OTL logfile created on: 07-10-2012 15:27:10 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\pobieranie
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd-MM-yyyy
 
3,00 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 48,80% Memory free
6,19 Gb Paging File | 4,35 Gb Available in Paging File | 70,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 60,33 Gb Total Space | 21,06 Gb Free Space | 34,91% Space Free | Partition Type: NTFS
Drive D: | 156,25 Gb Total Space | 17,58 Gb Free Space | 11,25% Space Free | Partition Type: NTFS
 
Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-10-07 15:18:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\pobieranie\OTL.exe
PRC - [2012-09-12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2012-09-12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012-09-12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012-09-06 03:24:58 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-07-27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-04-17 15:05:00 | 000,651,264 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
PRC - [2012-02-17 11:18:58 | 003,006,776 | ---- | M] () -- C:\Program Files\SpyShelter Personal Free\SpyShelter.exe
PRC - [2012-02-02 04:48:48 | 000,681,472 | ---- | M] (The Document Foundation) -- C:\Program Files\LibreOffice 3.5\program\soffice.bin
PRC - [2012-02-02 04:48:48 | 000,058,368 | ---- | M] (The Document Foundation) -- C:\Program Files\LibreOffice 3.5\program\scalc.exe
PRC - [2012-02-02 04:48:48 | 000,050,688 | ---- | M] (The Document Foundation) -- C:\Program Files\LibreOffice 3.5\program\soffice.exe
PRC - [2011-09-15 13:06:04 | 000,088,576 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2011-03-14 08:13:00 | 002,815,304 | ---- | M] () -- C:\Program Files\OO Software\DiskImage\oodiag.exe
PRC - [2010-11-06 23:24:32 | 001,866,864 | ---- | M] (PeerBlock, LLC) -- C:\Program Files\PeerBlock\peerblock.exe
PRC - [2010-06-21 10:23:34 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2009-12-04 11:11:58 | 000,098,304 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\spool\drivers\w32x86\3\hpmup094.bin
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-03-13 13:43:00 | 001,466,368 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2008-07-09 19:14:06 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2008-06-04 03:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2008-02-02 01:17:26 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2008-02-02 00:29:32 | 000,061,440 | ---- | M] () -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2008-01-24 01:34:42 | 007,766,016 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
PRC - [2008-01-23 20:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2008-01-21 04:25:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe
PRC - [2008-01-12 08:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe
PRC - [2007-12-04 20:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007-11-05 05:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
PRC - [2007-10-03 07:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe
PRC - [2007-08-15 21:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe
PRC - [2007-08-08 10:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007-08-03 22:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007-07-06 02:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2005-07-07 01:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
PRC - [2004-08-03 05:33:14 | 000,036,864 | ---- | M] (Panasonic Communications Co., Ltd.) -- C:\Program Files\Panasonic\LocalCom\LMSRVNT.EXE
PRC - [2004-02-24 16:15:58 | 000,069,632 | ---- | M] (Panasonic) -- C:\Program Files\Panasonic\TrapMonitor\Trapmnnt.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-09-15 09:40:30 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012-09-06 03:25:12 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-05-13 13:00:19 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll
MOD - [2012-05-13 13:00:13 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012-05-13 13:00:02 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012-05-13 12:37:35 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012-05-13 12:37:16 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll
MOD - [2012-05-13 12:37:04 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll
MOD - [2012-05-13 12:36:40 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\b385bde1966c24472f199acceac4c782\System.Data.ni.dll
MOD - [2012-05-13 12:35:50 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012-04-17 15:05:00 | 001,515,520 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\Maps\R66Api.dll
MOD - [2012-04-17 15:05:00 | 000,651,264 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
MOD - [2012-04-17 15:05:00 | 000,559,244 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\sqlite3.7.dll
MOD - [2012-04-17 15:05:00 | 000,516,599 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll
MOD - [2012-04-17 15:05:00 | 000,389,120 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDetect.dll
MOD - [2012-04-17 15:05:00 | 000,172,032 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll
MOD - [2012-04-17 15:05:00 | 000,151,552 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll
MOD - [2012-04-17 15:05:00 | 000,103,936 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\OutputLog.dll
MOD - [2012-04-17 15:05:00 | 000,094,208 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll
MOD - [2012-02-17 11:19:28 | 000,316,216 | ---- | M] () -- C:\Program Files\SpyShelter Personal Free\klhelper.dll
MOD - [2012-02-17 11:18:58 | 003,006,776 | ---- | M] () -- C:\Program Files\SpyShelter Personal Free\SpyShelter.exe
MOD - [2012-02-02 04:42:32 | 000,985,088 | ---- | M] () -- C:\Program Files\LibreOffice 3.5\program\libxml2.dll
MOD - [2012-02-02 04:42:18 | 000,976,896 | ---- | M] () -- C:\Program Files\LibreOffice 3.5\program\cairo.dll
MOD - [2012-02-01 18:20:28 | 000,170,496 | ---- | M] () -- C:\Program Files\LibreOffice 3.5\program\libxslt.dll
