pacyna utworzono 15 grudnia 2012 utworzono 15 grudnia 2012 [color=#2C2C2C][font=tahoma, helvetica, arial, sans-serif][size=3]Witam, od pewnego czasu borykam się z pewnymi problemami. Otóż parę dni temu zauważyłem w procesach dziwny proces o nazwie mngr.exe. Gdy próbowałem go zakończyć on natychmiast się znów uruchamiał i w comodo wykrywało mi go jako wirusa, jednak comodo nie dało rady go usunąć. Później co chwila go wykrywało jako wirus i musiałem dodać ten plik do zaufanych plików, bo co 10 sekund wyskakiwał z comodo komunikat. Próbowałem go też wykryć programem SPYBOT jednak bezskutecznie. Jednak to nie wszystko, od jakiegoś czasu mam problem z przeglądarką chrome(z innymi chyba też jest ten problem), a mianowicie po jakimś czasie użytkowania komputera strony w przeglądarce uruchamiają się bardzo długo (i to nie jest wina internetu, bo to występuje tylko wtedy gdy uruchomię nową zakładkę), nawet gdy otworzę nową zakładkę z ustawieniami chrome to te ustawiania wczytują się jakieś 10 sec!! Zauważyłem przez przypadek, że gdy mam już ten problem z przeglądarką to konsola również tak "muli" poprzez długie wczytywanie... Jest to dosyć dziwne dlatego prosiłbym o waszą pomoc. [/size][/font][/color] [color=#2C2C2C][font=tahoma, helvetica, arial, sans-serif][size=3]Logi:[/size][/font][/color] [color=#2C2C2C][font=tahoma, helvetica, arial, sans-serif][size=3]OTL:[/size][/font][/color] [color=#2C2C2C][font=tahoma, helvetica, arial, sans-serif][size=3][log][/size][/font][/color]OTL Extras logfile created on: 2012-12-15 13:32:47 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = E:\Pobieranie\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 8,00 Gb Total Physical Memory | 5,08 Gb Available Physical Memory | 63,48% Memory free 12,47 Gb Paging File | 9,12 Gb Available in Paging File | 73,12% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 34,18 Gb Total Space | 0,85 Gb Free Space | 2,49% Space Free | Partition Type: NTFS Drive D: | 214,84 Gb Total Space | 1,38 Gb Free Space | 0,64% Space Free | Partition Type: NTFS Drive E: | 216,73 Gb Total Space | 1,54 Gb Free Space | 0,71% Space Free | Partition Type: NTFS Drive G: | 647,99 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 3,30 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: PACAK-KOMPUTER | User Name: Pacak | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "e:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [ChomikBox.Upload] -- "C:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "e:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [ChomikBox.Upload] -- "C:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== System Restore Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{29309AEE-0F2C-495E-9451-F7991398AF3E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2BA56983-2842-4D0D-9F51-C41167001873}" = rport=139 | protocol=6 | dir=out | app=system | "{38C4F306-D5ED-4502-B2CA-74428E350DC9}" = rport=445 | protocol=6 | dir=out | app=system | "{3A34083D-5771-4144-8079-41CEA5F1E4F4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3B338682-EF0A-4DA5-8045-9432E3329F7E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{41BB03CC-5445-42FE-8809-A876D62B4EF8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{42328219-077F-4C9D-A8FD-592F2162F85E}" = rport=138 | protocol=17 | dir=out | app=system | "{72C6D136-BCFB-41C1-98EF-C9D58F7AE6CD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{96A9BE51-3DC6-48B1-A0B8-195EA7154B75}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{97AA88F4-D542-4633-86F7-326A9A5A4AF1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A0BE9FE9-0E5B-4027-B956-50D86A73F658}" = rport=137 | protocol=17 | dir=out | app=system | "{A78806CB-3808-4A2C-8823-6F3B8CDFE386}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{AC3D08F7-B969-42AA-8CE2-7179A2849F61}" = lport=138 | protocol=17 | dir=in | app=system | "{AE4760FC-DD2E-4E08-82E2-58ABDADC2F98}" = lport=137 | protocol=17 | dir=in | app=system | "{BDD69988-1CCC-46CE-8389-CBD22C9AAFEA}" = lport=445 | protocol=6 | dir=in | app=system | "{BF4CE351-EA66-4B27-AF9C-DF8A2F8F5E6F}" = lport=2869 | protocol=6 | dir=in | app=system | "{C5E33CBE-7DED-4426-BCB9-F197669F03D8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{CE9BFDEA-4A24-411E-AF0D-04CECC37F8E4}" = rport=10243 | protocol=6 | dir=out | app=system | "{CEF865A9-6705-4651-8503-18784E6CF800}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{EB561F1A-4367-4E73-BDC3-B9EDF2569AB7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{EC2964EB-59F1-478A-B2AC-35903361D59F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{ED06E1A1-11DE-4A27-8A1F-F6CB54E59150}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{FC9B9187-5F32-4264-A24C-6E90078262E9}" = lport=10243 | protocol=6 | dir=in | app=system | "{FEBC2933-A44A-4B09-B0E6-32214402A628}" = lport=139 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0423EC2A-9A8A-4988-8D98-3E5257B17074}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{12054CBF-5CCB-48D4-B588-320AF459DC7D}" = protocol=6 | dir=out | app=system | "{1B94FEC8-86C8-4215-8F40-66B99A3C4E66}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{1FAE260E-B693-4793-B30B-DA1A14B61406}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{208AC6B4-8772-4355-8693-96596B314376}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | "{225DF0C0-9421-467E-B5ED-5E1719F2BB73}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | "{2C51743D-D484-4A76-9801-3F22E60C8EBA}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\dota 2 beta\dota.exe | "{331312B6-3CEF-4269-B87D-F8B0A04CEDA0}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | "{3D38605B-5C59-41A1-A277-BC20E9D2C2B9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{3E16E0FE-E268-4CD4-A726-E6CACFF9F81E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{50B0F323-C17E-492D-9A65-03408E188574}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | "{56B0B1ED-AC4F-4884-9928-87AB5469BEAB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{57DC54DD-E048-4E51-A8ED-2F26095915C0}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\dota 2 beta\dota.exe | "{57FE5CB4-B30F-4AC8-88DA-1ED33CEF2847}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{5810587A-09FF-46B3-855B-5D61B58F8DD8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{58429A97-99B0-4B14-95AE-E236B6DFB941}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5AFFBBAF-7E7D-4C39-BCDA-7DE06CD8F7B5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | "{5D72F189-F15F-4CE2-8223-2527AB910D74}" = protocol=17 | dir=in | app=e:\program files (x86)\utorrent\utorrent.exe | "{60A2F296-5FFF-4353-80F2-96DF9675D4AD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{620C1682-E8E6-4A22-8613-1B6565DCD767}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\pacyna92\counter-strike\hl.exe | "{636604AE-1D74-40E4-B5B3-5BF0643C8AA1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{6526A6AA-0418-4091-B309-E3753748C72D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{67598F38-47A1-4793-BF33-B7A47067F721}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\pacyna92\counter-strike\hl.exe | "{6BF44E0A-7C07-4F90-8E08-821996B76967}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{80BD6E73-EFC6-49E6-B2A0-FFB3BB5565A7}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{8A9BB4E1-D295-4523-9F70-8149BEB695AA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe | "{8B40E5A4-42F5-4945-A63C-48E33A5A5FD5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{8F18CC19-8B26-4037-A0A2-205F9BB5AAF1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{959CE920-38F1-4733-8F91-EACAA10F8AE2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{978B6354-E845-4882-9B06-002677AC2EEA}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe | "{9E9A2293-92A3-4262-A19C-EE353B1C4759}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{A092C341-4D21-4639-975A-39902C33DEC8}" = protocol=6 | dir=in | app=e:\program files (x86)\utorrent\utorrent.exe | "{A09F7E46-C841-4ED6-8E08-DC73FD663533}" = protocol=58 | dir=in | app=system | "{A1190823-DBE4-43CE-B1B9-493F9B270674}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | "{AD237B66-5BA9-4FA8-A981-362060F296B6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{AEBC8302-EDC7-4FB7-8C44-C6DEE334F841}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | "{AEFC408C-5C98-498F-907F-68F80E15F241}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{B48066DD-A5A8-40DA-B6C1-D392B3204816}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{BB2BDCA6-6B1D-4A6E-B10C-D6AFFC93D3BE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | "{BCA30DF4-D7E4-47A2-A6D7-59C9B1FF2444}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | "{BD00E03D-3EBC-4EF3-9070-292DEEF71D3D}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{BE23DD90-95F4-4645-ACD8-314A76FCBA97}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{C3F212F0-22AC-4129-82D7-D085675526A6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{C78ABFD4-1FAF-4E30-81E1-BA380005CAFB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{D15EDE12-BF9D-4CC7-BD3A-8DC8F4D4C78F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | "{DDA58614-7F77-41BC-9763-357FAA234C15}" = protocol=6 | dir=in | app=e:\program files\steam\steam.exe | "{DF668AD6-3BEA-48AE-ABAC-33448E1BFC71}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe | "{E3C4CD6A-23B8-449E-AD82-56159759C11B}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{E9048138-5636-4037-8E32-66F21190C125}" = protocol=17 | dir=in | app=e:\program files\steam\steam.exe | "{EA66FF70-D73F-4055-9960-104A9D482876}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{EB1CE2AD-6D3C-4706-A376-9FA19C10507A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | "{EDAB8597-E87C-43F7-AFD3-B649CD05E02B}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{EFDC0306-F6A2-4B11-91F8-C700A46D7FA9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | "{FD5A0102-FFC4-4C3B-85DA-A41D16DCBF0B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | "{FDB4F84E-4B67-4C12-8EB1-DBF731F16B26}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{1A85FA42-221A-45D4-8B0D-549A68D56F32}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{24B9424E-A810-49A9-9979-1C249B34E8A9}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe | "TCP Query User{40062DAC-27A7-47CB-B29B-61B8484DD192}E:\program files\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=e:\program files\garena plus\room\garena_room.exe | "TCP Query User{6B78D153-E6E3-44F2-97F7-F36932EEB9C3}D:\gry\warcraft iii roh & tft\war3.exe" = protocol=6 | dir=in | app=d:\gry\warcraft iii roh & tft\war3.exe | "TCP Query User{ADA287E0-8D4F-466D-8244-28A2E76F25D0}E:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=e:\program files (x86)\sopcast\sopcast.exe | "UDP Query User{31EAB29F-0634-48D5-87D3-1C9D653D83BA}D:\gry\warcraft iii roh & tft\war3.exe" = protocol=17 | dir=in | app=d:\gry\warcraft iii roh & tft\war3.exe | "UDP Query User{41DD6DF5-3CC7-43A1-9A81-C93A60C81EB0}E:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=e:\program files (x86)\sopcast\sopcast.exe | "UDP Query User{86C623EB-6EF7-48C8-8E47-CB37AABBEA22}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "UDP Query User{C0F4E9F6-F166-4DC9-939E-789832164EC6}E:\program files\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=e:\program files\garena plus\room\garena_room.exe | "UDP Query User{DD502F8E-F39F-4DE6-8F98-685D1CDCEAA4}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{042B10AA-8233-A9E0-4DEB-B7253C686DBB}" = AMD Fuel "{0DCAB5DD-CC69-271A-CF03-F2BD6B60BD8A}" = AMD Media Foundation Decoders "{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit) "{35B226DA-E3F6-21FD-31AB-0046C6E87043}" = ATI Problem Report Wizard "{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}" = AMD Catalyst Install Manager "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{504184A2-1B0E-5D93-603A-517E93E7EDB3}" = AMD Accelerated Video Transcoding "{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer "{57580625-C673-7FEA-8791-E84B7AAF5069}" = ccc-utility64 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{653D48F0-098C-45C1-8267-86EA7B9D0EDB}" = ActivePerl 5.16.1 Build 1601 (64-bit) "{698EDD46-FC0B-926F-54DF-23B6BB20EDFC}" = AMD Drag and Drop Transcoding "{8AAA8780-1D35-11E2-A3A6-F04DA23A5C58}" = MSVCRT Redists "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2010 "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{B45B5123-C009-F8B4-FE93-45B42C8A786F}" = ATI AVIVO64 Codecs "{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client "{CF411A4F-5ED9-11E1-B971-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit) "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D4761C4F-5ED9-11E1-9202-F04DA23A5C58}" = MSVCRT Redists "{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DB982BEA-E9FF-4C61-9058-57FFDA5076D1}" = HP Deskjet Ink Advant K209a-z All-in-One Driver Software 13.0 Rel .6 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Print Projects" = HP Print Projects 1.0 "HP Smart Web Printing" = HP Smart Web Printing 4.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft Security Client" = Microsoft Security Essentials "Shop for HP Supplies" = Shop for HP Supplies "WinRAR archiver" = Archiwizator WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III "{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{0F7A6FD0-87F5-FB5D-973C-CF604DE1BC6B}" = CCC Help Polish "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{1A9BE3D6-4D53-2C9D-B77D-562D85936B91}" = CCC Help Norwegian "{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{210DFA65-F805-1A2B-4F83-8E27279AE385}" = Catalyst Control Center Graphics Previews Common "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{26050F54-3928-4D9C-849A-C48A9E831E6F}" = ChomikBox "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9 "{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth "{29822CAD-C76A-0BEE-55F5-AAA524DA814F}" = CCC Help Greek "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{3A1293DF-7D09-BB0F-9576-EC47EE4A9362}" = CCC Help Italian "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{47416F0B-6589-591E-C6F8-4235D2230B14}" = Catalyst Control Center InstallProxy "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{625FC7D1-656D-1BEC-F86F-3EACAFDAA8FE}" = CCC Help English "{6372F44B-392B-4FD8-AF1E-E185283F6528}" = DJ_AIO_06_K209a-z_SW_Min "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7351EEF8-9D6C-5F46-5A19-F2C7456CE132}" = CCC Help German "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{7F172E34-4107-8964-6AEA-5051FFD265FF}" = CCC Help Portuguese "{86095E92-1959-8364-920E-82E81F64F8FB}" = AMD VISION Engine Control Center "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7 "{89D05F35-933A-89C0-B935-C92BEE4229BD}" = CCC Help French "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0015-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0016-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0018-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-0019-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001A-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001B-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0415-1000-0000000FF1CE}_Office14.PROPLUS_{0844B6E1-0A6F-4D81-8BCF-48F883F521FE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-0044-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-006E-0415-0000-0000000FF1CE}_Office14.PROPLUS_{6AF8887A-72F7-4FA0-ABE4-396172B64550}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00A1-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{90140000-00BA-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{959E4378-CCA1-E4E4-2425-793DA92E8D95}" = CCC Help Czech "{96BB3C67-4EB4-9757-E0C2-C0D2FE9053B1}" = CCC Help Turkish "{974F4B73-2017-E174-9070-3F58F01B341F}" = CCC Help Danish "{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver "{98E20A18-3C29-86FA-50B4-918C2B34A082}" = CCC Help Hungarian "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9CBEAEF3-C6BA-4F0F-8DC2-03B12BC8CF2F}" = Remere's Map Editor "{9E2E5EB3-DC6E-9277-E9DB-13175E7DDA39}" = CCC Help Dutch "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAACC0A5-4382-04D0-C75E-0669C7B949B6}" = CCC Help Japanese "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{ACEF4078-9B86-2455-E18D-34D52D37D9D5}" = CCC Help Chinese Standard "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B55FB422-B803-11F5-5582-B3666EA1B9AC}" = Catalyst Control Center Localization All "{B8010864-15F8-613B-20EF-AC35B14B3E0D}" = CCC Help Russian "{B80BE2E3-EA77-53D4-7A56-C53D452E6D50}" = HydraVision "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5 "{C1342411-5A98-DE8A-5629-D0C518E1C280}" = CCC Help Finnish "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{D08B4177-5160-6B66-8934-2F9012134D61}" = CCC Help Thai "{D34A6029-FB1A-9EA8-A938-5393F82A3A00}" = CCC Help Korean "{D6D5CB84-0E6E-4E69-B300-C690B6911045}" = Nero 8 "{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = OSCAR Editor "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{E21161DD-05A2-42ED-A0EC-9C1393F51A64}" = GeekBuddy "{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding "{E3A09D13-4D40-3CF8-7D32-8BD55F8D1533}" = CCC Help Spanish "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{EE51AA68-7BF9-4FB3-9BB4-57CCD2C7EFFA}" = K209a-z "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F2C35491-9323-3AE7-6023-6B4128045153}" = CCC Help Swedish "{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy "{FC66A32F-1A57-AC5C-4F12-DAC2F4CB77A0}" = CCC Help Chinese Traditional "5513-1208-7298-9440" = JDownloader 0.9 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "AQQ" = WapSter AQQ "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Creative Software AutoUpdate" = Creative Software AutoUpdate "CWK" = CWK (Czasowy Wyłącznik Komputera) "DAEMON Tools Lite" = DAEMON Tools Lite "Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2) "Fraps" = Fraps (remove only) "Google Chrome" = Google Chrome "HTC Home Apis" = HTC Home Apis "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = Anti-Vibrate Oscar Editor "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 9.1.0 (Full) "Liveupdate4_is1" = Liveupdate4 "MoorHunt_is1" = MoorHunt 0.6.7.2 "Mozilla Firefox 15.0.1 (x86 pl)" = Mozilla Firefox 15.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NapiProjekt_is1" = NapiProjekt (2.0.0.2151) "Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM "Notepad++" = Notepad++ "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "Origin" = Origin "OverclockingCenter_is1" = OverclockingCenter "RADVideo" = RAD Video Tools "SopCast" = SopCast 3.5.0 "Steam App 10" = Counter-Strike "Steam App 570" = Dota 2 "Tibia Auto" = NSIS Example2 "TrayEverything" = TrayEverything "uTorrent" = µTorrent "Xfire" = Xfire (remove only) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-12-12 08:54:19 | Computer Name = Pacak-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "e:\program files\WapSter\wapster aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "e:\program files\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu "language" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-12-13 06:18:03 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-12-14 07:33:04 | Computer Name = Pacak-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: NMIndexStoreSvr.exe, wersja: 3.3.3.0, sygnatura czasowa: 0x47c6bd1b Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x17271727 Identyfikator procesu powodującego błąd: 0xf4c Godzina uruchomienia aplikacji powodującej błąd: 0x01cdd9eea6e9c1fb Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 0566a4fb-45e2-11e2-adb9-6c626ddb478d Error - 2012-12-14 07:33:26 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-12-14 09:55:52 | Computer Name = Pacak-Komputer | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „E:\Nero\Nero8\Nero Toolkit\DiscSpeed.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 2012-12-14 09:55:55 | Computer Name = Pacak-Komputer | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „E:\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 2012-12-14 09:55:55 | Computer Name = Pacak-Komputer | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „E:\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 2012-12-14 09:57:38 | Computer Name = Pacak-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-12-14 09:57:40 | Computer Name = Pacak-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "e:\program files\WapSter\wapster aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "e:\program files\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu "language" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-12-15 06:59:13 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2012-12-15 07:52:53 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 3. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-12-15 07:55:39 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 4. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-12-15 07:56:15 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 5. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-12-15 07:56:48 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 6. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-12-15 07:57:25 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 7. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-12-15 08:01:41 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 8. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-12-15 08:02:15 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 9. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-12-15 08:04:35 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 10. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-12-15 08:05:08 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 11. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-12-15 08:06:10 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 12. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. < End of report > [/log] [log]OTL logfile created on: 2012-12-15 13:32:47 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = E:\Pobieranie\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 8,00 Gb Total Physical Memory | 5,08 Gb Available Physical Memory | 63,48% Memory free 12,47 Gb Paging File | 9,12 Gb Available in Paging File | 73,12% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 34,18 Gb Total Space | 0,85 Gb Free Space | 2,49% Space Free | Partition Type: NTFS Drive D: | 214,84 Gb Total Space | 1,38 Gb Free Space | 0,64% Space Free | Partition Type: NTFS Drive E: | 216,73 Gb Total Space | 1,54 Gb Free Space | 0,71% Space Free | Partition Type: NTFS Drive G: | 647,99 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 3,30 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: PACAK-KOMPUTER | User Name: Pacak | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-12-15 13:07:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Pobieranie\Downloads\OTL.exe PRC - [2012-12-06 20:14:12 | 000,446,258 | ---- | M] () -- C:\Windows\AutoKMS.exe PRC - [2012-12-05 18:10:34 | 002,403,352 | ---- | M] () -- C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2012-11-30 14:52:40 | 009,063,800 | ---- | M] () -- E:\Program Files\Garena Plus\GarenaMessenger.exe PRC - [2012-11-09 11:27:12 | 017,877,168 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe PRC - [2012-11-01 08:52:54 | 000,875,728 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\COMODO\GeekBuddy\unit_manager.exe PRC - [2012-11-01 08:52:52 | 000,877,264 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\COMODO\GeekBuddy\unit.exe PRC - [2012-11-01 08:52:52 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe PRC - [2012-10-31 15:46:38 | 001,467,088 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe PRC - [2012-10-16 16:30:38 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe PRC - [2012-08-31 08:52:22 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2012-08-31 08:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe PRC - [2012-08-31 08:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe PRC - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2011-05-10 01:41:12 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe PRC - [2010-11-21 04:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe PRC - [2010-11-21 04:23:51 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe PRC - [2010-09-30 21:26:54 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe PRC - [2009-05-21 21:13:36 | 000,275,768 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2009-05-21 20:46:36 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe PRC - [2009-05-21 20:46:36 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe PRC - [2009-05-21 17:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe PRC - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008-02-28 16:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe PRC - [2008-02-28 16:07:48 | 000,529,704 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe PRC - [2008-02-18 15:29:12 | 000,877,864 | ---- | M] (Nero AG) -- E:\Nero\Nero8\Nero BackItUp\NBService.exe PRC - [2006-12-19 08:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe PRC - [2005-10-31 09:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe PRC - [2001-01-13 01:15:44 | 000,054,272 | ---- | M] () -- C:\ProgramData\AutoKMS\Resources\MSGBox\Messagebox.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-12-15 13:07:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Pobieranie\Downloads\OTL.exe MOD - [2012-12-12 13:06:31 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2012-12-12 13:06:31 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2012-12-11 20:21:29 | 014,460,856 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_135.ocx MOD - [2012-12-08 13:31:18 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll MOD - [2012-12-07 10:57:28 | 000,070,144 | ---- | M] () -- C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll MOD - [2012-12-05 18:10:34 | 002,403,352 | ---- | M] () -- C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe MOD - [2012-12-05 18:09:41 | 002,148,376 | ---- | M] () -- c:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll MOD - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll MOD - [2012-12-05 02:14:29 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libglesv2.dll MOD - [2012-12-05 02:14:28 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libegl.dll MOD - [2012-12-05 02:14:27 | 009,963,112 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\icudt.dll MOD - [2012-12-05 02:14:23 | 041,743,976 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\chrome.dll MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avutil-51.dll MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avformat-54.dll MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll MOD - [2012-11-30 14:52:40 | 009,063,800 | ---- | M] () -- E:\Program Files\Garena Plus\GarenaMessenger.exe MOD - [2012-11-30 12:53:12 | 000,021,504 | ---- | M] () -- E:\Program Files\Garena Plus\VersionModule.dll MOD - [2012-11-30 12:43:49 | 000,287,232 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\DailyTaskPlugin.dll MOD - [2012-11-30 12:43:39 | 000,345,600 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\GarenaTalkPlugin.dll MOD - [2012-11-30 12:40:07 | 000,480,768 | ---- | M] () -- E:\Program Files\Garena Plus\CxImage.dll MOD - [2012-11-29 12:42:20 | 000,313,344 | ---- | M] () -- E:\Program Files\Garena Plus\lib\Http.dll MOD - [2012-11-28 12:13:06 | 000,938,496 | ---- | M] () -- E:\Program Files\Garena Plus\lib\XLL.dll MOD - [2012-11-28 12:03:11 | 000,718,848 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\ggplugin.dll MOD - [2012-11-28 12:00:52 | 000,228,864 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\PluginNews.dll MOD - [2012-11-28 12:00:45 | 000,178,688 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\StatsPlugin.dll MOD - [2012-11-23 10:02:48 | 001,537,024 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\FileSender.dll MOD - [2012-11-19 05:25:25 | 001,081,344 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\GaFileTransfer.dll MOD - [2012-11-15 21:51:06 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\adaaf894878905f022f824b84fcd59a8\System.ServiceProcess.ni.dll MOD - [2012-11-15 21:50:47 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\38e2909de0b5e7887b46dd28725ba718\System.Management.ni.dll MOD - [2012-11-15 21:23:26 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\0e5254a1a3d59b3a037029e5af1bd32b\System.Runtime.Remoting.ni.dll MOD - [2012-11-15 21:23:21 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\aebb94e0eea9c39ec18a7915a711f621\System.Xaml.ni.dll MOD - [2012-11-15 21:16:12 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7c8bffb6e42a248341d7821a8464ef0b\PresentationFramework.ni.dll MOD - [2012-11-15 21:16:02 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74fade4c3e490c62af3d60742fb078a\PresentationCore.ni.dll MOD - [2012-11-15 21:15:55 | 003,882,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dfe6e22159d3f5bf61b5bfe1da6f2758\WindowsBase.ni.dll MOD - [2012-11-15 21:15:53 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\46215c6276fca8ba6b8a765dfa384c73\PresentationFramework.Aero.ni.dll MOD - [2012-11-15 21:10:14 | 013,198,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ecbb113bbad9034fa8385c15f73fb4cf\System.Windows.Forms.ni.dll MOD - [2012-11-15 21:10:06 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14d2241be401f66cc1898dc5dc383b80\System.Core.ni.dll MOD - [2012-11-15 21:10:04 | 001,666,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\a8dfd1388afc0a50f39f9e1dc7ecd45c\System.Drawing.ni.dll MOD - [2012-11-15 21:10:04 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c63fe1e324904c893d2a5d02f0783658\System.Configuration.ni.dll MOD - [2012-11-15 21:10:03 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e10bbd79027aa4c1ca8950b78fd640d4\System.Xml.ni.dll MOD - [2012-11-15 21:10:00 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\379599837ade465016dd5d96798b2766\System.ni.dll MOD - [2012-11-15 21:09:55 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dbc34d53e1fbedabecd201fe4f264961\mscorlib.ni.dll MOD - [2012-11-15 12:19:08 | 000,186,368 | ---- | M] () -- E:\Program Files\Garena Plus\ImageModule.dll MOD - [2012-11-14 03:48:26 | 012,320,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll MOD - [2012-11-14 03:14:59 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll MOD - [2012-11-14 03:09:22 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll MOD - [2012-11-14 02:57:44 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2012-11-14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2012-11-14 02:52:27 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll MOD - [2012-11-14 02:51:44 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll MOD - [2012-11-14 02:49:19 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll MOD - [2012-11-14 02:48:27 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vbscript.dll MOD - [2012-11-14 02:46:38 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2012-11-09 11:27:12 | 017,877,168 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe MOD - [2012-11-08 12:28:10 | 000,027,136 | ---- | M] () -- E:\Program Files\Garena Plus\DibModule.dll MOD - [2012-11-08 12:28:09 | 000,045,056 | ---- | M] () -- E:\Program Files\Garena Plus\FileLoader.dll MOD - [2012-11-08 12:28:07 | 000,169,472 | ---- | M] () -- E:\Program Files\Garena Plus\ggspawn.dll MOD - [2012-11-08 12:27:53 | 000,081,408 | ---- | M] () -- E:\Program Files\Garena Plus\PluginKernel.dll MOD - [2012-11-08 12:27:47 | 000,018,944 | ---- | M] () -- E:\Program Files\Garena Plus\PluginModule.dll MOD - [2012-11-08 00:37:34 | 000,301,264 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll MOD - [2012-10-30 11:19:43 | 000,059,904 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\PlatformPlugin.dll MOD - [2012-10-16 08:39:52 | 000,561,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll MOD - [2012-10-09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll MOD - [2012-10-04 17:47:41 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2012-10-04 17:47:40 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2012-10-04 17:40:23 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\acwow64.dll MOD - [2012-09-28 03:23:00 | 005,557,928 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdag.dll MOD - [2012-09-28 02:43:28 | 000,935,424 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll MOD - [2012-09-28 02:22:30 | 002,691,584 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdva.dll MOD - [2012-09-28 02:10:58 | 000,082,944 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiu9pag.dll MOD - [2012-09-18 18:06:41 | 000,115,137 | ---- | M] () -- C:\Users\Pacak\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll MOD - [2012-09-13 07:19:39 | 000,099,328 | ---- | M] () -- E:\Program Files\Garena Plus\lib\UILayout.dll MOD - [2012-09-13 07:19:19 | 000,048,640 | ---- | M] () -- E:\Program Files\Garena Plus\lib\XmlUIModule.dll MOD - [2012-09-12 16:19:44 | 000,077,800 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Security Client\MpOAv.dll MOD - [2012-09-10 06:43:02 | 001,664,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll MOD - [2012-09-06 12:30:31 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll MOD - [2012-09-06 12:30:27 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2012-09-06 12:30:27 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MOD - [2012-09-06 12:30:23 | 000,159,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll MOD - [2012-09-06 07:06:20 | 006,730,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll MOD - [2012-09-06 07:06:20 | 000,056,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll MOD - [2012-08-31 08:52:22 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MOD - [2012-08-31 08:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MOD - [2012-08-31 08:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe MOD - [2012-08-31 08:45:00 | 000,250,368 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll MOD - [2012-08-30 15:17:05 | 002,984,960 | ---- | M] () -- E:\Program Files\Garena Plus\ggdownloader.dll MOD - [2012-08-28 09:05:34 | 000,307,200 | ---- | M] ( MarkAny.) -- C:\Program Files (x86)\Samsung\Kies\External\MACSSDK.dll MOD - [2012-08-24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2012-08-24 17:57:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll MOD - [2012-08-24 17:57:40 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2012-08-24 17:57:37 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll MOD - [2012-08-24 17:53:35 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2012-08-03 09:31:57 | 000,228,864 | ---- | M] (The cURL library, http://curl.haxx.se/) -- E:\Program Files\Garena Plus\libcurl.dll MOD - [2012-07-31 11:38:37 | 000,156,160 | ---- | M] () -- E:\Program Files\Garena Plus\libzmq.dll MOD - [2012-07-27 07:59:42 | 000,010,240 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\ClientTcp.dll MOD - [2012-07-27 07:59:28 | 000,061,952 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\UdtLib.dll MOD - [2012-07-27 07:59:23 | 000,163,328 | ---- | M] () -- E:\Program Files\Garena Plus\lib\fs\YYFileSystem.dll MOD - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe MOD - [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2012-06-06 06:05:52 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll MOD - [2012-06-06 06:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll MOD - [2012-06-02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2012-06-02 05:36:29 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll MOD - [2012-05-15 03:11:46 | 000,190,976 | ---- | M] (Garena Online Pte Ltd) -- E:\Program Files\Garena Plus\lib\delay_load\GaVoiceGroup.dll MOD - [2012-05-05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2012-04-24 02:19:17 | 000,238,592 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\MediaEngine.dll MOD - [2012-04-21 05:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll MOD - [2012-04-13 04:12:19 | 000,059,392 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\AudioMixerLib.dll MOD - [2012-04-13 04:12:18 | 000,019,968 | ---- | M] () -- E:\Program Files\Garena Plus\ServerMemAlloc.dll MOD - [2012-04-07 12:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll MOD - [2012-03-08 09:56:40 | 000,510,464 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\RSALib.dll MOD - [2012-03-08 09:56:32 | 001,097,216 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- E:\Program Files\Garena Plus\libeay32.dll MOD - [2012-03-03 06:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll MOD - [2012-03-01 06:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll MOD - [2012-02-22 09:52:18 | 000,162,304 | ---- | M] () -- E:\Program Files\Garena Plus\lame_enc.dll MOD - [2012-02-22 09:52:16 | 001,739,264 | ---- | M] (Apache Software Foundation) -- E:\Program Files\Garena Plus\log4cxx.dll MOD - [2012-02-22 09:52:16 | 000,573,100 | ---- | M] () -- E:\Program Files\Garena Plus\sqlite3.dll MOD - [2012-02-22 09:52:16 | 000,197,632 | ---- | M] () -- E:\Program Files\Garena Plus\lib\TaskManagerLib.dll MOD - [2012-02-22 09:52:16 | 000,178,176 | ---- | M] () -- E:\Program Files\Garena Plus\lib\MP3Module.dll MOD - [2012-02-22 09:52:16 | 000,122,136 | ---- | M] () -- E:\Program Files\Garena Plus\ggcode.dll MOD - [2012-02-22 09:52:16 | 000,097,792 | ---- | M] () -- E:\Program Files\Garena Plus\CommonLib.dll MOD - [2012-01-13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2012-01-04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2011-12-16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2011-12-15 07:07:16 | 000,386,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll MOD - [2011-11-17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2011-11-17 06:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2011-06-16 05:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll MOD - [2011-06-12 11:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) -- C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL MOD - [2011-05-24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2011-05-24 11:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll MOD - [2011-05-24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2011-05-18 17:57:22 | 000,413,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll MOD - [2011-05-10 01:41:12 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe MOD - [2011-03-15 07:13:46 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf MOD - [2011-03-11 06:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll MOD - [2011-03-03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2011-02-19 07:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll MOD - [2011-01-20 07:15:56 | 008,906,704 | ---- | M] (Microsoft Corporation) -- C:\PROGRA~2\MICROS~4\Office14\1045\GrooveIntlResource.dll MOD - [2011-01-17 06:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll MOD - [2010-11-21 13:52:58 | 000,093,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\pl\ShFusRes.dll MOD - [2010-11-21 04:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2010-11-21 04:25:11 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll MOD - [2010-11-21 04:25:11 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll MOD - [2010-11-21 04:25:11 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll MOD - [2010-11-21 04:25:10 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll MOD - [2010-11-21 04:25:10 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll MOD - [2010-11-21 04:24:51 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll MOD - [2010-11-21 04:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2010-11-21 04:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2010-11-21 04:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll MOD - [2010-11-21 04:24:32 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll MOD - [2010-11-21 04:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010-11-21 04:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2010-11-21 04:24:28 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll MOD - [2010-11-21 04:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2010-11-21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2010-11-21 04:24:23 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll MOD - [2010-11-21 04:24:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll MOD - [2010-11-21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2010-11-21 04:24:20 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll MOD - [2010-11-21 04:24:16 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll MOD - [2010-11-21 04:24:16 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010-11-21 04:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll MOD - [2010-11-21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2010-11-21 04:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2010-11-21 04:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2010-11-21 04:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2010-11-21 04:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2010-11-21 04:24:15 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll MOD - [2010-11-21 04:24:14 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msftedit.dll MOD - [2010-11-21 04:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2010-11-21 04:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2010-11-21 04:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll MOD - [2010-11-21 04:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2010-11-21 04:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2010-11-21 04:24:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010-11-21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2010-11-21 04:24:09 | 000,115,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll MOD - [2010-11-21 04:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2010-11-21 04:24:08 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll MOD - [2010-11-21 04:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll MOD - [2010-11-21 04:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2010-11-21 04:24:08 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2010-11-21 04:24:08 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorAPI.dll MOD - [2010-11-21 04:24:08 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mapi32.dll MOD - [2010-11-21 04:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2010-11-21 04:24:03 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll MOD - [2010-11-21 04:24:03 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sqmapi.dll MOD - [2010-11-21 04:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2010-11-21 04:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2010-11-21 04:24:02 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll MOD - [2010-11-21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-11-21 04:24:01 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll MOD - [2010-11-21 04:24:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll MOD - [2010-11-21 04:24:01 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll MOD - [2010-11-21 04:24:01 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll MOD - [2010-11-21 04:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv MOD - [2010-11-21 04:24:00 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll MOD - [2010-11-21 04:23:56 | 001,363,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Query.dll MOD - [2010-11-21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-11-21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2010-11-21 04:23:55 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll MOD - [2010-11-21 04:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll MOD - [2010-11-21 04:23:54 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SearchFolder.dll MOD - [2010-11-21 04:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2010-11-21 04:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll MOD - [2010-11-21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2010-11-21 04:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2010-11-21 04:23:51 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll MOD - [2010-11-21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2010-11-21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2010-11-21 04:23:48 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll MOD - [2010-11-21 04:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2010-09-30 21:26:58 | 000,208,896 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH.dll MOD - [2010-09-30 21:26:54 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe MOD - [2010-09-30 21:26:28 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraPlk.dll MOD - [2010-05-26 10:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DCompiler_43.dll MOD - [2010-05-26 10:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DX9_43.dll MOD - [2010-03-18 12:16:28 | 000,801,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll MOD - [2010-03-18 12:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100_clr0400.dll MOD - [2010-02-28 02:13:36 | 000,049,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL MOD - [2009-11-04 10:14:08 | 001,168,216 | RHS- | M] (Safer-Networking Ltd.) -- E:\Program Files (x86)\Spybot - Search & Destroy\advcheck.dll MOD - [2009-07-14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009-07-14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009-07-14 02:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009-07-14 02:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll MOD - [2009-07-14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll MOD - [2009-07-14 02:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll MOD - [2009-07-14 02:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\upnphost.