OTL2.Txt

Re: usuwanie McAfee- jak zmienić tryb w jakim działa?

Acorus, AdwClener nawet nie pokazał McAffe i SearchMe Toolbar v8.6 ... ale za to pokazał jakieś OpenCandy + toolbary babylon które już usunęłam w załączeniu OTL


??OTL logfile created on: 2014-02-13 19:39:30 - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Blondi\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16428)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd



3,92 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 42,05% Memory free

7,83 Gb Paging File | 5,57 Gb Available in Paging File | 71,19% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]



%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 654,69 Gb Total Space | 451,18 Gb Free Space | 68,91% Space Free | Partition Type: NTFS

Drive D: | 29,00 Gb Total Space | 26,59 Gb Free Space | 91,70% Space Free | Partition Type: NTFS

Drive E: | 34,25 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS



Computer Name: ME | User Name: Blondi | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 1 Day



[color=#E56717]========== Processes (SafeList) ==========[/color]



PRC - [2014-02-13 19:19:48 | 001,166,132 | ---- | M] () -- C:\Users\Blondi\Downloads\adwcleaner.exe

PRC - [2014-02-13 18:25:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Blondi\Downloads\OTL.exe

PRC - [2014-02-02 00:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

PRC - [2013-12-18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2013-06-26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2013-06-26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2012-12-11 22:13:35 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe

PRC - [2012-12-11 22:13:29 | 000,246,112 | ---- | M] () -- C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe

PRC - [2011-03-14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe

PRC - [2011-03-04 11:38:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2010-12-20 11:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2010-12-20 11:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2010-12-05 00:39:24 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe

PRC - [2010-04-30 15:24:22 | 000,138,584 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\UIExec.exe

PRC - [2010-04-30 15:20:52 | 000,252,784 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AssistantServices.exe





[color=#E56717]========== Modules (No Company Name) ==========[/color]



MOD - [2014-02-13 19:19:48 | 001,166,132 | ---- | M] () -- C:\Users\Blondi\Downloads\adwcleaner.exe

MOD - [2014-02-02 00:42:37 | 013,616,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll

MOD - [2014-02-02 00:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll

MOD - [2014-02-02 00:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll

MOD - [2014-02-02 00:41:45 | 000,715,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll

MOD - [2014-02-02 00:41:45 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll

MOD - [2014-02-02 00:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll

MOD - [2012-12-11 22:13:35 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe

MOD - [2012-12-11 22:13:30 | 000,384,512 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\USSDUIPlugin.dll

MOD - [2012-12-11 22:13:30 | 000,240,128 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\ToolBarMgrPlugin.dll

MOD - [2012-12-11 22:13:30 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\XFramePlugin.dll

MOD - [2012-12-11 22:13:30 | 000,159,232 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\XCodec.dll

MOD - [2012-12-11 22:13:30 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\USSDSrvPlugin.dll

MOD - [2012-12-11 22:13:30 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Trace.dll

MOD - [2012-12-11 22:13:30 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Win7Support.dll

MOD - [2012-12-11 22:13:29 | 009,515,520 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\QtGui4.dll

MOD - [2012-12-11 22:13:29 | 002,415,104 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\QtCore4.dll

MOD - [2012-12-11 22:13:29 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\QtNetwork4.dll

MOD - [2012-12-11 22:13:29 | 001,101,824 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NDISAPI.dll

MOD - [2012-12-11 22:13:29 | 001,077,248 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AddrBookPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,808,960 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SMSUIPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,739,328 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AddrBookUIPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,670,720 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SmsAppPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,550,400 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\CallAppPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,547,840 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\CallLogSrvPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,545,280 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PluginContainer.dll

MOD - [2012-12-11 22:13:29 | 000,495,104 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceMgrUIPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,483,328 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetInfoUIExPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,428,032 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\core.dll

MOD - [2012-12-11 22:13:29 | 000,427,008 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DialupUIPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,381,952 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Proxy.DLL

MOD - [2012-12-11 22:13:29 | 000,370,176 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qtiff4.dll

