x-kom hosting

svchost.exe

berni1985
utworzono
utworzono (edytowane)

[color=#282828][font=helvetica, arial, sans-serif]Witam serdecznie. Nie jestem pewnien czy to ten dział czy nie, ale nic innego znaleźć nie mogę. Mam dość ciekawy problem, a mianowicie, jakiś czas temu avast wykrył zagrożenie było to gdzieś na dysku c/system32/ svhost.exe (mogę się pomylić z nazwą bo nie pamiętam). Próbowałem wyleczyć ten plik, jednak bez skutecznie. Wybrałem juz usuń, jednak także sie nie udało jedyna operacja która przebiegła pomyślnie to kwarantanna. [/font][/color]
[color=#282828][font=helvetica, arial, sans-serif]Jednak, komputer zaczął działać bardzo dziwnie. Na początku nie mogłem zrobic nic na kompie, włączyć filmu, chrome itd. Zrestartowałem kompa i jest ok. Teraz tylko pojawia się problem z czymś takim jak [/font][/color][font=helvetica, arial, sans-serif]proces hosta[/font][color=#282828][font=helvetica, arial, sans-serif] dla usługi systemu windows. Włączają mi się jakieś reklamy (możliwe że na fb) jednak nie potrafię ich zlokalizować, jedyne co mogę to wyłączyć dźwięk, i tu kolejna ciekawostka bo tego jest bardzo dużo. Dodam dwa załączniki które przedstawiają co co się dzieje w menadżerze zadań oraz jak to wygląda po kliknięciu na głośniki :/. Na kompach nie znam się prawie nic, nie wiem co mam robić a doprowadza mnie to do szału. Podejrzewam że gdybym miał słabszego kompa to już dawno bym nic nie zrobił :/ Proszę o pomoc. [/font][/color]


[log]OTL logfile created on: 2012-07-29 08:22:58 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\berni\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