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 02:16:15 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ssdpapi.dll MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll MOD - [2009-07-14 02:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll MOD - [2009-07-14 02:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll MOD - [2009-07-14 02:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PeerDist.dll MOD - [2009-07-14 02:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll MOD - [2009-07-14 02:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll MOD - [2009-07-14 02:15:46 | 002,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll MOD - [2009-07-14 02:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll MOD - [2009-07-14 02:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msiltcfg.dll MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009-07-14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll MOD - [2009-07-14 02:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll MOD - [2009-07-14 02:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll MOD - [2009-07-14 02:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll MOD - [2009-07-14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll MOD - [2009-07-14 02:15:21 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fltLib.dll MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll MOD - [2009-07-14 02:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 02:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll MOD - [2009-07-14 02:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll MOD - [2009-07-14 02:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll MOD - [2009-07-14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll MOD - [2009-07-14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll MOD - [2009-07-14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll MOD - [2009-07-14 02:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe MOD - [2009-07-14 02:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll MOD - [2009-07-14 02:10:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll MOD - [2009-07-14 02:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll MOD - [2009-06-10 22:22:53 | 000,015,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll MOD - [2009-06-10 22:22:50 | 000,023,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll MOD - [2009-05-21 21:13:36 | 000,275,768 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe MOD - [2009-05-21 21:13:36 | 000,205,312 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll MOD - [2009-05-21 21:13:36 | 000,150,528 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll MOD - [2009-05-21 21:13:36 | 000,048,128 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc MOD - [2009-05-21 21:03:06 | 000,213,504 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll MOD - [2009-05-21 21:03:06 | 000,049,664 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll MOD - [2009-05-21 20:46:38 | 000,948,224 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc MOD - [2009-05-21 20:46:38 | 000,203,264 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqssm08.dll MOD - [2009-05-21 20:46:38 | 000,012,288 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc MOD - [2009-05-21 20:46:36 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe MOD - [2009-05-21 20:46:36 | 000,485,888 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll MOD - [2009-05-21 20:46:36 | 000,307,712 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll MOD - [2009-05-21 20:46:36 | 000,285,184 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.dll MOD - [2009-05-21 20:46:36 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe MOD - [2009-05-21 20:46:36 | 000,057,856 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSplh08.dll MOD - [2009-05-21 19:09:24 | 000,554,496 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll MOD - [2009-05-21 19:09:24 | 000,338,432 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll MOD - [2009-05-21 19:05:48 | 000,326,144 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll MOD - [2009-05-21 19:05:48 | 000,097,280 | ---- | M] (Hewlett Packard) -- C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbevst.dll MOD - [2009-05-21 18:31:52 | 001,170,944 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll MOD - [2009-05-21 18:31:52 | 000,538,112 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll MOD - [2009-05-21 18:31:52 | 000,292,864 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll MOD - [2009-05-21 18:31:52 | 000,274,432 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll MOD - [2009-05-21 18:31:52 | 000,032,256 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc MOD - [2009-05-21 17:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe MOD - [2009-05-21 17:57:00 | 000,040,960 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll MOD - [2009-05-21 17:57:00 | 000,038,912 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpreh.dll MOD - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe MOD - [2008-12-03 19:05:44 | 000,033,792 | ---- | M] (Hewlett-Packard) -- C:\Windows\SysWOW64\HPZipr12.dll MOD - [2008-03-28 14:57:30 | 000,014,848 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysWOW64\P17RunE.dll MOD - [2008-02-28 16:08:18 | 000,279,848 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMSQLDB.dll MOD - [2008-02-28 16:08:18 | 000,267,560 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMSearchPluginSimilarImages.dll MOD - [2008-02-28 16:08:08 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMPluginBase.dll MOD - [2008-02-28 16:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe MOD - [2008-02-28 16:07:58 | 000,075,048 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMLogCxx.dll MOD - [2008-02-28 16:07:48 | 000,222,504 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMFullTextExtraction.dll MOD - [2008-02-28 16:07:48 | 000,079,144 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingServicePS.dll MOD - [2008-02-28 16:07:38 | 003,609,896 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMDataServices.dll MOD - [2008-02-28 16:07:28 | 000,746,792 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMCoFoundation.dll MOD - [2008-02-28 16:06:46 | 000,828,712 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\log4cxx.dll MOD - [2006-05-03 09:52:12 | 000,110,592 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\GDICtrl3.skc MOD - [2006-03-31 16:26:40 | 000,331,776 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\GDICtrl.skc MOD - [2006-03-31 09:10:08 | 000,151,552 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\GDICtrl2.skc MOD - [2006-03-28 15:21:56 | 000,110,592 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\RtxCtrl.skc MOD - [2006-03-24 08:29:36 | 000,155,648 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTTheme.dll MOD - [2005-10-31 09:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe MOD - [2005-10-25 09:31:14 | 000,077,824 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Creative\Shared Files\mxlib.dll MOD - [2005-10-21 16:57:32 | 000,040,960 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Creative\Shared Files\CtrlSrc.dll MOD - [2005-10-20 13:49:06 | 000,024,660 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.crl MOD - [2005-05-03 12:38:42 | 000,064,512 | ---- | M] () -- C:\Windows\SysWOW64\P17.DLL MOD - [2002-11-22 00:01:00 | 000,053,248 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTIniF.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-11-08 00:37:39 | 002,828,408 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV:[b]64bit:[/b] - [2012-09-28 15:43:40 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:[b]64bit:[/b] - [2012-09-28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2012-09-12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:[b]64bit:[/b] - [2012-09-12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-12-11 20:21:30 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-12-05 18:10:34 | 002,403,352 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe -- (Browser Manager) SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-11-04 22:04:32 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-11-01 08:52:52 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe -- (CLPSLauncher) SRV - [2012-10-31 15:46:38 | 001,467,088 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe -- (GeekBuddyRSP) SRV - [2012-09-06 02:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-08-07 01:01:33 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2006-12-19 08:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-11-24 16:49:10 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2012-11-24 16:44:36 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2012-09-28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2012-09-28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2012-08-30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:[b]64bit:[/b] - [2012-08-23 15:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2012-08-23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2012-04-09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2) DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-06-10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011-05-13 02:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:[b]64bit:[/b] - [2011-05-13 02:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) DRV:[b]64bit:[/b] - [2011-05-13 02:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:[b]64bit:[/b] - [2011-05-13 02:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-02-18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:[b]64bit:[/b] - [2009-12-22 01:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-05 02:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) DRV:[b]64bit:[/b] - [2008-12-26 11:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) DRV:[b]64bit:[/b] - [2007-02-05 09:49:20 | 001,529,856 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17) DRV:[b]64bit:[/b] - [2005-07-07 09:19:08 | 001,579,008 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\P1764.SYS -- (P1764) DRV:[b]64bit:[/b] - [2005-02-28 04:12:50 | 000,205,824 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTOSS2K.SYS -- (ossrv) DRV:[b]64bit:[/b] - [2005-02-28 04:12:46 | 000,284,160 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTSFM2K.SYS -- (ctsfm2k) DRV - [2012-12-04 09:41:28 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\CFRMD.sys -- (CFRMD) DRV - [2010-12-20 13:50:44 | 000,011,888 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\NTIOLib_X64.sys -- (NTIOLib_1_0_5) DRV - [2010-10-22 09:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 4\LU4\NTIOLib_X64.sys -- (NTIOLib_1_0_4) DRV - [2010-04-12 10:36:26 | 000,044,344 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys -- (DualCoreCenter) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009-03-05 21:55:20 | 000,033,080 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\RushJ64.sys -- (RushTopDevice_J) DRV - [2008-12-19 03:17:36 | 000,075,576 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\RushTop64.sys -- (RushTopDevice2) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD502HJ_S20BJ90ZB42528&ts=1355249658 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD502HJ_S20BJ90ZB42528&ts=1355249658 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com/web/?q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.v9.com/web/?q={searchTerms} IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=110824&tt=4712_5&babsrc=HP_ss&mntrId=70002c4a0000000000006c626ddb478d IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD502HJ_S20BJ90ZB42528&ts=1355249658 IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.yahoo.com?fr=fp-comodo IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes,DefaultScope = {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{0E756860-460A-4F02-8D89-52D278659C5D}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=W3I4&o=41648006&src=kw&q={searchTerms}&locale=&apn_ptnrs=^A9K&apn_dtid=^YYYYYY^YY^PL&apn_uid=B2C1FCDD-C3BE-47A2-B753-83B2FA2DED3F&apn_sauid=F1BFBCBE-A559-40E2-9B41-4BEA0B6675DE IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110824&tt=4712_5&babsrc=SP_ss&mntrId=70002c4a0000000000006c626ddb478d IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.5.0 FF - prefs.js..extensions.enabledAddons: {58bd07eb-0ee0-4df0-8121-dc9b693373df}:2.5.911.18 FF - prefs.js..browser.search.order.1: "v9" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://pl.yahoo.com?fr=fp-comodo" FF - prefs.js..keyword.URL: "http://pl.search.yahoo.com/search?fr=ytff-comodo&p=" FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Pacak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-22 10:43:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: e:\Program Files (x86)\Mozilla Firefox\components [2012-09-10 09:56:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: e:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-22 10:43:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firefox@mozilla.com: C:\Users\Pacak\AppData\Roaming\firefox@mozilla.com [2012-10-01 15:19:24 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012-12-06 19:00:00 | 000,000,000 | ---D | M] [2012-09-17 15:35:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pacak\AppData\Roaming\mozilla\Extensions [2012-11-25 10:47:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pacak\AppData\Roaming\mozilla\Firefox\Profiles\ihdh8t4s.default\extensions [2012-12-14 21:50:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pacak\AppData\Roaming\mozilla\Firefox\Profiles\ihdh8t4s.default\extensions\ffxtlbr@babylon.com [2012-10-21 14:32:23 | 000,002,536 | ---- | M] () -- C:\Users\Pacak\AppData\Roaming\mozilla\firefox\profiles\ihdh8t4s.default\searchplugins\browsemngr.xml [2012-10-21 14:32:23 | 000,002,536 | ---- | M] () -- C:\Users\Pacak\AppData\Roaming\mozilla\firefox\profiles\ihdh8t4s.default\searchplugins\mngr.xml [2012-08-07 13:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions File not found (No name found) -- C:\PROGRAMDATA\BROWSER MANAGER\2.5.911.18\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Application Manager (Enabled) = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll CHR - plugin: Adobe Acrobat (Enabled) = E:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Unity Player (Enabled) = C:\Users\Pacak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll CHR - Extension: TV = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.11_0\ CHR - Extension: YouTube = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_2\ CHR - Extension: Szukaj w Google = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_2\ CHR - Extension: Chrome Updater = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoijihiiolhlopbdlcphkfdobmkfkap\1.1_0\ CHR - Extension: Bowling 3D = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemohgpikgjbgmdfbfjdailocichgbjm\2.0_0\ CHR - Extension: AdBlock = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.51_0\ CHR - Extension: Bubble Shooter-HD = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\ CHR - Extension: Szybka Wyszukiwarka = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneiphgeigocbbbojlnknhmknlnmdjnf\1.3_0\ CHR - Extension: Duck Gravity = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpikpdaalmlcipfphefaajfiofglcma\1.3.0_0\ CHR - Extension: Settings Protector = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\ CHR - Extension: Gmail = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\ CHR - Extension: TV = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.11_0\ CHR - Extension: YouTube = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_2\ CHR - Extension: Szukaj w Google = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_2\ CHR - Extension: Chrome Updater = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoijihiiolhlopbdlcphkfdobmkfkap\1.1_0\ CHR - Extension: Bowling 3D = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemohgpikgjbgmdfbfjdailocichgbjm\2.0_0\ CHR - Extension: AdBlock = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.51_0\ CHR - Extension: Bubble Shooter-HD = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\ CHR - Extension: Szybka Wyszukiwarka = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneiphgeigocbbbojlnknhmknlnmdjnf\1.3_0\ CHR - Extension: Duck Gravity = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpikpdaalmlcipfphefaajfiofglcma\1.3.0_0\ CHR - Extension: Settings Protector = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\ CHR - Extension: Gmail = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\ O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [CTSysVol] C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd) O4 - HKLM..\Run: [DelReg] C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe () O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [NBKeyScan] E:\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [P17Helper] C:\Windows\SysWow64\P17.DLL () O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe" -controlservice -slave File not found O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [AQQ] E:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.) O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [Clock Widget (HTC Home)] E:\Program Files (x86)\HTC Home\Clock.exe () O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [DAEMON Tools Lite] E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [EADM] E:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [GarenaPlus] E:\Program Files\Garena Plus\GarenaMessenger.exe () O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD) O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [SpybotSD TeaTimer] e:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKLM..\RunOnce: [*CA] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Pacak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WarKey.exe.lnk = C:\Users\Pacak\Desktop\warkey\WarKey.exe (YuLv.Net) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2) O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 46.148.166.31 46.148.166.33 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04AE9F5A-D32F-491F-AC6A-7BCBA5FE968B}: DhcpNameServer = 46.148.166.31 46.148.166.33 O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO) O20 - AppInit_DLLs: (c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll) - c:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll () O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-03-24 00:54:52 | 000,000,175 | R--- | M] () - G:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2006-10-23 21:52:06 | 001,191,936 | R--- | M] () - H:\autorun.exe -- [ UDF ] O32 - AutoRun File - [2006-10-23 21:52:08 | 000,000,108 | R--- | M] () - H:\autorun.inf -- [ UDF ] O33 - MountPoints2\{22e02608-364e-11e2-b757-6c626ddb478d}\Shell - "" = AutoRun O33 - MountPoints2\{22e02608-364e-11e2-b757-6c626ddb478d}\Shell\AutoRun\command - "" = G:\setup.exe -- [2010-03-12 08:49:40 | 001,100,664 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{22e02608-364e-11e2-b757-6c626ddb478d}\Shell\configure\command - "" = G:\setup.exe -- [2010-03-12 08:49:40 | 001,100,664 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{22e02608-364e-11e2-b757-6c626ddb478d}\Shell\install\command - "" = G:\setup.exe -- [2010-03-12 08:49:40 | 001,100,664 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{22e02613-364e-11e2-b757-6c626ddb478d}\Shell - "" = AutoRun O33 - MountPoints2\{22e02613-364e-11e2-b757-6c626ddb478d}\Shell\AutoRun\command - "" = H:\autorun.exe -- [2006-10-23 21:52:06 | 001,191,936 | R--- | M] () O33 - MountPoints2\{22e02613-364e-11e2-b757-6c626ddb478d}\Shell\install\command - "" = H:\autorun.exe -- [2006-10-23 21:52:06 | 001,191,936 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-12-15 12:55:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\COMODO [2012-12-15 12:55:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Comodo [2012-12-13 02:39:43 | 000,000,000 | ---D | C] -- C:\Users\Pacak\.gstreamer-0.10 [2012-12-13 02:39:40 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\ChomikBox [2012-12-13 02:39:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl [2012-12-13 02:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ChomikBox [2012-12-11 11:36:28 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\gothic3 [2012-12-11 11:35:30 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Xfire [2012-12-11 11:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire [2012-12-11 11:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic III [2012-12-10 13:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-12-10 13:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012-12-10 13:19:47 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012-12-07 10:54:17 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoKMS [2012-12-06 20:13:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\Pliki programu Outlook [2012-12-06 20:07:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2012-12-06 20:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2012-12-06 20:05:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2012-12-06 20:05:05 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-12-06 20:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2012-12-06 20:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2012-12-06 19:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2012-12-06 19:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012-12-06 19:53:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2012-12-06 19:52:58 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Microsoft