MOD - [2012-12-11 22:13:29 | 000,350,720 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qmng4.dll

MOD - [2012-12-11 22:13:29 | 000,338,432 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceAppPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,334,848 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\MainpagePlugin.dll

MOD - [2012-12-11 22:13:29 | 000,333,312 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetConnectPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,310,272 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\StatusBarMgrPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,301,056 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceSrvPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetInfoSrvPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,269,824 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\LiveUpdateInterface.DLL

MOD - [2012-12-11 22:13:29 | 000,264,704 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AddrBookSrvPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,261,632 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\sdk.dll

MOD - [2012-12-11 22:13:29 | 000,249,344 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\MenuMgrPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,238,080 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AtCodec.dll

MOD - [2012-12-11 22:13:29 | 000,235,008 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetSrvPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Common.dll

MOD - [2012-12-11 22:13:29 | 000,217,600 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SmsSrvPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,211,968 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DialUpPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qjpeg4.dll

MOD - [2012-12-11 22:13:29 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NDISPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,176,128 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\CallSrvPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,158,720 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetConnectSrvPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,157,184 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DataServicePlugin.dll

MOD - [2012-12-11 22:13:29 | 000,156,672 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\STKSrvPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSDialup.dll

MOD - [2012-12-11 22:13:29 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSNDIS.dll

MOD - [2012-12-11 22:13:29 | 000,123,392 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\ATR2SMgr.dll

MOD - [2012-12-11 22:13:29 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\LayoutPlugin.dll

MOD - [2012-12-11 22:13:29 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSAdapt.dll

MOD - [2012-12-11 22:13:29 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NotifyServicePlugin.dll

MOD - [2012-12-11 22:13:29 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qgif4.dll

MOD - [2012-12-11 22:13:29 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qico4.dll

MOD - [2012-12-11 22:13:29 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSPowerMgr.dll

MOD - [2012-12-11 22:13:29 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSCall.dll

MOD - [2012-12-11 22:13:29 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\libgcc_s_dw2-1.dll

MOD - [2012-12-11 22:13:29 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\mingwm10.dll

MOD - [2010-04-30 15:24:22 | 000,138,584 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\UIExec.exe





[color=#E56717]========== Services (SafeList) ==========[/color]



SRV:[b]64bit:[/b] - [2013-11-26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:[b]64bit:[/b] - [2013-10-23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)

SRV:[b]64bit:[/b] - [2013-10-23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV:[b]64bit:[/b] - [2013-09-06 18:32:06 | 000,288,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService)

SRV:[b]64bit:[/b] - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:[b]64bit:[/b] - [2011-02-15 13:26:42 | 000,956,192 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)

SRV:[b]64bit:[/b] - [2010-11-02 14:49:46 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)

SRV:[b]64bit:[/b] - [2010-11-02 14:39:08 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)

SRV:[b]64bit:[/b] - [2010-11-02 14:34:14 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)

SRV:[b]64bit:[/b] - [2010-09-30 16:05:42 | 000,311,296 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtLED\RtLEDService.exe -- (RtLedService)

SRV:[b]64bit:[/b] - [2010-09-22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:[b]64bit:[/b] - [2005-07-25 14:58:12 | 000,451,584 | ---- | M] ( ) [On_Demand | Stopped] -- C:\Windows\SysNative\lxcgcoms.exe -- (lxcg_device)

SRV - [2014-02-04 21:52:23 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2014-01-06 21:38:42 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013-12-18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2013-10-23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013-06-26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2013-06-26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2013-04-18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2012-12-11 22:13:29 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc)

SRV - [2011-03-14 16:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)

SRV - [2011-03-04 11:38:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2010-12-20 11:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2010-12-20 11:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2010-04-30 15:20:52 | 000,252,784 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\PLAY ONLINE\AssistantServices.exe -- (UI Assistant Service)

SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)





[color=#E56717]========== Driver Services (SafeList) ==========[/color]



DRV:[b]64bit:[/b] - [2013-09-27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)

DRV:[b]64bit:[/b] - [2013-08-29 02:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)

