR - default_search_provider: suggest_url = 
CHR - homepage: about:blank
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Samsung\Local Settings\Application Data\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Documents and Settings\Samsung\Local Settings\Application Data\Google\Chrome\Application\16.0.912.63\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Samsung\Local Settings\Application Data\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Documents and Settings\Samsung\Local Settings\Application Data\Google\Chrome\Application\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Documents and Settings\Samsung\Local Settings\Application Data\Google\Chrome\Application\plugins\nprpjplug.dll
CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Samsung\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Samsung\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Samsung\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: LiveVDO plugin = C:\Documents and Settings\Samsung\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\
CHR - Extension: Gmail = C:\Documents and Settings\Samsung\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
O1 HOSTS File: ([2004-08-04 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (PDF-XChange Viewer IE-Plugin) - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Program Files\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll (Tracker Software Products Ltd.)
O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found.
O3 - HKU\S-1-5-21-4192319393-1702428328-1919773330-1006\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-4192319393-1702428328-1919773330-1006\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-4192319393-1702428328-1919773330-1006\..\Toolbar\WebBrowser: (no name) - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe (SAMSUNG Electronics)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [MagicKeyboard] C:\Program Files\Samsung\MagicKBD\PreMKbd.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [sdchange] C:\Documents and Settings\Samsung\Local Settings\Application Data\Microsoft\Windows\191\sdchange.exe ()
O4 - HKU\S-1-5-21-4192319393-1702428328-1919773330-1006..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-4192319393-1702428328-1919773330-1006..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-4192319393-1702428328-1919773330-1006..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-4192319393-1702428328-1919773330-1006..\Run: [Paseczek] C:\Program Files\Paseczek\Paseczek.exe (Codeton Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4192319393-1702428328-1919773330-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O15 - HKU\.DEFAULT\..Trusted Domains: bankier.pl ([content] http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: citicorp.com ([citidirect-eb] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: citicorp.com ([europe.citidirect-eb] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: intranet ([]http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: microsoft.com ([update] http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: samsung.net ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: samsung.net ([]http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: samsung.net ([gscm.sec] http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: samsung.net ([mysingle3] http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: samsung.net ([sso.sec] http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: samsung.net ([www] http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: samsung.net ([www] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: samsunggsbn.com ([]http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: samsungwtn.com ([]http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Ranges: Range2 ([http] in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Ranges: Range3 ([http] in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Ranges: Range4 ([http] in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Ranges: Range5 ([http] in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Ranges: Range6 ([http] in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Ranges: Range7 ([http] in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: bankier.pl ([content] http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: citicorp.com ([citidirect-eb] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: citicorp.com ([europe.citidirect-eb] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: intranet ([]http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: microsoft.com ([update] http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: samsung.net ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: samsung.net ([]http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: samsung.net ([gscm.sec] http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: samsung.net ([mysingle3] http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: samsung.net ([sso.sec] http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: samsung.net ([www] http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: samsung.net ([www] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: samsunggsbn.com ([]http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: samsungwtn.com ([]http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range2 ([http] in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range3 ([http] in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range4 ([http] in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range5 ([http] in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range6 ([http] in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range7 ([http] in Trusted sites)