Help [2012-12-06 19:52:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012-12-06 19:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2012-12-06 19:52:33 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012-12-04 09:41:28 | 000,037,976 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysWow64\drivers\CFRMD.sys [2012-11-29 16:12:53 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bink and Smacker [2012-11-26 16:03:54 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gothic Multiplayer [2012-11-25 21:36:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery [2012-11-25 18:02:47 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\SKIDROW [2012-11-25 17:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA [2012-11-25 15:13:25 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Chromium [2012-11-25 15:09:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive [2012-11-25 15:09:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Sports Interactive [2012-11-25 15:09:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Sports Interactive [2012-11-25 00:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MoorHunt [2012-11-24 16:49:10 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012-11-24 16:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012-11-20 17:03:36 | 000,000,000 | R--D | C] -- C:\Users\Pacak\Documents\Scanned Documents [2012-11-20 17:03:36 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\Fax [2012-11-04 23:36:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps [2012-11-04 19:43:53 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Publish Providers [2012-11-04 19:39:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [2012-11-04 19:38:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2012-11-04 19:38:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony [2012-11-04 18:54:21 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Sony [2012-11-04 18:48:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Sony [2012-11-02 12:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012-11-02 12:19:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2012-11-02 12:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012-11-02 12:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-10-30 11:58:02 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\MOHW [2012-10-29 15:04:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA [2012-10-29 13:00:57 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\PunkBuster [2012-10-29 13:00:49 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\MOHW_DayOnePatch_PC [2012-10-29 12:43:14 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Origin [2012-10-29 12:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games [2012-10-29 12:42:52 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Origin [2012-10-29 12:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2012-10-29 12:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2012-10-29 12:38:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2012-10-27 20:13:18 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012-10-25 23:16:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-10-23 18:18:36 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Opera [2012-10-23 18:18:36 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Opera [2012-10-23 18:18:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera [2012-10-23 16:46:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012-10-22 00:48:54 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Garena [2012-10-22 00:48:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Garena [2012-10-21 15:23:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt [2012-10-21 15:14:48 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Nero [2012-10-21 15:08:35 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Ahead [2012-10-21 15:08:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NeroInstall.bak [2012-10-21 15:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8 [2012-10-21 15:03:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2012-10-21 15:03:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero [2012-10-21 14:38:59 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\Alcohol 120% [2012-10-21 14:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft [2012-10-21 14:32:39 | 000,564,824 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys [2012-10-21 14:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager [2012-10-21 14:23:19 | 000,569,344 | ---- | C] (Pegasus Software,LLC) -- C:\Windows\SysWow64\imagr5.dll [2012-10-21 14:23:19 | 000,544,768 | ---- | C] (Pegasus Software, LLC) -- C:\Windows\SysWow64\imagx5.dll [2012-10-21 14:23:19 | 000,283,920 | ---- | C] (Pegasus Software, LLC) -- C:\Windows\SysWow64\ImagXpr5.dll [2012-10-21 14:23:19 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\Windows\SysWow64\NeroCheck.exe [2012-10-21 14:23:19 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\picn20.dll [2012-10-21 13:28:11 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Ahead [2012-10-21 13:26:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead [2012-10-16 16:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2012-10-16 16:30:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-12-15 13:21:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-12-15 12:55:15 | 000,002,043 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2012-12-15 12:35:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-12-15 12:04:56 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-12-15 12:04:56 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-12-15 11:57:39 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-12-15 11:57:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-12-15 11:57:24 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys [2012-12-12 17:23:36 | 000,045,270 | ---- | M] () -- C:\Users\Pacak\AppData\Roaming\room_v3.dat [2012-12-12 13:21:50 | 000,440,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-12-11 11:32:59 | 000,000,542 | ---- | M] () -- C:\Users\Public\Desktop\Gothic III.lnk [2012-12-10 13:19:51 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012-12-08 13:31:15 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012-12-08 13:31:06 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012-12-06 20:14:12 | 000,446,258 | ---- | M] () -- C:\Windows\AutoKMS.exe [2012-12-04 09:41:28 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysWow64\drivers\CFRMD.sys [2012-12-02 23:11:22 | 000,000,600 | ---- | M] () -- C:\Users\Pacak\AppData\Roaming\winscp.rnd [2012-12-01 14:07:25 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-12-01 14:07:25 | 000,697,674 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-12-01 14:07:25 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-12-01 14:07:25 | 000,134,784 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-12-01 14:07:25 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-11-25 12:39:19 | 000,008,192 | ---- | M] () -- C:\Windows\d3dx.dat [2012-11-25 10:29:17 | 000,000,935 | ---- | M] () -- C:\Users\Pacak\Desktop\JDownloader.lnk [2012-11-24 16:49:10 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012-11-24 16:44:36 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys [2012-11-13 12:42:35 | 000,000,600 | ---- | M] () -- C:\Users\Pacak\AppData\Local\PUTTY.RND [2012-11-08 00:37:57 | 000,022,736 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys [2012-11-08 00:37:36 | 000,041,240 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll [2012-11-08 00:37:34 | 000,301,264 | ---- | M] (COMODO) -- C:\Windows\SysWow64\guard32.dll [2012-11-08 00:37:31 | 000,390,392 | ---- | M] (COMODO) -- C:\Windows\SysNative\guard64.dll [2012-11-06 22:45:43 | 000,000,213 | ---- | M] () -- C:\Users\Pacak\Desktop\Dota 2.url [2012-11-05 01:49:58 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2012-11-04 23:45:05 | 000,001,488 | ---- | M] () -- C:\Users\Pacak\Desktop\MOH Warfighter.lnk [2012-11-04 23:36:22 | 000,000,543 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk [2012-11-04 19:43:21 | 000,002,448 | ---- | M] () -- C:\Users\Pacak\Documents\Register Vegas Pro.htm [2012-11-04 19:39:19 | 000,000,543 | ---- | M] () -- C:\Users\Pacak\Desktop\Vegas Pro 11.0 (64-bit).lnk [2012-10-28 17:03:39 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012-10-28 02:19:52 | 000,000,904 | ---- | M] () -- C:\Users\Public\Desktop\CWK.lnk [2012-10-25 23:16:59 | 000,002,261 | ---- | M] () -- C:\Users\Pacak\Desktop\Google Chrome.lnk [2012-10-21 15:06:19 | 000,001,439 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk [2012-10-21 15:04:54 | 000,000,026 | ---- | M] () -- C:\Windows\Irremote.ini [2012-10-21 15:04:42 | 000,001,024 | ---- | M] () -- C:\Users\Pacak\.rnd [2012-10-21 14:46:32 | 000,000,124 | ---- | M] () -- C:\Users\Pacak\Documents\ax_files.xml [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-12-15 12:55:15 | 000,002,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2012-12-11 11:32:59 | 000,000,542 | ---- | C] () -- C:\Users\Public\Desktop\Gothic III.lnk [2012-12-08 13:31:15 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012-12-08 13:31:06 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012-12-06 20:14:11 | 000,446,258 | ---- | C] () -- C:\Windows\AutoKMS.exe [2012-11-25 21:46:21 | 000,000,212 | ---- | C] () -- C:\Users\Pacak\Desktop\Counter-Strike.url [2012-11-25 12:39:19 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat [2012-11-25 10:29:17 | 000,000,935 | ---- | C] () -- C:\Users\Pacak\Desktop\JDownloader.lnk [2012-11-25 10:27:44 | 000,000,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2012-11-25 10:27:44 | 000,000,859 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk [2012-11-25 10:27:44 | 000,000,844 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2012-11-15 21:12:31 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012-11-15 21:02:29 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012-11-06 22:45:43 | 000,000,213 | ---- | C] () -- C:\Users\Pacak\Desktop\Dota 2.url [2012-11-05 01:49:55 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2012-11-04 23:45:06 | 000,001,488 | ---- | C] () -- C:\Users\Pacak\Desktop\MOH Warfighter.lnk [2012-11-04 23:36:22 | 000,000,543 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk [2012-11-04 19:39:19 | 000,000,543 | ---- | C] () -- C:\Users\Pacak\Desktop\Vegas Pro 11.0 (64-bit).lnk [2012-11-04 19:32:41 | 000,002,448 | ---- | C] () -- C:\Users\Pacak\Documents\Register Vegas Pro.htm [2012-10-28 02:19:52 | 000,000,904 | ---- | C] () -- C:\Users\Public\Desktop\CWK.lnk [2012-10-28 02:19:52 | 000,000,904 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CWK.lnk [2012-10-25 23:16:58 | 000,002,261 | ---- | C] () -- C:\Users\Pacak\Desktop\Google Chrome.lnk [2012-10-21 15:06:19 | 000,001,439 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk [2012-10-21 15:04:54 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini [2012-10-21 15:04:41 | 000,001,024 | ---- | C] () -- C:\Users\Pacak\.rnd [2012-10-21 14:46:32 | 000,000,124 | ---- | C] () -- C:\Users\Pacak\Documents\ax_files.xml [2012-10-16 16:30:44 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-10-16 16:30:43 | 000,001,042 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-10-09 00:32:09 | 000,000,600 | ---- | C] () -- C:\Users\Pacak\AppData\Roaming\winscp.rnd [2012-10-08 15:45:43 | 000,000,600 | ---- | C] () -- C:\Users\Pacak\AppData\Local\PUTTY.RND [2012-10-02 22:01:35 | 000,000,087 | ---- | C] () -- C:\Windows\SysWow64\tcfg.ini [2012-08-28 09:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012-08-28 09:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012-08-28 09:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012-08-28 09:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012-08-28 09:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012-08-22 10:37:09 | 000,172,893 | ---- | C] () -- C:\Windows\hpoins45.dat [2012-08-08 23:35:16 | 000,045,270 | ---- | C] () -- C:\Users\Pacak\AppData\Roaming\room_v3.dat [2012-08-08 14:35:46 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012-08-07 12:50:45 | 000,000,039 | R--- | C] () -- C:\Windows\SysWow64\ctzapxx.ini [2012-08-07 12:12:54 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI [2012-08-07 10:58:45 | 001,548,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-08-07 00:36:48 | 000,005,627 | R--- | C] () -- C:\Windows\SysWow64\Ludap17.ini [2012-08-07 00:26:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012-08-07 00:20:35 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll [2012-08-07 00:03:45 | 000,007,610 | ---- | C] () -- C:\Users\Pacak\AppData\Local\resmon.resmoncfg [2012-06-11 17:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012-06-11 17:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012-05-02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2012-09-17 02:13:28 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\.minecraft [2012-09-11 15:57:38 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Altaron [2012-09-15 12:15:10 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\AVG2013 [2012-08-12 10:38:22 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Avnex [2012-10-01 15:19:24 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Chrome_updater [2012-12-11 00:32:21 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\DAEMON Tools Lite [2012-10-06 22:23:59 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Dev-Cpp [2012-10-01 15:19:24 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\firefox@mozilla.com [2012-10-22 00:48:54 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Garena [2012-12-15 12:53:57 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\GarenaPlus [2012-10-01 15:19:49 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\IE [2012-08-27 23:04:13 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\NapiProjekt [2012-11-06 12:35:01 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Notepad++ [2012-12-15 00:15:13 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\OpenCandy [2012-09-04 08:00:24 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\OpenOffice.org [2012-10-23 18:27:18 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Opera [2012-12-02 12:41:24 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Origin [2012-11-04 19:43:53 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Publish Providers [2012-10-07 01:59:59 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Remere's Map Editor [2012-09-18 19:54:46 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Samsung [2012-11-04 19:47:25 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Sony [2012-11-25 15:09:19 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Sports Interactive [2012-09-15 12:13:51 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\TuneUp Software [2012-12-06 20:04:43 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\uTorrent [2012-08-07 19:42:59 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\wargaming.net [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-11-21 04:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2012-08-07 00:44:17 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-09-19 11:59:47 | 000,000,471 | ---- | M] () -- C:\CustomKeys.txt [2012-12-15 11:57:24 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys [2012-08-07 00:32:27 | 000,034,239 | ---- | M] () -- C:\LU4.log [2012-12-15 11:57:26 | 504,991,743 | -HS- | M] () -- C:\pagefile.sys [2012-08-07 13:49:59 | 000,000,608 | ---- | M] () -- C:\user.js [2012-08-06 23:59:40 | 000,283,507 | RHS- | M] () -- C:\VLXEM [2012-08-06 23:59:40 | 000,000,020 | RHS- | M] () -- C:\win7.ld [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2012-08-22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys [2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys [2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys [2010-11-21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe < End of report > [/log] RSIT: [log]Logfile of random's system information tool 1.09 (written by random/random) Run by Pacak at 2012-12-15 13:49:51 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 870 MB (2%) free of 35 GB Total RAM: 8191 MB (64% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:49:58, on 2012-12-15 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe E:\Program Files\Garena Plus\GarenaMessenger.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe E:\Pobieranie\Downloads\RSIT.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\trend micro\Pacak.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD502HJ_S20BJ90ZB42528&ts=1355249658 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.yahoo.com?fr=fp-comodo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD502HJ_S20BJ90ZB42528&ts=1355249658 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD502HJ_S20BJ90ZB42528&ts=1355249658 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.v9.com/web/?q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com/web/?q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O4 - HKLM\..\Run: [DelReg] C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry O4 - HKLM\..\Run: [CTSysVol] C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "E:\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe" -controlservice -slave O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Clock Widget (HTC Home)] "E:\Program Files (x86)\HTC Home\Clock.exe" O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [AQQ] E:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [SpybotSD TeaTimer] e:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [EADM] "E:\Program Files (x86)\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [GarenaPlus] "E:\Program Files\Garena Plus\GarenaMessenger.exe" -autolaunch O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - Startup: WarKey.exe.lnk = Pacak\Desktop\warkey\WarKey.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files (x86)\COMODO\GeekBuddy\launcher.exe O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GeekBuddy Remote Screen Protocol (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - E:\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15820 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job =========Mozilla firefox========= ProfilePath - C:\Users\Pacak\AppData\Roaming\Mozilla\Firefox\Profiles\ihdh8t4s.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "http://pl.yahoo.com?fr=fp-comodo" prefs.js - "keyword.URL" - "http://pl.search.yahoo.com/search?fr=ytff-comodo&p=" "smartwebprinting@hp.com"=C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll e:\Program Files (x86)\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} e:\Program Files (x86)\Mozilla Firefox\components\ binary.manifest browsercomps.dll e:\Program Files (x86)\Mozilla Firefox\searchplugins\ allegro-pl.xml babylon.xml fbc-pl.xml google.xml merlin-pl.xml pwn-pl.xml v9.xml wikipedia-pl.xml wp-pl.xml C:\Users\Pacak\AppData\Roaming\Mozilla\Firefox\Profiles\ihdh8t4s.default\extensions\ ffxtlbr@babylon.com C:\Users\Pacak\AppData\Roaming\Mozilla\Firefox\Profiles\ihdh8t4s.default\searchplugins\ browsemngr.xml mngr.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - E:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2011-06-12 4221328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-24 449512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-02-28 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-24 155384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {ae07101b-46d4-4a98-af68-0333ea26e113} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "DelReg"=C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe [2008-12-04 196608] "Adobe Reader Speed Launcher"=E:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] "P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry [] "CTSysVol"=C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [2005-10-31 57344] "P17Helper"=Rundll32 P17.dll,P17Helper [] "UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10 49208] ""= [] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848] "KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-08-31 3524536] "NeroCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648] "NBKeyScan"=E:\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520] "tvncontrol"=C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe -controlservice -slave [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "*CA"= [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584] "Clock Widget (HTC Home)"=E:\Program Files (x86)\HTC Home\Clock.exe [2011-11-28 2036736] "KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2012-08-31 964024] "KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-08-31 21432] "AQQ"=E:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe [2012-12-04 10742272] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136] "SpybotSD TeaTimer"=e:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "EADM"=E:\Program Files (x86)\Origin\Origin.exe [2012-11-30 3492504] "GarenaPlus"=E:\Program Files\Garena Plus\GarenaMessenger.exe [2012-11-30 9063800] "DAEMON Tools Lite"=E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728] "HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2010-09-30 393216] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe Start GeekBuddy.lnk - C:\Program Files (x86)\COMODO\GeekBuddy\launcher.exe C:\Users\Pacak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup WarKey.exe.lnk - C:\Users\Pacak\Desktop\warkey\WarKey.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2011-06-12 4221328] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi3"=wdmaud.drv "mixer4"=wdmaud.drv "aux1"=wdmaud.drv "msacm.vorbis"=vorbis.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "VIDC.FPS1"=frapsvid.