15,98 Gb Total Physical Memory | 12,32 Gb Available Physical Memory | 77,11% Memory free
31,96 Gb Paging File | 27,41 Gb Available in Paging File | 85,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 292,97 Gb Total Space | 72,78 Gb Free Space | 24,84% Space Free | Partition Type: NTFS
Drive D: | 683,59 Gb Total Space | 599,83 Gb Free Space | 87,75% Space Free | Partition Type: NTFS
Drive E: | 886,35 Gb Total Space | 808,37 Gb Free Space | 91,20% Space Free | Partition Type: NTFS
Drive F: | 6,57 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: BERNI-KOMPUTER | User Name: berni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-07-28 14:21:09 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\berni\Downloads\OTL.exe
PRC - [2012-07-25 02:19:21 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Users\berni\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
PRC - [2012-07-20 16:36:13 | 003,393,672 | ---- | M] (GG Network S.A.) -- C:\Users\berni\AppData\Local\GG\Application\ggdrive\ggdrive.exe
PRC - [2012-07-20 16:36:13 | 003,381,384 | ---- | M] (GG Network S.A.) -- C:\Users\berni\AppData\Local\GG\Application\gghub.exe
PRC - [2012-07-20 16:36:13 | 000,047,752 | ---- | M] (GG Network S.A.) -- C:\Users\berni\AppData\Local\GG\Application\ggapp.exe
PRC - [2012-07-18 15:47:36 | 000,186,832 | ---- | M] (Google Inc.) -- C:\Users\berni\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler.exe
PRC - [2012-07-10 14:02:20 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-07-10 05:09:02 | 001,250,328 | ---- | M] (Google Inc.) -- C:\Users\berni\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2012-07-03 17:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-07-03 17:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-07-03 17:21:27 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2012-06-02 10:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2012-05-15 11:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-04-29 18:32:05 | 000,116,648 | ---- | M] (Google Inc.) -- C:\Users\berni\AppData\Local\Google\Update\GoogleUpdate.exe
PRC - [2012-04-29 17:19:14 | 000,079,360 | ---- | M] (Creative Labs) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
PRC - [2012-04-29 17:15:07 | 004,942,336 | ---- | M] (FNet Co., Ltd.) -- C:\Program Files (x86)\XFastUsb\XFastUsb.exe
PRC - [2012-01-17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2011-11-02 12:45:16 | 002,248,704 | ---- | M] () -- C:\Program Files (x86)\Vtune\TBPANEL.exe
PRC - [2011-08-01 19:37:06 | 002,512,656 | ---- | M] (Electronic Arts, Inc.) -- D:\Program Files (x86)\Electronic Arts\The Sims Średniowiecze\Game\Bin\SimsMedievalLauncher.exe
PRC - [2011-02-01 12:20:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011-02-01 12:20:46 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010-11-22 16:08:58 | 000,120,112 | ---- | M] (Electronic Arts) -- D:\Program Files (x86)\Electronic Arts\The Sims Średniowiecze\Game\Bin\EACore\EACoreServer.exe
PRC - [2009-10-14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009-10-14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
PRC - [2009-10-07 01:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2009-07-14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe
PRC - [2009-07-08 14:32:50 | 001,233,195 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
PRC - [2009-07-06 16:31:30 | 009,879,224 | ---- | M] (CD Projekt Red) -- D:\Program Files (x86)\Wiedźmin Edycja Rozszerzona\System\witcher.exe
PRC - [2009-05-04 18:05:04 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-07-28 14:21:09 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\berni\Downloads\OTL.exe
MOD - [2012-07-27 20:23:06 | 009,285,832 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_3_300_268.ocx
MOD - [2012-07-25 02:19:32 | 000,592,896 | ---- | M] () -- C:\Users\berni\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0007\~de6248.tmp
MOD - [2012-07-25 02:19:27 | 000,697,884 | ---- | M] () -- C:\Users\berni\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0007\~df394b.tmp
MOD - [2012-07-25 02:19:21 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Users\berni\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
MOD - [2012-07-24 18:30:04 | 000,460,288 | ---- | M] () -- C:\Users\berni\AppData\Roaming\btuti.dll
MOD - [2012-07-20 16:36:15 | 015,163,392 | ---- | M] (GG Network S.A.) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\xul.dll
MOD - [2012-07-20 16:36:14 | 001,900,544 | ---- | M] () -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\mozjs.dll
MOD - [2012-07-20 16:36:14 | 001,216,512 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\LIBEAY32.dll
MOD - [2012-07-20 16:36:14 | 000,712,704 | ---- | M] (Mozilla Foundation) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\MOZCPP19.dll
MOD - [2012-07-20 16:36:14 | 000,638,976 | ---- | M] (Mozilla Foundation) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\nss3.dll
MOD - [2012-07-20 16:36:14 | 000,364,544 | ---- | M] (sqlite.org) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\mozsqlite3.dll
MOD - [2012-07-20 16:36:14 | 000,364,544 | ---- | M] (Mozilla Foundation) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\nssckbi.dll
MOD - [2012-07-20 16:36:14 | 000,167,936 | ---- | M] (Mozilla Foundation) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\nspr4.dll
MOD - [2012-07-20 16:36:14 | 000,159,744 | ---- | M] (Mozilla Foundation) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\softokn3.dll
MOD - [2012-07-20 16:36:14 | 000,135,168 | ---- | M] (Mozilla Foundation) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\ssl3.dll
MOD - [2012-07-20 16:36:14 | 000,102,400 | ---- | M] (Mozilla Foundation) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\smime3.dll
MOD - [2012-07-20 16:36:14 | 000,098,304 | ---- | M] (Mozilla Foundation) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\nssdbm3.dll
MOD - [2012-07-20 16:36:14 | 000,081,920 | ---- | M] (Mozilla Foundation) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\nssutil3.dll
MOD - [2012-07-20 16:36:14 | 000,014,848 | ---- | M] (Mozilla Foundation) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\plc4.dll
MOD - [2012-07-20 16:36:14 | 000,012,288 | ---- | M] (Mozilla Foundation) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\plds4.dll
MOD - [2012-07-20 16:36:14 | 000,012,288 | ---- | M] (GG Network S.A.) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\xpcom.dll
MOD - [2012-07-20 16:36:14 | 000,008,704 | ---- | M] (GG Network S.A.) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\mozalloc.dll
MOD - [2012-07-20 16:36:13 | 003,393,672 | ---- | M] (GG Network S.A.) -- C:\Users\berni\AppData\Local\GG\Application\ggdrive\ggdrive.exe
MOD - [2012-07-20 16:36:13 | 003,381,384 | ---- | M] (GG Network S.A.) -- C:\Users\berni\AppData\Local\GG\Application\gghub.exe
MOD - [2012-07-20 16:36:13 | 001,216,512 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Users\berni\AppData\Local\GG\Application\ggdrive\LIBEAY32.dll
MOD - [2012-07-20 16:36:13 | 000,712,704 | ---- | M] (Mozilla Foundation) -- C:\Users\berni\AppData\Local\GG\Application\MOZCRT19.dll
MOD - [2012-07-20 16:36:13 | 000,315,392 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Users\berni\AppData\Local\GG\Application\ggdrive\SSLEAY32.dll
MOD - [2012-07-20 16:36:13 | 000,262,144 | ---- | M] (Mozilla Foundation) -- C:\Users\berni\AppData\Local\GG\Application\xulrunner\freebl3.dll
MOD - [2012-07-20 16:36:13 | 000,135,168 | ---- | M] () -- C:\Users\berni\AppData\Local\GG\Application\ggdrive\zlib1.dll
MOD - [2012-07-20 16:36:13 | 000,047,752 | ---- | M] (GG Network S.A.) -- C:\Users\berni\AppData\Local\GG\Application\ggapp.exe
MOD - [2012-07-20 16:36:11 | 008,526,720 | ---- | M] () -- C:\Users\berni\AppData\Local\GG\Application\FMSBWChecker\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
MOD - [2012-07-18 15:47:36 | 000,828,880 | ---- | M] (Google Inc.) -- C:\Users\berni\AppData\Local\Google\Update\1.3.21.115\goopdate.dll
MOD - [2012-07-18 15:47:36 | 000,566,736 | ---- | M] (Google Inc.) -- C:\Users\berni\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
MOD - [2012-07-18 15:47:36 | 000,186,832 | ---- | M] (Google Inc.) -- C:\Users\berni\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler.exe
MOD - [2012-07-18 15:47:36 | 000,158,672 | ---- | M] (Google Inc.) -- C:\Users\berni\AppData\Local\Google\Update\1.3.21.115\psuser.dll
MOD - [2012-07-17 15:28:12 | 000,042,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12072801\uiext.dll
MOD - [2012-07-14 21:23:15 | 009,284,808 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_3_300_265.ocx
MOD - [2012-07-10 05:09:02 | 001,250,328 | ---- | M] (Google Inc.) -- C:\Users\berni\AppData\Local\Google\Chrome\Application\chrome.exe
MOD - [2012-07-10 05:09:00 | 000,438,296 | ---- | M] () -- C:\Users\berni\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
MOD - [2012-07-10 05:08:59 | 003,972,120 | ---- | M] () -- C:\Users\berni\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
MOD - [2012-07-10 05:07:39 | 000,554,520 | ---- | M] () -- C:\Users\berni\AppData\Local\Google\Chrome\Application\20.0.1132.57\libglesv2.dll
MOD - [2012-07-10 05:07:37 | 000,117,784 | ---- | M] () -- C:\Users\berni\AppData\Local\Google\Chrome\Application\20.0.1132.57\libegl.dll
MOD - [2012-07-10 05:07:36 | 009,962,520 | ---- | M] (The ICU Project) -- C:\Users\berni\AppData\Local\Google\Chrome\Application\20.0.1132.57\icudt.dll
MOD - [2012-07-10 05:07:29 | 036,733,976 | ---- | M] (Google Inc.) -- C:\Users\berni\AppData\Local\Google\Chrome\Application\20.0.1132.57\chrome.dll
MOD - [2012-07-10 05:07:22 | 000,140,328 | ---- | M] () -- C:\Users\berni\AppData\Local\Google\Chrome\Application\20.0.1132.57\avutil-51.dll
MOD - [2012-07-10 05:07:21 | 000,262,184 | ---- | M] () -- C:\Users\berni\AppData\Local\Google\Chrome\Application\20.0.1132.57\avformat-54.dll
MOD - [2012-07-10 05:07:19 | 002,386,984 | ---- | M] () -- C:\Users\berni\AppData\Local\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll
MOD - [2012-07-10 03:17:27 | 009,255,112 | ---- | M] () -- C:\Users\berni\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
MOD - [2012-07-10 03:17:27 | 009,255,112 | ---- | M] () -- C:\Users\berni\AppData\Local\Google\Chrome\APPLIC~1\200113~1.57\gcswf32.dll
MOD - [2012-07-03 17:21:41 | 000,237,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll
MOD - [2012-07-03 17:21:41 | 000,095,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll
MOD - [2012-07-03 17:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2012-07-03 17:21:27 | 000,234,840 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2012-07-03 17:21:26 | 007,016,360 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2012-07-03 17:21:25 | 000,398,616 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2012-07-03 17:21:25 | 000,027,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2012-07-03 17:21:23 | 002,162,488 | ---- | M] (AVAST! Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll
MOD - [2012-07-03 17:21:23 | 000,217,336 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2012-07-03 17:21:23 | 000,215,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2012-07-03 17:21:23 | 000,191,568 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2012-07-03 17:21:23 | 000,191,080 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2012-07-03 17:21:23 | 000,126,160 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MOD - [2012-07-03 17:21:23 | 000,099,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2012-07-03 17:21:23 | 000,051,000 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2012-07-03 17:21:22 | 000,682,384 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2012-07-03 17:21:22 | 000,346,080 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2012-07-03 17:21:21 | 000,424,360 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2012-07-03 17:21:21 | 000,153,464 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2012-07-03 17:21:21 | 000,061,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2012-07-03 17:21:18 | 000,359,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2012-07-03 17:21:18 | 000,169,432 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCoreClient.dll
MOD - [2012-07-03 17:21:18 | 000,117,408 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2012-07-03 17:21:18 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwRpc.dll
MOD - [2012-07-03 17:21:18 | 000,035,032 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwGeoIP.dll
MOD - [2012-07-03 17:21:18 | 000,034,520 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCore.dll
MOD - [2012-06-14 03:07:21 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012-06-14 03:07:16 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-06-06 06:05:52 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2012-06-06 06:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2012-06-02 10:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
MOD - [2012-06-02 10:07:00 | 012,314,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012-06-02 09:43:51 | 009,737,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-06-02 09:33:25 | 001,800,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2012-06-02 09:26:05 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-06-02 09:25:08 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-06-02 09:22:22 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2012-06-02 09:21:53 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
MOD - [2012-06-02 09:19:58 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
MOD - [2012-06-02 09:19:19 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-06-02 09:14:19 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
MOD - [2012-06-02 05:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2012-06-02 05:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2012-06-02 05:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2012-06-02 05:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2012-05-15 11:48:00 | 015,322,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll
MOD - [2012-05-15 11:48:00 | 008,105,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvwgf2um.dll
MOD - [2012-05-15 11:48:00 | 002,368,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll
MOD - [2012-05-15 02:21:42 | 000,354,624 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll
MOD - [2012-05-15 02:21:36 | 000,891,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
MOD - [2012-05-15 02:21:26 | 000,368,448 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2012-05-11 03:12:49 | 001,925,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\dbe597aa9c12df5d08fb2f3f9872b834\System.Web.Services.ni.dll
MOD - [2012-05-11 03:03:46 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012-05-11 03:03:44 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012-05-11 03:03:43 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012-05-11 03:03:39 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012-05-08 03:01:07 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2012-05-08 03:01:07 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2012-05-08 03:01:03 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
MOD - [2012-05-05 03:01:35 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2012-05-05 03:01:30 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012-05-05 03:01:30 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012-05-01 03:23:35 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vbscript.dll
MOD - [2012-05-01 03:23:35 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll
MOD - [2012-05-01 03:23:35 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll
MOD - [2012-05-01 03:23:35 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2012-04-29 18:32:05 | 000,116,648 | ---- | M] (Google Inc.) -- C:\Users\berni\AppData\Local\Google\Update\GoogleUpdate.exe
MOD - [2012-04-29 17:15:07 | 004,942,336 | ---- | M] (FNet Co., Ltd.) -- C:\Program Files (x86)\XFastUsb\XFastUsb.exe
MOD - [2012-04-24 05:36:42 | 001,158,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012-04-24 05:36:42 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2012-04-21 05:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
MOD - [2012-04-11 01:15:28 | 007,174,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\agcore.dll
MOD - [2012-04-11 01:15:28 | 001,210,440 | ---- | M] ( Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
MOD - [2012-04-07 12:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2012-03-03 06:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-03-01 06:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-03-01 06:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-01-17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2012-01-04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011-12-16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-12-15 13:08:30 | 006,727,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
MOD - [2011-12-15 13:08:30 | 000,386,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
MOD - [2011-12-15 13:08:30 | 000,057,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
MOD - [2011-11-17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-17 06:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2011-11-02 12:45:16 | 002,248,704 | ---- | M] () -- C:\Program Files (x86)\Vtune\TBPANEL.exe
MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-08-01 19:37:08 | 005,252,880 | ---- | M] (Electronic Arts, Inc.) -- D:\Program Files (x86)\Electronic Arts\The Sims Średniowiecze\Game\Bin\TSLHost.dll
MOD - [2011-08-01 19:37:06 | 002,512,656 | ---- | M] (Electronic Arts, Inc.) -- D:\Program Files (x86)\Electronic Arts\The Sims Średniowiecze\Game\Bin\SimsMedievalLauncher.exe
MOD - [2011-07-27 05:14:02 | 000,967,008 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.DLL
MOD - [2011-07-16 05:26:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\acwow64.dll