MOD - [2010-02-23 19:40:30 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3009.39983__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2010-02-23 19:40:30 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3009.40180__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2010-02-23 19:40:30 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3009.39941__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010-02-23 19:40:30 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3009.39997__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010-02-23 19:40:30 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3009.40172__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010-02-23 19:40:30 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3009.40135__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010-02-23 19:40:30 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3009.39975__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010-02-23 19:40:30 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3009.40094__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010-02-23 19:40:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3009.39962__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010-02-23 19:40:29 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3009.40202__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010-02-23 19:40:18 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3009.40208__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010-02-23 19:40:18 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3009.39955__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010-02-23 19:40:17 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3009.40149__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010-02-23 19:40:16 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3009.40143__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010-02-23 19:40:16 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3009.40142__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010-02-23 19:40:15 | 000,901,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3009.40173__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2010-02-23 19:40:15 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3009.40102__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010-02-23 19:40:15 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3009.40010__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010-02-23 19:40:15 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3009.40095__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010-02-23 19:40:15 | 000,442,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3009.40089__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010-02-23 19:40:15 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3009.39963__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2010-02-23 19:40:15 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3009.40163__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010-02-23 19:40:15 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3009.40129__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2010-02-23 19:40:15 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3009.40017__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2010-02-23 19:40:15 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3009.40004__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010-02-23 19:40:15 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3009.40201__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2010-02-23 19:40:15 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3009.40116__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010-02-23 19:40:15 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3009.40102__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010-02-23 19:40:15 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3009.40094__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010-02-23 19:40:15 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3009.40200__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2010-02-23 19:40:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3009.40016__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010-02-23 19:40:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3009.40101__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010-02-23 19:40:15 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3009.40115__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010-02-23 19:40:15 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3009.40128__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010-02-23 19:40:14 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010-02-23 19:40:14 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010-02-23 19:40:14 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010-02-23 19:40:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010-02-23 19:40:14 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2939.23763__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010-02-23 19:40:14 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2010-02-23 19:40:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010-02-23 19:40:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2010-02-23 19:40:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010-02-23 19:40:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010-02-23 19:40:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010-02-23 19:40:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010-02-23 19:40:14 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010-02-23 19:40:13 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010-02-23 19:40:13 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010-02-23 19:40:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010-02-23 19:40:13 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010-02-23 19:40:13 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2010-02-23 19:40:13 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2010-02-23 19:40:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010-02-23 19:40:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010-02-23 19:40:12 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3009.40186_pl_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2010-02-23 19:40:11 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3009.40217__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010-02-23 19:40:11 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3009.40228__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2010-02-23 19:40:10 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3009.39949__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010-02-23 19:40:10 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3009.39969__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010-02-23 19:40:10 | 000,413,696 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3009.40186__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2010-02-23 19:40:10 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3009.40194__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010-02-23 19:40:10 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3009.39933__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010-02-23 19:40:10 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3009.39934__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2010-02-23 19:40:10 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3009.40193__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010-02-23 19:40:10 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3009.39931__90ba9c70f846762e\APM.Server.dll
MOD - [2010-02-23 19:40:10 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010-02-23 19:40:10 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3009.39932__90ba9c70f846762e\AEM.Server.dll
MOD - [2010-02-23 19:40:10 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010-02-23 19:40:10 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010-02-23 19:40:10 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010-02-23 19:40:10 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3009.40194__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010-02-23 19:40:10 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010-02-23 19:40:10 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010-02-23 19:40:10 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010-02-23 19:40:10 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010-02-23 19:40:10 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010-02-23 19:40:10 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2010-02-23 19:40:10 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3009.39933__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009-03-31 20:05:12 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-03-30 06:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008-03-29 09:19:12 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008-02-02 00:29:32 | 000,061,440 | ---- | M] () -- C:\Program Files\ASUS\ATK Media\DMedia.exe
MOD - [2008-02-02 00:29:28 | 000,049,152 | ---- | M] () -- C:\Program Files\ASUS\ATK Media\ATKMETHOD.dll
MOD - [2008-01-24 01:34:42 | 007,766,016 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
MOD - [2008-01-12 08:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe
MOD - [2007-11-13 01:41:50 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTran.dll
MOD - [2007-03-07 03:03:08 | 000,016,384 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2012-09-12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012-09-12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012-07-27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-09-15 13:06:04 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011-03-14 08:13:00 | 002,815,304 | ---- | M] () [Auto | Running] -- C:\Program Files\OO Software\DiskImage\oodiag.exe -- (OO DiskImage)
SRV - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-06-21 10:23:34 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010-01-25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Stopped] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-12-04 15:53:42 | 000,065,248 | ---- | M] (Greatis Software (c)) [Auto | Stopped] -- C:\Program Files\Greatis\BootLog XP\BootLogService.exe -- (BootlogService)
SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-10-03 07:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2007-08-08 10:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007-08-03 22:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2004-08-03 05:33:14 | 000,036,864 | ---- | M] (Panasonic Communications Co., Ltd.) [Auto | Running] -- C:\Program Files\Panasonic\LocalCom\LMSRVNT.EXE -- (Panasonic Local Printer Service)
SRV - [2004-02-24 16:15:58 | 000,069,632 | ---- | M] (Panasonic) [Auto | Running] -- C:\Program Files\Panasonic\TrapMonitor\Trapmnnt.exe -- (Panasonic Trap Monitor Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\Filt\VBFilt.dll -- (VBFilt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VBEngNT.sys -- (VBEngNT)
DRV - File not found [Kernel | Disabled | Stopped] -- System32\drivers\truecrypt.sys -- (truecrypt)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\SandBox.sys -- (SandBox)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\PSINProt.sys -- (PSINProt)
DRV - File not found [File_System | Auto | Stopped] -- system32\DRIVERS\PSINProc.sys -- (PSINProc)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\psinknc.sys -- (PSINKNC)
DRV - File not found [File_System | Auto | Stopped] -- system32\DRIVERS\PSINFile.sys -- (PSINFile)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\PSINAflt.sys -- (PSINAflt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (aylj1qal)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (au59gs1y)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\Filt\ASWFilt.dll -- (ASWFilt)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\I386\AsProcOb.sys -- (ASUSProcObsrv)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (aliezpqe)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\afwcore.sys -- (afwcore)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\afw.sys -- (afw)
DRV - [2012-10-07 14:14:42 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BFB99BD1-33B0-41BF-ACE4-77EE20586076}\MpKslf647b0f7.sys -- (MpKslf647b0f7)
DRV - [2012-10-07 13:57:38 | 000,026,400 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro36.sys -- (hitmanpro35)
DRV - [2012-08-30 22:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012-05-22 15:08:34 | 000,104,792 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2012-05-22 15:08:34 | 000,091,992 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2012-05-22 15:08:32 | 000,158,552 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2012-05-22 15:08:32 | 000,116,056 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2012-05-05 11:18:39 | 000,163,616 | ---- | M] (Digiarty Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys -- (DigiartyVirtualCDBus)
DRV - [2012-03-14 19:57:50 | 000,082,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxUSB.sys -- (VBoxUSB)
DRV - [2012-02-17 11:19:50 | 000,167,224 | ---- | M] (SpyShelter) [Kernel | System | Running] -- C:\Program Files\SpyShelter Personal Free\SpyShelter.sys -- (Spyshelter)
DRV - [2011-10-12 20:37:51 | 000,071,680 | ---- | M] (Notebook Hardware Control) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nhcDriver.sys -- (nhcDriverDevice)
DRV - [2011-03-14 08:15:26 | 000,171,088 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\oodivd.sys -- (oodivd)
DRV - [2011-03-14 08:15:26 | 000,031,824 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\System32\drivers\oodivdh.sys -- (oodivdh)
DRV - [2011-03-14 08:15:24 | 000,028,752 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\System32\drivers\oodisrh.sys -- (oodisrh)
DRV - [2011-03-14 08:15:22 | 000,096,336 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\oodisr.sys -- (oodisr)
DRV - [2010-11-06 23:24:32 | 000,020,080 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2010-07-30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-07-30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-07-30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-07-30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-07-26 13:24:46 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010-07-26 13:24:42 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010-06-23 11:23:46 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010-06-23 09:21:32 | 000,259,176 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010-06-07 07:24:56 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010-03-11 11:17:14 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2009-06-10 16:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009-05-28 22:41:28 | 004,233,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2009-03-13 13:50:18 | 001,095,808 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2008-12-13 15:47:38 | 000,040,496 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-03-29 11:24:18 | 003,544,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007-10-01 23:59:46 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2007-08-09 06:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007-08-03 06:26:22 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007-07-30 21:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007-07-30 20:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007-07-24 21:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007-06-17 07:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV)
DRV - [2007-01-25 03:08:40 | 000,005,632 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2006-12-15 00:11:58 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2005-07-07 16:26:00 | 000,006,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005-07-07 16:25:58 | 000,089,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005-07-07 16:25:52 | 000,081,728 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005-07-07 16:25:50 | 000,079,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750obex.sys -- (k750obex)
DRV - [2005-02-11 12:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1000\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No CLSID value found
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1000\..\SearchScopes\{38478907-5877-4451-A976-63C0699B6F96}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=NDV&o=15765&src=kw&q={searchTerms}&locale=&apn_ptnrs=NY&apn_dtid=YYYYYYYYPL&apn_uid=901E04A5-A641-42B4-BC98-DBDC7C618A3E&apn_sauid=02593E28-F8EA-403D-8279-748118552CF1
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo.com/search?fr=chr-panda&q={searchTerms}&ei=UTF-8&type=panda2_0yach
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1001\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1001\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No CLSID value found
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1001\..\SearchScopes\{38478907-5877-4451-A976-63C0699B6F96}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=NDV&o=15765&src=kw&q={searchTerms}&locale=&apn_ptnrs=NY&apn_dtid=YYYYYYYYPL&apn_uid=901E04A5-A641-42B4-BC98-DBDC7C618A3E&apn_sauid=02593E28-F8EA-403D-8279-748118552CF1
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1001\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo.com/search?fr=chr-panda&q={searchTerms}&ei=UTF-8&type=panda2_0yach
IE - HKU\S-1-5-21-405362096-3759355950-1882576851-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledAddons: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledAddons: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.2.1
FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.5.6
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120910
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: widgetruntime@surfsecret.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=panda&type=PCAFSI1143&p="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011-01-16 23:06:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-09-14 22:42:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-08-15 08:46:30 | 000,000,000 | ---D | M]
 
[2010-05-17 21:05:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2010-05-15 12:09:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org
[2012-10-05 21:07:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\5n7eyxy3.default\extensions
[2012-10-05 21:00:55 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\5n7eyxy3.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010-11-24 07:49:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\5n7eyxy3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012-10-05 21:00:55 | 000,000,000 | ---D | M] (WOT) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\5n7eyxy3.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012-10-05 21:00:57 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\5n7eyxy3.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010-07-21 07:15:32 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\5n7eyxy3.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2012-10-05 21:07:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\5n7eyxy3.default\extensions\staged
[2011-07-03 17:31:37 | 000,164,858 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\5n7eyxy3.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi
[2012-10-05 21:00:55 | 000,529,316 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\5n7eyxy3.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012-10-05 21:00:57 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\5n7eyxy3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012-01-03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\5n7eyxy3.default\searchplugins\askcom.xml
[2012-09-14 22:42:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-09-06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010-07-17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012-09-06 04:57:09 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-09-06 04:57:10 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-09-06 04:57:10 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-09-06 04:57:10 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-09-06 04:57:10 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-09-06 04:57:09 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O3 - HKLM\..\Toolbar: (no name) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No CLSID value found.
O3 - HKU\S-1-5-21-405362096-3759355950-1882576851-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\S-1-5-21-405362096-3759355950-1882576851-1001\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\S-1-5-21-405362096-3759355950-1882576851-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe ()
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files\Smart File Advisor\sfa.exe (Filefacts.net)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SpyShelter] C:\Program Files\SpyShelter Personal Free\SpyShelter.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-405362096-3759355950-1882576851-1000..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-405362096-3759355950-1882576851-1000..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
O4 - HKU\S-1-5-21-405362096-3759355950-1882576851-1001..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-405362096-3759355950-1882576851-1001..\Run: [Download Accelerator Manager] C:\Program Files\Tensons\Download Accelerator Manager\daman.exe /s File not found
O4 - HKU\S-1-5-21-405362096-3759355950-1882576851-1001..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
O4 - HKU\S-1-5-21-405362096-3759355950-1882576851-1001..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo Magical UnInstall 2\UIWatcher.exe File not found
O4 - Startup: C:\Users\ms_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\peerblock.lnk = C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.63.133.4 194.63.132.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D8AFAF8-2BAF-4411-9602-09BD707EE9C8}: DhcpNameServer = 194.63.133.4 194.63.132.4
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg
O24 - Desktop BackupWallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-10-07 13:29:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BootLog XP
[2012-10-07 13:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\Greatis
[2012-10-05 21:14:30 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012-10-05 21:14:30 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012-10-05 21:14:29 | 000,532,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2012-10-05 21:14:29 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012-10-05 21:14:29 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012-10-05 21:14:28 | 001,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
[2012-10-05 21:14:28 | 000,697,344 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2012-10-05 21:14:28 | 000,285,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2012-10-05 21:14:28 | 000,030,208 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2012-10-05 21:14:27 | 006,025,216 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2012-10-05 21:14:27 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\maxxaudioapo.dll
[2012-10-05 21:14:26 | 000,140,288 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\FMAPO.dll
[2012-10-05 21:14:23 | 000,520,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012-10-05 20:13:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Microsoft Corporation
[2012-10-05 20:12:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2012-10-04 20:48:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Drive Backup™ 9.0 Free Edition
[2012-10-04 19:23:15 | 000,098,304 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE
[2012-10-04 19:22:32 | 002,168,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2012-10-02 23:11:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)
[2012-10-02 23:11:13 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86)
[2012-09-30 18:49:37 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Downloads
[2012-09-30 16:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\Tensons
[2012-09-30 15:14:40 | 000,000,000 | ---D | C] -- C:\Program Files\Smart File Advisor
[2012-09-29 19:25:41 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QNapi
[2012-09-29 19:25:39 | 000,000,000 | ---D | C] -- C:\Program Files\QNapi
[2012-09-29 10:45:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\ElevatedDiagnostics
[2012-09-29 09:32:33 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\foobar2000
[2012-09-29 09:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\foobar2000
[2012-09-29 09:19:30 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Carambis
[2012-09-29 09:18:51 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\TempDIR
[2012-09-27 23:15:09 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\vlc
[2012-09-27 19:11:42 | 000,000,000 | ---D | C] -- C:\ADA2
[2012-09-21 22:00:26 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012-09-21 22:00:25 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012-09-21 22:00:25 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012-09-21 22:00:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012-09-21 22:00:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012-09-21 22:00:23 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012-09-21 22:00:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012-09-21 22:00:22 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012-09-15 12:30:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puzzle
[2012-09-15 12:30:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Puzzle
[2012-09-15 12:30:13 | 000,000,000 | ---D | C] -- C:\Program Files\Puzzle
[2012-09-15 10:17:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012-09-14 22:43:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-09-14 22:43:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2010-08-05 19:59:19 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\user\AppData\Roaming\pcouffin.sys
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-10-07 15:28:00 | 000,000,460 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B092324D-8E46-4B62-AA28-2943E56CD7F4}.job
[2012-10-07 15:27:41 | 002,359,296 | -HS- | M] () -- C:\Users\user\ntuser.dat
[2012-10-07 15:26:00 | 000,000,466 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F6279DFE-9E54-4CB6-9D88-A5A06F83DA6F}.job
[2012-10-07 14:14:14 | 000,524,288 | -HS- | M] () -- C:\Users\user\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2012-10-07 14:14:14 | 000,065,536 | -HS- | M] () -- C:\Users\user\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2012-10-07 14:06:16 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2012-10-07 14:03:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-10-07 14:03:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-10-07 14:03:35 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-10-07 14:03:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-10-07 14:03:20 | 3220,299,776 | -HS- | M] () -- C:\hiberfil.sys
[2012-10-07 14:01:47 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012-10-07 14:01:44 | 006,291,456 | -H-- | M] () -- C:\Users\user\AppData\Local\IconCache.db
[2012-10-07 13:57:38 | 000,026,400 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro36.sys
[2012-10-07 13:29:29 | 000,000,876 | ---- | M] () -- C:\Users\user\Desktop\BootLog XP.lnk
[2012-10-06 18:18:39 | 001,975,930 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012-10-06 18:18:39 | 000,844,690 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-10-06 18:18:39 | 000,754,198 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-10-06 18:18:39 | 000,204,586 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-10-06 18:18:39 | 000,169,884 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-10-05 21:52:00 | 000,001,356 | ---- | M] () -- C:\Users\user\AppData\Local\d3d9caps.dat
[2012-10-05 21:14:31 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2012-10-05 20:12:55 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\Doradca uaktualnienia systemu Windows 7.lnk
[2012-10-04 20:48:54 | 000,002,279 | ---- | M] () -- C:\Users\Public\Desktop\Paragon Drive Backup™ 9.0 Free Edition.lnk
[2012-10-02 21:33:30 | 000,261,120 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2012-09-30 12:32:05 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012-09-29 09:32:27 | 000,000,835 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2012-09-29 09:20:34 | 000,004,140 | ---- | M] () -- C:\ProgramData\mtbjfghn.xbe
[2012-09-27 23:15:08 | 000,013,312 | ---- | M] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-09-15 12:30:16 | 000,001,882 | ---- | M] () -- C:\Users\Public\Desktop\Puzzle 2010+.lnk
[2012-09-14 22:43:13 | 000,000,853 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-09-14 20:50:54 | 000,000,022 | ---- | M] () -- C:\Windows\S.dirmngr
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-10-07 14:01:44 | 006,291,456 | -H-- | C] () -- C:\Users\user\AppData\Local\IconCache.db
[2012-10-07 13:57:38 | 000,026,400 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro36.sys
[2012-10-07 13:29:29 | 000,000,876 | ---- | C] () -- C:\Users\user\Desktop\BootLog XP.lnk
[2012-10-05 21:54:21 | 3220,299,776 | -HS- | C] () -- C:\hiberfil.sys
[2012-10-05 20:12:55 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\Doradca uaktualnienia systemu Windows 7.lnk
[2012-10-05 20:12:54 | 000,002,003 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doradca uaktualnienia systemu Windows 7.lnk
[2012-10-05 19:25:04 | 000,000,553 | ---- | C] () -- C:\Windows\USetup.iss
[2012-10-04 20:48:54 | 000,002,279 | ---- | C] () -- C:\Users\Public\Desktop\Paragon Drive Backup™ 9.0 Free Edition.lnk
[2012-09-30 14:06:27 | 000,000,022 | ---- | C] () -- C:\Windows\S.dirmngr
[2012-09-29 09:32:27 | 000,000,917 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2012-09-29 09:32:27 | 000,000,835 | ---- | C] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2012-09-29 09:20:34 | 000,004,140 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2012-09-15 12:30:16 | 000,001,882 | ---- | C] () -- C:\Users\Public\Desktop\Puzzle 2010+.lnk
[2012-09-15 10:17:24 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012-09-15 10:17:19 | 000,001,833 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012-04-24 22:50:15 | 000,000,404 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012-04-24 22:48:06 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT
[2012-03-01 19:23:25 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2012-02-18 09:08:11 | 001,740,800 | ---- | C] () -- C:\Windows\System32\Osklauncher.exe
[2012-02-18 09:08:11 | 000,054,784 | ---- | C] () -- C:\Windows\System32\inject_logon_dll.dll
[2012-02-18 09:08:11 | 000,028,672 | ---- | C] () -- C:\Windows\System32\SpyShelterShellExt.dll
[2012-02-12 00:41:56 | 000,099,840 | ---- | C] () -- C:\Windows\nssm.exe
[2012-01-30 22:41:21 | 000,116,629 | ---- | C] () -- C:\ProgramData\1327955977.bdinstall.bin
[2011-12-04 11:57:45 | 000,000,113 | ---- | C] () -- C:\Windows\wininit.ini
[2011-11-11 22:32:21 | 000,146,163 | ---- | C] () -- C:\Windows\hpoins27.dat
[2011-11-11 22:32:20 | 000,000,932 | ---- | C] () -- C:\Windows\hpomdl27.dat
[2011-05-22 15:52:43 | 000,037,256 | ---- | C] () -- C:\Windows\System32\drivers\EUBKMON.sys
[2011-05-15 19:30:40 | 000,023,624 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011-04-25 15:35:03 | 000,001,825 | ---- | C] () -- C:\Users\user\.gtkrc-2.0
[2011-02-17 22:38:34 | 000,499,712 | ---- | C] () -- C:\Windows\iwexec.exe
[2011-02-17 22:38:33 | 000,000,031 | ---- | C] () -- C:\Windows\userinfo.ini
[2011-02-12 14:38:51 | 000,000,092 | ---- | C] () -- C:\Users\user\AppData\Local\fusioncache.dat
[2010-12-08 10:05:54 | 000,000,267 | ---- | C] () -- C:\Windows\PanaFLB800_FLM650.ini
[2010-10-24 11:22:01 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-08-05 19:59:19 | 000,087,608 | ---- | C] () -- C:\Users\user\AppData\Roaming\inst.exe
[2010-08-05 19:59:19 | 000,007,887 | ---- | C] () -- C:\Users\user\AppData\Roaming\pcouffin.cat
[2010-08-05 19:59:19 | 000,001,144 | ---- | C] () -- C:\Users\user\AppData\Roaming\pcouffin.inf
[2010-06-19 23:50:44 | 000,000,218 | ---- | C] () -- C:\Users\user\.recently-used.xbel
[2010-05-30 11:33:55 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010-05-15 13:36:31 | 000,001,356 | ---- | C] () -- C:\Users\user\AppData\Local\d3d9caps.dat
[2010-04-14 22:18:14 | 000,013,312 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-23 11:20:51 | 000,059,056 | ---- | C] () -- C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-02-23 11:20:41 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010-02-23 11:20:41 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010-02-23 11:20:41 | 000,000,020 | -HS- | C] () -- C:\Users\user\ntuser.ini
[2010-02-23 11:20:40 | 002,359,296 | -HS- | C] () -- C:\Users\user\ntuser.dat
[2010-02-23 11:20:40 | 000,065,536 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2006-11-02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-03-15 23:49:35 | 000,000,000 | ---D | M] -- C:\Users\Gościuwa\AppData\Roaming\HTC
[2011-11-27 21:19:39 | 000,000,000 | ---D | M] -- C:\Users\Gościuwa\AppData\Roaming\PC Suite
[2012-09-14 21:43:59 | 000,000,000 | ---D | M] -- C:\Users\Gościuwa\AppData\Roaming\SpyShelter
[2012-09-27 21:31:08 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\AIMP
[2011-04-25 20:27:02 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\Ashampoo
[2010-07-30 09:13:09 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\Canneverbe Limited
[2011-04-25 15:11:37 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\devede
[2011-07-31 20:53:34 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\DVDVideoSoft
[2011-03-12 13:01:01 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1
[2012-02-13 22:41:09 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\e-pity
[2012-10-05 23:38:55 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\foobar2000
[2012-09-01 22:58:04 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\gtk-2.0
[2010-06-14 20:58:01 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\HateML
[2012-02-21 22:00:20 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\HTC
[2011-12-27 23:22:29 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011-05-07 10:11:30 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\ID Vault
[2010-04-17 23:11:15 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\ImgBurn
[2010-06-19 23:54:15 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\inkscape
[2010-11-25 11:07:09 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\IrfanView
[2012-03-01 15:27:37 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\LibreOffice
[2011-10-31 23:38:41 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\lingot
[2011-01-16 23:33:13 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\Nokia
[2012-10-06 09:14:03 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\Notebook Hardware Control
[2012-03-17 19:45:47 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\Notepad++
[2010-04-13 23:06:06 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\OpenOffice.org
[2010-10-28 08:39:18 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\Panda Security
[2012-02-18 10:29:33 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\SpyShelter
[2010-06-25 07:30:22 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\TeamViewer
[2010-04-15 22:44:55 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\Thunderbird
[2011-02-24 11:52:03 | 000,000,000 | ---D | M] -- C:\Users\ms_user\AppData\Roaming\TrueCrypt
[2010-09-22 06:35:09 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Canneverbe Limited
[2012-09-29 09:19:30 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Carambis
[2011-04-25 15:35:03 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\devede
[2011-12-28 00:04:09 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Digiarty
[2012-01-30 22:20:37 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Dropbox
[2010-04-27 22:09:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\EssentialPIM
[2012-09-29 10:48:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\foobar2000
[2010-06-14 20:38:34 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\HateML
[2012-04-18 14:25:20 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\HTC
[2012-02-21 19:53:51 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2010-12-07 23:39:16 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ID Vault
[2010-04-17 22:27:46 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ImgBurn
[2010-06-19 23:50:34 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\inkscape
[2010-11-25 11:04:22 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\IrfanView
[2011-04-27 13:47:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\jabbim
[2010-06-18 07:37:31 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\LeftHand
[2011-01-16 23:10:25 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Nokia
[2011-10-12 20:37:47 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Notebook Hardware Control
[2011-02-28 23:27:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Notepad++
[2010-04-16 21:54:58 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Opera
[2010-12-08 10:05:42 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Panasonic
[2011-02-10 21:55:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PC Suite
[2012-03-01 19:23:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\pdfforge
[2012-02-21 20:17:51 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SpyShelter
[2010-10-28 08:38:33 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SurfSecret Privacy Suite
[2010-06-24 22:07:30 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TeamViewer
[2011-05-07 10:10:26 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\uTorrent
[2010-11-27 23:23:45 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Vso
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:C43ED645

< End of report >