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2012-12-15 13:35:19 ----D---- C:\rsit 2012-12-15 13:35:19 ----D---- C:\Program Files (x86)\trend micro 2012-12-15 12:55:10 ----D---- C:\Program Files (x86)\COMODO 2012-12-15 12:55:10 ----D---- C:\Program Files (x86)\Common Files\Comodo 2012-12-13 02:39:22 ----D---- C:\Program Files (x86)\ChomikBox 2012-12-12 13:08:41 ----A---- C:\Windows\SysWOW64\mshtmled.dll 2012-12-12 13:08:28 ----A---- C:\Windows\SysWOW64\vbscript.dll 2012-12-12 13:08:23 ----A---- C:\Windows\SysWOW64\ieui.dll 2012-12-12 13:08:18 ----A---- C:\Windows\SysWOW64\ieUnatt.exe 2012-12-12 13:08:16 ----A---- C:\Windows\SysWOW64\url.dll 2012-12-12 13:08:12 ----A---- C:\Windows\SysWOW64\urlmon.dll 2012-12-12 13:08:05 ----A---- C:\Windows\SysWOW64\msfeeds.dll 2012-12-12 13:08:02 ----A---- C:\Windows\SysWOW64\wininet.dll 2012-12-12 13:07:59 ----A---- C:\Windows\SysWOW64\jscript9.dll 2012-12-12 13:07:59 ----A---- C:\Windows\SysWOW64\jscript.dll 2012-12-12 13:07:54 ----A---- C:\Windows\SysWOW64\iertutil.dll 2012-12-12 13:07:52 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2012-12-12 13:07:46 ----A---- C:\Windows\SysWOW64\mshtml.dll 2012-12-12 13:07:42 ----A---- C:\Windows\SysWOW64\ieframe.dll 2012-12-12 13:05:13 ----A---- C:\Windows\SysWOW64\atmlib.dll 2012-12-12 13:05:13 ----A---- C:\Windows\SysWOW64\atmfd.dll 2012-12-12 13:05:02 ----A---- C:\Windows\SysWOW64\tzres.dll 2012-12-12 13:04:32 ----A---- C:\Windows\SysWOW64\dpnet.dll 2012-12-12 13:03:48 ----A---- C:\Windows\SysWOW64\kernel32.dll 2012-12-12 13:03:47 ----A---- C:\Windows\SysWOW64\wow32.dll 2012-12-12 13:03:47 ----A---- C:\Windows\SysWOW64\setup16.exe 2012-12-12 13:03:47 ----A---- C:\Windows\SysWOW64\ntvdm64.dll 2012-12-12 13:03:47 ----A---- C:\Windows\SysWOW64\KernelBase.dll 2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2012-12-12 13:03:46 ----A---- C:\Windows\SysWOW64\instnm.exe 2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2012-12-12 13:03:40 ----A---- C:\Windows\SysWOW64\user.exe 2012-12-11 11:35:30 ----D---- C:\Users\Pacak\AppData\Roaming\Xfire 2012-12-10 13:19:50 ----D---- C:\Program Files (x86)\Common Files\Skype 2012-12-10 13:19:47 ----RD---- C:\Program Files (x86)\Skype 2012-12-08 13:31:18 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2012-12-08 13:31:18 ----A---- C:\Windows\SysWOW64\msls31.dll 2012-12-08 13:31:17 ----A---- C:\Windows\SysWOW64\msrating.dll 2012-12-08 13:31:17 ----A---- C:\Windows\SysWOW64\msfeedssync.exe 2012-12-08 13:31:17 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll 2012-12-08 13:31:17 ----A---- C:\Windows\SysWOW64\iepeers.dll 2012-12-08 13:31:17 ----A---- C:\Windows\SysWOW64\ieakeng.dll 2012-12-08 13:31:17 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll 2012-12-08 13:31:16 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe 2012-12-08 13:31:16 ----A---- C:\Windows\SysWOW64\mshtmler.dll 2012-12-08 13:31:16 ----A---- C:\Windows\SysWOW64\iesysprep.dll 2012-12-08 13:31:16 ----A---- C:\Windows\SysWOW64\dxtrans.dll 2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\licmgr10.dll 2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\iesetup.dll 2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\iernonce.dll 2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\iedkcs32.dll 2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\ieapfltr.dll 2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\ieapfltr.dat 2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\ie4uinit.exe 2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\icardie.dll 2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\dxtmsft.dll 2012-12-08 13:31:14 ----A---- C:\Windows\SysWOW64\wextract.exe 2012-12-08 13:31:14 ----A---- C:\Windows\SysWOW64\webcheck.dll 2012-12-08 13:31:14 ----A---- C:\Windows\SysWOW64\pngfilt.dll 2012-12-08 13:31:14 ----A---- C:\Windows\SysWOW64\inseng.dll 2012-12-08 13:31:14 ----A---- C:\Windows\SysWOW64\iexpress.exe 2012-12-08 13:31:13 ----A---- C:\Windows\SysWOW64\occache.dll 2012-12-08 13:31:13 ----A---- C:\Windows\SysWOW64\mshta.exe 2012-12-08 13:31:13 ----A---- C:\Windows\SysWOW64\imgutil.dll 2012-12-08 13:31:13 ----A---- C:\Windows\SysWOW64\ieakui.dll 2012-12-08 13:31:13 ----A---- C:\Windows\SysWOW64\ieaksie.dll 2012-12-08 13:31:13 ----A---- C:\Windows\SysWOW64\admparse.dll 2012-12-08 13:25:01 ----A---- C:\Windows\SysWOW64\wksprtPS.dll 2012-12-08 13:25:01 ----A---- C:\Windows\SysWOW64\tsgqec.dll 2012-12-08 13:25:01 ----A---- C:\Windows\SysWOW64\rdpendp_winip.dll 2012-12-08 13:25:01 ----A---- C:\Windows\SysWOW64\MsRdpWebAccess.dll 2012-12-08 13:25:01 ----A---- C:\Windows\SysWOW64\aaclient.dll 2012-12-08 13:25:00 ----A---- C:\Windows\SysWOW64\mstsc.exe 2012-12-08 13:24:59 ----A---- C:\Windows\SysWOW64\mstscax.dll 2012-12-08 13:23:19 ----A---- C:\Windows\SysWOW64\schannel.dll 2012-12-08 13:23:19 ----A---- C:\Windows\SysWOW64\ncrypt.dll 2012-12-08 13:23:18 ----A---- C:\Windows\SysWOW64\sspicli.dll 2012-12-08 13:23:18 ----A---- C:\Windows\SysWOW64\secur32.dll 2012-12-08 13:23:16 ----A---- C:\Windows\SysWOW64\qdvd.dll 2012-12-07 10:54:17 ----D---- C:\ProgramData\AutoKMS 2012-12-06 20:14:11 ----A---- C:\Windows\AutoKMS.exe 2012-12-06 20:05:44 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services 2012-12-06 20:05:42 ----D---- C:\Program Files (x86)\Common Files\DESIGNER 2012-12-06 20:05:05 ----D---- C:\Windows\PCHEALTH 2012-12-06 20:05:05 ----D---- C:\Program Files (x86)\Microsoft Sync Framework 2012-12-06 20:05:05 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2012-12-06 19:54:42 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8 2012-12-06 19:53:32 ----D---- C:\Program Files (x86)\Microsoft Analysis Services 2012-12-06 19:52:51 ----D---- C:\ProgramData\Microsoft Help 2012-12-06 19:52:51 ----D---- C:\Program Files (x86)\Microsoft Office 2012-12-06 19:52:33 ----RHD---- C:\MSOCache 2012-12-04 09:41:28 ----A---- C:\Windows\SysWOW64\drivers\CFRMD.sys 2012-11-29 13:43:33 ----A---- C:\Windows\SysWOW64\d2d1.dll 2012-11-25 15:09:19 ----D---- C:\Users\Pacak\AppData\Roaming\Sports Interactive 2012-11-25 12:39:19 ----A---- C:\Windows\d3dx.dat ======List of files/folders modified in the last 1 month====== 2012-12-15 13:35:19 ----RD---- C:\Program Files (x86) 2012-12-15 13:35:00 ----D---- C:\Windows\Temp 2012-12-15 13:27:46 ----D---- C:\Users\Pacak\AppData\Roaming\Skype 2012-12-15 12:55:55 ----D---- C:\Windows\SysWOW64\drivers 2012-12-15 12:55:54 ----D---- C:\Windows\inf 2012-12-15 12:55:22 ----SHD---- C:\Windows\Installer 2012-12-15 12:55:22 ----SHD---- C:\Config.Msi 2012-12-15 12:55:19 ----D---- C:\Windows\winsxs 2012-12-15 12:55:10 ----D---- C:\Program Files (x86)\Common Files 2012-12-15 12:53:58 ----D---- C:\ProgramData\GarenaMessenger 2012-12-15 12:53:57 ----D---- C:\Users\Pacak\AppData\Roaming\GarenaPlus 2012-12-15 00:15:13 ----D---- C:\Users\Pacak\AppData\Roaming\OpenCandy 2012-12-14 23:38:38 ----SHD---- C:\System Volume Information 2012-12-14 21:49:49 ----HD---- C:\ProgramData 2012-12-14 21:31:55 ----D---- C:\ProgramData\Spybot - Search & Destroy 2012-12-14 21:21:18 ----D---- C:\Windows\Prefetch 2012-12-12 13:20:33 ----D---- C:\Windows\SysWOW64\pl-PL 2012-12-12 13:20:33 ----D---- C:\Windows\SysWOW64 2012-12-12 13:20:33 ----D---- C:\Windows\System32 2012-12-12 13:20:32 ----D---- C:\Windows\SysWOW64\migration 2012-12-12 13:20:32 ----D---- C:\Windows\AppPatch 2012-12-12 13:20:32 ----D---- C:\Program Files (x86)\Internet Explorer 2012-12-12 13:13:47 ----D---- C:\Windows\debug 2012-12-11 20:21:30 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-12-11 17:22:42 ----D---- C:\Users\Pacak\AppData\Roaming\Media Player Classic 2012-12-11 11:39:09 ----D---- C:\Windows 2012-12-11 11:32:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2012-12-11 00:32:21 ----D---- C:\Users\Pacak\AppData\Roaming\DAEMON Tools Lite 2012-12-11 00:30:45 ----D---- C:\Windows\Panther 2012-12-11 00:30:44 ----D---- C:\Windows\Logs 2012-12-10 13:19:55 ----D---- C:\ProgramData\Skype 2012-12-09 19:40:54 ----SD---- C:\Users\Pacak\AppData\Roaming\Microsoft 2012-12-09 11:52:50 ----A---- C:\Windows\win.ini 2012-12-09 11:52:47 ----D---- C:\Program Files (x86)\Common Files\System 2012-12-09 11:43:24 ----D---- C:\Windows\SysWOW64\en-US 2012-12-09 11:43:19 ----D---- C:\Windows\PolicyDefinitions 2012-12-09 11:43:16 ----D---- C:\Windows\SysWOW64\wbem 2012-12-07 23:17:28 ----D---- C:\Windows\Microsoft.NET 2012-12-07 15:45:02 ----RSD---- C:\Windows\assembly 2012-12-07 10:53:40 ----D---- C:\ProgramData\Browser Manager 2012-12-06 21:24:02 ----D---- C:\Program Files (x86)\OpenOffice.org 3 2012-12-06 20:07:01 ----RSD---- C:\Windows\Fonts 2012-12-06 20:06:44 ----D---- C:\Windows\ShellNew 2012-12-06 20:06:43 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2012-12-06 20:06:26 ----D---- C:\Program Files (x86)\MSBuild 2012-12-06 20:05:05 ----SD---- C:\ProgramData\Microsoft 2012-12-06 20:05:05 ----D---- C:\Program Files (x86)\Microsoft.NET 2012-12-06 20:04:43 ----D---- C:\Users\Pacak\AppData\Roaming\uTorrent 2012-12-06 19:59:24 ----D---- C:\Program Files (x86)\Google 2012-12-06 19:55:33 ----SHD---- C:\$Recycle.Bin 2012-12-06 19:54:04 ----RD---- C:\Program Files 2012-12-02 12:41:36 ----D---- C:\ProgramData\Origin 2012-12-02 12:41:24 ----D---- C:\Users\Pacak\AppData\Roaming\Origin 2012-11-22 14:23:24 ----D---- C:\Program Files (x86)\v9Soft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [] R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [] R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [] R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [] R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [] R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\DRIVERS\ctsfm2k.sys [] R3 ossrv;Creative OS Services Driver; C:\Windows\system32\DRIVERS\ctoss2k.sys [] R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [] R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [] S1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2012-12-04 37976] S3 ALSysIO;ALSysIO; \??\C:\Users\Pacak\AppData\Local\Temp\ALSysIO64.sys [] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [] S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [] S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys [2010-04-12 44344] S3 GGSAFERDriver;GGSAFER Driver; \??\E:\Program Files\Garena Plus\Room\safedrv.sys [] S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 4\LU4\NTIOLib_X64.sys [2010-10-22 14136] S3 NTIOLib_1_0_5;NTIOLib_1_0_5; \??\C:\Program Files (x86)\MSI\OverclockingCenter\NTIOLib_X64.sys [2010-12-20 11888] S3 P1764;Sound Blaster Audigy; C:\Windows\system32\drivers\P1764.sys [] S3 PCAlertDriver;PCAlertDriver; \??\E:\Program Files (x86)\MSI\PC Alert 4\NTGLM7X64.sys [] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [] S3 RushTopDevice_J;RushTopDevice_J; \??\C:\Program Files (x86)\MSI\OverclockingCenter\RushJ64.sys [2009-03-05 33080] S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files (x86)\MSI\OverclockingCenter\RushTop64.sys [2008-12-19 75576] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [] R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 361984] R2 Browser Manager;Browser Manager; C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe [2012-12-05 2403352] R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [2012-11-01 70352] R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 2828408] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 GeekBuddyRSP;GeekBuddy Remote Screen Protocol; C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [2012-10-31 1467088] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072] R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; E:\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992] R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896] R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16 116648] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-11 250808] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-08-07 79360] S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16 116648] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-11-04 529744] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] -----------------EOF----------------- [/log] Prosze o pomoc i pozdrawiam
Gość komentarz 15 grudnia 2012 komentarz 15 grudnia 2012 Pierwsza sprawa: Wyłącz ochrone w antywirusie Druga sprawa:W systemie może byc[b] tylko 1 [/b]Antywirus Trzecia:Wywalaj spybota to do niczego sie tera nie nadaje. 1. Uruchom OTL i w okno [b]Własne opcje skanowania /skrypt[/b] Wklej [code] :Services Browser Manager :OTL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?u...8&ts=1355249658 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?u...8&ts=1355249658 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com...q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.v9.com...q={searchTerms} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperba...q={searchTerms} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylo...0006c626ddb478d IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?u...8&ts=1355249658 IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperba...q={searchTerms} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperba...q={searchTerms} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.yahoo.com?fr=fp-comodo IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperba...q={searchTerms} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperba...q={searchTerms} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperba...q={searchTerms} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com...q={searchTerms} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{0E756860-460A-4F02-8D89-52D278659C5D}: "URL" = http://websearch.ask...41-4BEA0B6675DE IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0006c626ddb478d IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com...q={searchTerms} IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://pl.search.yah...}&fr=chr-comodo FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.5.0 FF - prefs.js..extensions.enabledAddons: {58bd07eb-0ee0-4df0-8121-dc9b693373df}:2.5.911.18 FF - prefs.js..browser.search.order.1: "v9" FF - prefs.js..browser.startup.homepage: "http://pl.yahoo.com?fr=fp-comodo" FF - prefs.js..keyword.URL: "http://pl.search.yahoo.com/search?fr=ytff-comodo&p=" O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\RunOnce: [*CA] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O20 - AppInit_DLLs: (c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll) - c:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll () :Files C:\ProgramData\Browser Manager :Commands [emptytemp] [/code] Kliknij [b]Wykonaj skrypt[/b] 2.Użyj adwcleaner-a http://general-changelog-team.fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner Opcja delete 3.Wyskanuj system skanerem malwarebytes anti-malware(odrzuć ofertę testową) 4.Podaj nowy log z OTL
pacyna komentarz 15 grudnia 2012 Autor komentarz 15 grudnia 2012 (edytowane) [log]OTL logfile created on: 2012-12-15 16:22:39 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = E:\Pobieranie\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 8,00 Gb Total Physical Memory | 5,54 Gb Available Physical Memory | 69,22% Memory free 12,54 Gb Paging File | 9,81 Gb Available in Paging File | 78,20% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 34,18 Gb Total Space | 0,96 Gb Free Space | 2,82% Space Free | Partition Type: NTFS Drive D: | 214,84 Gb Total Space | 7,91 Gb Free Space | 3,68% Space Free | Partition Type: NTFS Drive E: | 216,73 Gb Total Space | 1,58 Gb Free Space | 0,73% Space Free | Partition Type: NTFS Computer Name: PACAK-KOMPUTER | User Name: Pacak | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-12-15 13:07:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Pobieranie\Downloads\OTL.exe PRC - [2012-12-06 20:14:12 | 000,446,258 | ---- | M] () -- C:\Windows\AutoKMS.exe PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2012-12-04 23:27:38 | 010,742,272 | ---- | M] (Creative Team S.A.) -- E:\Program Files\WapSter\WapSter AQQ\AQQ.exe PRC - [2012-11-30 14:52:40 | 009,063,800 | ---- | M] () -- E:\Program Files\Garena Plus\GarenaMessenger.exe PRC - [2012-11-30 12:12:17 | 003,492,504 | ---- | M] (Electronic Arts) -- E:\Program Files (x86)\Origin\Origin.exe PRC - [2012-10-16 16:30:38 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe PRC - [2012-08-31 08:52:22 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2012-08-31 08:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe PRC - [2012-08-31 08:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe PRC - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2011-05-10 01:41:12 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe PRC - [2010-11-21 04:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe PRC - [2009-07-14 02:14:44 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WerFault.exe PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch] PRC - [2009-07-14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe PRC - [2009-05-21 21:13:36 | 000,275,768 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2009-05-21 20:46:36 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe PRC - [2009-05-21 20:46:36 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe PRC - [2009-05-21 17:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe PRC - [2008-06-12 01:38:00 | 000,034,672 | ---- | M] (Adobe Systems Incorporated) -- E:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe PRC - [2008-02-28 16:07:48 | 000,529,704 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe PRC - [2008-02-18 15:29:12 | 000,877,864 | ---- | M] (Nero AG) -- E:\Nero\Nero8\Nero BackItUp\NBService.exe PRC - [2006-12-19 08:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe PRC - [2005-10-31 09:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe PRC - [2001-01-13 01:15:44 | 000,054,272 | ---- | M] () -- C:\ProgramData\AutoKMS\Resources\MSGBox\Messagebox.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-12-15 16:19:09 | 000,115,137 | ---- | M] () -- C:\Users\Pacak\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll MOD - [2012-12-15 13:07:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Pobieranie\Downloads\OTL.exe MOD - [2012-12-12 13:06:31 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2012-12-12 13:06:31 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2012-12-05 18:09:41 | 002,148,376 | R--- | M] () -- c:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll MOD - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll MOD - [2012-12-05 02:14:29 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libglesv2.dll MOD - [2012-12-05 02:14:28 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libegl.dll MOD - [2012-12-05 02:14:27 | 009,963,112 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\icudt.dll MOD - [2012-12-05 02:14:23 | 041,743,976 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\chrome.dll MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avutil-51.dll MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avformat-54.dll MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll MOD - [2012-12-04 23:27:38 | 010,742,272 | ---- | M] (Creative Team S.A.) -- E:\Program Files\WapSter\WapSter AQQ\AQQ.exe MOD - [2012-11-30 14:52:40 | 009,063,800 | ---- | M] () -- E:\Program Files\Garena Plus\GarenaMessenger.exe MOD - [2012-11-30 12:53:12 | 000,021,504 | ---- | M] () -- E:\Program Files\Garena Plus\VersionModule.dll MOD - [2012-11-30 12:43:49 | 000,287,232 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\DailyTaskPlugin.dll MOD - [2012-11-30 12:43:39 | 000,345,600 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\GarenaTalkPlugin.dll MOD - [2012-11-30 12:40:07 | 000,480,768 | ---- | M] () -- E:\Program Files\Garena Plus\CxImage.dll MOD - [2012-11-30 12:12:34 | 000,265,216 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- E:\Program Files (x86)\Origin\ssleay32.dll MOD - [2012-11-30 12:12:34 | 000,062,976 | ---- | M] () -- E:\Program Files (x86)\Origin\tufao.dll MOD - [2012-11-30 12:12:33 | 003,514,368 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\QtXmlPatterns4.dll MOD - [2012-11-30 12:12:32 | 018,627,072 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\QtWebKit4.dll MOD - [2012-11-30 12:12:32 | 000,411,648 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\QtXml4.dll MOD - [2012-11-30 12:12:27 | 009,671,168 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\QtGui4.dll MOD - [2012-11-30 12:12:27 | 001,226,752 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\QtNetwork4.dll MOD - [2012-11-30 12:12:25 | 002,923,008 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\QtCore4.dll MOD - [2012-11-30 12:12:24 | 027,912,360 | ---- | M] (Electronic Arts) -- E:\Program Files (x86)\Origin\OriginClient.dll MOD - [2012-11-30 12:12:17 | 003,492,504 | ---- | M] (Electronic Arts) -- E:\Program Files (x86)\Origin\Origin.exe MOD - [2012-11-30 12:12:13 | 001,156,608 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- E:\Program Files (x86)\Origin\libeay32.dll MOD - [2012-11-30 12:11:38 | 000,312,320 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\imageformats\qtiff4.dll MOD - [2012-11-30 12:11:38 | 000,264,192 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\imageformats\qmng4.dll MOD - [2012-11-30 12:11:38 | 000,211,968 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\imageformats\qjpeg4.dll MOD - [2012-11-30 12:11:38 | 000,032,256 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\imageformats\qico4.dll MOD - [2012-11-30 12:11:38 | 000,028,672 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\imageformats\qgif4.dll MOD - [2012-11-30 12:11:38 | 000,022,528 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\imageformats\qtga4.dll MOD - [2012-11-29 22:32:28 | 001,400,320 | ---- | M] () -- E:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\GGNet.dll MOD - [2012-11-29 12:42:20 | 000,313,344 | ---- | M] () -- E:\Program Files\Garena Plus\lib\Http.dll MOD - [2012-11-28 15:16:14 | 000,223,232 | ---- | M] () -- E:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\Contact.dll MOD - [2012-11-28 12:13:06 | 000,938,496 | ---- | M] () -- E:\Program Files\Garena Plus\lib\XLL.dll MOD - [2012-11-28 12:03:11 | 000,718,848 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\ggplugin.dll MOD - [2012-11-28 12:00:52 | 000,228,864 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\PluginNews.dll MOD - [2012-11-28 12:00:45 | 000,178,688 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\StatsPlugin.dll MOD - [2012-11-23 10:02:48 | 001,537,024 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\FileSender.dll MOD - [2012-11-19 05:25:25 | 001,081,344 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\GaFileTransfer.dll MOD - [2012-11-15 21:51:06 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\adaaf894878905f022f824b84fcd59a8\System.ServiceProcess.ni.dll MOD - [2012-11-15 21:50:47 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\38e2909de0b5e7887b46dd28725ba718\System.Management.ni.dll MOD - [2012-11-15 21:23:26 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\0e5254a1a3d59b3a037029e5af1bd32b\System.Runtime.Remoting.ni.dll MOD - [2012-11-15 21:23:21 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\aebb94e0eea9c39ec18a7915a711f621\System.Xaml.ni.dll MOD - [2012-11-15 21:16:12 