MOD - [2011-07-16 05:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-07-16 05:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011-06-16 05:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-05-24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-05-24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-05-17 09:27:52 | 000,413,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2011-03-11 06:33:59 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42u.dll
MOD - [2011-03-11 06:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011-03-03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-02-19 07:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011-01-17 06:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2011-01-07 15:39:22 | 000,768,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll
MOD - [2011-01-07 15:39:22 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp100.dll
MOD - [2010-11-22 16:08:58 | 010,475,816 | ---- | M] (Electronic Arts) -- D:\Program Files (x86)\Electronic Arts\The Sims Średniowiecze\Game\Bin\EACore\EACore.dll
MOD - [2010-11-22 16:08:58 | 000,120,112 | ---- | M] (Electronic Arts) -- D:\Program Files (x86)\Electronic Arts\The Sims Średniowiecze\Game\Bin\EACore\EACoreServer.exe
MOD - [2010-11-20 13:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-20 13:21:38 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
MOD - [2010-11-20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-20 13:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-20 13:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010-11-20 13:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-20 13:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-20 13:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-20 13:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010-11-20 13:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-20 13:21:34 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010-11-20 13:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-20 13:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-20 13:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-20 13:21:27 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\t2embed.dll
MOD - [2010-11-20 13:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-20 13:21:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sqmapi.dll
MOD - [2010-11-20 13:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-20 13:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-20 13:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-20 13:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-20 13:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010-11-20 13:21:03 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2010-11-20 13:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-20 13:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-20 13:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-20 13:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-20 13:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-20 13:20:48 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010-11-20 13:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010-11-20 13:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010-11-20 13:20:28 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2010-11-20 13:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-20 13:19:46 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010-11-20 13:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-20 13:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010-11-20 13:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-20 13:19:33 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2010-11-20 13:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-20 13:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010-11-20 13:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-20 13:19:01 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll
MOD - [2010-11-20 13:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010-11-20 13:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010-11-20 13:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010-11-20 13:18:25 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
MOD - [2010-11-20 13:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010-11-20 13:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-20 13:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-20 13:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-20 13:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-20 13:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-20 13:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-20 13:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-20 13:18:01 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll
MOD - [2010-11-20 13:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-20 13:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-20 13:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-20 13:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-20 13:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-05 02:58:19 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll
MOD - [2010-11-05 02:58:03 | 000,115,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
MOD - [2010-11-05 02:54:34 | 000,093,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\pl\ShFusRes.dll
MOD - [2010-09-24 10:13:14 | 000,739,416 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysWOW64\MBAPO32.dll
MOD - [2010-05-26 11:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DCompiler_43.dll
MOD - [2010-05-26 11:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DX9_43.dll
MOD - [2010-03-18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100_clr0400.dll
MOD - [2009-10-14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009-10-14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
MOD - [2009-10-14 13:34:18 | 000,054,104 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManagerPS.dll
MOD - [2009-10-07 01:47:22 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\Windows\Temp\logishrd\LVPrcInj03.dll
MOD - [2009-07-14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 02:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 02:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 02:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 02:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 02:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 02:15:50 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp60.dll
MOD - [2009-07-14 02:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 02:15:46 | 002,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll
MOD - [2009-07-14 02:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-07-14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 02:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 02:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hid.dll
MOD - [2009-07-14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll
MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 02:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 02:15:11 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dinput8.dll
MOD - [2009-07-14 02:15:11 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dinput.dll
MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 02:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009-07-14 02:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009-07-14 02:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009-07-14 02:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll
MOD - [2009-07-14 02:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009-07-14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009-07-14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009-07-14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe
MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 02:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWOW64\l3codeca.acm
MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 02:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-07-14 02:07:19 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt40.dll
MOD - [2009-07-14 02:05:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icmp.dll
MOD - [2009-07-08 14:32:50 | 001,233,195 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
MOD - [2009-07-06 16:31:30 | 009,879,224 | ---- | M] (CD Projekt Red) -- D:\Program Files (x86)\Wiedźmin Edycja Rozszerzona\System\witcher.exe
MOD - [2009-06-10 22:22:53 | 000,015,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
MOD - [2009-06-10 22:22:50 | 000,023,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
MOD - [2009-06-08 14:00:30 | 000,532,152 | ---- | M] (CD Projekt Red) -- D:\Program Files (x86)\Wiedźmin Edycja Rozszerzona\System\commonlibs.dll
MOD - [2009-05-04 18:05:04 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
MOD - [2009-04-22 11:28:56 | 000,450,560 | ---- | M] (RAD Game Tools, Inc.) -- D:\Program Files (x86)\Wiedźmin Edycja Rozszerzona\System\mss32.dll
MOD - [2009-04-22 11:28:54 | 000,171,008 | ---- | M] (RAD Game Tools, Inc.) -- D:\Program Files (x86)\Wiedźmin Edycja Rozszerzona\System\binkw32.dll
MOD - [2009-04-20 10:55:58 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009-04-16 13:59:06 | 000,442,368 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\ShareDLL\CADI\CTRice.dll
MOD - [2009-03-18 15:00:46 | 000,151,552 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\ShareDLL\CADI\CTCadiEP.dll
MOD - [2009-02-26 18:36:54 | 002,217,832 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
MOD - [2009-02-26 18:36:48 | 000,021,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.DLL
MOD - [2009-02-23 10:41:40 | 000,413,696 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\CTAudEp.dll
MOD - [2009-02-06 17:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL
MOD - [2009-02-03 12:52:12 | 000,102,400 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\cttele32.dll
MOD - [2008-12-29 10:25:52 | 000,077,824 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanel.crl
MOD - [2008-07-25 14:12:54 | 000,153,600 | ---- | M] () -- D:\Program Files (x86)\Wiedźmin Edycja Rozszerzona\System\Miles\mssvoice.asi
MOD - [2008-07-25 14:12:54 | 000,059,392 | ---- | M] () -- D:\Program Files (x86)\Wiedźmin Edycja Rozszerzona\System\Miles\msseax.flt
MOD - [2008-07-25 14:12:54 | 000,056,832 | ---- | M] (RAD Game Tools, Inc.) -- D:\Program Files (x86)\Wiedźmin Edycja Rozszerzona\System\Miles\mssdsp.flt
MOD - [2008-07-25 14:12:54 | 000,012,800 | ---- | M] (RAD Game Tools, Inc.) -- D:\Program Files (x86)\Wiedźmin Edycja Rozszerzona\System\Miles\msssrs.flt
MOD - [2008-07-25 14:12:54 | 000,012,800 | ---- | M] () -- D:\Program Files (x86)\Wiedźmin Edycja Rozszerzona\System\Miles\mssds3d.flt
MOD - [2008-07-25 14:12:54 | 000,007,680 | ---- | M] (RAD Game Tools, Inc.) -- D:\Program Files (x86)\Wiedźmin Edycja Rozszerzona\System\Miles\mssdolby.flt
MOD - [2008-07-09 20:10:28 | 000,099,840 | ---- | M] () -- D:\Program Files (x86)\Wiedźmin Edycja Rozszerzona\System\Miles\mssogg.asi
MOD - [2008-07-09 20:10:28 | 000,095,744 | ---- | M] () -- D:\Program Files (x86)\Wiedźmin Edycja Rozszerzona\System\Miles\mssmp3.asi
MOD - [2008-05-02 16:37:28 | 000,163,840 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\ShareDLL\CADI\ctcadi.dll
MOD - [2008-01-11 09:10:46 | 000,065,536 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\CTAudSeu.dll
MOD - [2007-07-19 18:14:42 | 003,727,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3dx9_35.dll
MOD - [2007-04-04 18:53:42 | 000,081,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xinput1_3.dll
MOD - [2007-03-07 13:56:22 | 000,151,552 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\GDICtrl2.sku
MOD - [2007-03-07 13:07:14 | 000,176,128 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\CTThemeU.dll
MOD - [2006-09-28 16:05:20 | 002,414,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3dx9_31.dll
MOD - [2006-05-04 16:11:42 | 000,110,592 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\GDICtrl3.sku
MOD - [2006-03-31 16:26:50 | 000,335,872 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\GDICtrl.sku
MOD - [2006-03-28 15:21:58 | 000,114,757 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\RtxCtrl.sku
MOD - [2005-11-23 09:28:24 | 000,040,960 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\CtrlSrcU.dll
MOD - [2005-01-06 16:26:04 | 000,053,248 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\CTIniFu.dll
MOD - [1998-10-31 03:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\Vtune\TBManage.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2012-07-03 17:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2012-07-03 17:21:27 | 000,133,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:[b]64bit:[/b] - [2009-10-07 01:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-07-27 20:23:07 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-07-10 14:02:20 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-05-15 11:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-04-29 18:20:39 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012-04-29 17:19:48 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012-04-29 17:19:14 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe -- (Sound Blaster X-Fi MB Licensing Service)
SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-02-01 12:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011-02-01 12:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-02-23 04:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Stopped] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2007-05-31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - File not found [Kernel | Disabled | Running] -- C:\Program Files\NetLimiter 3\nltdi.sys -- (nltdi)
DRV:[b]64bit:[/b] - [2012-07-22 08:20:13 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2012-07-22 08:20:13 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2012-07-03 17:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2012-07-03 17:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2012-07-03 17:21:52 | 000,266,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:[b]64bit:[/b] - [2012-07-03 17:21:52 | 000,142,128 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:[b]64bit:[/b] - [2012-07-03 17:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2012-07-03 17:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2012-07-03 17:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2012-07-03 17:21:52 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2012-07-03 17:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2012-06-27 21:33:54 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:[b]64bit:[/b] - [2012-04-29 18:40:02 | 000,031,808 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)
DRV:[b]64bit:[/b] - [2012-04-29 17:15:07 | 000,015,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETURPX.SYS -- (FNETURPX)
DRV:[b]64bit:[/b] - [2012-04-18 18:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-02-08 06:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:[b]64bit:[/b] - [2011-02-08 06:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-10-19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2010-06-23 10:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010-06-11 13:37:14 | 000,015,368 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:[b]64bit:[/b] - [2009-10-07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:[b]64bit:[/b] - [2009-10-07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-01 00:01:34 | 000,327,576 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:[b]64bit:[/b] - [2009-04-30 23:55:56 | 002,755,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI)
DRV:[b]64bit:[/b] - [2009-04-30 23:55:46 | 000,015,896 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64)
DRV:[b]64bit:[/b] - [2008-07-26 14:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:[b]64bit:[/b] - [2005-09-23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007-03-16 09:11:20 | 000,015,648 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\TBPanelx64.sys -- (Cardex)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-155463968-941393681-1223564345-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://google.pl/"]http://google.pl/[/url]
IE - HKU\S-1-5-21-155463968-941393681-1223564345-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-155463968-941393681-1223564345-1000\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&form=SPLEP1&pc=SPLH"]http://www.bing.com/...=SPLEP1&pc=SPLH[/url]
IE - HKU\S-1-5-21-155463968-941393681-1223564345-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://uk.search.yahoo.com/search?p=%7BsearchTerms%7D&fr=chr-devicevm&type=ASRK"]http://uk.search.yah...icevm&type=ASRK[/url]
IE - HKU\S-1-5-21-155463968-941393681-1223564345-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = [url="http://search.babylon.com/?q=%7BsearchTerms%7D&affID=111434&tt=010712_5&babsrc=SP_ss&mntrId=ca305b9c000000000000bc5ff40d0632"]http://search.babylo...000bc5ff40d0632[/url]
IE - HKU\S-1-5-21-155463968-941393681-1223564345-1000\..\SearchScopes\{78B86696-0EBA-42eb-BD20-21BA8C615634}: "URL" = [url="http://www.google.com/cse?cx=partner-pub-3794288947762788%3A4107735745&ie=UTF-8&q=&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4107735745&q=%7BsearchTerms%7D"]http://www.google.co...q={searchTerms}[/url]
IE - HKU\S-1-5-21-155463968-941393681-1223564345-1000\..\SearchScopes\{929A61F5-0B4D-4630-BB25-FB7206900E0C}: "URL" = [url="http://uk.search.yahoo.com/search?p=%7BsearchTerms%7D&fr=chr-devicevm&type=PROTOSV"]http://uk.search.yah...vm&type=PROTOSV[/url]
IE - HKU\S-1-5-21-155463968-941393681-1223564345-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\berni\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\berni\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)


[2012-06-20 06:04:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\berni\AppData\Roaming\mozilla\Extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\berni\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\berni\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\berni\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java™ Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Google Update (Enabled) = C:\Users\berni\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Gmail = C:\Users\berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012-05-26 08:41:57 | 000,001,513 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 genuine.microsoft.com
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 sls.microsoft.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 preactivate.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 activate.adobe.com:443
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-155463968-941393681-1223564345-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [XFastUsb] C:\Program Files (x86)\XFastUsb\XFastUsb.exe (FNet Co., Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-155463968-941393681-1223564345-1000..\Run: [ASRockXTU] File not found
O4 - HKU\S-1-5-21-155463968-941393681-1223564345-1000..\Run: [zASRockInstantBoot] File not found
O4 - HKU\S-1-5-21-155463968-941393681-1223564345-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [InstallShieldSetup] C:\PROGRA~2\INSTAL~1\{83BEE~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{83BEE~1\reboot.ini File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-155463968-941393681-1223564345-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-155463968-941393681-1223564345-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-155463968-941393681-1223564345-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C7139E2-FA8D-475C-83F8-16E89D4571DB}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\SYSTEM\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\SYSTEM\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001-07-13 21:11:22 | 000,000,073 | R--- | M] () - F:\AUTORUN.INF -- [ UDF ]
O33 - MountPoints2\{b564b3f1-ce02-11e1-93b3-bc5ff40d0632}\Shell - "" = AutoRun
O33 - MountPoints2\{b564b3f1-ce02-11e1-93b3-bc5ff40d0632}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: chknSVCS - (C:\Windows\system32\certclip64.dll) - File not found
O36 - AppCertDlls: colokmgr - (C:\Windows\system32\certclip.dll) - C:\Windows\SysWow64\certclip.dll ()
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-07-28 14:14:21 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-07-27 19:03:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2012-07-27 19:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012-07-27 19:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2012-07-27 19:00:49 | 000,000,000 | ---D | C] -- C:\Users\berni\Documents\Electronic Arts
[2012-07-27 18:54:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2012-07-27 05:51:16 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-07-26 22:31:25 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\Stereoscopic Player
[2012-07-26 22:30:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stereoscopic Player
[2012-07-26 22:30:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3dtv.at Stereoscopic Player
[2012-07-26 21:40:50 | 000,000,000 | ---D | C] -- C:\Users\berni\Desktop\Untitled Export- -llllllllllllll
[2012-07-26 06:04:27 | 000,000,000 | ---D | C] -- C:\Users\berni\Desktop\mp-media player
[2012-07-25 23:30:56 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2012-07-24 18:32:41 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Local\{32DFF4F0-D5B5-11E1-8270-B8AC6F996F26}
[2012-07-24 18:32:40 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum
[2012-07-24 18:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\225932FD0063D4584DD9AF7CF875EF60
[2012-07-24 18:29:15 | 000,150,528 | -HS- | C] (DT Soft Ltd) -- C:\Users\berni\AppData\Roaming\kxtsui.dll
[2012-07-24 17:39:05 | 000,000,000 | ---D | C] -- C:\Users\berni\Desktop\Untitled Export- -bez obrobki
[2012-07-23 16:58:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TorrentSearch
[2012-07-23 16:58:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OApps
[2012-07-23 16:57:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\smartdl
[2012-07-22 11:58:26 | 000,000,000 | ---D | C] -- C:\Users\berni\Desktop\Untitled Export- sherwood
[2012-07-22 11:09:09 | 000,000,000 | ---D | C] -- C:\Users\berni\Desktop\Untitled Export- polska
[2012-07-22 08:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012-07-22 08:37:03 | 025,743,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012-07-22 08:37:03 | 025,248,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012-07-22 08:37:03 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012-07-22 08:37:03 | 018,044,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012-07-22 08:37:03 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012-07-22 08:37:03 | 008,139,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012-07-22 08:37:03 | 008,105,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012-07-22 08:37:03 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012-07-22 08:37:03 | 002,881,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012-07-22 08:37:03 | 002,681,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012-07-22 08:37:03 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012-07-22 08:37:03 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012-07-22 08:37:03 | 001,451,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2012-07-22 08:37:03 | 000,818,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012-07-22 08:37:03 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2012-07-22 08:37:03 | 000,301,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2012-07-22 08:37:03 | 000,246,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012-07-22 08:37:03 | 000,202,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012-07-22 08:37:03 | 000,188,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012-07-22 08:37:03 | 000,031,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012-07-22 08:36:13 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-07-22 08:33:12 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012-07-18 19:12:31 | 000,000,000 | ---D | C] -- C:\ProgramData\GG
[2012-07-18 19:06:38 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012-07-18 19:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-07-18 19:06:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-07-18 16:55:31 | 000,142,128 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2012-07-18 16:55:20 | 000,266,776 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2012-07-18 16:55:18 | 000,019,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012-07-18 16:55:17 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2012-07-18 16:54:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012-07-17 21:14:53 | 000,000,000 | ---D | C] -- C:\Users\berni\Desktop\Untitled Export- prom
[2012-07-14 21:27:44 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-07-14 21:27:44 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-07-14 21:27:43 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-07-14 21:27:43 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-07-14 21:27:43 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-07-14 21:27:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-07-14 21:27:43 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012-07-14 21:27:43 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012-07-14 21:27:42 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012-07-14 21:27:42 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012-07-14 21:27:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-07-14 21:27:42 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-07-14 21:27:41 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012-07-14 16:55:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012-07-14 16:55:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012-07-14 16:55:43 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012-07-14 16:55:40 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012-07-14 16:55:40 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012-07-13 17:19:05 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\Xfire
[2012-07-13 17:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire
[2012-07-12 18:53:40 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2012-07-12 16:08:13 | 000,000,000 | ---D | C] -- C:\Users\berni\Documents\GTA3 User Files
[2012-07-12 15:01:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto Trylogia
[2012-07-12 15:01:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Grand Theft Auto Trylogia
[2012-07-10 14:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004
[2012-07-10 14:13:53 | 000,000,000 | ---D | C] -- C:\UT2004
[2012-07-10 14:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2012-07-10 14:02:19 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\PunkBuster
[2012-07-10 13:43:58 | 000,000,000 | ---D | C] -- C:\Users\berni\Documents\corleone
[2012-07-10 13:43:26 | 000,438,272 | R--- | C] (EA.com/On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2012-07-10 13:43:26 | 000,327,680 | ---- | C] (On2.com Inc.) -- C:\Windows\SysWow64\vp6dec.ax
[2012-07-10 13:25:27 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2012-07-07 12:31:30 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Local\Chromium
[2012-07-07 12:18:12 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Local\SKIDROW
[2012-07-07 12:18:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2012-07-07 12:18:11 | 000,000,000 | ---D | C] -- C:\Users\berni\Documents\Sports Interactive
[2012-07-07 12:18:11 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\Sports Interactive
[2012-07-07 12:18:11 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Local\Sports Interactive
[2012-07-07 12:14:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SEGA
[2012-07-06 19:07:01 | 000,000,000 | ---D | C] -- C:\Users\berni\Desktop\Collaboration Albums
[2012-07-05 22:45:04 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Local\Locktime
[2012-07-05 22:43:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Locktime
[2012-07-05 22:16:14 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\Babylon
[2012-07-05 22:16:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012-07-05 14:14:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Valve
[2012-07-05 09:18:33 | 000,000,000 | ---D | C] -- C:\Users\berni\Documents\My Games
[2012-06-27 15:40:59 | 000,000,000 | ---D | C] -- C:\Users\berni\Desktop\ZiGGy
[2012-06-25 18:48:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SkypePortable
[2012-06-25 03:00:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2012-06-24 20:24:44 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Local\LogiShrd
[2012-06-24 20:20:48 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\Leadertech
[2012-06-24 20:19:55 | 002,755,096 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\LV302V64.SYS
[2012-06-24 20:19:55 | 000,764,952 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\LVUI64.dll
[2012-06-24 20:19:55 | 000,559,640 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\LVUIRC64.dll
[2012-06-24 20:19:55 | 000,539,160 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\LVUI2RC.dll
[2012-06-24 20:19:55 | 000,539,160 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\LVUI2.dll
[2012-06-24 20:19:55 | 000,416,280 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\lvcodec2.dll
[2012-06-24 20:19:55 | 000,398,360 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\lvcod64.dll
[2012-06-24 20:19:55 | 000,327,576 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\lvrs64.sys
[2012-06-24 20:19:55 | 000,266,776 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\lvco1201278.dll
[2012-06-24 20:19:55 | 000,015,896 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\lv302a64.sys
[2012-06-24 20:19:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012-06-24 20:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2012-06-24 20:19:30 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2012-06-24 20:19:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2012-06-24 19:54:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2012-06-21 13:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012-06-21 13:15:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2012-06-21 13:15:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2012-06-21 13:15:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012-06-21 13:15:09 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012-06-21 13:13:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012-06-21 13:13:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012-06-21 13:13:09 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Local\Microsoft Help
[2012-06-21 13:13:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012-06-21 13:12:03 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012-06-21 13:08:55 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\WinRAR
[2012-06-21 13:08:55 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-06-21 13:08:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-06-21 13:08:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012-06-21 05:55:39 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012-06-21 05:55:39 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012-06-21 05:55:39 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012-06-21 05:55:28 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012-06-21 05:55:28 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012-06-21 05:55:28 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012-06-21 05:55:19 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012-06-21 05:55:19 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012-06-20 06:08:40 | 000,000,000 | --SD | C] -- C:\Users\berni\GG dysk
[2012-06-20 06:04:33 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\Mozilla
[2012-06-20 06:04:20 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\GG
[2012-06-20 06:04:20 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Local\GG
[2012-06-14 18:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HipHop eJay 3
[2012-06-14 18:20:25 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HipHop eJay 3
[2012-06-14 18:20:19 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvbvm50.dll
[2012-06-14 18:20:19 | 000,638,976 | ---- | C] (eJay) -- C:\Windows\SysWow64\eJ_Editorctrl.ocx
[2012-06-14 18:20:19 | 000,522,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml.dll
[2012-06-14 18:20:19 | 000,352,256 | ---- | C] (SoftShape Development) -- C:\Windows\SysWow64\ActiveSkin.ocx
[2012-06-14 18:20:19 | 000,319,488 | ---- | C] (eJay AG) -- C:\Windows\SysWow64\eJ_AviExportDlg.ocx
[2012-06-14 18:20:19 | 000,311,296 | ---- | C] (eJay) -- C:\Windows\SysWow64\ej_fxstudio.ocx
[2012-06-14 18:20:19 | 000,286,720 | ---- | C] (eJay AG) -- C:\Windows\SysWow64\Ej_AnimOcx2.ocx
[2012-06-14 18:20:19 | 000,274,432 | ---- | C] (eJay) -- C:\Windows\SysWow64\ej_equalizer.ocx
[2012-06-14 18:20:19 | 000,270,336 | ---- | C] (eJay AG) -- C:\Windows\SysWow64\Ej_Endstufe.ocx
[2012-06-14 18:20:19 | 000,266,240 | ---- | C] (eJay) -- C:\Windows\SysWow64\ej_panctrl.ocx
[2012-06-14 18:20:19 | 000,266,240 | ---- | C] (eJay) -- C:\Windows\SysWow64\ej_panBitmaps.ocx
[2012-06-14 18:20:19 | 000,159,744 | ---- | C] (Dart Communications) -- C:\Windows\SysWow64\DartSock.dll
[2012-06-14 18:20:19 | 000,106,496 | ---- | C] (Dart Communications) -- C:\Windows\SysWow64\DartWeb.dll
[2012-06-14 18:20:19 | 000,100,864 | ---- | C] (zwei) -- C:\Windows\SysWow64\eJ_Explorer.ocx
[2012-06-14 18:20:16 | 000,000,000 | ---D | C] -- C:\eJay
[2012-06-14 18:20:03 | 000,270,336 | ---- | C] (eJay AG) -- C:\Windows\SysWow64\Ej_Endstufe2.ocx
[2012-06-13 13:37:11 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012-06-13 13:37:11 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012-06-13 13:37:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012-06-13 13:37:08 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012-06-13 13:37:08 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012-06-13 13:37:07 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-06-13 13:28:19 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012-06-13 13:28:15 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012-06-13 13:28:15 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012-06-10 13:20:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Steinberg
[2012-06-10 13:19:09 | 001,177,600 | ---- | C] (AD) -- C:\Windows\SysWow64\SYNSOEMU.DLL
[2012-06-10 13:19:08 | 016,138,240 | ---- | C] (Steinberg Media Technologies) -- C:\HALionOne.dll
[2012-06-10 13:19:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VST3
[2012-06-10 13:17:17 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 5
[2012-06-10 13:17:17 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\Steinberg
[2012-06-10 13:17:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steinberg
[2012-06-09 11:44:24 | 000,000,000 | ---D | C] -- C:\Users\berni\Documents\Dokumenty na pawel gps
[2012-06-09 11:42:41 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile
[2012-06-09 11:39:13 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\naviextras
[2012-06-05 11:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012-06-05 11:37:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012-06-04 17:44:48 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-06-04 12:43:30 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Roaming\Apple Computer
[2012-06-01 03:00:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012-05-30 21:53:59 | 000,000,000 | ---D | C] -- C:\od przeczkola do opola
[2012-05-30 21:49:45 | 000,000,000 | ---D | C] -- C:\Users\berni\Documents\Pinnacle Studio
[2012-05-30 21:44:08 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2012-05-30 21:44:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio Plugins
[2012-05-30 21:44:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LooksBuilderSE
[2012-05-30 21:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pinnacle
[2012-05-30 21:42:00 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Local\Downloaded Installations
[2012-05-30 21:41:42 | 000,000,000 | ---D | C] -- C:\Users\berni\AppData\Local\Pinnacle
[2012-05-30 21:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle Studio Ultimate Collection
[2012-05-30 21:40:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 14
[2012-05-30 21:40:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Projects
[2012-05-30 21:38:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pegasus Imaging
[2012-05-30 21:38:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Yahoo!
[2012-05-30 21:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Studio 14
[2012-05-30 21:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle Studio Plus
[2012-05-30 21:38:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle
[2012-05-30 21:35:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle
[2012-05-30 21:34:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-07-29 08:23:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-07-29 07:46:43 | 000,010,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-07-29 07:46:43 | 000,010,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-07-28 13:56:22 | 000,298,445 | ---- | M] () -- C:\Windows\h_eJay3.inf
[2012-07-27 20:23:06 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-07-27 20:23:06 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-07-27 06:05:57 | 001,671,226 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-07-27 06:05:57 | 000,741,116 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-07-27 06:05:57 | 000,654,880 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-07-27 06:05:57 | 000,155,712 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-07-27 06:05:57 | 000,121,752 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-07-27 05:53:05 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-155463968-941393681-1223564345-1000UA.job
[2012-07-27 05:53:04 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-155463968-941393681-1223564345-1000Core.job
[2012-07-26 22:30:51 | 000,001,998 | ---- | M] () -- C:\Users\Public\Desktop\Stereoscopic Player.lnk
[2012-07-26 19:46:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-07-26 06:08:31 | 000,001,057 | ---- | M] () -- C:\Users\berni\Desktop\Continue RadarSync PC Updater 2012 Installation.lnk
[2012-07-24 19:53:59 | 4279,607,294 | -HS- | M] () -- C:\hiberfil.sys
[2012-07-24 18:30:04 | 000,460,288 | ---- | M] () -- C:\Users\berni\AppData\Roaming\btuti.dll
[2012-07-24 18:29:27 | 000,055,808 | ---- | M] () -- C:\Windows\SysWow64\certclip.dll
[2012-07-24 18:29:01 | 000,150,528 | -HS- | M] (DT Soft Ltd) -- C:\Users\berni\AppData\Roaming\kxtsui.dll
[2012-07-22 08:20:13 | 000,088,480 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2012-07-22 08:20:13 | 000,046,400 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2012-07-18 19:06:38 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-07-18 17:42:13 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012-07-18 16:55:18 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-07-14 23:25:38 | 005,047,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-07-12 18:53:40 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2012-07-10 14:02:22 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-07-10 14:02:20 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-07-07 12:13:25 | 000,001,229 | ---- | M] () -- C:\Users\berni\Desktop\Install DAEMON Tools Lite.lnk
[2012-07-05 22:16:28 | 000,001,527 | ---- | M] () -- C:\user.js
[2012-07-03 17:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012-07-03 17:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012-07-03 17:21:52 | 000,266,776 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2012-07-03 17:21:52 | 000,142,128 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2012-07-03 17:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012-07-03 17:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012-07-03 17:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012-07-03 17:21:52 | 000,019,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012-07-03 17:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012-07-03 17:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-07-03 17:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012-07-03 17:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012-06-27 21:33:54 | 000,012,368 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2012-06-25 18:58:18 | 000,002,117 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software.lnk
[2012-06-24 20:28:43 | 000,002,005 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Vid HD.lnk
[2012-06-24 19:50:48 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012-06-22 10:08:44 | 001,688,330 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-06-20 06:08:40 | 000,001,578 | ---- | M] () -- C:\Users\berni\Desktop\GG dysk.lnk
[2012-06-20 06:04:21 | 000,001,099 | ---- | M] () -- C:\Users\berni\Desktop\GG.lnk
[2012-06-17 14:47:50 | 004,610,619 | ---- | M] () -- C:\Users\berni\Desktop\IMG_61gg04.jpg
[2012-06-14 18:20:26 | 000,001,533 | ---- | M] () -- C:\Users\berni\Desktop\HipHop eJay 3.lnk
[2012-06-10 13:17:29 | 000,002,130 | ---- | M] () -- C:\Users\berni\Desktop\Cubase 5.lnk
[2012-06-09 14:42:49 | 000,091,515 | ---- | M] () -- C:\Users\berni\Desktop\a2ce51f42b.jpeg
[2012-06-09 11:44:24 | 000,000,751 | ---- | M] () -- C:\Users\berni\Desktop\Dokumenty na pawel gps.LNK
[2012-06-09 11:44:21 | 000,000,956 | ---- | M] () -- C:\Users\berni\Desktop\Centrum obsługi urządzeń z systemem Windows Mobile.lnk
[2012-06-09 11:43:29 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2012-06-06 07:02:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012-06-06 06:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012-06-05 17:46:02 | 000,021,504 | ---- | M] () -- C:\Windows\jestertb.dll
[2012-06-04 12:46:41 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012-06-02 23:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012-06-02 23:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012-06-02 23:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012-06-02 23:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012-06-02 23:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012-06-02 23:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012-06-02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012-06-02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012-06-02 13:12:17 | 002,311,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012-06-02 13:04:50 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012-06-02 13:04:25 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-06-02 13:01:40 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012-06-02 13:00:33 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012-06-02 12:57:36 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-06-02 12:54:06 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-06-02 09:25:03 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-06-02 09:23:26 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-06-02 09:20:33 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012-06-02 09:19:58 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-06-02 09:17:15 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-06-02 09:14:19 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-06-02 06:44:21 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012-06-01 01:24:28 | 000,000,756 | ---- | M] () -- C:\Users\berni\Documents\oszukac przeznaczenie.mpcpl
[2012-05-30 21:49:33 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012-05-30 21:40:06 | 000,001,194 | ---- | M] () -- C:\Users\Public\Desktop\Pinnacle Studio 14.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-07-26 22:30:51 | 000,001,998 | ---- | C] () -- C:\Users\Public\Desktop\Stereoscopic Player.lnk
[2012-07-26 06:08:31 | 000,001,057 | ---- | C] () -- C:\Users\berni\Desktop\Continue RadarSync PC Updater 2012 Installation.lnk
[2012-07-25 23:51:48 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{40e5539a-01a4-b6ca-d659-8f14e449e9e9}\U\80000000.@
[2012-07-25 02:17:47 | 000,023,040 | ---- | C] () -- C:\Windows\Installer\{40e5539a-01a4-b6ca-d659-8f14e449e9e9}\U\800000cb.@
[2012-07-24 18:30:04 | 000,460,288 | ---- | C] () -- C:\Users\berni\AppData\Roaming\btuti.dll
[2012-07-24 18:29:34 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{40e5539a-01a4-b6ca-d659-8f14e449e9e9}\U\00000001.@
[2012-07-24 18:29:27 | 000,055,808 | ---- | C] () -- C:\Windows\SysWow64\certclip.dll
[2012-07-22 08:37:53 | 002,621,723 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012-07-22 08:20:13 | 000,088,480 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2012-07-22 08:20:13 | 000,046,400 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2012-07-18 18:58:30 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-07-18 16:54:03 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012-07-10 14:02:22 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-07-10 14:02:20 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-07-07 12:13:25 | 000,001,229 | ---- | C] () -- C:\Users\berni\Desktop\Install DAEMON Tools Lite.lnk
[2012-07-05 22:16:27 | 000,001,527 | ---- | C] () -- C:\user.js
[2012-06-24 20:28:43 | 000,002,005 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Vid HD.lnk
[2012-06-24 20:19:55 | 000,082,289 | ---- | C] () -- C:\Windows\SysNative\lvcoin64.ini
[2012-06-24 20:19:55 | 000,034,068 | ---- | C] () -- C:\Windows\SysNative\Repository.reg
[2012-06-24 20:19:31 | 000,002,117 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software.lnk
[2012-06-20 06:08:40 | 000,001,578 | ---- | C] () -- C:\Users\berni\Desktop\GG dysk.lnk
[2012-06-20 06:04:21 | 000,001,099 | ---- | C] () -- C:\Users\berni\Desktop\GG.lnk
[2012-06-20 06:04:20 | 000,001,107 | ---- | C] () -- C:\Users\berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
[2012-06-17 14:47:39 | 004,610,619 | ---- | C] () -- C:\Users\berni\Desktop\IMG_61gg04.jpg
[2012-06-14 18:20:26 | 000,001,533 | ---- | C] () -- C:\Users\berni\Desktop\HipHop eJay 3.lnk
[2012-06-14 18:20:19 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\fxstudio.dll
[2012-06-14 18:20:19 | 000,282,624 | ---- | C] () -- C:\Windows\SysWow64\animation2.dll
[2012-06-14 18:20:19 | 000,078,085 | ---- | C] () -- C:\Windows\SysWow64\pattern.dat
[2012-06-14 18:20:16 | 000,298,445 | ---- | C] () -- C:\Windows\h_eJay3.inf
[2012-06-14 18:20:05 | 000,280,576 | ---- | C] () -- C:\Windows\SysWow64\pxd_kom.dll
[2012-06-14 18:20:03 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\drumpad.dll
[2012-06-14 18:20:03 | 000,075,976 | ---- | C] () -- C:\Windows\SysWow64\BASSDEC.dll
[2012-06-14 18:20:03 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\fader.dll
[2012-06-10 13:17:29 | 000,002,130 | ---- | C] () -- C:\Users\berni\Desktop\Cubase 5.lnk
[2012-06-09 14:42:54 | 000,091,515 | ---- | C] () -- C:\Users\berni\Desktop\a2ce51f42b.jpeg
[2012-06-09 11:44:24 | 000,000,751 | ---- | C] () -- C:\Users\berni\Desktop\Dokumenty na pawel gps.LNK
[2012-06-09 11:44:21 | 000,000,956 | ---- | C] () -- C:\Users\berni\Desktop\Centrum obsługi urządzeń z systemem Windows Mobile.lnk
[2012-06-09 11:43:29 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2012-06-09 11:42:51 | 000,002,419 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
[2012-06-05 17:46:02 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2012-06-04 12:46:23 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012-06-04 12:46:23 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012-06-01 01:24:28 | 000,000,756 | ---- | C] () -- C:\Users\berni\Documents\oszukac przeznaczenie.mpcpl
[2012-05-30 21:40:06 | 000,001,194 | ---- | C] () -- C:\Users\Public\Desktop\Pinnacle Studio 14.lnk
[2012-05-30 21:37:04 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012-05-15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012-04-30 08:33:39 | 001,688,330 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-04-30 03:11:22 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{40e5539a-01a4-b6ca-d659-8f14e449e9e9}\@
[2012-04-30 03:11:22 | 000,002,048 | -HS- | C] () -- C:\Users\berni\AppData\Local\{40e5539a-01a4-b6ca-d659-8f14e449e9e9}\@
[2012-04-29 22:49:15 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-04-29 18:20:58 | 000,002,265 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini
[2012-04-29 18:20:58 | 000,001,650 | ---- | C] () -- C:\Windows\FF08_Capture.ini
[2012-04-29 18:20:58 | 000,001,540 | ---- | C] () -- C:\Windows\FF08_Render.ini
[2012-04-29 18:20:47 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012-04-29 18:20:47 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012-04-29 17:06:37 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\winver.exe
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[color=#E56717]========== LOP Check ==========[/color]

[2012-05-25 18:57:45 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\.wtw
[2012-07-05 22:16:14 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\Babylon
[2012-05-11 18:10:59 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\Canneverbe Limited
[2012-04-30 08:46:25 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\DeviceVm
[2012-07-28 13:52:20 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\GG
[2012-06-24 20:20:48 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\Leadertech
[2012-05-04 11:14:46 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\Lionhead Studios
[2012-05-19 11:42:58 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\NapiProjekt
[2012-06-09 11:39:13 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\naviextras
[2012-07-10 14:02:19 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\PunkBuster
[2012-05-04 11:36:42 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\Splashtop
[2012-07-07 12:18:11 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\Sports Interactive
[2012-05-26 08:45:09 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-06-10 13:20:18 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\Steinberg
[2012-07-26 22:31:25 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\Stereoscopic Player
[2012-07-27 05:54:37 | 000,000,000 | ---D | M] -- C:\Users\berni\AppData\Roaming\uTorrent
[2012-07-27 05:42:25 | 000,015,166 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


OTL Extras logfile created on: 2012-07-29 08:22:58 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\berni\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

15,98 Gb Total Physical Memory | 12,32 Gb Available Physical Memory | 77,11% Memory free
31,96 Gb Paging File | 27,41 Gb Available in Paging File | 85,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 292,97 Gb Total Space | 72,78 Gb Free Space | 24,84% Space Free | Partition Type: NTFS
Drive D: | 683,59 Gb Total Space | 599,83 Gb Free Space | 87,75% Space Free | Partition Type: NTFS
Drive E: | 886,35 Gb Total Space | 808,37 Gb Free Space | 91,20% Space Free | Partition Type: NTFS
Drive F: | 6,57 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: BERNI-KOMPUTER | User Name: berni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallDisableNotify" = 1
"FirewallOverride" = 1
"UpdatesDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum obsługi urządzeń z systemem Windows Mobile
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Sterownik wideo firmy Pinnacle
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}" = WinZip 16.5
"{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}" = Adobe Photoshop Lightroom 3.6 64-bit
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ASRock App Charger_is1" = ASRock App Charger v1.0.4
"CCleaner" = CCleaner
"lvdrivers_12.10" = Pakiet sterowników: Logitech Webcam Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java™ 7 Update 4
"{47107F5F-FDEC-4A01-896C-E76245743F1A}" = X-Edit
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4D53090A-CE35-42BD-B377-831000028301}" = Fable III
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = The Sims Średniowiecze
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90850415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C5E45BC3-A477-43A9-9F14-F6B82013DAEA}" = Stereoscopic Player
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = Wiedźmin 2
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin Edycja Rozszerzona
"{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}" = Sound Blaster X-Fi MB
"{F5C372A1-40F3-49DA-A049-F75CDE9177DC}" = Pinnacle Studio Ultimate Collection Plugins
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Ares" = Ares 2.1.8
"ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.27
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.26
"avast" = avast! Internet Security
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Diablo III" = Diablo III
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HipHop eJay 3" = HipHop eJay 3 - Deinstallation
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.6.0 (Full)
"Logitech Vid" = Logitech Vid HD
"Magic Bullet Looks Studio" = Magic Bullet Looks Studio
"MySSID_is1" = Vtune 7.22
"NapiProjekt_is1" = NapiProjekt (2.0.0.2151)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PunkBusterSvc" = PunkBuster Services
"Red Giant ToonIt Studio" = Red Giant ToonIt Studio
"Trapcode 3DStroke Studio" = Trapcode 3DStroke Studio
"Trapcode Particular Studio" = Trapcode Particular Studio
"Trapcode Shine Studio" = Trapcode Shine Studio
"UT2004" = Unreal Tournament 2004
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"X-Edit" = X-Edit
"XFastUsb" = XFastUsb

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-155463968-941393681-1223564345-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GG" = GG
"Google Chrome" = Google Chrome
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-07-26 01:38:36 | Computer Name = berni-Komputer | Source = SideBySide | ID = 16842815
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku
zasad "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll"
w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa.

Error - 2012-07-27 01:10:10 | Computer Name = berni-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: uTorrent.exe, wersja: 3.1.3.27207,
sygnatura czasowa: 0x4facb983 Nazwa modułu powodującego błąd: certclip.dll, wersja:
3.6.2.0, sygnatura czasowa: 0x500e75c8 Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x00008743 Identyfikator procesu powodującego błąd: 0xac4 Godzina uruchomienia aplikacji
powodującej błąd: 0x01cd6bb615ad8b38 Ścieżka aplikacji powodującej błąd: C:\Program
Files (x86)\uTorrent\uTorrent.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\certclip.dll
Identyfikator
raportu: 566b9c33-d7a9-11e1-81eb-bc5ff40d0632

Error - 2012-07-27 16:21:42 | Computer Name = berni-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: uTorrent.exe, wersja: 3.1.3.27207,
sygnatura czasowa: 0x4facb983 Nazwa modułu powodującego błąd: certclip.dll, wersja:
3.6.2.0, sygnatura czasowa: 0x500e75c8 Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x00008743 Identyfikator procesu powodującego błąd: 0x19ac Godzina uruchomienia aplikacji
powodującej błąd: 0x01cd6c356e09f21d Ścieżka aplikacji powodującej błąd: C:\Program
Files (x86)\uTorrent\uTorrent.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\certclip.dll
Identyfikator
raportu: ad6e0715-d828-11e1-81eb-bc5ff40d0632

Error - 2012-07-27 16:21:54 | Computer Name = berni-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: uTorrent.exe, wersja: 3.1.3.27207,
sygnatura czasowa: 0x4facb983 Nazwa modułu powodującego błąd: certclip.dll, wersja:
3.6.2.0, sygnatura czasowa: 0x500e75c8 Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x00008743 Identyfikator procesu powodującego błąd: 0xcf0 Godzina uruchomienia aplikacji
powodującej błąd: 0x01cd6c3575cf801e Ścieżka aplikacji powodującej błąd: C:\Program
Files (x86)\uTorrent\uTorrent.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\certclip.dll
Identyfikator
raportu: b4b191ef-d828-11e1-81eb-bc5ff40d0632

Error - 2012-07-27 16:23:06 | Computer Name = berni-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: uTorrent.exe, wersja: 3.1.3.27207,
sygnatura czasowa: 0x4facb983 Nazwa modułu powodującego błąd: certclip.dll, wersja:
3.6.2.0, sygnatura czasowa: 0x500e75c8 Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x00008743 Identyfikator procesu powodującego błąd: 0x2020 Godzina uruchomienia aplikacji
powodującej błąd: 0x01cd6c35a139e00c Ścieżka aplikacji powodującej błąd: C:\Program
Files (x86)\uTorrent\uTorrent.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\certclip.dll
Identyfikator
raportu: df1ccda1-d828-11e1-81eb-bc5ff40d0632

Error - 2012-07-28 06:06:33 | Computer Name = berni-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: svchost.exe, wersja: 6.1.7600.16385,
sygnatura czasowa: 0x4a5bc3c1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0,
sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000005f6f22b000
Identyfikator
procesu powodującego błąd: 0x1770 Godzina uruchomienia aplikacji powodującej błąd:
0x01cd6ca88436a275 Ścieżka aplikacji powodującej błąd: C:\Windows\system32\svchost.exe
Ścieżka
modułu powodującego błąd: unknown Identyfikator raportu: e87e2884-d89b-11e1-81eb-bc5ff40d0632

Error - 2012-07-28 06:12:57 | Computer Name = berni-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: svchost.exe, wersja: 6.1.7600.16385,
sygnatura czasowa: 0x4a5bc3c1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0,
sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000066358b700000
Identyfikator
procesu powodującego błąd: 0x1ef0 Godzina uruchomienia aplikacji powodującej błąd:
0x01cd6ca96ceef2dc Ścieżka aplikacji powodującej błąd: C:\Windows\system32\svchost.exe
Ścieżka
modułu powodującego błąd: unknown Identyfikator raportu: cceed41f-d89c-11e1-81eb-bc5ff40d0632

Error - 2012-07-28 06:12:59 | Computer Name = berni-Komputer | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: W magazynie brak miejsca dla wykonania tej operacji. .

Error - 2012-07-28 06:45:57 | Computer Name = berni-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: svchost.exe, wersja: 6.1.7600.16385,
sygnatura czasowa: 0x4a5bc3c1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0,
sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00005f59f3d00000
Identyfikator
procesu powodującego błąd: 0x72c Godzina uruchomienia aplikacji powodującej błąd:
0x01cd6cadfcce54e0 Ścieżka aplikacji powodującej błąd: C:\Windows\system32\svchost.exe
Ścieżka
modułu powodującego błąd: unknown Identyfikator raportu: 68f88e4e-d8a1-11e1-81eb-bc5ff40d0632

Error - 2012-07-28 07:20:19 | Computer Name = berni-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: svchost.exe, wersja: 6.1.7600.16385,
sygnatura czasowa: 0x4a5bc3c1 Nazwa modułu powodującego błąd: mshtml.dll, wersja:
9.0.8112.16447, sygnatura czasowa: 0x4fca0a05 Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0x00000000002ea0f2 Identyfikator procesu powodującego błąd: 0x175c Godzina
uruchomienia aplikacji powodującej błąd: 0x01cd6cb2d8637801 Ścieżka aplikacji powodującej
błąd: C:\Windows\system32\svchost.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\mshtml.dll
Identyfikator
raportu: 3685dfb7-d8a6-11e1-81eb-bc5ff40d0632

[ System Events ]
Error - 2012-07-24 13:49:48 | Computer Name = berni-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Intel® Management and Security Application Local Management
Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000
milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error - 2012-07-24 13:49:58 | Computer Name = berni-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Intel® Management and Security Application Local Management
Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000
milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error - 2012-07-24 13:50:08 | Computer Name = berni-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Intel® Management and Security Application Local Management
Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000
milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error - 2012-07-24 13:50:18 | Computer Name = berni-Komputer | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą Intel® Management and Security Application Local Management Service.

Error - 2012-07-24 13:50:18 | Computer Name = berni-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Intel® Management and Security Application
Local Management Service z powodu następującego błędu: %%1053

Error - 2012-07-24 21:16:34 | Computer Name = berni-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 18:58:13 na ?2012-?07-?24 było
nieoczekiwane.

Error - 2012-07-24 21:17:06 | Computer Name = berni-Komputer | Source = Service Control Manager | ID = 7003
Description = Usługa Moduły obsługi kluczy IPsec IKE i AuthIP zależy od następującej
usługi: BFE. Ta usługa może nie być zainstalowana.

Error - 2012-07-24 21:17:09 | Computer Name = berni-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący
błąd: %%1060

Error - 2012-07-24 21:17:28 | Computer Name = berni-Komputer | Source = Service Control Manager | ID = 7003
Description = Usługa Agent zasad IPsec zależy od następującej usługi: BFE. Ta usługa
może nie być zainstalowana.

Error - 2012-07-25 12:29:41 | Computer Name = berni-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1.


< End of report >[/log]

[img]http://i46.tinypic.com/2wlrkgz.png[/img]
[img]http://i45.tinypic.com/2emitz4.png[/img]
[img]http://i46.tinypic.com/2akfs4y.png[/img]

Gość
komentarz
komentarz

Berni u ciebie raczej większym problemem jest services.exe bo system masz zarażony trojanem zeroaccess
[code]
[2012-07-25 23:51:48 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{40e5539a-01a4-b6ca-d659-8f14e449e9e9}\U\80000000.@
[2012-07-25 02:17:47 | 000,023,040 | ---- | C] () -- C:\Windows\Installer\{40e5539a-01a4-b6ca-d659-8f14e449e9e9}\U\800000cb.@
[2012-07-24 18:29:34 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{40e5539a-01a4-b6ca-d659-8f14e449e9e9}\U\00000001.@
[/code]

Wykonaj skan dostosowany

Pobierz system look x64

http://jpshortstuff.247fixes.com/SystemLook_x64.exe

I do okienka wklej
[code]
:reg
HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s

:folderfind
{40e5539a-01a4-b6ca-d659-8f14e449e9e9}

:filefind
services.exe
[/code]

Kliknij look i dostarcz raport

berni1985
komentarz
komentarz

Dziękuję za odpowiedź i zainteresowanie. Cieszę się że ktoś stara się pomóc :) Zrobiłem jak kazałeś, wklejam to co wyskoczyło.


SystemLook 30.07.11 by jpshortstuff
Log created at 21:41 on 29/07/2012 by berni
Administrator - Elevation successful

========== reg ==========

[HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}]
(No values found)

[HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32]
"ThreadingModel"="Both"
@="C:\Users\berni\AppData\Local\{40e5539a-01a4-b6ca-d659-8f14e449e9e9}\n."


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}]
@="Microsoft WBEM New Event Subsystem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32]
@="%systemroot%\system32\wbem\wbemess.dll"
"ThreadingModel"="Both"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}]
@="MruPidlList"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
@="%SystemRoot%\system32\shell32.dll"
"ThreadingModel"="Apartment"


========== folderfind ==========

Searching for "{40e5539a-01a4-b6ca-d659-8f14e449e9e9}"
C:\Users\berni\AppData\Local\{40e5539a-01a4-b6ca-d659-8f14e449e9e9} d--hs-- [02:11 30/04/2012]
C:\Windows\Installer\{40e5539a-01a4-b6ca-d659-8f14e449e9e9} d--hs-- [02:11 30/04/2012]

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 014A9CB92514E27C0107614DF764BC06
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

-= EOF =-

Gość
komentarz
komentarz (edytowane)

Plik services.exe jest zmodyfikowany.

1. Start > w polu szukania wpisz cmd > z prawokliku Uruchom jako Administrator. Wklej komendę:

sfc /scanfile=C:\Windows\system32\services.exe

Naciśnij enter.

Zresetuj system.

2. Start > w polu szukania wpisz cmd > z prawokliku Uruchom jako Administrator. Wklej komendę:

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >sfc.txt & start notepad sfc.txt

Otworzy się log, dołącz go.


I zrób nowy log z systemlook jak wcześniej
P.S logi wrzuć do spoilera

berni1985
komentarz
komentarz

do spoilera? tzn?

Gość
komentarz
komentarz

cytuje z regulaminu

Tekst logu wstaw w tagi [log ]
oraz [/log ] (bez spacji).
Wyjaśniam !: [log ] oraz [/log ]
(bez spacji za słowem log).
Po prostu usuwasz tą przerwę
pomiędzy słowem log a
nawiasem ]
A zamiast słowa "oraz" wklejasz
skopiowaną zawartość log'u.

Bub zdąrzył już to zrobić

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.