DRV:[b]64bit:[/b] - [2013-06-26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:[b]64bit:[/b] - [2013-06-26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:[b]64bit:[/b] - [2013-06-26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:[b]64bit:[/b] - [2013-06-26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:[b]64bit:[/b] - [2012-12-11 22:13:30 | 000,218,624 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)

DRV:[b]64bit:[/b] - [2012-12-11 22:13:30 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)

DRV:[b]64bit:[/b] - [2012-12-11 22:13:30 | 000,098,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)

DRV:[b]64bit:[/b] - [2012-12-11 22:13:30 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)

DRV:[b]64bit:[/b] - [2012-12-11 22:13:30 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)

DRV:[b]64bit:[/b] - [2012-12-11 22:13:30 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)

DRV:[b]64bit:[/b] - [2012-10-17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)

DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:[b]64bit:[/b] - [2011-06-08 09:29:27 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)

DRV:[b]64bit:[/b] - [2011-06-08 09:29:25 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)

DRV:[b]64bit:[/b] - [2011-06-08 09:16:08 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon)

DRV:[b]64bit:[/b] - [2011-06-08 09:16:08 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv)

DRV:[b]64bit:[/b] - [2011-03-25 11:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:[b]64bit:[/b] - [2011-03-04 11:38:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)

DRV:[b]64bit:[/b] - [2011-02-18 09:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:[b]64bit:[/b] - [2011-02-15 07:45:16 | 000,349,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)

DRV:[b]64bit:[/b] - [2011-02-15 07:45:12 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:[b]64bit:[/b] - [2011-02-15 07:45:12 | 000,107,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:[b]64bit:[/b] - [2011-02-15 07:45:12 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:[b]64bit:[/b] - [2011-02-15 07:45:12 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:[b]64bit:[/b] - [2010-12-22 13:19:58 | 001,407,024 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:[b]64bit:[/b] - [2010-12-15 10:06:34 | 008,200,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)

DRV:[b]64bit:[/b] - [2010-12-05 00:39:44 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)

DRV:[b]64bit:[/b] - [2010-12-01 06:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)

DRV:[b]64bit:[/b] - [2010-11-30 07:40:04 | 000,307,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)

DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:[b]64bit:[/b] - [2010-11-09 04:16:36 | 008,500,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)

DRV:[b]64bit:[/b] - [2010-10-19 09:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)

DRV:[b]64bit:[/b] - [2010-10-14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)

DRV:[b]64bit:[/b] - [2010-05-31 04:46:50 | 000,333,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:[b]64bit:[/b] - [2009-10-29 18:28:24 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)

DRV:[b]64bit:[/b] - [2009-10-29 18:28:24 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)

DRV:[b]64bit:[/b] - [2009-10-29 18:28:24 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)

DRV:[b]64bit:[/b] - [2009-10-29 18:28:24 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)

DRV:[b]64bit:[/b] - [2009-07-21 15:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)

DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)





[color=#E56717]========== Standard Registry (SafeList) ==========[/color]





[color=#E56717]========== Internet Explorer ==========[/color]



IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & form=LENDF8 & pc=MALN & src=IE-SearchBox

IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: " URL " = http://www.google.com/search?q={searchTerms} & rls=com.microsoft:{language}:{referrer:source?} & ie={inputEncoding} & oe={outputEncoding} & sourceid=ie7

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & FORM=IE8SRC

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: " URL " = http://www.google.com/search?q={searchTerms} & rls=com.microsoft:{language}:{referrer:source?} & ie={inputEncoding} & oe={outputEncoding} & sourceid=ie7





IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0



IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0



IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =



IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =



IE - HKU\S-1-5-21-2422741620-1399397133-545991203-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com

IE - HKU\S-1-5-21-2422741620-1399397133-545991203-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.lenovo.com

IE - HKU\S-1-5-21-2422741620-1399397133-545991203-1000\..\SearchScopes,DefaultScope =



IE - HKU\S-1-5-21-2422741620-1399397133-545991203-1001\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://www.google.com

IE - HKU\S-1-5-21-2422741620-1399397133-545991203-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LENN & bmod=LENN

IE - HKU\S-1-5-21-2422741620-1399397133-545991203-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com [binary data]

IE - HKU\S-1-5-21-2422741620-1399397133-545991203-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\S-1-5-21-2422741620-1399397133-545991203-1001\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found

IE - HKU\S-1-5-21-2422741620-1399397133-545991203-1001\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2422741620-1399397133-545991203-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & r=

IE - HKU\S-1-5-21-2422741620-1399397133-545991203-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: " URL " = http://www.google.com/search?sourceid=ie7 & q={searchTerms} & rls=com.microsoft:{language}:{referrer:source?} & ie={inputEncoding} & oe={outputEncoding} & rlz=1I7LENN

IE - HKU\S-1-5-21-2422741620-1399397133-545991203-1001\..\SearchScopes\{973967B1-4DC1-478D-A333-77299EA11E41}: " URL " = http://search.yahoo.com/search?fr=chr-greentree_ie & ei=utf-8 & ilc=12 & type=888596 & p={searchTerms}

IE - HKU\S-1-5-21-2422741620-1399397133-545991203-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0



[color=#E56717]========== FireFox ==========[/color]



FF - prefs.js..browser.search.defaultenginename: " Yahoo! "

FF - prefs.js..browser.search.selectedEngine: " Yahoo! "

FF - prefs.js..extensions.enabledAddons: %7B58d2a791-6199-482f-a9aa-9b725ec61362%7D:2.0

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0

FF - prefs.js..keyword.URL: " http://search.yahoo.com/search?fr=greentree_ff1 & ei=utf-8 & ilc=12 & type=888596 & p= "





FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\adobe reader\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Blondi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)



FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014-01-06 21:38:26 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-01-25 23:11:17 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014-01-06 21:38:26 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-01-25 23:11:17 | 000,000,000 | ---D | M]



[2012-08-23 09:10:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blondi\AppData\Roaming\mozilla\Extensions

[2014-01-25 14:53:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blondi\AppData\Roaming\mozilla\Firefox\Profiles\5vfch5qn.default\extensions

[2014-01-22 18:25:36 | 000,000,000 | ---D | M] (Start Page) -- C:\Users\Blondi\AppData\Roaming\mozilla\Firefox\Profiles\5vfch5qn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}

[2013-12-14 22:45:37 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Blondi\AppData\Roaming\mozilla\Firefox\Profiles\5vfch5qn.default\extensions\IplextoALL@ALLPlayer.org

[2013-11-21 19:56:02 | 000,000,000 | ---D | M] (surf and okEep) -- C:\Users\Blondi\AppData\Roaming\mozilla\Firefox\Profiles\5vfch5qn.default\extensions\zpubkao9vo@oaucza.edu

[2013-11-25 07:33:20 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\Blondi\AppData\Roaming\mozilla\firefox\profiles\5vfch5qn.default\extensions\IplextoALL@ALLPlayer.org.xpi

[2014-01-22 18:25:03 | 000,000,905 | ---- | M] () -- C:\Users\Blondi\AppData\Roaming\mozilla\firefox\profiles\5vfch5qn.default\searchplugins\yahoo_ff.xml

[2014-01-06 21:38:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions

[2014-01-06 21:38:45 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2011-04-14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll

[2011-07-11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll

[2013-12-25 23:28:30 | 000,000,571 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\nationzoom.xml



[color=#E56717]========== Chrome ==========[/color]



CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms} & {google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient} & xssi=t & q={searchTerms} & {google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://www.google.pl/

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Blondi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll

CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll

CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Adobe Acrobat (Enabled) = D:\adobe reader\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Unity Player (Enabled) = C:\Users\Blondi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll

CHR - Extension: YouTube = C:\Users\Blondi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: No name found = C:\Users\Blondi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\

CHR - Extension: Adblock Plus = C:\Users\Blondi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\

CHR - Extension: Szukaj w Google = C:\Users\Blondi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: Google Wallet = C:\Users\Blondi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\

CHR - Extension: Gmail = C:\Users\Blondi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\



O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)

O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\S-1-5-21-2422741620-1399397133-545991203-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [UIExec] C:\Program Files (x86)\PLAY ONLINE\UIExec.exe ()

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2422741620-1399397133-545991203-1000..\Run: [FactoryTest] C:\Windows\Test.bat File not found

O4 - HKU\S-1-5-21-2422741620-1399397133-545991203-1000..\Run: [Power2GoExpress] NA File not found

O4 - HKU\S-1-5-21-2422741620-1399397133-545991203-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2422741620-1399397133-545991203-1001..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe (ALLPlayer Group Ltd.)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-21-2422741620-1399397133-545991203-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\S-1-5-21-2422741620-1399397133-545991203-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8:[b]64bit:[/b] - Extra context menu item: Wy[lij obraz do urzdzenia & Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:[b]64bit:[/b] - Extra context menu item: Wy[lij stron do urzdzenia & Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Wy[lij obraz do urzdzenia & Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Wy[lij stron do urzdzenia & Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Wy[lij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Wy[lij do urzdzenia & Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O13[b]64bit:[/b] - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Java Plug-in 10.51.2)

O16 - DPF: {CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Java Plug-in 1.7.0_06)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Java Plug-in 10.51.2)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A3B855C-93A4-4B43-B7E6-655C6588F7FF}: DhcpNameServer = 217.172.224.160 89.231.1.206

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{591024B2-8802-4013-A9B6-BA11BC3B407C}: NameServer = 89.108.202.20 89.108.195.20

O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found

O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found

O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found

O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found

O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O20:[b]64bit:[/b] - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)

O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)

O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011-03-16 08:27:22 | 000,148,320 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ]

O32 - AutoRun File - [2008-10-09 10:12:34 | 000,000,045 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]

O33 - MountPoints2\{42b180f2-43ca-11e2-bad5-f0def16659d3}\Shell - " " = AutoRun

O33 - MountPoints2\{42b180f2-43ca-11e2-bad5-f0def16659d3}\Shell\AutoRun\command - " " = E:\AutoRun.exe -- [2011-03-16 08:27:22 | 000,148,320 | R--- | M] ()

O33 - MountPoints2\{42b180fe-43ca-11e2-bad5-f0def16659d3}\Shell - " " = AutoRun

O33 - MountPoints2\{42b180fe-43ca-11e2-bad5-f0def16659d3}\Shell\AutoRun\command - " " = E:\AutoRun.exe -- [2011-03-16 08:27:22 | 000,148,320 | R--- | M] ()

O34 - HKLM BootExecute: (autocheck autochk *)

O35:[b]64bit:[/b] - HKLM\..comfile [open] -- " %1 " %*

O35:[b]64bit:[/b] - HKLM\..exefile [open] -- " %1 " %*

O35 - HKLM\..comfile [open] -- " %1 " %*

O35 - HKLM\..exefile [open] -- " %1 " %*

O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- " %1 " %*

O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- " %1 " %*

O37 - HKLM\...com [@ = comfile] -- " %1 " %*

O37 - HKLM\...exe [@ = exefile] -- " %1 " %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



[color=#E56717]========== Files/Folders - Created Within 1 Day ==========[/color]



[2014-02-13 19:19:55 | 000,000,000 | ---D | C] -- C:\AdwCleaner

[2011-10-05 16:29:18 | 030,899,816 | ---- | C] (ALLPlayer ) -- C:\Program Files (x86)\ALLPlayerPL.exe

[2011-09-30 07:43:56 | 039,490,968 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files (x86)\AdbeRdr1010_pl_PL.exe

[2011-09-09 18:16:19 | 036,587,416 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files (x86)\AdbeRdr1000_pl_PL.exe



[color=#E56717]========== Files - Modified Within 1 Day ==========[/color]



[2014-02-13 19:40:18 | 000,021,280 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014-02-13 19:40:18 | 000,021,280 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014-02-13 19:38:08 | 001,551,484 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI

[2014-02-13 19:38:08 | 000,698,598 | ---- | M] () -- C:\windows\SysNative\perfh015.dat

[2014-02-13 19:38:08 | 000,616,694 | ---- | M] () -- C:\windows\SysNative\perfh009.dat

[2014-02-13 19:38:08 | 000,135,418 | ---- | M] () -- C:\windows\SysNative\perfc015.dat

[2014-02-13 19:38:08 | 000,106,816 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

[2014-02-13 19:31:53 | 000,133,403 | ---- | M] () -- C:\windows\SysNative\fastboot.set

[2014-02-13 19:31:53 | 000,001,058 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2014-02-13 19:31:44 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\Ikeext.etl

[2014-02-13 19:31:30 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat

[2014-02-13 19:31:19 | 3153,727,488 | -HS- | M] () -- C:\hiberfil.sys

[2014-02-13 18:59:00 | 000,001,062 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2014-02-13 18:52:00 | 000,000,930 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job

[2014-02-13 17:15:38 | 000,031,067 | ---- | M] () -- C:\Users\Blondi\Desktop\1.jpg

[2014-02-13 17:08:18 | 000,063,248 | ---- | M] () -- C:\Users\Blondi\Desktop\bBd.jpg

[2014-02-13 09:28:55 | 000,199,386 | ---- | M] () -- C:\Users\Blondi\Documents\new.m3u



[color=#E56717]========== Files Created - No Company Name ==========[/color]



[2014-02-13 17:15:38 | 000,031,067 | ---- | C] () -- C:\Users\Blondi\Desktop\1.jpg

[2014-02-13 17:05:06 | 000,063,248 | ---- | C] () -- C:\Users\Blondi\Desktop\bBd.jpg

[2013-12-11 08:58:12 | 000,043,008 | ---- | C] () -- C:\windows\SysWow64\jsproxy.dll

[2013-11-19 11:18:51 | 000,258,048 | ---- | C] () -- C:\windows\SysWow64\libFLAC.dll

[2011-08-31 20:03:25 | 026,809,048 | ---- | C] () -- C:\Program Files (x86)\gg10,5.exe



[color=#E56717]========== ZeroAccess Check ==========[/color]



[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini



[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64



[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]



[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64



[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]



[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

" " = C:\Windows\SysNative\shell32.dll -- [2013-07-26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)

" ThreadingModel " = Apartment



[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

" " = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)

" ThreadingModel " = Apartment



[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

" " = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

" ThreadingModel " = Free



[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

" " = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

" ThreadingModel " = Free



[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

" " = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

" ThreadingModel " = Both



[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]



[color=#E56717]========== LOP Check ==========[/color]



[2011-09-03 21:15:06 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\ArcSyncConfig

[2014-01-25 23:44:47 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\AVG

[2013-11-11 14:07:57 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\BitTorrent

[2012-06-23 15:18:41 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\EurekaLog

[2011-11-21 23:36:33 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\Gadu-Gadu 10

[2013-11-07 22:55:12 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\GG

[2014-01-01 19:33:49 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\NapiProjekt

[2014-01-01 19:33:13 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\newnext.me

[2013-11-17 13:56:17 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\Nokia

[2011-09-08 19:15:39 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\OpenFM

[2013-11-11 14:22:14 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\OpenOffice

[2013-11-17 13:32:00 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\PC Suite

[2014-01-01 19:31:31 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\SoftGrid Client

[2011-09-02 16:50:45 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\TP

[2013-05-03 19:50:43 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\TuneUp Software

[2012-02-19 17:20:28 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\Unity

[2014-02-10 08:54:57 | 000,000,000 | ---D | M] -- C:\Users\Blondi\AppData\Roaming\Windows Live Writer

[2012-10-13 13:19:58 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software

[2012-10-13 13:19:58 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software



[color=#E56717]========== Purity Check ==========[/color]







[color=#E56717]========== Alternate Data Streams ==========[/color]



@Alternate Data Stream - 168 bytes - & gt; C:\Users\Blondi\Documents\potwierdzenie wpBaty.jpeg:3or4kl4x13tuuug3Byamue2s4b



& lt; End of report & gt;


Download file - link to post