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7c8bffb6e42a248341d7821a8464ef0b\PresentationFramework.ni.dll MOD - [2012-11-15 21:16:02 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74fade4c3e490c62af3d60742fb078a\PresentationCore.ni.dll MOD - [2012-11-15 21:15:55 | 003,882,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dfe6e22159d3f5bf61b5bfe1da6f2758\WindowsBase.ni.dll MOD - [2012-11-15 21:15:53 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\46215c6276fca8ba6b8a765dfa384c73\PresentationFramework.Aero.ni.dll MOD - [2012-11-15 21:10:14 | 013,198,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ecbb113bbad9034fa8385c15f73fb4cf\System.Windows.Forms.ni.dll MOD - [2012-11-15 21:10:06 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14d2241be401f66cc1898dc5dc383b80\System.Core.ni.dll MOD - [2012-11-15 21:10:04 | 001,666,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\a8dfd1388afc0a50f39f9e1dc7ecd45c\System.Drawing.ni.dll MOD - [2012-11-15 21:10:04 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c63fe1e324904c893d2a5d02f0783658\System.Configuration.ni.dll MOD - [2012-11-15 21:10:03 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e10bbd79027aa4c1ca8950b78fd640d4\System.Xml.ni.dll MOD - [2012-11-15 21:10:00 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\379599837ade465016dd5d96798b2766\System.ni.dll MOD - [2012-11-15 21:09:55 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dbc34d53e1fbedabecd201fe4f264961\mscorlib.ni.dll MOD - [2012-11-15 12:19:08 | 000,186,368 | ---- | M] () -- E:\Program Files\Garena Plus\ImageModule.dll MOD - [2012-11-14 03:48:26 | 012,320,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll MOD - [2012-11-14 03:14:59 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll MOD - [2012-11-14 02:57:44 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2012-11-14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2012-11-14 02:46:38 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2012-11-08 12:28:10 | 000,027,136 | ---- | M] () -- E:\Program Files\Garena Plus\DibModule.dll MOD - [2012-11-08 12:28:09 | 000,045,056 | ---- | M] () -- E:\Program Files\Garena Plus\FileLoader.dll MOD - [2012-11-08 12:28:07 | 000,169,472 | ---- | M] () -- E:\Program Files\Garena Plus\ggspawn.dll MOD - [2012-11-08 12:27:53 | 000,081,408 | ---- | M] () -- E:\Program Files\Garena Plus\PluginKernel.dll MOD - [2012-11-08 12:27:47 | 000,018,944 | ---- | M] () -- E:\Program Files\Garena Plus\PluginModule.dll MOD - [2012-11-08 00:37:34 | 000,301,264 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll MOD - [2012-10-30 11:19:43 | 000,059,904 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\PlatformPlugin.dll MOD - [2012-10-28 16:14:04 | 001,094,144 | ---- | M] () -- E:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\SMS.dll MOD - [2012-10-16 08:39:52 | 000,561,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll MOD - [2012-10-09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll MOD - [2012-10-04 17:47:41 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2012-10-04 17:47:40 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2012-10-04 17:40:23 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\acwow64.dll MOD - [2012-09-28 03:23:00 | 005,557,928 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdag.dll MOD - [2012-09-28 02:43:28 | 000,935,424 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll MOD - [2012-09-28 02:22:30 | 002,691,584 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdva.dll MOD - [2012-09-28 02:10:58 | 000,082,944 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiu9pag.dll MOD - [2012-09-13 07:19:39 | 000,099,328 | ---- | M] () -- E:\Program Files\Garena Plus\lib\UILayout.dll MOD - [2012-09-13 07:19:19 | 000,048,640 | ---- | M] () -- E:\Program Files\Garena Plus\lib\XmlUIModule.dll MOD - [2012-09-10 06:43:02 | 001,664,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll MOD - [2012-09-06 12:30:31 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll MOD - [2012-09-06 12:30:27 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2012-09-06 12:30:27 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MOD - [2012-09-06 12:30:23 | 000,159,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll MOD - [2012-09-06 07:06:20 | 006,730,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll MOD - [2012-09-06 07:06:20 | 000,056,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll MOD - [2012-08-31 08:52:22 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MOD - [2012-08-31 08:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MOD - [2012-08-31 08:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe MOD - [2012-08-31 08:45:00 | 000,250,368 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll MOD - [2012-08-30 15:17:05 | 002,984,960 | ---- | M] () -- E:\Program Files\Garena Plus\ggdownloader.dll MOD - [2012-08-28 09:05:34 | 000,307,200 | ---- | M] ( MarkAny.) -- C:\Program Files (x86)\Samsung\Kies\External\MACSSDK.dll MOD - [2012-08-24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2012-08-24 17:57:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll MOD - [2012-08-24 17:57:40 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2012-08-24 17:57:37 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll MOD - [2012-08-24 17:53:35 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2012-08-03 09:31:57 | 000,228,864 | ---- | M] (The cURL library, [url="http://curl.haxx.se/"]http://curl.haxx.se/[/url]) -- E:\Program Files\Garena Plus\libcurl.dll MOD - [2012-07-31 11:38:37 | 000,156,160 | ---- | M] () -- E:\Program Files\Garena Plus\libzmq.dll MOD - [2012-07-27 07:59:42 | 000,010,240 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\ClientTcp.dll MOD - [2012-07-27 07:59:28 | 000,061,952 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\UdtLib.dll MOD - [2012-07-27 07:59:23 | 000,163,328 | ---- | M] () -- E:\Program Files\Garena Plus\lib\fs\YYFileSystem.dll MOD - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe MOD - [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2012-06-06 06:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll MOD - [2012-06-02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2012-06-02 05:36:29 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll MOD - [2012-05-21 12:43:10 | 001,274,880 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- E:\Program Files\WapSter\WapSter AQQ\libeay32.dll MOD - [2012-05-21 12:43:10 | 000,330,752 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- E:\Program Files\WapSter\WapSter AQQ\ssleay32.dll MOD - [2012-05-15 03:11:46 | 000,190,976 | ---- | M] (Garena Online Pte Ltd) -- E:\Program Files\Garena Plus\lib\delay_load\GaVoiceGroup.dll MOD - [2012-05-05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2012-04-24 02:19:17 | 000,238,592 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\MediaEngine.dll MOD - [2012-04-21 05:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll MOD - [2012-04-13 04:12:19 | 000,059,392 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\AudioMixerLib.dll MOD - [2012-04-13 04:12:18 | 000,019,968 | ---- | M] () -- E:\Program Files\Garena Plus\ServerMemAlloc.dll MOD - [2012-04-07 12:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll MOD - [2012-03-08 09:56:40 | 000,510,464 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\RSALib.dll MOD - [2012-03-08 09:56:32 | 001,097,216 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- E:\Program Files\Garena Plus\libeay32.dll MOD - [2012-03-03 06:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll MOD - [2012-03-01 06:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll MOD - [2012-02-22 09:52:18 | 000,162,304 | ---- | M] () -- E:\Program Files\Garena Plus\lame_enc.dll MOD - [2012-02-22 09:52:16 | 001,739,264 | ---- | M] (Apache Software Foundation) -- E:\Program Files\Garena Plus\log4cxx.dll MOD - [2012-02-22 09:52:16 | 000,573,100 | ---- | M] () -- E:\Program Files\Garena Plus\sqlite3.dll MOD - [2012-02-22 09:52:16 | 000,197,632 | ---- | M] () -- E:\Program Files\Garena Plus\lib\TaskManagerLib.dll MOD - [2012-02-22 09:52:16 | 000,178,176 | ---- | M] () -- E:\Program Files\Garena Plus\lib\MP3Module.dll MOD - [2012-02-22 09:52:16 | 000,122,136 | ---- | M] () -- E:\Program Files\Garena Plus\ggcode.dll MOD - [2012-02-22 09:52:16 | 000,097,792 | ---- | M] () -- E:\Program Files\Garena Plus\CommonLib.dll MOD - [2012-01-13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2012-01-04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2011-12-16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2011-12-15 07:07:16 | 000,386,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll MOD - [2011-11-17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2011-11-17 06:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2011-06-12 11:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) -- C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL MOD - [2011-06-11 00:58:52 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll MOD - [2011-06-11 00:58:52 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp100.dll MOD - [2011-05-24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2011-05-24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2011-05-18 17:57:22 | 000,413,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll MOD - [2011-05-10 01:41:12 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe MOD - [2011-03-15 07:13:46 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf MOD - [2011-03-11 06:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll MOD - [2011-03-03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2011-01-20 07:15:56 | 008,906,704 | ---- | M] (Microsoft Corporation) -- C:\PROGRA~2\MICROS~4\Office14\1045\GrooveIntlResource.dll MOD - [2010-11-21 04:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2010-11-21 04:25:11 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll MOD - [2010-11-21 04:25:11 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll MOD - [2010-11-21 04:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2010-11-21 04:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2010-11-21 04:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll MOD - [2010-11-21 04:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010-11-21 04:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2010-11-21 04:24:28 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll MOD - [2010-11-21 04:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll MOD - [2010-11-21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2010-11-21 04:24:23 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll MOD - [2010-11-21 04:24:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll MOD - [2010-11-21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2010-11-21 04:24:16 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010-11-21 04:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll MOD - [2010-11-21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2010-11-21 04:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2010-11-21 04:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2010-11-21 04:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2010-11-21 04:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2010-11-21 04:24:15 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Faultrep.dll MOD - [2010-11-21 04:24:14 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msftedit.dll MOD - [2010-11-21 04:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2010-11-21 04:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2010-11-21 04:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll MOD - [2010-11-21 04:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2010-11-21 04:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2010-11-21 04:24:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010-11-21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2010-11-21 04:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2010-11-21 04:24:08 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll MOD - [2010-11-21 04:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll MOD - [2010-11-21 04:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2010-11-21 04:24:08 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2010-11-21 04:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2010-11-21 04:24:03 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll MOD - [2010-11-21 04:24:03 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sqmapi.dll MOD - [2010-11-21 04:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2010-11-21 04:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2010-11-21 04:24:02 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll MOD - [2010-11-21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-11-21 04:24:01 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll MOD - [2010-11-21 04:24:01 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll MOD - [2010-11-21 04:24:01 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll MOD - [2010-11-21 04:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv MOD - [2010-11-21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-11-21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2010-11-21 04:23:55 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll MOD - [2010-11-21 04:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll MOD - [2010-11-21 04:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2010-11-21 04:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll MOD - [2010-11-21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2010-11-21 04:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2010-11-21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2010-11-21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2010-11-21 04:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2010-09-30 21:26:58 | 000,208,896 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH.dll MOD - [2010-06-28 22:06:38 | 000,472,576 | ---- | M] (Krzysztof Grochocki (Beherit)) -- C:\Users\Pacak\WapSter\AQQ Folder\Profiles\Łukasz\Plugins\AQQRestarter.dll MOD - [2010-05-26 10:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DCompiler_43.dll MOD - [2010-05-26 10:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DX9_43.dll MOD - [2010-03-18 12:16:28 | 000,801,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll MOD - [2010-03-18 12:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100_clr0400.dll MOD - [2010-02-28 02:13:36 | 000,049,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL MOD - [2009-12-10 21:01:16 | 000,593,920 | ---- | M] (VOY) -- C:\Users\Pacak\WapSter\AQQ Folder\Profiles\Łukasz\Plugins\Okrety.dll MOD - [2009-07-14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009-07-14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009-07-14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll MOD - [2009-07-14 02:16:18 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\werui.dll MOD - [2009-07-14 02:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\upnphost.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll MOD - [2009-07-14 02:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 02:16:15 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ssdpapi.dll MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll MOD - [2009-07-14 02:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll MOD - [2009-07-14 02:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll MOD - [2009-07-14 02:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PeerDist.dll MOD - [2009-07-14 02:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 02:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll MOD - [2009-07-14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009-07-14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll MOD - [2009-07-14 02:15:50 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp60.dll MOD - [2009-07-14 02:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll MOD - [2009-07-14 02:15:46 | 002,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll MOD - [2009-07-14 02:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msiltcfg.dll MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009-07-14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll MOD - [2009-07-14 02:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll MOD - [2009-07-14 02:15:27 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\idndl.dll MOD - [2009-07-14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll MOD - [2009-07-14 02:15:21 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fltLib.dll MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll MOD - [2009-07-14 02:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll MOD - [2009-07-14 02:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll MOD - [2009-07-14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll MOD - [2009-07-14 02:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 02:14:44 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WerFault.exe MOD - [2009-07-14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll MOD - [2009-07-14 02:10:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll MOD - [2009-07-14 02:09:53 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\security.dll MOD - [2009-07-14 02:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll MOD - [2009-06-19 22:47:52 | 000,293,888 | ---- | M] () -- C:\Users\Pacak\WapSter\AQQ Folder\Profiles\Łukasz\Plugins\SpellChecker.dll MOD - [2009-05-21 21:13:36 | 000,275,768 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe MOD - [2009-05-21 21:13:36 | 000,205,312 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll MOD - [2009-05-21 21:13:36 | 000,150,528 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll MOD - [2009-05-21 21:13:36 | 000,048,128 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc MOD - [2009-05-21 21:03:06 | 000,213,504 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll MOD - [2009-05-21 21:03:06 | 000,049,664 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll MOD - [2009-05-21 20:46:38 | 000,948,224 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc MOD - [2009-05-21 20:46:38 | 000,203,264 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqssm08.dll MOD - [2009-05-21 20:46:38 | 000,012,288 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc MOD - [2009-05-21 20:46:36 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe MOD - [2009-05-21 20:46:36 | 000,485,888 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll MOD - [2009-05-21 20:46:36 | 000,307,712 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll MOD - [2009-05-21 20:46:36 | 000,285,184 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.dll MOD - [2009-05-21 20:46:36 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe MOD - [2009-05-21 20:46:36 | 000,057,856 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSplh08.dll MOD - [2009-05-21 19:09:24 | 000,554,496 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll MOD - [2009-05-21 19:09:24 | 000,338,432 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll MOD - [2009-05-21 19:05:48 | 000,326,144 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll MOD - [2009-05-21 19:05:48 | 000,097,280 | ---- | M] (Hewlett Packard) -- C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbevst.dll MOD - [2009-05-21 18:31:52 | 001,170,944 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll MOD - [2009-05-21 18:31:52 | 000,538,112 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll MOD - [2009-05-21 18:31:52 | 000,292,864 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll MOD - [2009-05-21 18:31:52 | 000,274,432 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll MOD - [2009-05-21 18:31:52 | 000,032,256 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc MOD - [2009-05-21 17:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe MOD - [2009-05-21 17:57:00 | 000,040,960 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll MOD - [2009-05-21 17:57:00 | 000,038,912 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpreh.dll MOD - [2008-12-03 19:05:44 | 000,033,792 | ---- | M] (Hewlett-Packard) -- C:\Windows\SysWOW64\HPZipr12.dll MOD - [2008-06-12 01:38:00 | 000,034,672 | ---- | M] (Adobe Systems Incorporated) -- E:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe MOD - [2008-03-28 14:57:30 | 000,014,848 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysWOW64\P17RunE.dll MOD - [2006-05-03 09:52:12 | 000,110,592 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\GDICtrl3.skc MOD - [2006-03-31 16:26:40 | 000,331,776 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\GDICtrl.skc MOD - [2006-03-31 09:10:08 | 000,151,552 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\GDICtrl2.skc MOD - [2006-03-28 15:21:56 | 000,110,592 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\RtxCtrl.skc MOD - [2006-03-24 08:29:36 | 000,155,648 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTTheme.dll MOD - [2005-10-31 09:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe MOD - [2005-10-25 09:31:14 | 000,077,824 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Creative\Shared Files\mxlib.dll MOD - [2005-10-21 16:57:32 | 000,040,960 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Creative\Shared Files\CtrlSrc.dll MOD - [2005-10-20 13:49:06 | 000,024,660 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.crl MOD - [2005-05-03 12:38:42 | 000,064,512 | ---- | M] () -- C:\Windows\SysWOW64\P17.DLL MOD - [2002-11-22 00:01:00 | 000,053,248 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTIniF.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-11-08 00:37:39 | 002,828,408 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV:[b]64bit:[/b] - [2012-09-28 15:43:40 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:[b]64bit:[/b] - [2012-09-28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2012-09-12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:[b]64bit:[/b] - [2012-09-12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-12-11 20:21:30 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-11-04 22:04:32 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-09-06 02:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-08-07 01:01:33 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2006-12-19 08:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-11-24 16:49:10 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2012-11-24 16:44:36 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2012-09-28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2012-09-28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2012-08-30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:[b]64bit:[/b] - [2012-08-23 15:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2012-08-23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2012-04-09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2) DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-06-10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011-05-13 02:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:[b]64bit:[/b] - [2011-05-13 02:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) DRV:[b]64bit:[/b] - [2011-05-13 02:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:[b]64bit:[/b] - [2011-05-13 02:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-02-18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:[b]64bit:[/b] - [2009-12-22 01:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-05 02:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) DRV:[b]64bit:[/b] - [2008-12-26 11:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) DRV:[b]64bit:[/b] - [2007-02-05 09:49:20 | 001,529,856 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17) DRV:[b]64bit:[/b] - [2005-07-07 09:19:08 | 001,579,008 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\P1764.SYS -- (P1764) DRV:[b]64bit:[/b] - [2005-02-28 04:12:50 | 000,205,824 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTOSS2K.SYS -- (ossrv) DRV:[b]64bit:[/b] - [2005-02-28 04:12:46 | 000,284,160 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTSFM2K.SYS -- (ctsfm2k) DRV - [2010-12-20 13:50:44 | 000,011,888 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\NTIOLib_X64.sys -- (NTIOLib_1_0_5) DRV - [2010-10-22 09:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 4\LU4\NTIOLib_X64.sys -- (NTIOLib_1_0_4) DRV - [2010-04-12 10:36:26 | 000,044,344 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys -- (DualCoreCenter) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009-03-05 21:55:20 | 000,033,080 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\RushJ64.sys -- (RushTopDevice_J) DRV - [2008-12-19 03:17:36 | 000,075,576 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\RushTop64.sys -- (RushTopDevice2) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Pacak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-22 10:43:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: e:\Program Files (x86)\Mozilla Firefox\components [2012-09-10 09:56:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: e:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-22 10:43:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firefox@mozilla.com: C:\Users\Pacak\AppData\Roaming\firefox@mozilla.com [2012-09-17 15:35:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pacak\AppData\Roaming\mozilla\Extensions [2012-08-07 13:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [color=#E56717]========== Chrome ==========[/color] CHR - homepage: [url="http://www.google.com/"]http://www.google.com/[/url] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: [url="http://www.google.com/"]http://www.google.com/[/url] CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = E:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java™ Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Unity Player (Enabled) = C:\Users\Pacak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - Extension: TV = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.11_0\ CHR - Extension: YouTube = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Chrome Updater = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoijihiiolhlopbdlcphkfdobmkfkap\1.1_0\ CHR - Extension: Bowling 3D = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemohgpikgjbgmdfbfjdailocichgbjm\2.0_0\ CHR - Extension: AdBlock = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.51_0\ CHR - Extension: Bubble Shooter-HD = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\ CHR - Extension: Szybka Wyszukiwarka = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneiphgeigocbbbojlnknhmknlnmdjnf\1.3_0\ CHR - Extension: Duck Gravity = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpikpdaalmlcipfphefaajfiofglcma\1.3.0_0\ CHR - Extension: Gmail = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ CHR - Extension: TV = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.11_0\ CHR - Extension: YouTube = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Chrome Updater = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoijihiiolhlopbdlcphkfdobmkfkap\1.1_0\ CHR - Extension: Bowling 3D = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemohgpikgjbgmdfbfjdailocichgbjm\2.0_0\ CHR - Extension: AdBlock = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.51_0\ CHR - Extension: Bubble Shooter-HD = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\ CHR - Extension: Szybka Wyszukiwarka = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneiphgeigocbbbojlnknhmknlnmdjnf\1.3_0\ CHR - Extension: Duck Gravity = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpikpdaalmlcipfphefaajfiofglcma\1.3.0_0\ CHR - Extension: Gmail = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [CTSysVol] C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd) O4 - HKLM..\Run: [DelReg] C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe () O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [NBKeyScan] E:\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [P17Helper] C:\Windows\SysWow64\P17.DLL () O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.) O4 - HKCU..\Run: [AQQ] E:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.) O4 - HKCU..\Run: [Clock Widget (HTC Home)] E:\Program Files (x86)\HTC Home\Clock.exe () O4 - HKCU..\Run: [DAEMON Tools Lite] E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [EADM] E:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) O4 - HKCU..\Run: [GarenaPlus] E:\Program Files\Garena Plus\GarenaMessenger.exe () O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) O4 - Startup: C:\Users\Pacak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WarKey.exe.lnk = C:\Users\Pacak\Desktop\warkey\WarKey.exe (YuLv.Net) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} [url="http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab"]http://ccfiles.creat...13/CTPIDPDE.cab[/url] (Creative Software AutoUpdate Support Package 2) O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} [url="http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab"]http://ccfiles.creat...015/CTSUEng.cab[/url] (Creative Software AutoUpdate 2) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} [url="http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab"]http://ccfiles.creat...10926/CTPID.cab[/url] (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 46.148.166.31 46.148.166.33 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04AE9F5A-D32F-491F-AC6A-7BCBA5FE968B}: DhcpNameServer = 46.148.166.31 46.148.166.33 O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO) O20 - AppInit_DLLs: (c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll) - c:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll () O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-12-15 14:51:24 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Malwarebytes [2012-12-15 14:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-12-15 14:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-12-15 14:51:07 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012-12-15 13:35:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro [2012-12-15 13:35:19 | 000,000,000 | ---D | C] -- C:\rsit [2012-12-15 12:55:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\COMODO [2012-12-13 02:39:43 | 000,000,000 | ---D | C] -- C:\Users\Pacak\.gstreamer-0.10 [2012-12-13 02:39:40 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\ChomikBox [2012-12-13 02:39:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl [2012-12-13 02:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ChomikBox [2012-12-11 11:36:28 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\gothic3 [2012-12-11 11:35:30 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Xfire [2012-12-11 11:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire [2012-12-11 11:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic III [2012-12-10 13:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-12-10 13:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012-12-10 13:19:47 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012-12-07 10:54:17 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoKMS [2012-12-06 20:13:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\Pliki programu Outlook [2012-12-06 20:07:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2012-12-06 20:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2012-12-06 20:05:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2012-12-06 20:05:05 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-12-06 20:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2012-12-06 20:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2012-12-06 19:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2012-12-06 19:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012-12-06 19:53:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2012-12-06 19:52:58 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Microsoft Help [2012-12-06 19:52:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012-12-06 19:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2012-12-06 19:52:33 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012-11-29 16:12:53 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bink and Smacker [2012-11-26 16:03:54 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gothic Multiplayer [2012-11-25 21:36:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery [2012-11-25 18:02:47 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\SKIDROW [2012-11-25 17:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA [2012-11-25 15:13:25 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Chromium [2012-11-25 15:09:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive [2012-11-25 15:09:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Sports Interactive [2012-11-25 15:09:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Sports Interactive [2012-11-25 00:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MoorHunt [2012-11-24 16:49:10 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012-11-24 16:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012-11-20 17:03:36 | 000,000,000 | R--D | C] -- C:\Users\Pacak\Documents\Scanned Documents [2012-11-20 17:03:36 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\Fax [2012-11-04 23:36:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps [2012-11-04 19:43:53 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Publish Providers [2012-11-04 19:39:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [2012-11-04 19:38:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2012-11-04 19:38:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony [2012-11-04 18:54:21 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Sony [2012-11-04 18:48:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Sony [2012-11-02 12:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012-11-02 12:19:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2012-11-02 12:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012-11-02 12:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-10-30 11:58:02 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\MOHW [2012-10-29 15:04:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA [2012-10-29 13:00:57 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\PunkBuster [2012-10-29 13:00:49 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\MOHW_DayOnePatch_PC [2012-10-29 12:43:14 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Origin [2012-10-29 12:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games [2012-10-29 12:42:52 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Origin [2012-10-29 12:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2012-10-29 12:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2012-10-29 12:38:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2012-10-27 20:13:18 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012-10-25 23:16:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-10-23 18:18:36 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Opera [2012-10-23 18:18:36 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Opera [2012-10-23 18:18:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera [2012-10-22 00:48:54 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Garena [2012-10-22 00:48:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Garena [2012-10-21 15:23:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt [2012-10-21 15:14:48 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Nero [2012-10-21 15:08:35 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Ahead [2012-10-21 15:08:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NeroInstall.bak [2012-10-21 15:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8 [2012-10-21 15:03:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2012-10-21 15:03:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero [2012-10-21 14:38:59 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\Alcohol 120% [2012-10-21 14:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft [2012-10-21 14:32:39 | 000,564,824 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys [2012-10-21 14:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager [2012-10-21 14:23:19 | 000,569,344 | ---- | C] (Pegasus Software,LLC) -- C:\Windows\SysWow64\imagr5.dll [2012-10-21 14:23:19 | 000,544,768 | ---- | C] (Pegasus Software, LLC) -- C:\Windows\SysWow64\imagx5.dll [2012-10-21 14:23:19 | 000,283,920 | ---- | C] (Pegasus Software, LLC) -- C:\Windows\SysWow64\ImagXpr5.dll [2012-10-21 14:23:19 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\Windows\SysWow64\NeroCheck.exe [2012-10-21 14:23:19 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\picn20.dll [2012-10-21 13:28:11 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Ahead [2012-10-21 13:26:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead [2012-10-16 16:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2012-10-16 16:30:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-12-15 16:21:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-12-15 16:20:46 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-12-15 16:20:46 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-12-15 16:17:22 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-12-15 16:17:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-12-15 16:17:04 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys [2012-12-15 15:35:03 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-12-12 17:23:36 | 000,045,270 | ---- | M] () -- C:\Users\Pacak\AppData\Roaming\room_v3.dat [2012-12-12 13:21:50 | 000,440,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-12-11 11:32:59 | 000,000,542 | ---- | M] () -- C:\Users\Public\Desktop\Gothic III.lnk [2012-12-10 13:19:51 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012-12-08 13:31:15 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012-12-08 13:31:06 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012-12-06 20:14:12 | 000,446,258 | ---- | M] () -- C:\Windows\AutoKMS.exe [2012-12-02 23:11:22 | 000,000,600 | ---- | M] () -- C:\Users\Pacak\AppData\Roaming\winscp.rnd [2012-12-01 14:07:25 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-12-01 14:07:25 | 000,697,674 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-12-01 14:07:25 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-12-01 14:07:25 | 000,134,784 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-12-01 14:07:25 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-11-25 12:39:19 | 000,008,192 | ---- | M] () -- C:\Windows\d3dx.dat [2012-11-25 10:29:17 | 000,000,935 | ---- | M] () -- C:\Users\Pacak\Desktop\JDownloader.lnk [2012-11-24 16:49:10 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012-11-24 16:44:36 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys [2012-11-13 12:42:35 | 000,000,600 | ---- | M] () -- C:\Users\Pacak\AppData\Local\PUTTY.RND [2012-11-08 00:37:57 | 000,022,736 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys [2012-11-08 00:37:36 | 000,041,240 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll [2012-11-08 00:37:34 | 000,301,264 | ---- | M] (COMODO) -- C:\Windows\SysWow64\guard32.dll [2012-11-08 00:37:31 | 000,390,392 | ---- | M] (COMODO) -- C:\Windows\SysNative\guard64.dll [2012-11-06 22:45:43 | 000,000,213 | ---- | M] () -- C:\Users\Pacak\Desktop\Dota 2.url [2012-11-05 01:49:58 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2012-11-04 23:45:05 | 000,001,488 | ---- | M] () -- C:\Users\Pacak\Desktop\MOH Warfighter.lnk [2012-11-04 23:36:22 | 000,000,543 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk [2012-11-04 19:43:21 | 000,002,448 | ---- | M] () -- C:\Users\Pacak\Documents\Register Vegas Pro.htm [2012-11-04 19:39:19 | 000,000,543 | ---- | M] () -- C:\Users\Pacak\Desktop\Vegas Pro 11.0 (64-bit).lnk [2012-10-28 17:03:39 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012-10-28 02:19:52 | 000,000,904 | ---- | M] () -- C:\Users\Public\Desktop\CWK.lnk [2012-10-25 23:16:59 | 000,002,261 | ---- | M] () -- C:\Users\Pacak\Desktop\Google Chrome.lnk [2012-10-21 15:06:19 | 000,001,439 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk [2012-10-21 15:04:54 | 000,000,026 | ---- | M] () -- C:\Windows\Irremote.ini [2012-10-21 15:04:42 | 000,001,024 | ---- | M] () -- C:\Users\Pacak\.rnd [2012-10-21 14:46:32 | 000,000,124 | ---- | M] () -- C:\Users\Pacak\Documents\ax_files.xml [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-12-11 11:32:59 | 000,000,542 | ---- | C] () -- C:\Users\Public\Desktop\Gothic III.lnk [2012-12-08 13:31:15 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012-12-08 13:31:06 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012-12-06 20:14:11 | 000,446,258 | ---- | C] () -- C:\Windows\AutoKMS.exe [2012-11-25 21:46:21 | 000,000,212 | ---- | C] () -- C:\Users\Pacak\Desktop\Counter-Strike.url [2012-11-25 12:39:19 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat [2012-11-25 10:29:17 | 000,000,935 | ---- | C] () -- C:\Users\Pacak\Desktop\JDownloader.lnk [2012-11-25 10:27:44 | 000,000,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2012-11-25 10:27:44 | 000,000,859 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk [2012-11-25 10:27:44 | 000,000,844 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2012-11-15 21:12:31 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012-11-15 21:02:29 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012-11-06 22:45:43 | 000,000,213 | ---- | C] () -- C:\Users\Pacak\Desktop\Dota 2.url [2012-11-05 01:49:55 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2012-11-04 23:45:06 | 000,001,488 | ---- | C] () -- C:\Users\Pacak\Desktop\MOH Warfighter.lnk [2012-11-04 23:36:22 | 000,000,543 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk [2012-11-04 19:39:19 | 000,000,543 | ---- | C] () -- C:\Users\Pacak\Desktop\Vegas Pro 11.0 (64-bit).lnk [2012-11-04 19:32:41 | 000,002,448 | ---- | C] () -- C:\Users\Pacak\Documents\Register Vegas Pro.htm [2012-10-28 02:19:52 | 000,000,904 | ---- | C] () -- C:\Users\Public\Desktop\CWK.lnk [2012-10-28 02:19:52 | 000,000,904 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CWK.lnk [2012-10-25 23:16:58 | 000,002,261 | ---- | C] () -- C:\Users\Pacak\Desktop\Google Chrome.lnk [2012-10-21 15:06:19 | 000,001,439 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk [2012-10-21 15:04:54 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini [2012-10-21 15:04:41 | 000,001,024 | ---- | C] () -- C:\Users\Pacak\.rnd [2012-10-21 14:46:32 | 000,000,124 | ---- | C] () -- C:\Users\Pacak\Documents\ax_files.xml [2012-10-16 16:30:44 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-10-16 16:30:43 | 000,001,042 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-10-09 00:32:09 | 000,000,600 | ---- | C] () -- C:\Users\Pacak\AppData\Roaming\winscp.rnd [2012-10-08 15:45:43 | 000,000,600 | ---- | C] () -- C:\Users\Pacak\AppData\Local\PUTTY.RND [2012-10-02 22:01:35 | 000,000,087 | ---- | C] () -- C:\Windows\SysWow64\tcfg.ini [2012-08-28 09:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012-08-28 09:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012-08-28 09:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012-08-28 09:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012-08-28 09:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012-08-22 10:37:09 | 000,172,893 | ---- | C] () -- C:\Windows\hpoins45.dat [2012-08-08 23:35:16 | 000,045,270 | ---- | C] () -- C:\Users\Pacak\AppData\Roaming\room_v3.dat [2012-08-08 14:35:46 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012-08-07 12:50:45 | 000,000,039 | R--- | C] () -- C:\Windows\SysWow64\ctzapxx.ini [2012-08-07 12:12:54 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI [2012-08-07 10:58:45 | 001,548,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-08-07 00:36:48 | 000,005,627 | R--- | C] () -- C:\Windows\SysWow64\Ludap17.ini [2012-08-07 00:26:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012-08-07 00:20:35 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll [2012-08-07 00:03:45 | 000,007,610 | ---- | C] () -- C:\Users\Pacak\AppData\Local\resmon.resmoncfg [2012-06-11 17:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012-06-11 17:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012-05-02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2012-09-17 02:13:28 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\.minecraft [2012-09-11 15:57:38 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Altaron [2012-08-12 10:38:22 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Avnex [2012-10-01 15:19:24 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Chrome_updater [2012-12-11 00:32:21 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\DAEMON Tools Lite [2012-10-06 22:23:59 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Dev-Cpp [2012-10-22 00:48:54 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Garena [2012-12-15 16:22:25 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\GarenaPlus [2012-10-01 15:19:49 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\IE [2012-08-27 23:04:13 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\NapiProjekt [2012-11-06 12:35:01 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Notepad++ [2012-09-04 08:00:24 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\OpenOffice.org [2012-10-23 18:27:18 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Opera [2012-12-02 12:41:24 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Origin [2012-11-04 19:43:53 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Publish Providers [2012-10-07 01:59:59 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Remere's Map Editor [2012-09-18 19:54:46 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Samsung [2012-11-04 19:47:25 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Sony [2012-11-25 15:09:19 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Sports Interactive [2012-09-15 12:13:51 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\TuneUp Software [2012-12-06 20:04:43 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\uTorrent [2012-08-07 19:42:59 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\wargaming.net [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2012-12-15 14:42:21 | 000,008,450 | ---- | M] () -- C:\AdwCleaner[S1].txt [2010-11-21 04:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2012-08-07 00:44:17 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-09-19 11:59:47 | 000,000,471 | ---- | M] () -- C:\CustomKeys.txt [2012-12-15 16:17:04 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys [2012-08-07 00:32:27 | 000,034,239 | ---- | M] () -- C:\LU4.log [2012-12-15 16:17:06 | 581,603,327 | -HS- | M] () -- C:\pagefile.sys [2012-08-06 23:59:40 | 000,283,507 | RHS- | M] () -- C:\VLXEM [2012-08-06 23:59:40 | 000,000,020 | RHS- | M] () -- C:\win7.ld [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2012-08-22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys [2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys [2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys [2010-11-21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe < End of report > [/log] extras.txt [log]OTL Extras logfile created on: 2012-12-15 16:22:39 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = E:\Pobieranie\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 8,00 Gb Total Physical Memory | 5,54 Gb Available Physical Memory | 69,22% Memory free 12,54 Gb Paging File | 9,81 Gb Available in Paging File | 78,20% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 34,18 Gb Total Space | 0,96 Gb Free Space | 2,82% Space Free | Partition Type: NTFS Drive D: | 214,84 Gb Total Space | 7,91 Gb Free Space | 3,68% Space Free | Partition Type: NTFS Drive E: | 216,73 Gb Total Space | 1,58 Gb Free Space | 0,73% Space Free | Partition Type: NTFS Computer Name: PACAK-KOMPUTER | User Name: Pacak | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "e:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [ChomikBox.Upload] -- "C:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "e:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [ChomikBox.Upload] -- "C:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== System Restore Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{29309AEE-0F2C-495E-9451-F7991398AF3E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2BA56983-2842-4D0D-9F51-C41167001873}" = rport=139 | protocol=6 | dir=out | app=system | "{38C4F306-D5ED-4502-B2CA-74428E350DC9}" = rport=445 | protocol=6 | dir=out | app=system | "{3A34083D-5771-4144-8079-41CEA5F1E4F4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3B338682-EF0A-4DA5-8045-9432E3329F7E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{41BB03CC-5445-42FE-8809-A876D62B4EF8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{42328219-077F-4C9D-A8FD-592F2162F85E}" = rport=138 | protocol=17 | dir=out | app=system | "{72C6D136-BCFB-41C1-98EF-C9D58F7AE6CD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{96A9BE51-3DC6-48B1-A0B8-195EA7154B75}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{97AA88F4-D542-4633-86F7-326A9A5A4AF1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A0BE9FE9-0E5B-4027-B956-50D86A73F658}" = rport=137 | protocol=17 | dir=out | app=system | "{A78806CB-3808-4A2C-8823-6F3B8CDFE386}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{AC3D08F7-B969-42AA-8CE2-7179A2849F61}" = lport=138 | protocol=17 | dir=in | app=system | "{AE4760FC-DD2E-4E08-82E2-58ABDADC2F98}" = lport=137 | protocol=17 | dir=in | app=system | "{BDD69988-1CCC-46CE-8389-CBD22C9AAFEA}" = lport=445 | protocol=6 | dir=in | app=system | "{BF4CE351-EA66-4B27-AF9C-DF8A2F8F5E6F}" = lport=2869 | protocol=6 | dir=in | app=system | "{C5E33CBE-7DED-4426-BCB9-F197669F03D8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{CE9BFDEA-4A24-411E-AF0D-04CECC37F8E4}" = rport=10243 | protocol=6 | dir=out | app=system | "{CEF865A9-6705-4651-8503-18784E6CF800}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{EB561F1A-4367-4E73-BDC3-B9EDF2569AB7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{EC2964EB-59F1-478A-B2AC-35903361D59F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{ED06E1A1-11DE-4A27-8A1F-F6CB54E59150}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{FC9B9187-5F32-4264-A24C-6E90078262E9}" = lport=10243 | protocol=6 | dir=in | app=system | "{FEBC2933-A44A-4B09-B0E6-32214402A628}" = lport=139 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0423EC2A-9A8A-4988-8D98-3E5257B17074}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{12054CBF-5CCB-48D4-B588-320AF459DC7D}" = protocol=6 | dir=out | app=system | "{1B94FEC8-86C8-4215-8F40-66B99A3C4E66}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{1FAE260E-B693-4793-B30B-DA1A14B61406}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{208AC6B4-8772-4355-8693-96596B314376}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | "{225DF0C0-9421-467E-B5ED-5E1719F2BB73}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | "{2C51743D-D484-4A76-9801-3F22E60C8EBA}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\dota 2 beta\dota.exe | "{331312B6-3CEF-4269-B87D-F8B0A04CEDA0}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | "{3D38605B-5C59-41A1-A277-BC20E9D2C2B9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{3DD5F2A8-430E-4258-9EAB-2AAA6679882C}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{3E16E0FE-E268-4CD4-A726-E6CACFF9F81E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{50B0F323-C17E-492D-9A65-03408E188574}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | "{56B0B1ED-AC4F-4884-9928-87AB5469BEAB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{57DC54DD-E048-4E51-A8ED-2F26095915C0}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\dota 2 beta\dota.exe | "{57FE5CB4-B30F-4AC8-88DA-1ED33CEF2847}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{5810587A-09FF-46B3-855B-5D61B58F8DD8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{58429A97-99B0-4B14-95AE-E236B6DFB941}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5AFFBBAF-7E7D-4C39-BCDA-7DE06CD8F7B5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | "{5D72F189-F15F-4CE2-8223-2527AB910D74}" = protocol=17 | dir=in | app=e:\program files (x86)\utorrent\utorrent.exe | "{60A2F296-5FFF-4353-80F2-96DF9675D4AD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{620C1682-E8E6-4A22-8613-1B6565DCD767}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\pacyna92\counter-strike\hl.exe | "{636604AE-1D74-40E4-B5B3-5BF0643C8AA1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{6526A6AA-0418-4091-B309-E3753748C72D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{67598F38-47A1-4793-BF33-B7A47067F721}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\pacyna92\counter-strike\hl.exe | "{6BF44E0A-7C07-4F90-8E08-821996B76967}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{80BD6E73-EFC6-49E6-B2A0-FFB3BB5565A7}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{8A9BB4E1-D295-4523-9F70-8149BEB695AA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe | "{8B40E5A4-42F5-4945-A63C-48E33A5A5FD5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{8F18CC19-8B26-4037-A0A2-205F9BB5AAF1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{959CE920-38F1-4733-8F91-EACAA10F8AE2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{978B6354-E845-4882-9B06-002677AC2EEA}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe | "{9E9A2293-92A3-4262-A19C-EE353B1C4759}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{A092C341-4D21-4639-975A-39902C33DEC8}" = protocol=6 | dir=in | app=e:\program files (x86)\utorrent\utorrent.exe | "{A1190823-DBE4-43CE-B1B9-493F9B270674}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | "{AD237B66-5BA9-4FA8-A981-362060F296B6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{AEBC8302-EDC7-4FB7-8C44-C6DEE334F841}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | "{AEFC408C-5C98-498F-907F-68F80E15F241}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{B48066DD-A5A8-40DA-B6C1-D392B3204816}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{BB2BDCA6-6B1D-4A6E-B10C-D6AFFC93D3BE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | "{BCA30DF4-D7E4-47A2-A6D7-59C9B1FF2444}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | "{BD00E03D-3EBC-4EF3-9070-292DEEF71D3D}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{BE23DD90-95F4-4645-ACD8-314A76FCBA97}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{C1CC061D-EBB1-425D-80AC-64090F05ECC5}" = protocol=58 | dir=in | app=system | "{C3F212F0-22AC-4129-82D7-D085675526A6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{C78ABFD4-1FAF-4E30-81E1-BA380005CAFB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{D15EDE12-BF9D-4CC7-BD3A-8DC8F4D4C78F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | "{DDA58614-7F77-41BC-9763-357FAA234C15}" = protocol=6 | dir=in | app=e:\program files\steam\steam.exe | "{DF668AD6-3BEA-48AE-ABAC-33448E1BFC71}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe | "{E9048138-5636-4037-8E32-66F21190C125}" = protocol=17 | dir=in | app=e:\program files\steam\steam.exe | "{EA66FF70-D73F-4055-9960-104A9D482876}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{EB1CE2AD-6D3C-4706-A376-9FA19C10507A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | "{EDAB8597-E87C-43F7-AFD3-B649CD05E02B}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{EFDC0306-F6A2-4B11-91F8-C700A46D7FA9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | "{FD5A0102-FFC4-4C3B-85DA-A41D16DCBF0B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | "{FDB4F84E-4B67-4C12-8EB1-DBF731F16B26}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{1A85FA42-221A-45D4-8B0D-549A68D56F32}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{24B9424E-A810-49A9-9979-1C249B34E8A9}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe | "TCP Query User{40062DAC-27A7-47CB-B29B-61B8484DD192}E:\program files\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=e:\program files\garena plus\room\garena_room.exe | "TCP Query User{6B78D153-E6E3-44F2-97F7-F36932EEB9C3}D:\gry\warcraft iii roh & tft\war3.exe" = protocol=6 | dir=in | app=d:\gry\warcraft iii roh & tft\war3.exe | "TCP Query User{ADA287E0-8D4F-466D-8244-28A2E76F25D0}E:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=e:\program files (x86)\sopcast\sopcast.exe | "UDP Query User{31EAB29F-0634-48D5-87D3-1C9D653D83BA}D:\gry\warcraft iii roh & tft\war3.exe" = protocol=17 | dir=in | app=d:\gry\warcraft iii roh & tft\war3.exe | "UDP Query User{41DD6DF5-3CC7-43A1-9A81-C93A60C81EB0}E:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=e:\program files (x86)\sopcast\sopcast.exe | "UDP Query User{86C623EB-6EF7-48C8-8E47-CB37AABBEA22}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "UDP Query User{C0F4E9F6-F166-4DC9-939E-789832164EC6}E:\program files\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=e:\program files\garena plus\room\garena_room.exe | "UDP Query User{DD502F8E-F39F-4DE6-8F98-685D1CDCEAA4}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{042B10AA-8233-A9E0-4DEB-B7253C686DBB}" = AMD Fuel "{0DCAB5DD-CC69-271A-CF03-F2BD6B60BD8A}" = AMD Media Foundation Decoders "{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit) "{35B226DA-E3F6-21FD-31AB-0046C6E87043}" = ATI Problem Report Wizard "{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}" = AMD Catalyst Install Manager "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{504184A2-1B0E-5D93-603A-517E93E7EDB3}" = AMD Accelerated Video Transcoding "{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer "{57580625-C673-7FEA-8791-E84B7AAF5069}" = ccc-utility64 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{653D48F0-098C-45C1-8267-86EA7B9D0EDB}" = ActivePerl 5.16.1 Build 1601 (64-bit) "{698EDD46-FC0B-926F-54DF-23B6BB20EDFC}" = AMD Drag and Drop Transcoding "{8AAA8780-1D35-11E2-A3A6-F04DA23A5C58}" = MSVCRT Redists "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2010 "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{B45B5123-C009-F8B4-FE93-45B42C8A786F}" = ATI AVIVO64 Codecs "{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client "{CF411A4F-5ED9-11E1-B971-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit) "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D4761C4F-5ED9-11E1-9202-F04DA23A5C58}" = MSVCRT Redists "{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DB982BEA-E9FF-4C61-9058-57FFDA5076D1}" = HP Deskjet Ink Advant K209a-z All-in-One Driver Software 13.0 Rel .6 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Print Projects" = HP Print Projects 1.0 "HP Smart Web Printing" = HP Smart Web Printing 4.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft Security Client" = Microsoft Security Essentials "Shop for HP Supplies" = Shop for HP Supplies "WinRAR archiver" = Archiwizator WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III "{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{0F7A6FD0-87F5-FB5D-973C-CF604DE1BC6B}" = CCC Help Polish "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{1A9BE3D6-4D53-2C9D-B77D-562D85936B91}" = CCC Help Norwegian "{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{210DFA65-F805-1A2B-4F83-8E27279AE385}" = Catalyst Control Center Graphics Previews Common "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{26050F54-3928-4D9C-849A-C48A9E831E6F}" = ChomikBox "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9 "{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth "{29822CAD-C76A-0BEE-55F5-AAA524DA814F}" = CCC Help Greek "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{3A1293DF-7D09-BB0F-9576-EC47EE4A9362}" = CCC Help Italian "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{47416F0B-6589-591E-C6F8-4235D2230B14}" = Catalyst Control Center InstallProxy "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{625FC7D1-656D-1BEC-F86F-3EACAFDAA8FE}" = CCC Help English "{6372F44B-392B-4FD8-AF1E-E185283F6528}" = DJ_AIO_06_K209a-z_SW_Min "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7351EEF8-9D6C-5F46-5A19-F2C7456CE132}" = CCC Help German "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{7F172E34-4107-8964-6AEA-5051FFD265FF}" = CCC Help Portuguese "{86095E92-1959-8364-920E-82E81F64F8FB}" = AMD VISION Engine Control Center "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7 "{89D05F35-933A-89C0-B935-C92BEE4229BD}" = CCC Help French "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0015-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0016-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0018-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-0019-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001A-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001B-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0415-1000-0000000FF1CE}_Office14.PROPLUS_{0844B6E1-0A6F-4D81-8BCF-48F883F521FE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-0044-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-006E-0415-0000-0000000FF1CE}_Office14.PROPLUS_{6AF8887A-72F7-4FA0-ABE4-396172B64550}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00A1-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{90140000-00BA-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{959E4378-CCA1-E4E4-2425-793DA92E8D95}" = CCC Help Czech "{96BB3C67-4EB4-9757-E0C2-C0D2FE9053B1}" = CCC Help Turkish "{974F4B73-2017-E174-9070-3F58F01B341F}" = CCC Help Danish "{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver "{98E20A18-3C29-86FA-50B4-918C2B34A082}" = CCC Help Hungarian "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9CBEAEF3-C6BA-4F0F-8DC2-03B12BC8CF2F}" = Remere's Map Editor "{9E2E5EB3-DC6E-9277-E9DB-13175E7DDA39}" = CCC Help Dutch "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAACC0A5-4382-04D0-C75E-0669C7B949B6}" = CCC Help Japanese "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{ACEF4078-9B86-2455-E18D-34D52D37D9D5}" = CCC Help Chinese Standard "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status "{B55FB422-B803-11F5-5582-B3666EA1B9AC}" = Catalyst Control Center Localization All "{B8010864-15F8-613B-20EF-AC35B14B3E0D}" = CCC Help Russian "{B80BE2E3-EA77-53D4-7A56-C53D452E6D50}" = HydraVision "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5 "{C1342411-5A98-DE8A-5629-D0C518E1C280}" = CCC Help Finnish "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{D08B4177-5160-6B66-8934-2F9012134D61}" = CCC Help Thai "{D34A6029-FB1A-9EA8-A938-5393F82A3A00}" = CCC Help Korean "{D6D5CB84-0E6E-4E69-B300-C690B6911045}" = Nero 8 "{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = OSCAR Editor "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding "{E3A09D13-4D40-3CF8-7D32-8BD55F8D1533}" = CCC Help Spanish "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{EE51AA68-7BF9-4FB3-9BB4-57CCD2C7EFFA}" = K209a-z "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F2C35491-9323-3AE7-6023-6B4128045153}" = CCC Help Swedish "{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy "{FC66A32F-1A57-AC5C-4F12-DAC2F4CB77A0}" = CCC Help Chinese Traditional "5513-1208-7298-9440" = JDownloader 0.9 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "AQQ" = WapSter AQQ "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Creative Software AutoUpdate" = Creative Software AutoUpdate "CWK" = CWK (Czasowy Wyłącznik Komputera) "DAEMON Tools Lite" = DAEMON Tools Lite "Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2) "Fraps" = Fraps (remove only) "Google Chrome" = Google Chrome "HTC Home Apis" = HTC Home Apis "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = Anti-Vibrate Oscar Editor "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 9.1.0 (Full) "Liveupdate4_is1" = Liveupdate4 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.65.1.1000 "MoorHunt_is1" = MoorHunt 0.6.7.2 "Mozilla Firefox 15.0.1 (x86 pl)" = Mozilla Firefox 15.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NapiProjekt_is1" = NapiProjekt (2.0.0.2151) "Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM "Notepad++" = Notepad++ "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "Origin" = Origin "OverclockingCenter_is1" = OverclockingCenter "RADVideo" = RAD Video Tools "SopCast" = SopCast 3.5.0 "Steam App 10" = Counter-Strike "Steam App 570" = Dota 2 "Tibia Auto" = NSIS Example2 "TrayEverything" = TrayEverything "uTorrent" = µTorrent "Xfire" = Xfire (remove only) [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-12-15 06:59:13 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-12-15 09:33:26 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-12-15 09:42:03 | Computer Name = Pacak-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: NMIndexStoreSvr.exe, wersja: 3.3.3.0, sygnatura czasowa: 0x47c6bd1b Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x03030303 Identyfikator procesu powodującego błąd: 0x1f0 Godzina uruchomienia aplikacji powodującej błąd: 0x01cddac9eb4e63d2 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 34a3ec47-46bd-11e2-82f2-6c626ddb478d Error - 2012-12-15 09:42:42 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-12-15 09:43:49 | Computer Name = Pacak-Komputer | Source = .NET Runtime | ID = 1026 Description = Error - 2012-12-15 09:43:56 | Computer Name = Pacak-Komputer | Source = Windows Search Service | ID = 3084 Description = Error - 2012-12-15 09:46:23 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-12-15 11:18:02 | Computer Name = Pacak-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: NMIndexStoreSvr.exe, wersja: 3.3.3.0, sygnatura czasowa: 0x47c6bd1b Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x03030202 Identyfikator procesu powodującego błąd: 0xdec Godzina uruchomienia aplikacji powodującej błąd: 0x01cddad7574234e5 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 9d9b77ef-46ca-11e2-9746-6c626ddb478d Error - 2012-12-15 11:18:58 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-12-15 11:24:52 | Computer Name = Pacak-Komputer | Source = Application Hang | ID = 1002 Description = Program AQQ.exe w wersji 2.4.3.12 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: de4 Godzina rozpoczęcia: 01cddad757364e04 Godzina zakończenia: 6 Ścieżka aplikacji: E:\Program Files\WapSter\WapSter AQQ\AQQ.exe Identyfikator raportu: 1727f3b9-46cb-11e2-9746-6c626ddb478d [ System Events ] Error - 2012-12-15 08:01:41 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 8. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-12-15 08:02:15 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 9. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-12-15 08:04:35 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 10. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-12-15 08:05:08 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 11. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-12-15 08:06:10 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 12. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-12-15 09:28:18 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 13. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-12-15 09:31:59 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: CFRMD Error - 2012-12-15 09:40:59 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: CFRMD Error - 2012-12-15 09:44:41 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: CFRMD Error - 2012-12-15 11:14:28 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7034 Description = Usługa Nero BackItUp Scheduler 3 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report > [/log]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.