O15 - HKU\S-1-5-21-4192319393-1702428328-1919773330-1006\..Trusted Domains: brebrokers.pl ([www] https in Trusted sites)
O16 - DPF: {03F49E0E-C43A-4037-BBD6-D681E998A08E} http://sso.sec.samsung.net/cabfiles/CM_CodeAx.cab (CodeAx Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {178E9062-BA7B-4769-B0DC-AD8A013A2E6B} http://gerpeu.sec.samsung.net/cab/ExcelExport.cab (ExcelExport Control)
O16 - DPF: {1B5EE264-CCAB-48A4-B8DA-04D4BB004CC3} http://mdscm.sec.samsung.net/mi/install3.11/MiUpdater310U.cab (CyMiInstaller310 Class)
O16 - DPF: {2FF8F8B7-1B3F-4E5F-93B1-FEF1D703C0F4} http://w1.samsung.net/cabs/LocalFolder2004/Cab/mySingleLocal_U.cab (LocalTree.LocalXMLTree)
O16 - DPF: {3042C30E-50B7-44EF-B4B6-C9AB391DEF78} http://ea.sec.samsung.net/ActiveUpdate/Components/Manager.cab (Manager Class)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {34B5A473-9696-4F9A-9BA1-41B8185A9798} http://w1.samsung.net/cabs/EpFTP3/EpFTP3_U.cab (EpFTP3 Control)
O16 - DPF: {37DEC207-782F-40F5-803C-18ACEDA1ABA6} https://w1.samsung.net/portalWeb/cabs/mySinglePersonalCache.cab (PersonalCache Control)
O16 - DPF: {3F3531B7-024F-48F5-A159-F45949473CFE} http://eu.samsungvpn.com/english/data/cabFile/SVPNModule.cab (SVPNSmartAgent Class)
O16 - DPF: {5CC17EC1-B04D-4F63-A95E-71BBB7F52CE0} http://localhost/REQUBE/lib/RQViewerX.cab (EasyBase ActiveX Viewer)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1248107046265 (MUWebControl Class)
O16 - DPF: {6EA553AE-9B6D-4025-B3A9-CC3454F86E7B} file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/SamNetIssac.cab (IssacSamNetCls Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {859A7EB3-35E6-434B-A82B-08B4F8DDE1B6} http://w1.samsung.net/cabs/Namo/NamoWec.cab (NamoWeCtl 6.0 for samsung_mysingle)
O16 - DPF: {88DDFD7D-14F7-4E89-8F85-737B90B1A0D0} https://w1.samsung.net/cabs/LocalFolder2004/Cab/mySingle_Trust.CAB (mySingleTrust.ClsMain)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C63E3330-049F-4C31-B47E-425C84A5A725} https://w1.samsung.net/cabs/Tray/EpAdm2.cab (EpAdm2 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE6ABA6A-095B-43E3-BEBB-879868DC5C8A} https://w1.samsung.net/cabs/messenger/SSLinks.cab (SSLinks Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F2BE8941-E765-444C-9070-4CC933405CE9} http://gerpeu.sec.samsung.net/cab/NamoWec.cab (NamoWeCtl 5.0 for samsung)
O16 - DPF: {FEA96871-7BA4-496B-B020-6B078839891E} file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/SVPNEnvModule.cab (SVPNEnvCheck Control)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = sepol.Local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C9E6B97-B2A6-4F71-978F-095158D3D1EB}: NameServer = 86.63.129.29,212.182.63.146
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1503A56E-2E22-46A4-87FB-B6130417F8DB}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1503A56E-2E22-46A4-87FB-B6130417F8DB}: NameServer = 86.63.129.29,212.182.63.146
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Samsung\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Samsung\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-11-05 13:52:32 | 000,049,648 | ---- | M] () - F:\autoruns.chm -- [ FAT32 ]
O32 - AutoRun File - [2012-08-01 13:27:52 | 000,643,696 | ---- | M] (Sysinternals - www.sysinternals.com) - F:\autoruns.exe -- [ FAT32 ]
O32 - AutoRun File - [2012-08-01 13:27:52 | 000,561,264 | ---- | M] (Sysinternals - www.sysinternals.com) - F:\autorunsc.exe -- [ FAT32 ]
O33 - MountPoints2\{09748f87-e629-11de-8aee-002269ccf2e5}\Shell\AutoRun\command - "" = E:\RESTORE\c-1-3-64-8794238531-8742492-9897532\Sys32.exe
O33 - MountPoints2\{09748f87-e629-11de-8aee-002269ccf2e5}\Shell\open\command - "" = E:\RESTORE\c-1-3-64-8794238531-8742492-9897532\Sys32.exe
O33 - MountPoints2\{245d155a-25a4-11de-9ea6-0050fc5db87c}\Shell\AutoRun\command - "" = E:\0bcobed.exe
O33 - MountPoints2\{245d155a-25a4-11de-9ea6-0050fc5db87c}\Shell\open\Command - "" = E:\0bcobed.exe
O33 - MountPoints2\{2b9fa95a-7c5b-11df-8b9f-002269ccf2e5}\Shell - "" = AutoRun
O33 - MountPoints2\{2b9fa95a-7c5b-11df-8b9f-002269ccf2e5}\Shell\AutoRun\command - "" = F:\ICM_ML.exe
O33 - MountPoints2\{5cb9f3f5-a4a1-11dc-9d47-0050fc5db87c}\Shell\Auto\command - "" = E:\RavMonE.exe e
O33 - MountPoints2\{5cb9f3f5-a4a1-11dc-9d47-0050fc5db87c}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
O33 - MountPoints2\{5cb9f3f5-a4a1-11dc-9d47-0050fc5db87c}\Shell\explore\Command - "" = E:\RavMonE.exe e
O33 - MountPoints2\{5cb9f3f5-a4a1-11dc-9d47-0050fc5db87c}\Shell\open\Command - "" = E:\RavMonE.exe e
O33 - MountPoints2\{7e2fc033-e699-11dc-9dd6-0050fc5db87c}\Shell\Auto\command - "" = RavMonE.exe e
O33 - MountPoints2\{7e2fc033-e699-11dc-9dd6-0050fc5db87c}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
O33 - MountPoints2\{7e2fc033-e699-11dc-9dd6-0050fc5db87c}\Shell\explore\Command - "" = RavMonE.exe e
O33 - MountPoints2\{7e2fc033-e699-11dc-9dd6-0050fc5db87c}\Shell\open\Command - "" = RavMonE.exe e
O33 - MountPoints2\{99c52427-25b7-11dd-9e2c-0050fc5db87c}\Shell\AutoRun\command - "" = F:\31n3b2h.exe
O33 - MountPoints2\{99c52427-25b7-11dd-9e2c-0050fc5db87c}\Shell\explore\Command - "" = F:\31n3b2h.exe
O33 - MountPoints2\{99c52427-25b7-11dd-9e2c-0050fc5db87c}\Shell\open\Command - "" = F:\31n3b2h.exe
O33 - MountPoints2\{9e978ae3-044a-11e0-8cb5-002269ccf2e5}\Shell\AutoRun\command - "" = F:\APPInst.exe
O33 - MountPoints2\{f3c22b2c-1650-11df-8b14-002269ccf2e5}\Shell\ArcaVirMenu\command - "" = E:\ArcaVirMenu.exe
O33 - MountPoints2\{f3c22b2c-1650-11df-8b14-002269ccf2e5}\Shell\AutoRun\command - "" = E:\ArcaVirMenu.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-08-10 07:03:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2012-08-09 21:45:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Samsung\Recent
[2012-08-09 20:02:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Samsung\Application Data\hellomoto
[2012-07-13 15:34:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[25 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-08-10 07:10:31 | 000,003,400 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2012-08-10 07:00:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-08-10 06:59:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-08-10 06:58:23 | 000,000,484 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2012-08-10 06:58:06 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-08-10 06:50:31 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-08-09 22:15:04 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012-08-09 20:38:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-08-09 16:36:52 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{1A4DD390-8325-4B81-B086-1153427BC541}.job
[2012-08-06 08:32:38 | 000,014,936 | ---- | M] () -- C:\Documents and Settings\Samsung\Desktop\5536815.pdf
[2012-08-04 13:28:41 | 000,297,474 | ---- | M] () -- C:\Documents and Settings\Samsung\Desktop\um2.jpg
[2012-08-04 13:28:29 | 000,412,659 | ---- | M] () -- C:\Documents and Settings\Samsung\Desktop\um1.jpg
[2012-08-04 08:57:38 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-08-04 08:57:38 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-08-04 08:57:31 | 009,827,016 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012-07-27 13:04:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012-07-27 07:17:23 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-07-13 20:38:53 | 000,015,423 | ---- | M] () -- C:\Documents and Settings\Samsung\Desktop\Dokument VAT I - 0108_12_FVS.pdf
[2012-07-11 08:26:28 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Samsung\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2012-07-11 07:51:42 | 000,294,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[25 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-08-09 22:12:57 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012-08-06 08:32:38 | 000,014,936 | ---- | C] () -- C:\Documents and Settings\Samsung\Desktop\5536815.pdf
[2012-08-04 13:28:40 | 000,297,474 | ---- | C] () -- C:\Documents and Settings\Samsung\Desktop\um2.jpg
[2012-08-04 13:28:28 | 000,412,659 | ---- | C] () -- C:\Documents and Settings\Samsung\Desktop\um1.jpg
[2012-07-13 20:38:53 | 000,015,423 | ---- | C] () -- C:\Documents and Settings\Samsung\Desktop\Dokument VAT I - 0108_12_FVS.pdf
[2012-05-14 17:10:04 | 001,754,160 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012-02-16 17:26:22 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-02-01 17:19:08 | 000,631,720 | ---- | C] () -- C:\WINDOWS\System32\n3_proxy.exe
[2011-02-09 20:04:46 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011-02-09 20:04:46 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011-01-29 18:00:24 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011-01-04 17:10:56 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011-01-04 17:10:56 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011-01-04 17:10:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011-01-04 17:10:56 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2010-11-16 21:27:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2010-03-17 17:18:20 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2009-07-16 09:28:14 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Samsung\Application Data\$_hpcst$.hpc
[2009-07-16 09:20:57 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Samsung\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-07-16 09:20:57 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Samsung\Local Settings\Application Data\fusioncache.dat
[2008-10-09 13:56:23 | 000,000,798 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009-10-22 13:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PC Suite
[2011-10-11 19:17:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alior Trader DEMO
[2010-03-28 19:56:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009-08-04 08:36:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2010-05-16 11:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gadu-Gadu 10
[2012-08-10 07:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2008-10-09 13:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Infineon
[2010-04-01 21:52:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2011-03-05 19:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ipla
[2009-07-20 17:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2012-04-16 08:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MetaQuotes
[2010-04-01 21:59:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010-07-31 12:49:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OpenFM
[2009-07-26 20:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2012-01-15 22:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009-10-12 18:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SolidDocuments
[2011-10-11 19:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010-11-16 22:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011-05-16 16:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\DroidExplorer
[2010-06-18 13:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\AIMP
[2011-10-07 19:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Alior Trader DEMO
[2009-07-16 09:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\ArcaBit
[2010-01-20 19:57:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\ArcaMicroScan
[2012-08-09 23:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\ArcaVirMicroScan
[2011-08-22 19:21:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\BESTplayer
[2009-07-16 09:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Bitdefender
[2009-07-16 09:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Codeton
[2009-07-16 09:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\ConvertTemp
[2009-07-16 09:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Crystal Player
[2009-07-16 09:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\DAEMON Tools
[2011-07-24 22:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\DAEMON Tools Lite
[2009-10-29 20:38:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\dBpoweramp
[2009-07-16 09:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\DeepBurner
[2011-05-17 09:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\DroidExplorer
[2012-08-08 20:39:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Dropbox
[2010-10-20 19:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\e-Kiosk Reader
[2011-03-07 18:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\ESET
[2009-07-16 09:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\eXPert PDF Editor
[2009-07-16 09:31:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Gadu-Gadu
[2009-12-19 19:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Gadu-Gadu 10
[2009-07-16 09:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\GanymedeNet
[2012-08-09 20:02:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\hellomoto
[2011-03-06 13:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\ipla
[2009-07-16 09:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\IrfanView
[2010-04-29 17:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\ML
[2009-07-16 09:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\mojeFundusze
[2009-10-24 18:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Nowe Gadu-Gadu
[2009-10-25 18:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\OpenFM
[2009-11-08 17:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\OpenOffice.org
[2009-07-16 09:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\OpenOffice.ux.pl2
[2009-07-16 09:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Opera
[2009-07-16 09:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Orbit
[2009-12-11 21:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\PC Suite
[2009-07-16 09:29:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\PDFCreator
[2009-10-11 10:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\RayV
[2011-03-05 18:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\RDRM
[2009-10-18 12:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Registry Mechanic
[2009-07-16 09:29:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\RssBandit
[2012-07-28 16:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Samsung
[2011-09-26 21:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Scripts
[2011-10-12 16:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Simply Super Software
[2009-10-12 18:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\SolidDocuments
[2009-07-16 09:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Spyware Terminator
[2012-05-11 20:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Temp
[2009-07-16 09:28:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Temporary
[2009-10-12 18:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\TG4
[2009-07-16 09:28:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\The Bat!
[2009-07-16 09:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Tomahawk
[2009-07-16 09:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\TransRender
[2009-07-16 09:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\TrojanHunter
[2009-07-16 09:28:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Ulead Systems
[2009-10-18 12:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\Uniblue
[2012-04-03 09:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\VisaWidget
[2009-07-16 09:28:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\XemiComputers
[2009-07-16 09:28:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Samsung\Application Data\XnView
[2012-08-09 16:36:52 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{1A4DD390-8325-4B81-B086-1153427BC541}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2009-09-24 20:17:25 | 000,044,032 | ---- | M] ()(C:\Documents and Settings\Samsung\My Documents\SPRAWOZDANIE P?ROCZNE ZSOW.doc) -- C:\Documents and Settings\Samsung\My Documents\SPRAWOZDANIE PӣROCZNE ZSOW.doc
[2009-09-24 19:41:46 | 000,044,032 | ---- | C] ()(C:\Documents and Settings\Samsung\My Documents\SPRAWOZDANIE P?ROCZNE ZSOW.doc) -- C:\Documents and Settings\Samsung\My Documents\SPRAWOZDANIE PӣROCZNE ZSOW.doc
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 154 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0C1EFF69
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D282699C
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >