OTL logfile created on: 2013-03-27 09:44:53 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = D:\userdata\wro01692\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd
 
3,95 Gb Total Physical Memory | 2,42 Gb Available Physical Memory | 61,22% Memory free
7,90 Gb Paging File | 6,18 Gb Available in Paging File | 78,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 75,00 Gb Total Space | 42,52 Gb Free Space | 56,69% Space Free | Partition Type: NTFS
Drive D: | 74,05 Gb Total Space | 50,99 Gb Free Space | 68,86% Space Free | Partition Type: NTFS
Drive E: | 6,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 3750,00 Gb Total Space | 1084,47 Gb Free Space | 28,92% Space Free | Partition Type: NTFS
Drive M: | 78,13 Gb Total Space | 48,83 Gb Free Space | 62,50% Space Free | Partition Type: MVFS
Drive S: | 130,07 Gb Total Space | 126,09 Gb Free Space | 96,94% Space Free | Partition Type: NTFS
 
Computer Name: 3FJF74J | User Name: wro01692 | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-03-26 09:47:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\userdata\WRO01692\Desktop\OTL.exe
PRC - [2013-02-19 20:46:30 | 001,597,864 | ---- | M] (Valve Corporation) -- D:\Steam\Steam.exe
PRC - [2013-01-26 07:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\wro01692\AppData\Local\Akamai\netsession_win.exe
PRC - [2012-12-20 18:44:32 | 000,844,296 | ---- | M] (Samsung) -- D:\Private\Samsung\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012-12-20 18:44:28 | 000,310,280 | ---- | M] (Samsung Electronics Co., Ltd.) -- D:\Private\Samsung\Kies\Kies\KiesTrayAgent.exe
PRC - [2012-12-20 18:44:26 | 001,476,104 | ---- | M] (Samsung) -- D:\Private\Samsung\Kies\Kies\Kies.exe
PRC - [2012-12-18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-08-24 23:30:36 | 000,028,672 | ---- | M] (IBM Corporation) -- C:\Windows\SysWOW64\cccredmgr.exe
PRC - [2012-08-21 23:28:20 | 000,227,328 | ---- | M] (IBM Corporation) -- C:\Program Files (x86)\IBM\RationalSDLC\ClearCase\bin\albd_server.exe
PRC - [2012-08-21 15:58:22 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2012-08-16 00:33:38 | 000,037,888 | ---- | M] (IBM Corporation) -- C:\Program Files (x86)\IBM\RationalSDLC\ClearCase\bin\lockmgr.exe
PRC - [2011-12-22 11:37:54 | 000,862,144 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2011-12-22 11:30:40 | 000,092,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
PRC - [2011-12-19 14:57:48 | 001,136,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
PRC - [2011-11-16 07:13:56 | 000,613,232 | ---- | M] (Open Text Corporation) -- C:\Program Files (x86)\OpenText\Enterprise Connect\UCDAVProxy.exe
PRC - [2011-11-16 07:13:56 | 000,042,872 | ---- | M] (Open Text Corporation) -- C:\Program Files (x86)\OpenText\Enterprise Connect\UCDAVService.exe
PRC - [2011-09-09 05:39:38 | 000,523,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2011-09-09 05:38:56 | 000,475,088 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2011-08-03 10:55:54 | 001,937,208 | ---- | M] (Cisco WebEx) -- C:\Program Files (x86)\WebEx\Connect\connect.exe
PRC - [2011-08-03 10:55:32 | 000,859,448 | ---- | M] (WebEx Communications Inc.) -- C:\Program Files (x86)\WebEx\Connect\apUpdate.exe
PRC - [2010-08-05 10:18:30 | 000,858,792 | ---- | M] (Check Point Software Tech Ltd) -- C:\Program Files (x86)\Pointsec\Pointsec for PC\P95tray.exe
PRC - [2010-08-05 10:18:18 | 000,653,992 | ---- | M] (Check Point Software Tech Ltd) -- C:\Windows\SysWOW64\Prot_srv.exe
PRC - [2010-08-05 10:18:18 | 000,232,104 | ---- | M] (Check Point Software Tech Ltd) -- C:\Windows\SysWOW64\pstartSr.exe
PRC - [2010-08-05 10:17:14 | 000,412,328 | ---- | M] () -- C:\Program Files (x86)\Pointsec\Pointsec for PC\fde_da_ew.exe
PRC - [2010-06-02 14:05:00 | 000,070,144 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Common Files\Check Point\UIFramework\cptray.exe
PRC - [2009-09-18 04:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\CCM\CcmExec.exe
PRC - [2009-04-03 11:44:08 | 000,435,584 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-02-25 13:21:24 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\40ec6eb5a95de56636ea90f638d1eb2c\System.ServiceProcess.ni.dll
MOD - [2013-02-25 13:21:23 | 012,082,688 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web\d4593afc94701312b24fa76ec4d9b871\System.Web.ni.dll
MOD - [2013-02-25 11:54:23 | 013,199,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\0783e0b01fd91c2c42abe0cb3e5d0c19\System.Windows.Forms.ni.dll
MOD - [2013-02-13 16:17:42 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\f62409df88e3dde635df0808c7177097\System.Runtime.Remoting.ni.dll
MOD - [2013-02-13 14:02:01 | 001,812,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\2297aa4cb17f43a679db50ea05b2b811\System.Xaml.ni.dll
MOD - [2013-02-13 12:49:15 | 018,022,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c627e9b7f10b01db43645284e601f255\PresentationFramework.ni.dll
MOD - [2013-02-13 12:48:55 | 011,522,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\6e5a88684e45c45cddf654a902b9c789\PresentationCore.ni.dll
MOD - [2013-02-13 12:48:53 | 001,667,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\293b5e60e01e652ae1bf4096bc6e9f9e\System.Drawing.ni.dll
MOD - [2013-02-13 12:48:42 | 003,883,008 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\54fef0787e00fc172cf386ba94bb7f10\WindowsBase.ni.dll
MOD - [2013-02-13 12:48:38 | 007,070,208 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\5434074a2458956c9a421cf3a8aab676\System.Core.ni.dll
MOD - [2013-02-13 12:48:32 | 005,617,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\353fd535963fff2f9086c2f655a47ace\System.Xml.ni.dll
MOD - [2013-02-13 12:48:28 | 000,982,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\7600fa0122191abced58b5e98303dfb3\System.Configuration.ni.dll
MOD - [2013-02-13 12:48:27 | 009,095,168 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\73507c607e4c46f5e04122de0cc5f3fd\System.ni.dll
MOD - [2013-02-13 12:48:20 | 014,417,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3ef97e67e8d2c09fd2495ed952e1afbc\mscorlib.ni.dll
MOD - [2011-12-07 15:57:30 | 007,275,688 | ---- | M] () -- C:\Program Files (x86)\RSA SecurID Token Common\QtGui4.dll
MOD - [2011-12-07 15:57:30 | 002,028,712 | ---- | M] () -- C:\Program Files (x86)\RSA SecurID Token Common\QtCore4.dll
MOD - [2011-08-03 10:55:04 | 000,567,808 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\sqlite3.dll
MOD - [2011-08-03 10:55:04 | 000,219,136 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\skinengine.dll
MOD - [2011-08-03 10:55:04 | 000,020,992 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\threadipc.dll
MOD - [2011-08-03 10:55:02 | 000,921,088 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\libetpan.dll
MOD - [2011-08-03 10:55:02 | 000,766,960 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\libexpatw.dll
MOD - [2011-08-03 10:55:02 | 000,705,024 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\at_dll.dll
MOD - [2011-08-03 10:55:02 | 000,546,304 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\personalmgr.dll
MOD - [2011-08-03 10:55:02 | 000,507,904 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\WapiClient.dll
MOD - [2011-08-03 10:55:02 | 000,420,352 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\XmppMgr.dll
MOD - [2011-08-03 10:55:02 | 000,415,232 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\conComUI.dll
MOD - [2011-08-03 10:55:02 | 000,334,336 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\apComRes.dll
MOD - [2011-08-03 10:55:02 | 000,270,336 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\conCommClient.dll
MOD - [2011-08-03 10:55:02 | 000,226,816 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\WidgetProxy.dll
MOD - [2011-08-03 10:55:02 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\apCsSe.dll
MOD - [2011-08-03 10:55:02 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\conhelp.dll
MOD - [2011-08-03 10:55:02 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\apSSLGse.dll
MOD - [2011-08-03 10:55:02 | 000,058,368 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\apReportDll.dll
MOD - [2011-08-03 10:55:02 | 000,055,808 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\ipc.dll
MOD - [2011-08-03 10:55:00 | 000,725,504 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\TriAVView.dll
MOD - [2011-08-03 10:55:00 | 000,406,016 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\P2PAudioVideo.dll
MOD - [2011-08-03 10:55:00 | 000,343,040 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\PandoraWidget.dll
MOD - [2011-08-03 10:55:00 | 000,233,984 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\SearchOverlay.dll
MOD - [2011-08-03 10:55:00 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\TriCapture.dll
MOD - [2011-08-03 10:55:00 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\SharedMenu.dll
MOD - [2011-08-03 10:54:56 | 000,896,000 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\ConvWindow.dll
MOD - [2011-08-03 10:54:56 | 000,553,984 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\MeetingTab.dll
MOD - [2011-08-03 10:54:56 | 000,540,160 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\ContactPage.dll
MOD - [2011-08-03 10:54:56 | 000,357,376 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\MeetingMgr.dll
MOD - [2011-08-03 10:54:56 | 000,324,608 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\AudioConfMgr.dll
MOD - [2011-08-03 10:54:56 | 000,279,040 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\ConnectConfigInfo.dll
MOD - [2011-08-03 10:54:56 | 000,272,896 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\CEB.dll
MOD - [2011-08-03 10:54:56 | 000,256,512 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\InstantMeeting.dll
MOD - [2011-08-03 10:54:56 | 000,158,720 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\NotiMgr.dll
MOD - [2011-08-03 10:54:56 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\Buff.dll
MOD - [2011-08-03 10:54:56 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\CacheManager.dll
MOD - [2011-08-03 10:54:56 | 000,066,048 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\Expat.dll
MOD - [2011-08-03 10:54:56 | 000,047,104 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\NetworkMonitor.dll
MOD - [2011-08-03 10:54:56 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\WebEx\Connect\AudioConfBridge.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2011-08-31 11:49:06 | 000,158,208 | ---- | M] (Siemens AG) [Auto | Running] -- C:\Program Files\Siemens\UCMS\Core\UCMS.exe -- (UCMS)
SRV:[b]64bit:[/b] - [2011-02-10 20:44:52 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\stacsv64.exe -- (STacSV)
SRV:[b]64bit:[/b] - [2011-02-10 20:44:50 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe -- (AESTFilters)
SRV:[b]64bit:[/b] - [2009-12-10 13:09:16 | 000,515,872 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV:[b]64bit:[/b] - [2009-11-20 17:43:04 | 000,373,024 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe -- (buttonsvc64)
SRV:[b]64bit:[/b] - [2009-08-17 21:09:52 | 000,868,128 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2009-07-14 02:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
SRV - [2013-03-17 12:18:48 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-12-24 21:04:08 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-12-18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-08-24 23:30:36 | 000,028,672 | ---- | M] (IBM Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cccredmgr.exe -- (cccredmgr)
SRV - [2012-08-21 23:28:20 | 000,227,328 | ---- | M] () [Auto | Running] -- C:/Program Files (x86)/IBM/RationalSDLC/ClearCase/bin/albd_server.exe -- (Albd)
SRV - [2012-08-16 00:33:38 | 000,037,888 | ---- | M] (IBM Corporation) [Auto | Running] -- C:\Program Files (x86)\IBM\RationalSDLC\ClearCase\bin\lockmgr.exe -- (LockMgr)
SRV - [2012-02-23 17:37:32 | 002,425,504 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe -- (tmlisten)
SRV - [2012-01-16 10:01:54 | 002,138,400 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\NTRTScan.exe -- (ntrtscan)
SRV - [2011-11-16 07:13:56 | 000,042,872 | ---- | M] (Open Text Corporation) [Auto | Running] -- C:\Program Files (x86)\OpenText\Enterprise Connect\UCDAVService.exe -- (UCDavService)
SRV - [2011-09-09 05:38:56 | 000,475,088 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2011-08-03 10:55:32 | 000,859,448 | ---- | M] (WebEx Communications Inc.) [Auto | Running] -- C:\Program Files (x86)\WebEx\Connect\apUpdate.exe -- (Cisco WebEx Connect Upgrade Service)
SRV - [2011-04-15 12:27:06 | 000,596,736 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe -- (TmPfw)
SRV - [2011-04-15 12:17:44 | 000,918,032 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe -- (TmProxy)
SRV - [2011-02-10 20:44:52 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe -- (STacSV)
SRV - [2011-02-10 20:44:50 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe -- (AESTFilters)
SRV - [2010-08-05 10:18:18 | 000,653,992 | ---- | M] (Check Point Software Tech Ltd) [Auto | Running] -- C:\Windows\SysWOW64\Prot_srv.exe -- (Pointsec)
SRV - [2010-08-05 10:18:18 | 000,232,104 | ---- | M] (Check Point Software Tech Ltd) [Auto | Running] -- C:\Windows\SysWOW64\pstartSr.exe -- (Pointsec_start)
SRV - [2010-06-25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-09-18 04:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CCM\CcmExec.exe -- (CcmExec)
SRV - [2009-09-18 04:00:00 | 000,246,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\CCM\TSManager.exe -- (smstsmgr)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:[b]64bit:[/b] - [2012-11-05 14:37:32 | 000,289,448 | ---- | M] (Check Point Software Tech Ltd) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\prot_2k.sys -- (prot_2k)
DRV:[b]64bit:[/b] - [2012-09-20 05:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2012-09-20 05:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012-08-23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012-08-21 23:33:04 | 000,018,840 | ---- | M] (IBM Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\mvfsMini60x64.sys -- (MVFS Storage Filter)
DRV:[b]64bit:[/b] - [2012-08-21 23:30:50 | 000,692,632 | ---- | M] (IBM Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\mvfs60x64.sys -- (Mvfs)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-09-09 05:30:06 | 000,026,536 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:[b]64bit:[/b] - [2011-09-09 05:29:20 | 000,106,408 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:[b]64bit:[/b] - [2011-06-29 05:18:16 | 000,091,864 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-02-14 22:56:08 | 000,287,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress)
DRV:[b]64bit:[/b] - [2011-02-14 22:56:02 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2011-02-14 22:56:02 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:[b]64bit:[/b] - [2011-02-14 22:56:02 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:[b]64bit:[/b] - [2011-02-14 22:56:02 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:[b]64bit:[/b] - [2011-02-10 20:45:16 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2011-02-10 20:45:14 | 010,603,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2011-02-10 20:45:06 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011-02-10 20:45:00 | 000,300,592 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:58 | 000,416,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mbm3DevMt.sys -- (Mbm3DevMt)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:58 | 000,378,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mbm3CBus.sys -- (Mbm3CBus)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:58 | 000,127,104 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbserdl.sys -- (qcusbserdl)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:58 | 000,121,600 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbserdl2k.sys -- (qcusbserdl2k)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:58 | 000,038,440 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:58 | 000,017,408 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wwussf64.sys -- (ecnssndisfltr)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:58 | 000,012,800 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wwuss64.sys -- (ecnssndis)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:58 | 000,008,832 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcfilterdl.sys -- (QCFilterdl)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:58 | 000,006,400 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcfilterdl2k.sys -- (qcfilterdl2k)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:56 | 000,376,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\d557mgmt.sys -- (d557mgmt)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:56 | 000,328,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\d557bus.sys -- (d557bus)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:56 | 000,096,296 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\d554gps64.sys -- (d554gps)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:54 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:54 | 000,080,896 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:54 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:54 | 000,060,416 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:54 | 000,057,856 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:54 | 000,055,808 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:[b]64bit:[/b] - [2011-02-10 20:44:54 | 000,055,296 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-08 19:07:48 | 000,338,000 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmwfp.sys -- (tmWfp)
DRV:[b]64bit:[/b] - [2010-11-08 19:06:58 | 000,196,688 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmlwf.sys -- (TmLwf)
DRV:[b]64bit:[/b] - [2010-11-08 19:05:20 | 000,108,624 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:[b]64bit:[/b] - [2010-10-18 02:21:32 | 008,153,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:[b]64bit:[/b] - [2010-09-27 15:05:15 | 000,145,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:[b]64bit:[/b] - [2010-06-25 18:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:[b]64bit:[/b] - [2009-10-29 19:38:42 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 01:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012-07-17 12:37:44 | 000,344,376 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmxpflt.sys -- (TmFilter)
DRV - [2012-07-17 12:37:16 | 000,042,808 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmpreflt.sys -- (TmPreFilter)
DRV - [2012-07-17 12:28:46 | 002,224,952 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\VsapiNT.sys -- (VSApiNt)
DRV - [2010-08-05 10:17:18 | 000,222,504 | ---- | M] (Check Point Software Tech Ltd) [Kernel | Boot | Running] -- C:\WINDOWS\SysWow64\drivers\prot_2k.sys -- (prot_2k)
DRV - [2009-09-18 04:00:00 | 000,026,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://proxyconf.glb.nsn-net.net/proxy.pac
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://proxyconf.glb.nsn-net.net/proxy.pac
 
 
 
 
IE - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://inside.nokiasiemensnetworks.com/
IE - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://inside.nokiasiemensnetworks.com/
IE - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 10.144.1.10:8080
IE - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://proxyconf.glb.nsn-net.net/proxy.pac
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
[2013-03-17 12:05:51 | 000,000,000 | ---D | M] (No name found) -- D:\userdata\WRO01692\Application Data\Mozilla\Extensions
 
O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll (Cisco WebEx LLC)
O2:[b]64bit:[/b] - BHO: (Enterprise Connect ToolBar Helper) - {C7050823-9FEE-41db-9741-72B3562D4898} - C:\Program Files (x86)\OpenText\Enterprise Connect\HECWE64.dll (Open Text Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Enterprise Connect ToolBar Helper) - {C7050823-9FEE-41db-9741-72B3562D4898} - C:\Program Files (x86)\OpenText\Enterprise Connect\HECWE.dll (Open Text Corporation)
O2 - BHO: (Password Manager XP Helper) - {F0BD2AEF-6A48-42DC-85CE-F4C335C59B5E} - C:\Program Files (x86)\Password Manager XP\Integration\IE\PMHelper.dll (CP Lab)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Enterprise Connect) - {90B54763-4C78-439C-BFA5-910FF9F74AB2} - C:\Program Files (x86)\OpenText\Enterprise Connect\HECWE64.dll (Open Text Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll (Cisco WebEx LLC)
O4:[b]64bit:[/b] - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [DellControlPoint] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MCDesk] %ProgramFiles%\Siemens\Customer\tools\MCDesk\MCDesk64.exe %ProgramFiles%\Siemens\Customer\tools\MCDesk\NSN.ini File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [CCDoctor] C:\Program Files (x86)\IBM\RationalSDLC\ClearCase\bin\ccdoctor.exe (Rational Software Corporation)
O4 - HKLM..\Run: [Check Point Endpoint Tray Application] C:\Program Files (x86)\Common Files\Check Point\UIFramework\cptray.exe (Check Point Software Technologies LTD)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [KiesTrayAgent] D:\Private\Samsung\Kies\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [OfficeScanNT Monitor] C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [OpenText WebDAV Server] C:\Program Files (x86)\OpenText\Enterprise Connect\UCDAVProxy.exe (Open Text Corporation)
O4 - HKLM..\Run: [Pointsec Tray] C:\Program Files (x86)\Pointsec\Pointsec for PC\P95tray.exe (Check Point Software Tech Ltd)
O4 - HKU\.DEFAULT..\Run: [Cisco WebEx Connect] C:\Program Files (x86)\WebEx\Connect\connect.exe (Cisco WebEx)
O4 - HKU\S-1-5-18..\Run: [Cisco WebEx Connect] C:\Program Files (x86)\WebEx\Connect\connect.exe (Cisco WebEx)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1593251271-2640304127-1825641215-289423..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630..\Run: [] D:\Private\Samsung\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630..\Run: [Akamai NetSession Interface] C:\Users\wro01692\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630..\Run: [Cisco WebEx Connect] C:\Program Files (x86)\WebEx\Connect\connect.exe (Cisco WebEx)
O4 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630..\Run: [KiesAirMessage] D:\Private\Samsung\Kies\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630..\Run: [KiesPreload] D:\Private\Samsung\Kies\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630..\Run: [Steam] D:\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1593251271-2640304127-1825641215-289423..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\All Users\Application Data\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk =  File not found
O4 - Startup: C:\Users\All Users\Application Data\Microsoft\Windows\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk =  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\CaretBrowsing present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Download present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Security present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\SQM present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPublishingWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWebServices = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoOnlinePrintsWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: enablelinkedconnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: nointernetopenwith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStartupSound = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 1800
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideShutdownScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\SQM present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\SQM present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\SQM present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\SQM present
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-289423\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-289423\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-289423\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-289423\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-289423\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-289423\Software\Policies\Microsoft\Internet Explorer\SQM present
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\Software\Policies\Microsoft\Internet Explorer\SQM present
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisablePersonalDirChange = 1
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyGames = 1
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 1 = HomeGroup
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 2 = Share with a homegroup
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 3 = Get Windows Live Essentials
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 4 = Go online to get Windows Live Essentials
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 5 = Create a system repair disc
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogonScripts = 0
O7 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O8:[b]64bit:[/b] - Extra context menu item: I&M Chat - C:\Program Files (x86)\Nokia Siemens Networks\Communication Suite\scripts\call_imscript.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8:[b]64bit:[/b] - Extra context menu item: V&oice Call - C:\Program Files (x86)\Nokia Siemens Networks\Communication Suite\scripts\call_voicescript.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Vi&deo Call - C:\Program Files (x86)\Nokia Siemens Networks\Communication Suite\scripts\call_videoscript.htm ()
O8 - Extra context menu item: I&M Chat - C:\Program Files (x86)\Nokia Siemens Networks\Communication Suite\scripts\call_imscript.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: V&oice Call - C:\Program Files (x86)\Nokia Siemens Networks\Communication Suite\scripts\call_voicescript.htm ()
O8 - Extra context menu item: Vi&deo Call - C:\Program Files (x86)\Nokia Siemens Networks\Communication Suite\scripts\call_videoscript.htm ()
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {41520880-8342-3431-3684-140032321000} https://sharenet-ims.inside.nokiasiemensnetworks.com/livelink/livelink?func=webdav.webdavxpi&filename=otdavview101.cab (Content Server - WebDAV 10.0.1)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CC679CB8-DC4B-458B-B817-D447B3B6AC31} vpnweb.cab (Cisco AnyConnect Secure Mobility Client Web Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.154.0.33 10.159.32.210 10.150.128.15 10.154.24.41
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = nsn-intra.net
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{120B3FE3-1129-44C1-BEE3-93EB1BD9780C}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6FB7FF7-13CA-4AE0-AA06-6CD32FC2BB23}: DhcpNameServer = 10.154.0.33 10.159.32.210 10.150.128.15 10.154.24.41
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: GinaDLL - (pssogina.dll) - C:\WINDOWS\SysNative\pssogina.dll (Check Point Software Tech Ltd)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1593251271-2640304127-1825641215-96630 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\ccnotify: DllName - (ccnotify.dll) - C:\WINDOWS\SysNative\ccnotify.dll (IBM Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2013-03-26 08:27:43 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012-06-13 23:28:07 | 000,000,044 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-03-26 09:46:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\userdata\wro01692\Desktop\OTL.exe
[2013-03-26 09:32:54 | 005,044,493 | ---- | C] (Swearware) -- D:\userdata\wro01692\Desktop\ComboFix.exe
[2013-03-26 08:27:04 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013-03-26 08:26:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013-03-26 07:48:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013-03-26 07:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-03-26 07:45:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013-03-25 07:11:23 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys
[2013-03-25 07:09:47 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2013-03-25 07:09:47 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2013-03-25 07:09:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2013-03-25 07:09:47 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2013-03-25 07:09:45 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll
[2013-03-25 07:09:45 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2013-03-25 07:09:44 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2013-03-25 07:04:01 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2013-03-25 07:04:00 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2013-03-25 07:04:00 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAnimation.dll
[2013-03-25 07:04:00 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAnimation.dll
[2013-03-25 07:03:57 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2013-03-25 07:03:57 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2013-03-25 07:03:54 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10_1.dll
[2013-03-25 07:03:54 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013-03-25 07:03:54 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013-03-25 07:03:54 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013-03-25 07:03:54 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013-03-25 07:03:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013-03-25 07:03:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013-03-25 07:03:54 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013-03-25 07:03:54 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013-03-25 07:03:53 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2013-03-25 07:03:53 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2013-03-25 07:03:53 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2013-03-25 07:03:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013-03-25 07:03:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013-03-25 07:03:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013-03-25 07:03:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013-03-25 07:03:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013-03-25 07:03:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013-03-25 07:03:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013-03-25 07:03:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013-03-25 07:03:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013-03-25 07:03:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013-03-25 07:03:52 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10level9.dll
[2013-03-25 07:03:52 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013-03-25 07:03:52 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10_1core.dll
[2013-03-25 07:03:52 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10core.dll
[2013-03-25 07:03:51 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013-03-25 07:03:51 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsPrint.dll
[2013-03-25 07:03:51 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013-03-25 07:03:51 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10.dll
[2013-03-25 07:03:51 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsPrint.dll
[2013-03-25 07:03:50 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2013-03-25 07:03:50 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2013-03-25 07:03:50 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecsExt.dll
[2013-03-25 07:03:49 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2013-03-20 10:59:36 | 000,000,000 | ---D | C] -- D:\userdata\wro01692\Application Data\Microsoft\Windows\Start Menu\Programs\Kerkythea Rendering System
[2013-03-20 10:59:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kerkythea Rendering System
[2013-03-20 09:46:25 | 000,000,000 | ---D | C] -- D:\userdata\wro01692\Application Data\Microsoft\Windows\Start Menu\Programs\POV-Ray for Windows v3.62
[2013-03-20 09:46:18 | 000,000,000 | ---D | C] -- d:\userdata\wro01692\My Documents\POV-Ray
[2013-03-20 09:46:17 | 000,000,000 | ---D | C] -- D:\userdata\wro01692\Application Data\POV-Ray
[2013-03-19 14:10:00 | 000,000,000 | ---D | C] -- C:\Users\wro01692\AppData\Local\TSVNCache
[2013-03-19 14:09:58 | 000,000,000 | ---D | C] -- D:\userdata\wro01692\Application Data\Subversion
[2013-03-19 13:00:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN
[2013-03-19 12:59:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TortoiseOverlays
[2013-03-19 12:59:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TortoiseOverlays
[2013-03-19 12:59:48 | 000,000,000 | ---D | C] -- C:\Program Files\TortoiseSVN
[2013-03-17 12:06:32 | 000,000,000 | ---D | C] -- C:\Users\wro01692\AppData\Local\Macromedia
[2013-03-17 12:05:48 | 000,000,000 | ---D | C] -- D:\userdata\wro01692\Application Data\Mozilla
[2013-03-17 12:05:48 | 000,000,000 | ---D | C] -- C:\Users\wro01692\AppData\Local\Mozilla
[2013-03-13 14:22:06 | 000,000,000 | ---D | C] -- C:\Users\wro01692\Desktop
[2013-03-13 14:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tlen.pl
[2013-03-12 21:06:08 | 000,000,000 | ---D | C] -- D:\userdata\wro01692\Application Data\Indigo Renderer
[2013-03-10 12:09:50 | 000,000,000 | ---D | C] -- D:\userdata\wro01692\Application Data\eTeks
[2013-03-10 11:58:42 | 000,000,000 | ---D | C] -- D:\userdata\wro01692\Application Data\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
[2013-03-04 09:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013-02-26 16:45:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Adobe
[2013-02-25 13:01:53 | 000,000,000 | ---D | C] -- C:\Users\wro01692\AppData\Local\WebEx
[2013-02-25 11:55:48 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2013-02-25 11:55:48 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setup16.exe
[2013-02-25 11:55:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntvdm64.dll
[2013-02-25 11:55:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\instnm.exe
[2013-02-25 11:55:48 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wow32.dll
[2013-02-25 11:55:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\user.exe
[2013-02-25 11:55:35 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2013-02-25 11:55:34 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntkrnlpa.exe
[2013-02-25 11:55:34 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntoskrnl.exe
[2013-02-25 11:46:56 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-03-27 09:49:44 | 000,019,120 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-03-27 09:49:44 | 000,019,120 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-03-27 09:47:01 | 000,000,393 | ---- | M] () -- C:\WINDOWS\SMSCFG.INI
[2013-03-27 09:46:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-03-27 09:42:41 | 000,001,958 | ---- | M] () -- D:\userdata\wro01692\Desktop\3FJF74J WRO01692.lnk
[2013-03-27 09:42:10 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-03-27 09:41:28 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Connect network drives.lnk
[2013-03-27 09:40:28 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-03-27 09:40:22 | 3183,374,336 | -HS- | M] () -- C:\hiberfil.sys
[2013-03-27 09:18:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-03-26 09:47:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\userdata\wro01692\Desktop\OTL.exe
[2013-03-26 09:33:02 | 005,044,493 | ---- | M] (Swearware) -- D:\userdata\wro01692\Desktop\ComboFix.exe
[2013-03-26 08:27:43 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013-03-26 08:23:32 | 000,812,894 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013-03-26 08:23:32 | 000,676,934 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013-03-26 08:23:32 | 000,129,400 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013-03-21 15:44:27 | 000,215,185 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013-03-21 15:14:47 | 000,006,720 | ---- | M] () -- C:\WINDOWS\cfgall.ini
[2013-03-20 09:46:25 | 000,002,546 | ---- | M] () -- D:\userdata\wro01692\Desktop\POV-Ray for Windows v3.62.lnk
[2013-03-20 09:46:25 | 000,001,140 | ---- | M] () -- D:\userdata\wro01692\Desktop\Sample POV-Ray 3.6 Scenes.lnk
[2013-03-19 14:08:56 | 000,060,380 | RHS- | M] () -- C:\Users\wro01692\ntuser.pol
[2013-03-18 20:18:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_SensorsAlsDriver_01_09_00.Wdf
[2013-03-17 12:18:47 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013-03-17 12:18:47 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013-03-17 12:05:36 | 000,001,405 | ---- | M] () -- D:\userdata\wro01692\Desktop\FirefoxPortable.exe.lnk
[2013-03-13 14:22:06 | 000,000,622 | ---- | M] () -- C:\Users\wro01692\Application Data\Microsoft\Internet Explorer\Quick Launch\Komunikator Tlen.pl.lnk
[2013-03-10 11:58:42 | 000,001,977 | ---- | M] () -- D:\userdata\wro01692\Desktop\Sweet Home 3D.lnk
[2013-03-06 09:09:03 | 000,234,544 | ---- | M] () -- C:\WINDOWS\RegBootClean64.exe
[2013-03-06 09:08:56 | 000,181,808 | ---- | M] () -- C:\WINDOWS\RegBootClean.exe
[2013-02-28 14:57:18 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll
[2013-02-28 14:57:09 | 000,735,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2013-02-28 14:57:09 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2013-02-28 14:57:07 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2013-02-28 14:37:20 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2013-02-28 14:37:08 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2013-02-28 14:37:03 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2013-02-26 13:34:46 | 000,338,520 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-03-26 09:09:45 | 000,002,269 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk
[2013-03-26 09:09:45 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2013-03-26 08:27:43 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013-03-20 09:46:25 | 000,002,546 | ---- | C] () -- D:\userdata\wro01692\Desktop\POV-Ray for Windows v3.62.lnk
[2013-03-20 09:46:25 | 000,001,140 | ---- | C] () -- D:\userdata\wro01692\Desktop\Sample POV-Ray 3.6 Scenes.lnk
[2013-03-18 20:18:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_SensorsAlsDriver_01_09_00.Wdf
[2013-03-17 12:05:11 | 000,001,405 | ---- | C] () -- D:\userdata\wro01692\Desktop\FirefoxPortable.exe.lnk
[2013-03-13 14:22:06 | 000,000,622 | ---- | C] () -- C:\Users\wro01692\Application Data\Microsoft\Internet Explorer\Quick Launch\Komunikator Tlen.pl.lnk
[2013-03-10 11:58:42 | 000,001,977 | ---- | C] () -- D:\userdata\wro01692\Desktop\Sweet Home 3D.lnk
[2013-03-06 09:09:03 | 000,234,544 | ---- | C] () -- C:\WINDOWS\RegBootClean64.exe
[2013-03-06 09:08:56 | 000,181,808 | ---- | C] () -- C:\WINDOWS\RegBootClean.exe
[2013-01-23 15:15:18 | 000,000,600 | ---- | C] () -- C:\Users\wro01692\PUTTY.RND
[2013-01-21 10:50:04 | 000,004,761 | ---- | C] () -- C:\Users\wro01692\AppData\Local\recently-used.xbel
[2012-12-18 10:06:10 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2012-12-18 10:06:06 | 000,974,848 | ---- | C] () -- C:\WINDOWS\SysWow64\cis-2.4.dll
[2012-12-18 10:06:06 | 000,081,920 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_bs-2.3.dll
[2012-12-18 10:06:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_pe-2.3.dll
[2012-12-18 10:06:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_se-2.3.dll
[2012-11-29 09:10:53 | 000,000,600 | ---- | C] () -- C:\Users\wro01692\AppData\Local\PUTTY.RND
[2012-11-16 16:12:32 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysWow64\srbt.dll
[2012-11-05 14:56:21 | 000,060,380 | RHS- | C] () -- C:\Users\wro01692\ntuser.pol
[2012-11-05 14:55:46 | 000,215,185 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012-11-05 14:39:27 | 000,006,720 | ---- | C] () -- C:\WINDOWS\cfgall.ini
[2012-11-05 14:15:21 | 000,004,764 | ---- | C] () -- C:\WINDOWS\SysWow64\CcmFramework.ini
[2012-07-27 21:27:31 | 000,798,806 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012-07-27 21:26:11 | 000,000,393 | ---- | C] () -- C:\WINDOWS\SMSCFG.INI
[2011-05-13 10:07:24 | 000,139,264 | ---- | C] () -- C:\WINDOWS\SysWow64\nsldap32v50.dll
[2011-05-13 10:07:24 | 000,040,960 | ---- | C] () -- C:\WINDOWS\SysWow64\nsldapssl32v50.dll
[2011-05-13 10:07:24 | 000,024,576 | ---- | C] () -- C:\WINDOWS\SysWow64\nsldappr32v50.dll
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-08-21 14:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012-08-21 14:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-08-21 14:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >