x-kom hosting

dziwny mngr.exe + strony w przeglądarce i konsola długo się otwierają

pacyna
utworzono
utworzono

[color=#2C2C2C][font=tahoma, helvetica, arial, sans-serif][size=3]Witam, od pewnego czasu borykam się z pewnymi problemami. Otóż parę dni temu zauważyłem w procesach dziwny proces o nazwie mngr.exe. Gdy próbowałem go zakończyć on natychmiast się znów uruchamiał i w comodo wykrywało mi go jako wirusa, jednak comodo nie dało rady go usunąć. Później co chwila go wykrywało jako wirus i musiałem dodać ten plik do zaufanych plików, bo co 10 sekund wyskakiwał z comodo komunikat. Próbowałem go też wykryć programem SPYBOT jednak bezskutecznie. Jednak to nie wszystko, od jakiegoś czasu mam problem z przeglądarką chrome(z innymi chyba też jest ten problem), a mianowicie po jakimś czasie użytkowania komputera strony w przeglądarce uruchamiają się bardzo długo (i to nie jest wina internetu, bo to występuje tylko wtedy gdy uruchomię nową zakładkę), nawet gdy otworzę nową zakładkę z ustawieniami chrome to te ustawiania wczytują się jakieś 10 sec!! Zauważyłem przez przypadek, że gdy mam już ten problem z przeglądarką to konsola również tak "muli" poprzez długie wczytywanie... Jest to dosyć dziwne dlatego prosiłbym o waszą pomoc. [/size][/font][/color]
[color=#2C2C2C][font=tahoma, helvetica, arial, sans-serif][size=3]Logi:[/size][/font][/color]

[color=#2C2C2C][font=tahoma, helvetica, arial, sans-serif][size=3]OTL:[/size][/font][/color]

[color=#2C2C2C][font=tahoma, helvetica, arial, sans-serif][size=3][log][/size][/font][/color]OTL Extras logfile created on: 2012-12-15 13:32:47 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Pobieranie\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

8,00 Gb Total Physical Memory | 5,08 Gb Available Physical Memory | 63,48% Memory free
12,47 Gb Paging File | 9,12 Gb Available in Paging File | 73,12% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 34,18 Gb Total Space | 0,85 Gb Free Space | 2,49% Space Free | Partition Type: NTFS
Drive D: | 214,84 Gb Total Space | 1,38 Gb Free Space | 0,64% Space Free | Partition Type: NTFS
Drive E: | 216,73 Gb Total Space | 1,54 Gb Free Space | 0,71% Space Free | Partition Type: NTFS
Drive G: | 647,99 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 3,30 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: PACAK-KOMPUTER | User Name: Pacak | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "e:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [ChomikBox.Upload] -- "C:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( )
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "e:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [ChomikBox.Upload] -- "C:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( )
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== System Restore Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{29309AEE-0F2C-495E-9451-F7991398AF3E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2BA56983-2842-4D0D-9F51-C41167001873}" = rport=139 | protocol=6 | dir=out | app=system |
"{38C4F306-D5ED-4502-B2CA-74428E350DC9}" = rport=445 | protocol=6 | dir=out | app=system |
"{3A34083D-5771-4144-8079-41CEA5F1E4F4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3B338682-EF0A-4DA5-8045-9432E3329F7E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{41BB03CC-5445-42FE-8809-A876D62B4EF8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{42328219-077F-4C9D-A8FD-592F2162F85E}" = rport=138 | protocol=17 | dir=out | app=system |
"{72C6D136-BCFB-41C1-98EF-C9D58F7AE6CD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{96A9BE51-3DC6-48B1-A0B8-195EA7154B75}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{97AA88F4-D542-4633-86F7-326A9A5A4AF1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A0BE9FE9-0E5B-4027-B956-50D86A73F658}" = rport=137 | protocol=17 | dir=out | app=system |
"{A78806CB-3808-4A2C-8823-6F3B8CDFE386}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AC3D08F7-B969-42AA-8CE2-7179A2849F61}" = lport=138 | protocol=17 | dir=in | app=system |
"{AE4760FC-DD2E-4E08-82E2-58ABDADC2F98}" = lport=137 | protocol=17 | dir=in | app=system |
"{BDD69988-1CCC-46CE-8389-CBD22C9AAFEA}" = lport=445 | protocol=6 | dir=in | app=system |
"{BF4CE351-EA66-4B27-AF9C-DF8A2F8F5E6F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C5E33CBE-7DED-4426-BCB9-F197669F03D8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{CE9BFDEA-4A24-411E-AF0D-04CECC37F8E4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CEF865A9-6705-4651-8503-18784E6CF800}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EB561F1A-4367-4E73-BDC3-B9EDF2569AB7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EC2964EB-59F1-478A-B2AC-35903361D59F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ED06E1A1-11DE-4A27-8A1F-F6CB54E59150}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FC9B9187-5F32-4264-A24C-6E90078262E9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FEBC2933-A44A-4B09-B0E6-32214402A628}" = lport=139 | protocol=6 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0423EC2A-9A8A-4988-8D98-3E5257B17074}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{12054CBF-5CCB-48D4-B588-320AF459DC7D}" = protocol=6 | dir=out | app=system |
"{1B94FEC8-86C8-4215-8F40-66B99A3C4E66}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{1FAE260E-B693-4793-B30B-DA1A14B61406}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{208AC6B4-8772-4355-8693-96596B314376}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{225DF0C0-9421-467E-B5ED-5E1719F2BB73}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{2C51743D-D484-4A76-9801-3F22E60C8EBA}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{331312B6-3CEF-4269-B87D-F8B0A04CEDA0}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{3D38605B-5C59-41A1-A277-BC20E9D2C2B9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{3E16E0FE-E268-4CD4-A726-E6CACFF9F81E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{50B0F323-C17E-492D-9A65-03408E188574}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{56B0B1ED-AC4F-4884-9928-87AB5469BEAB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{57DC54DD-E048-4E51-A8ED-2F26095915C0}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{57FE5CB4-B30F-4AC8-88DA-1ED33CEF2847}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{5810587A-09FF-46B3-855B-5D61B58F8DD8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{58429A97-99B0-4B14-95AE-E236B6DFB941}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5AFFBBAF-7E7D-4C39-BCDA-7DE06CD8F7B5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{5D72F189-F15F-4CE2-8223-2527AB910D74}" = protocol=17 | dir=in | app=e:\program files (x86)\utorrent\utorrent.exe |
"{60A2F296-5FFF-4353-80F2-96DF9675D4AD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{620C1682-E8E6-4A22-8613-1B6565DCD767}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\pacyna92\counter-strike\hl.exe |
"{636604AE-1D74-40E4-B5B3-5BF0643C8AA1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6526A6AA-0418-4091-B309-E3753748C72D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{67598F38-47A1-4793-BF33-B7A47067F721}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\pacyna92\counter-strike\hl.exe |
"{6BF44E0A-7C07-4F90-8E08-821996B76967}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{80BD6E73-EFC6-49E6-B2A0-FFB3BB5565A7}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{8A9BB4E1-D295-4523-9F70-8149BEB695AA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{8B40E5A4-42F5-4945-A63C-48E33A5A5FD5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8F18CC19-8B26-4037-A0A2-205F9BB5AAF1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{959CE920-38F1-4733-8F91-EACAA10F8AE2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{978B6354-E845-4882-9B06-002677AC2EEA}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{9E9A2293-92A3-4262-A19C-EE353B1C4759}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A092C341-4D21-4639-975A-39902C33DEC8}" = protocol=6 | dir=in | app=e:\program files (x86)\utorrent\utorrent.exe |
"{A09F7E46-C841-4ED6-8E08-DC73FD663533}" = protocol=58 | dir=in | app=system |
"{A1190823-DBE4-43CE-B1B9-493F9B270674}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{AD237B66-5BA9-4FA8-A981-362060F296B6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AEBC8302-EDC7-4FB7-8C44-C6DEE334F841}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{AEFC408C-5C98-498F-907F-68F80E15F241}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B48066DD-A5A8-40DA-B6C1-D392B3204816}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BB2BDCA6-6B1D-4A6E-B10C-D6AFFC93D3BE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{BCA30DF4-D7E4-47A2-A6D7-59C9B1FF2444}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{BD00E03D-3EBC-4EF3-9070-292DEEF71D3D}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{BE23DD90-95F4-4645-ACD8-314A76FCBA97}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C3F212F0-22AC-4129-82D7-D085675526A6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C78ABFD4-1FAF-4E30-81E1-BA380005CAFB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{D15EDE12-BF9D-4CC7-BD3A-8DC8F4D4C78F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{DDA58614-7F77-41BC-9763-357FAA234C15}" = protocol=6 | dir=in | app=e:\program files\steam\steam.exe |
"{DF668AD6-3BEA-48AE-ABAC-33448E1BFC71}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{E3C4CD6A-23B8-449E-AD82-56159759C11B}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{E9048138-5636-4037-8E32-66F21190C125}" = protocol=17 | dir=in | app=e:\program files\steam\steam.exe |
"{EA66FF70-D73F-4055-9960-104A9D482876}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EB1CE2AD-6D3C-4706-A376-9FA19C10507A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{EDAB8597-E87C-43F7-AFD3-B649CD05E02B}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{EFDC0306-F6A2-4B11-91F8-C700A46D7FA9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{FD5A0102-FFC4-4C3B-85DA-A41D16DCBF0B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{FDB4F84E-4B67-4C12-8EB1-DBF731F16B26}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{1A85FA42-221A-45D4-8B0D-549A68D56F32}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{24B9424E-A810-49A9-9979-1C249B34E8A9}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{40062DAC-27A7-47CB-B29B-61B8484DD192}E:\program files\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=e:\program files\garena plus\room\garena_room.exe |
"TCP Query User{6B78D153-E6E3-44F2-97F7-F36932EEB9C3}D:\gry\warcraft iii roh & tft\war3.exe" = protocol=6 | dir=in | app=d:\gry\warcraft iii roh & tft\war3.exe |
"TCP Query User{ADA287E0-8D4F-466D-8244-28A2E76F25D0}E:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=e:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{31EAB29F-0634-48D5-87D3-1C9D653D83BA}D:\gry\warcraft iii roh & tft\war3.exe" = protocol=17 | dir=in | app=d:\gry\warcraft iii roh & tft\war3.exe |
"UDP Query User{41DD6DF5-3CC7-43A1-9A81-C93A60C81EB0}E:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=e:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{86C623EB-6EF7-48C8-8E47-CB37AABBEA22}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{C0F4E9F6-F166-4DC9-939E-789832164EC6}E:\program files\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=e:\program files\garena plus\room\garena_room.exe |
"UDP Query User{DD502F8E-F39F-4DE6-8F98-685D1CDCEAA4}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{042B10AA-8233-A9E0-4DEB-B7253C686DBB}" = AMD Fuel
"{0DCAB5DD-CC69-271A-CF03-F2BD6B60BD8A}" = AMD Media Foundation Decoders
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{35B226DA-E3F6-21FD-31AB-0046C6E87043}" = ATI Problem Report Wizard
"{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{504184A2-1B0E-5D93-603A-517E93E7EDB3}" = AMD Accelerated Video Transcoding
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{57580625-C673-7FEA-8791-E84B7AAF5069}" = ccc-utility64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{653D48F0-098C-45C1-8267-86EA7B9D0EDB}" = ActivePerl 5.16.1 Build 1601 (64-bit)
"{698EDD46-FC0B-926F-54DF-23B6BB20EDFC}" = AMD Drag and Drop Transcoding
"{8AAA8780-1D35-11E2-A3A6-F04DA23A5C58}" = MSVCRT Redists
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2010
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{B45B5123-C009-F8B4-FE93-45B42C8A786F}" = ATI AVIVO64 Codecs
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{CF411A4F-5ED9-11E1-B971-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4761C4F-5ED9-11E1-9202-F04DA23A5C58}" = MSVCRT Redists
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DB982BEA-E9FF-4C61-9058-57FFDA5076D1}" = HP Deskjet Ink Advant K209a-z All-in-One Driver Software 13.0 Rel .6
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = Archiwizator WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F7A6FD0-87F5-FB5D-973C-CF604DE1BC6B}" = CCC Help Polish
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1A9BE3D6-4D53-2C9D-B77D-562D85936B91}" = CCC Help Norwegian
"{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{210DFA65-F805-1A2B-4F83-8E27279AE385}" = Catalyst Control Center Graphics Previews Common
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{26050F54-3928-4D9C-849A-C48A9E831E6F}" = ChomikBox
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{29822CAD-C76A-0BEE-55F5-AAA524DA814F}" = CCC Help Greek
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3A1293DF-7D09-BB0F-9576-EC47EE4A9362}" = CCC Help Italian
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{47416F0B-6589-591E-C6F8-4235D2230B14}" = Catalyst Control Center InstallProxy
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{625FC7D1-656D-1BEC-F86F-3EACAFDAA8FE}" = CCC Help English
"{6372F44B-392B-4FD8-AF1E-E185283F6528}" = DJ_AIO_06_K209a-z_SW_Min
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7351EEF8-9D6C-5F46-5A19-F2C7456CE132}" = CCC Help German
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7F172E34-4107-8964-6AEA-5051FFD265FF}" = CCC Help Portuguese
"{86095E92-1959-8364-920E-82E81F64F8FB}" = AMD VISION Engine Control Center
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89D05F35-933A-89C0-B935-C92BEE4229BD}" = CCC Help French
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0015-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0016-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0018-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-0019-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001A-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001B-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0415-1000-0000000FF1CE}_Office14.PROPLUS_{0844B6E1-0A6F-4D81-8BCF-48F883F521FE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-0044-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-006E-0415-0000-0000000FF1CE}_Office14.PROPLUS_{6AF8887A-72F7-4FA0-ABE4-396172B64550}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00A1-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{90140000-00BA-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{959E4378-CCA1-E4E4-2425-793DA92E8D95}" = CCC Help Czech
"{96BB3C67-4EB4-9757-E0C2-C0D2FE9053B1}" = CCC Help Turkish
"{974F4B73-2017-E174-9070-3F58F01B341F}" = CCC Help Danish
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{98E20A18-3C29-86FA-50B4-918C2B34A082}" = CCC Help Hungarian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CBEAEF3-C6BA-4F0F-8DC2-03B12BC8CF2F}" = Remere's Map Editor
"{9E2E5EB3-DC6E-9277-E9DB-13175E7DDA39}" = CCC Help Dutch
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAACC0A5-4382-04D0-C75E-0669C7B949B6}" = CCC Help Japanese
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{ACEF4078-9B86-2455-E18D-34D52D37D9D5}" = CCC Help Chinese Standard
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B55FB422-B803-11F5-5582-B3666EA1B9AC}" = Catalyst Control Center Localization All
"{B8010864-15F8-613B-20EF-AC35B14B3E0D}" = CCC Help Russian
"{B80BE2E3-EA77-53D4-7A56-C53D452E6D50}" = HydraVision
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C1342411-5A98-DE8A-5629-D0C518E1C280}" = CCC Help Finnish
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D08B4177-5160-6B66-8934-2F9012134D61}" = CCC Help Thai
"{D34A6029-FB1A-9EA8-A938-5393F82A3A00}" = CCC Help Korean
"{D6D5CB84-0E6E-4E69-B300-C690B6911045}" = Nero 8
"{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = OSCAR Editor
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E21161DD-05A2-42ED-A0EC-9C1393F51A64}" = GeekBuddy
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3A09D13-4D40-3CF8-7D32-8BD55F8D1533}" = CCC Help Spanish
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EE51AA68-7BF9-4FB3-9BB4-57CCD2C7EFFA}" = K209a-z
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2C35491-9323-3AE7-6023-6B4128045153}" = CCC Help Swedish
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FC66A32F-1A57-AC5C-4F12-DAC2F4CB77A0}" = CCC Help Chinese Traditional
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AQQ" = WapSter AQQ
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"CWK" = CWK (Czasowy Wyłącznik Komputera)
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"HTC Home Apis" = HTC Home Apis
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = Anti-Vibrate Oscar Editor
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.1.0 (Full)
"Liveupdate4_is1" = Liveupdate4
"MoorHunt_is1" = MoorHunt 0.6.7.2
"Mozilla Firefox 15.0.1 (x86 pl)" = Mozilla Firefox 15.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt (2.0.0.2151)
"Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM
"Notepad++" = Notepad++
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Origin" = Origin
"OverclockingCenter_is1" = OverclockingCenter
"RADVideo" = RAD Video Tools
"SopCast" = SopCast 3.5.0
"Steam App 10" = Counter-Strike
"Steam App 570" = Dota 2
"Tibia Auto" = NSIS Example2
"TrayEverything" = TrayEverything
"uTorrent" = µTorrent
"Xfire" = Xfire (remove only)

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-12-12 08:54:19 | Computer Name = Pacak-Komputer | Source = SideBySide | ID = 16842815
Description = Nie można wygenerować kontekstu aktywacji dla "e:\program files\WapSter\wapster
aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "e:\program
files\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu
"language" elementu "assemblyIdentity" jest nieprawidłowa.

Error - 2012-12-13 06:18:03 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2012-12-14 07:33:04 | Computer Name = Pacak-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: NMIndexStoreSvr.exe, wersja: 3.3.3.0,
sygnatura czasowa: 0x47c6bd1b Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0,
sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x17271727
Identyfikator
procesu powodującego błąd: 0xf4c Godzina uruchomienia aplikacji powodującej błąd:
0x01cdd9eea6e9c1fb Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Common
Files\Nero\Lib\NMIndexStoreSvr.exe Ścieżka modułu powodującego błąd: unknown Identyfikator
raportu: 0566a4fb-45e2-11e2-adb9-6c626ddb478d

Error - 2012-12-14 07:33:26 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2012-12-14 09:55:52 | Computer Name = Pacak-Komputer | Source = SideBySide | ID = 16842832
Description = Nie można wygenerować kontekstu aktywacji dla „E:\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja
składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która
jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Składnik
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 2012-12-14 09:55:55 | Computer Name = Pacak-Komputer | Source = SideBySide | ID = 16842832
Description = Nie można wygenerować kontekstu aktywacji dla „E:\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu
. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika,
która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Składnik
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 2012-12-14 09:55:55 | Computer Name = Pacak-Komputer | Source = SideBySide | ID = 16842832
Description = Nie można wygenerować kontekstu aktywacji dla „E:\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu
. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika,
która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Składnik
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 2012-12-14 09:57:38 | Computer Name = Pacak-Komputer | Source = SideBySide | ID = 16842815
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku
zasad "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll"
w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa.

Error - 2012-12-14 09:57:40 | Computer Name = Pacak-Komputer | Source = SideBySide | ID = 16842815
Description = Nie można wygenerować kontekstu aktywacji dla "e:\program files\WapSter\wapster
aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "e:\program
files\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu
"language" elementu "assemblyIdentity" jest nieprawidłowa.

Error - 2012-12-15 06:59:13 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2012-12-15 07:52:53 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 3. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2012-12-15 07:55:39 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 4. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2012-12-15 07:56:15 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 5. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2012-12-15 07:56:48 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 6. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2012-12-15 07:57:25 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 7. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2012-12-15 08:01:41 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 8. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2012-12-15 08:02:15 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 9. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2012-12-15 08:04:35 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 10. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2012-12-15 08:05:08 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 11. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2012-12-15 08:06:10 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 12. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.


< End of report >
[/log]
[log]OTL logfile created on: 2012-12-15 13:32:47 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Pobieranie\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

8,00 Gb Total Physical Memory | 5,08 Gb Available Physical Memory | 63,48% Memory free
12,47 Gb Paging File | 9,12 Gb Available in Paging File | 73,12% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 34,18 Gb Total Space | 0,85 Gb Free Space | 2,49% Space Free | Partition Type: NTFS
Drive D: | 214,84 Gb Total Space | 1,38 Gb Free Space | 0,64% Space Free | Partition Type: NTFS
Drive E: | 216,73 Gb Total Space | 1,54 Gb Free Space | 0,71% Space Free | Partition Type: NTFS
Drive G: | 647,99 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 3,30 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: PACAK-KOMPUTER | User Name: Pacak | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-12-15 13:07:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Pobieranie\Downloads\OTL.exe
PRC - [2012-12-06 20:14:12 | 000,446,258 | ---- | M] () -- C:\Windows\AutoKMS.exe
PRC - [2012-12-05 18:10:34 | 002,403,352 | ---- | M] () -- C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe
PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-11-30 14:52:40 | 009,063,800 | ---- | M] () -- E:\Program Files\Garena Plus\GarenaMessenger.exe
PRC - [2012-11-09 11:27:12 | 017,877,168 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
PRC - [2012-11-01 08:52:54 | 000,875,728 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\COMODO\GeekBuddy\unit_manager.exe
PRC - [2012-11-01 08:52:52 | 000,877,264 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\COMODO\GeekBuddy\unit.exe
PRC - [2012-11-01 08:52:52 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
PRC - [2012-10-31 15:46:38 | 001,467,088 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
PRC - [2012-10-16 16:30:38 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012-08-31 08:52:22 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012-08-31 08:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012-08-31 08:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2011-05-10 01:41:12 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
PRC - [2010-11-21 04:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2010-11-21 04:23:51 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe
PRC - [2010-09-30 21:26:54 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe
PRC - [2009-05-21 21:13:36 | 000,275,768 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2009-05-21 20:46:36 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2009-05-21 20:46:36 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
PRC - [2009-05-21 17:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-02-28 16:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008-02-28 16:07:48 | 000,529,704 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
PRC - [2008-02-18 15:29:12 | 000,877,864 | ---- | M] (Nero AG) -- E:\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2006-12-19 08:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe
PRC - [2005-10-31 09:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
PRC - [2001-01-13 01:15:44 | 000,054,272 | ---- | M] () -- C:\ProgramData\AutoKMS\Resources\MSGBox\Messagebox.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-12-15 13:07:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Pobieranie\Downloads\OTL.exe
MOD - [2012-12-12 13:06:31 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2012-12-12 13:06:31 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2012-12-11 20:21:29 | 014,460,856 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_135.ocx
MOD - [2012-12-08 13:31:18 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2012-12-07 10:57:28 | 000,070,144 | ---- | M] () -- C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll
MOD - [2012-12-05 18:10:34 | 002,403,352 | ---- | M] () -- C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe
MOD - [2012-12-05 18:09:41 | 002,148,376 | ---- | M] () -- c:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll
MOD - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012-12-05 02:14:29 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
MOD - [2012-12-05 02:14:28 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libegl.dll
MOD - [2012-12-05 02:14:27 | 009,963,112 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\icudt.dll
MOD - [2012-12-05 02:14:23 | 041,743,976 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\chrome.dll
MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
MOD - [2012-11-30 14:52:40 | 009,063,800 | ---- | M] () -- E:\Program Files\Garena Plus\GarenaMessenger.exe
MOD - [2012-11-30 12:53:12 | 000,021,504 | ---- | M] () -- E:\Program Files\Garena Plus\VersionModule.dll
MOD - [2012-11-30 12:43:49 | 000,287,232 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\DailyTaskPlugin.dll
MOD - [2012-11-30 12:43:39 | 000,345,600 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\GarenaTalkPlugin.dll
MOD - [2012-11-30 12:40:07 | 000,480,768 | ---- | M] () -- E:\Program Files\Garena Plus\CxImage.dll
MOD - [2012-11-29 12:42:20 | 000,313,344 | ---- | M] () -- E:\Program Files\Garena Plus\lib\Http.dll
MOD - [2012-11-28 12:13:06 | 000,938,496 | ---- | M] () -- E:\Program Files\Garena Plus\lib\XLL.dll
MOD - [2012-11-28 12:03:11 | 000,718,848 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\ggplugin.dll
MOD - [2012-11-28 12:00:52 | 000,228,864 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\PluginNews.dll
MOD - [2012-11-28 12:00:45 | 000,178,688 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\StatsPlugin.dll
MOD - [2012-11-23 10:02:48 | 001,537,024 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\FileSender.dll
MOD - [2012-11-19 05:25:25 | 001,081,344 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\GaFileTransfer.dll
MOD - [2012-11-15 21:51:06 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\adaaf894878905f022f824b84fcd59a8\System.ServiceProcess.ni.dll
MOD - [2012-11-15 21:50:47 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\38e2909de0b5e7887b46dd28725ba718\System.Management.ni.dll
MOD - [2012-11-15 21:23:26 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\0e5254a1a3d59b3a037029e5af1bd32b\System.Runtime.Remoting.ni.dll
MOD - [2012-11-15 21:23:21 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\aebb94e0eea9c39ec18a7915a711f621\System.Xaml.ni.dll
MOD - [2012-11-15 21:16:12 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7c8bffb6e42a248341d7821a8464ef0b\PresentationFramework.ni.dll
MOD - [2012-11-15 21:16:02 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74fade4c3e490c62af3d60742fb078a\PresentationCore.ni.dll
MOD - [2012-11-15 21:15:55 | 003,882,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dfe6e22159d3f5bf61b5bfe1da6f2758\WindowsBase.ni.dll
MOD - [2012-11-15 21:15:53 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\46215c6276fca8ba6b8a765dfa384c73\PresentationFramework.Aero.ni.dll
MOD - [2012-11-15 21:10:14 | 013,198,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ecbb113bbad9034fa8385c15f73fb4cf\System.Windows.Forms.ni.dll
MOD - [2012-11-15 21:10:06 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14d2241be401f66cc1898dc5dc383b80\System.Core.ni.dll
MOD - [2012-11-15 21:10:04 | 001,666,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\a8dfd1388afc0a50f39f9e1dc7ecd45c\System.Drawing.ni.dll
MOD - [2012-11-15 21:10:04 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c63fe1e324904c893d2a5d02f0783658\System.Configuration.ni.dll
MOD - [2012-11-15 21:10:03 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e10bbd79027aa4c1ca8950b78fd640d4\System.Xml.ni.dll
MOD - [2012-11-15 21:10:00 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\379599837ade465016dd5d96798b2766\System.ni.dll
MOD - [2012-11-15 21:09:55 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dbc34d53e1fbedabecd201fe4f264961\mscorlib.ni.dll
MOD - [2012-11-15 12:19:08 | 000,186,368 | ---- | M] () -- E:\Program Files\Garena Plus\ImageModule.dll
MOD - [2012-11-14 03:48:26 | 012,320,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012-11-14 03:14:59 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-11-14 03:09:22 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2012-11-14 02:57:44 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-11-14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-11-14 02:52:27 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2012-11-14 02:51:44 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll
MOD - [2012-11-14 02:49:19 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
MOD - [2012-11-14 02:48:27 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vbscript.dll
MOD - [2012-11-14 02:46:38 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-11-09 11:27:12 | 017,877,168 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
MOD - [2012-11-08 12:28:10 | 000,027,136 | ---- | M] () -- E:\Program Files\Garena Plus\DibModule.dll
MOD - [2012-11-08 12:28:09 | 000,045,056 | ---- | M] () -- E:\Program Files\Garena Plus\FileLoader.dll
MOD - [2012-11-08 12:28:07 | 000,169,472 | ---- | M] () -- E:\Program Files\Garena Plus\ggspawn.dll
MOD - [2012-11-08 12:27:53 | 000,081,408 | ---- | M] () -- E:\Program Files\Garena Plus\PluginKernel.dll
MOD - [2012-11-08 12:27:47 | 000,018,944 | ---- | M] () -- E:\Program Files\Garena Plus\PluginModule.dll
MOD - [2012-11-08 00:37:34 | 000,301,264 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll
MOD - [2012-10-30 11:19:43 | 000,059,904 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\PlatformPlugin.dll
MOD - [2012-10-16 08:39:52 | 000,561,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll
MOD - [2012-10-09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2012-10-04 17:47:41 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2012-10-04 17:47:40 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2012-10-04 17:40:23 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\acwow64.dll
MOD - [2012-09-28 03:23:00 | 005,557,928 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdag.dll
MOD - [2012-09-28 02:43:28 | 000,935,424 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll
MOD - [2012-09-28 02:22:30 | 002,691,584 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdva.dll
MOD - [2012-09-28 02:10:58 | 000,082,944 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiu9pag.dll
MOD - [2012-09-18 18:06:41 | 000,115,137 | ---- | M] () -- C:\Users\Pacak\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
MOD - [2012-09-13 07:19:39 | 000,099,328 | ---- | M] () -- E:\Program Files\Garena Plus\lib\UILayout.dll
MOD - [2012-09-13 07:19:19 | 000,048,640 | ---- | M] () -- E:\Program Files\Garena Plus\lib\XmlUIModule.dll
MOD - [2012-09-12 16:19:44 | 000,077,800 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Security Client\MpOAv.dll
MOD - [2012-09-10 06:43:02 | 001,664,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
MOD - [2012-09-06 12:30:31 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2012-09-06 12:30:27 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012-09-06 12:30:27 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012-09-06 12:30:23 | 000,159,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
MOD - [2012-09-06 07:06:20 | 006,730,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
MOD - [2012-09-06 07:06:20 | 000,056,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
MOD - [2012-08-31 08:52:22 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012-08-31 08:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MOD - [2012-08-31 08:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
MOD - [2012-08-31 08:45:00 | 000,250,368 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
MOD - [2012-08-30 15:17:05 | 002,984,960 | ---- | M] () -- E:\Program Files\Garena Plus\ggdownloader.dll
MOD - [2012-08-28 09:05:34 | 000,307,200 | ---- | M] ( MarkAny.) -- C:\Program Files (x86)\Samsung\Kies\External\MACSSDK.dll
MOD - [2012-08-24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-08-24 17:57:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2012-08-24 17:57:40 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2012-08-24 17:57:37 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2012-08-24 17:53:35 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2012-08-03 09:31:57 | 000,228,864 | ---- | M] (The cURL library, http://curl.haxx.se/) -- E:\Program Files\Garena Plus\libcurl.dll
MOD - [2012-07-31 11:38:37 | 000,156,160 | ---- | M] () -- E:\Program Files\Garena Plus\libzmq.dll
MOD - [2012-07-27 07:59:42 | 000,010,240 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\ClientTcp.dll
MOD - [2012-07-27 07:59:28 | 000,061,952 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\UdtLib.dll
MOD - [2012-07-27 07:59:23 | 000,163,328 | ---- | M] () -- E:\Program Files\Garena Plus\lib\fs\YYFileSystem.dll
MOD - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-06-06 06:05:52 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2012-06-06 06:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2012-06-02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012-06-02 05:36:29 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2012-05-15 03:11:46 | 000,190,976 | ---- | M] (Garena Online Pte Ltd) -- E:\Program Files\Garena Plus\lib\delay_load\GaVoiceGroup.dll
MOD - [2012-05-05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2012-04-24 02:19:17 | 000,238,592 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\MediaEngine.dll
MOD - [2012-04-21 05:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
MOD - [2012-04-13 04:12:19 | 000,059,392 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\AudioMixerLib.dll
MOD - [2012-04-13 04:12:18 | 000,019,968 | ---- | M] () -- E:\Program Files\Garena Plus\ServerMemAlloc.dll
MOD - [2012-04-07 12:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2012-03-08 09:56:40 | 000,510,464 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\RSALib.dll
MOD - [2012-03-08 09:56:32 | 001,097,216 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- E:\Program Files\Garena Plus\libeay32.dll
MOD - [2012-03-03 06:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-03-01 06:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-02-22 09:52:18 | 000,162,304 | ---- | M] () -- E:\Program Files\Garena Plus\lame_enc.dll
MOD - [2012-02-22 09:52:16 | 001,739,264 | ---- | M] (Apache Software Foundation) -- E:\Program Files\Garena Plus\log4cxx.dll
MOD - [2012-02-22 09:52:16 | 000,573,100 | ---- | M] () -- E:\Program Files\Garena Plus\sqlite3.dll
MOD - [2012-02-22 09:52:16 | 000,197,632 | ---- | M] () -- E:\Program Files\Garena Plus\lib\TaskManagerLib.dll
MOD - [2012-02-22 09:52:16 | 000,178,176 | ---- | M] () -- E:\Program Files\Garena Plus\lib\MP3Module.dll
MOD - [2012-02-22 09:52:16 | 000,122,136 | ---- | M] () -- E:\Program Files\Garena Plus\ggcode.dll
MOD - [2012-02-22 09:52:16 | 000,097,792 | ---- | M] () -- E:\Program Files\Garena Plus\CommonLib.dll
MOD - [2012-01-13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2012-01-04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011-12-16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-12-15 07:07:16 | 000,386,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
MOD - [2011-11-17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-17 06:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-06-16 05:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-06-12 11:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) -- C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
MOD - [2011-05-24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-05-24 11:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011-05-24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-05-18 17:57:22 | 000,413,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2011-05-10 01:41:12 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
MOD - [2011-03-15 07:13:46 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2011-03-11 06:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011-03-03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-02-19 07:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011-01-20 07:15:56 | 008,906,704 | ---- | M] (Microsoft Corporation) -- C:\PROGRA~2\MICROS~4\Office14\1045\GrooveIntlResource.dll
MOD - [2011-01-17 06:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2010-11-21 13:52:58 | 000,093,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\pl\ShFusRes.dll
MOD - [2010-11-21 04:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-21 04:25:11 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2010-11-21 04:25:11 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll
MOD - [2010-11-21 04:25:11 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll
MOD - [2010-11-21 04:25:10 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll
MOD - [2010-11-21 04:25:10 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
MOD - [2010-11-21 04:24:51 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll
MOD - [2010-11-21 04:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-21 04:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-21 04:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-21 04:24:32 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll
MOD - [2010-11-21 04:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-21 04:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-21 04:24:28 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2010-11-21 04:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-21 04:24:23 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010-11-21 04:24:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-21 04:24:20 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll
MOD - [2010-11-21 04:24:16 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
MOD - [2010-11-21 04:24:16 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-21 04:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-21 04:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-21 04:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-21 04:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-21 04:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010-11-21 04:24:15 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
MOD - [2010-11-21 04:24:14 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msftedit.dll
MOD - [2010-11-21 04:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-21 04:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-21 04:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-21 04:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-21 04:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010-11-21 04:24:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-21 04:24:09 | 000,115,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
MOD - [2010-11-21 04:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-21 04:24:08 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010-11-21 04:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010-11-21 04:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-21 04:24:08 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-21 04:24:08 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorAPI.dll
MOD - [2010-11-21 04:24:08 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mapi32.dll
MOD - [2010-11-21 04:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-21 04:24:03 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll
MOD - [2010-11-21 04:24:03 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sqmapi.dll
MOD - [2010-11-21 04:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-21 04:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-21 04:24:02 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010-11-21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-21 04:24:01 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010-11-21 04:24:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2010-11-21 04:24:01 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll
MOD - [2010-11-21 04:24:01 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-21 04:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-21 04:24:00 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll
MOD - [2010-11-21 04:23:56 | 001,363,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Query.dll
MOD - [2010-11-21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-21 04:23:55 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-21 04:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-21 04:23:54 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SearchFolder.dll
MOD - [2010-11-21 04:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010-11-21 04:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-21 04:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-21 04:23:51 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010-11-21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-21 04:23:48 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010-11-21 04:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010-09-30 21:26:58 | 000,208,896 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH.dll
MOD - [2010-09-30 21:26:54 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
MOD - [2010-09-30 21:26:28 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraPlk.dll
MOD - [2010-05-26 10:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DCompiler_43.dll
MOD - [2010-05-26 10:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DX9_43.dll
MOD - [2010-03-18 12:16:28 | 000,801,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
MOD - [2010-03-18 12:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100_clr0400.dll
MOD - [2010-02-28 02:13:36 | 000,049,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
MOD - [2009-11-04 10:14:08 | 001,168,216 | RHS- | M] (Safer-Networking Ltd.) -- E:\Program Files (x86)\Spybot - Search & Destroy\advcheck.dll
MOD - [2009-07-14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 02:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 02:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009-07-14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009-07-14 02:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll
MOD - [2009-07-14 02:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\upnphost.dll
MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 02:16:15 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ssdpapi.dll
MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 02:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll
MOD - [2009-07-14 02:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 02:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PeerDist.dll
MOD - [2009-07-14 02:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 02:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 02:15:46 | 002,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll
MOD - [2009-07-14 02:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009-07-14 02:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msiltcfg.dll
MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-07-14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 02:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 02:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009-07-14 02:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2009-07-14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 02:15:21 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fltLib.dll
MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 02:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 02:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll
MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 02:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009-07-14 02:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll
MOD - [2009-07-14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009-07-14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009-07-14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 02:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe
MOD - [2009-07-14 02:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx
MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 02:10:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll
MOD - [2009-07-14 02:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-06-10 22:22:53 | 000,015,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
MOD - [2009-06-10 22:22:50 | 000,023,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
MOD - [2009-05-21 21:13:36 | 000,275,768 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
MOD - [2009-05-21 21:13:36 | 000,205,312 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
MOD - [2009-05-21 21:13:36 | 000,150,528 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
MOD - [2009-05-21 21:13:36 | 000,048,128 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
MOD - [2009-05-21 21:03:06 | 000,213,504 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll
MOD - [2009-05-21 21:03:06 | 000,049,664 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll
MOD - [2009-05-21 20:46:38 | 000,948,224 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
MOD - [2009-05-21 20:46:38 | 000,203,264 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqssm08.dll
MOD - [2009-05-21 20:46:38 | 000,012,288 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
MOD - [2009-05-21 20:46:36 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
MOD - [2009-05-21 20:46:36 | 000,485,888 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll
MOD - [2009-05-21 20:46:36 | 000,307,712 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll
MOD - [2009-05-21 20:46:36 | 000,285,184 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.dll
MOD - [2009-05-21 20:46:36 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
MOD - [2009-05-21 20:46:36 | 000,057,856 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSplh08.dll
MOD - [2009-05-21 19:09:24 | 000,554,496 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
MOD - [2009-05-21 19:09:24 | 000,338,432 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
MOD - [2009-05-21 19:05:48 | 000,326,144 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll
MOD - [2009-05-21 19:05:48 | 000,097,280 | ---- | M] (Hewlett Packard) -- C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbevst.dll
MOD - [2009-05-21 18:31:52 | 001,170,944 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll
MOD - [2009-05-21 18:31:52 | 000,538,112 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll
MOD - [2009-05-21 18:31:52 | 000,292,864 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll
MOD - [2009-05-21 18:31:52 | 000,274,432 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
MOD - [2009-05-21 18:31:52 | 000,032,256 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
MOD - [2009-05-21 17:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
MOD - [2009-05-21 17:57:00 | 000,040,960 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll
MOD - [2009-05-21 17:57:00 | 000,038,912 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpreh.dll
MOD - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MOD - [2008-12-03 19:05:44 | 000,033,792 | ---- | M] (Hewlett-Packard) -- C:\Windows\SysWOW64\HPZipr12.dll
MOD - [2008-03-28 14:57:30 | 000,014,848 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysWOW64\P17RunE.dll
MOD - [2008-02-28 16:08:18 | 000,279,848 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMSQLDB.dll
MOD - [2008-02-28 16:08:18 | 000,267,560 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMSearchPluginSimilarImages.dll
MOD - [2008-02-28 16:08:08 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMPluginBase.dll
MOD - [2008-02-28 16:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
MOD - [2008-02-28 16:07:58 | 000,075,048 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMLogCxx.dll
MOD - [2008-02-28 16:07:48 | 000,222,504 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMFullTextExtraction.dll
MOD - [2008-02-28 16:07:48 | 000,079,144 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingServicePS.dll
MOD - [2008-02-28 16:07:38 | 003,609,896 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMDataServices.dll
MOD - [2008-02-28 16:07:28 | 000,746,792 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMCoFoundation.dll
MOD - [2008-02-28 16:06:46 | 000,828,712 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\log4cxx.dll
MOD - [2006-05-03 09:52:12 | 000,110,592 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\GDICtrl3.skc
MOD - [2006-03-31 16:26:40 | 000,331,776 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\GDICtrl.skc
MOD - [2006-03-31 09:10:08 | 000,151,552 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\GDICtrl2.skc
MOD - [2006-03-28 15:21:56 | 000,110,592 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\RtxCtrl.skc
MOD - [2006-03-24 08:29:36 | 000,155,648 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTTheme.dll
MOD - [2005-10-31 09:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
MOD - [2005-10-25 09:31:14 | 000,077,824 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Creative\Shared Files\mxlib.dll
MOD - [2005-10-21 16:57:32 | 000,040,960 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Creative\Shared Files\CtrlSrc.dll
MOD - [2005-10-20 13:49:06 | 000,024,660 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.crl
MOD - [2005-05-03 12:38:42 | 000,064,512 | ---- | M] () -- C:\Windows\SysWOW64\P17.DLL
MOD - [2002-11-22 00:01:00 | 000,053,248 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTIniF.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2012-11-08 00:37:39 | 002,828,408 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:[b]64bit:[/b] - [2012-09-28 15:43:40 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:[b]64bit:[/b] - [2012-09-28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2012-09-12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2012-09-12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-12-11 20:21:30 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-12-05 18:10:34 | 002,403,352 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe -- (Browser Manager)
SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-11-04 22:04:32 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-11-01 08:52:52 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe -- (CLPSLauncher)
SRV - [2012-10-31 15:46:38 | 001,467,088 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2012-09-06 02:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-08-07 01:01:33 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006-12-19 08:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-11-24 16:49:10 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2012-11-24 16:44:36 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2012-09-28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2012-09-28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2012-08-30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2012-08-23 15:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012-08-23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2012-04-09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-06-10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-05-13 02:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:[b]64bit:[/b] - [2011-05-13 02:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:[b]64bit:[/b] - [2011-05-13 02:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:[b]64bit:[/b] - [2011-05-13 02:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-02-18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:[b]64bit:[/b] - [2009-12-22 01:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-05 02:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:[b]64bit:[/b] - [2008-12-26 11:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV:[b]64bit:[/b] - [2007-02-05 09:49:20 | 001,529,856 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17)
DRV:[b]64bit:[/b] - [2005-07-07 09:19:08 | 001,579,008 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\P1764.SYS -- (P1764)
DRV:[b]64bit:[/b] - [2005-02-28 04:12:50 | 000,205,824 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTOSS2K.SYS -- (ossrv)
DRV:[b]64bit:[/b] - [2005-02-28 04:12:46 | 000,284,160 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2012-12-04 09:41:28 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\CFRMD.sys -- (CFRMD)
DRV - [2010-12-20 13:50:44 | 000,011,888 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\NTIOLib_X64.sys -- (NTIOLib_1_0_5)
DRV - [2010-10-22 09:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 4\LU4\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
DRV - [2010-04-12 10:36:26 | 000,044,344 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys -- (DualCoreCenter)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-03-05 21:55:20 | 000,033,080 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\RushJ64.sys -- (RushTopDevice_J)
DRV - [2008-12-19 03:17:36 | 000,075,576 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\RushTop64.sys -- (RushTopDevice2)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD502HJ_S20BJ90ZB42528&ts=1355249658
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD502HJ_S20BJ90ZB42528&ts=1355249658
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com/web/?q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.v9.com/web/?q={searchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=110824&tt=4712_5&babsrc=HP_ss&mntrId=70002c4a0000000000006c626ddb478d
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD502HJ_S20BJ90ZB42528&ts=1355249658
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.yahoo.com?fr=fp-comodo
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes,DefaultScope = {8EEAC88A-079B-4b2c-80C1-7836F79EB40A}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{0E756860-460A-4F02-8D89-52D278659C5D}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=W3I4&o=41648006&src=kw&q={searchTerms}&locale=&apn_ptnrs=^A9K&apn_dtid=^YYYYYY^YY^PL&apn_uid=B2C1FCDD-C3BE-47A2-B753-83B2FA2DED3F&apn_sauid=F1BFBCBE-A559-40E2-9B41-4BEA0B6675DE
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110824&tt=4712_5&babsrc=SP_ss&mntrId=70002c4a0000000000006c626ddb478d
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.5.0
FF - prefs.js..extensions.enabledAddons: {58bd07eb-0ee0-4df0-8121-dc9b693373df}:2.5.911.18
FF - prefs.js..browser.search.order.1: "v9"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://pl.yahoo.com?fr=fp-comodo"
FF - prefs.js..keyword.URL: "http://pl.search.yahoo.com/search?fr=ytff-comodo&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"


FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Pacak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-22 10:43:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: e:\Program Files (x86)\Mozilla Firefox\components [2012-09-10 09:56:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: e:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-22 10:43:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firefox@mozilla.com: C:\Users\Pacak\AppData\Roaming\firefox@mozilla.com [2012-10-01 15:19:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012-12-06 19:00:00 | 000,000,000 | ---D | M]

[2012-09-17 15:35:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pacak\AppData\Roaming\mozilla\Extensions
[2012-11-25 10:47:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pacak\AppData\Roaming\mozilla\Firefox\Profiles\ihdh8t4s.default\extensions
[2012-12-14 21:50:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pacak\AppData\Roaming\mozilla\Firefox\Profiles\ihdh8t4s.default\extensions\ffxtlbr@babylon.com
[2012-10-21 14:32:23 | 000,002,536 | ---- | M] () -- C:\Users\Pacak\AppData\Roaming\mozilla\firefox\profiles\ihdh8t4s.default\searchplugins\browsemngr.xml
[2012-10-21 14:32:23 | 000,002,536 | ---- | M] () -- C:\Users\Pacak\AppData\Roaming\mozilla\firefox\profiles\ihdh8t4s.default\searchplugins\mngr.xml
[2012-08-07 13:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) -- C:\PROGRAMDATA\BROWSER MANAGER\2.5.911.18\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Application Manager (Enabled) = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll
CHR - plugin: Adobe Acrobat (Enabled) = E:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Pacak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - Extension: TV = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.11_0\
CHR - Extension: YouTube = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_2\
CHR - Extension: Szukaj w Google = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_2\
CHR - Extension: Chrome Updater = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoijihiiolhlopbdlcphkfdobmkfkap\1.1_0\
CHR - Extension: Bowling 3D = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemohgpikgjbgmdfbfjdailocichgbjm\2.0_0\
CHR - Extension: AdBlock = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.51_0\
CHR - Extension: Bubble Shooter-HD = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\
CHR - Extension: Szybka Wyszukiwarka = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneiphgeigocbbbojlnknhmknlnmdjnf\1.3_0\
CHR - Extension: Duck Gravity = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpikpdaalmlcipfphefaajfiofglcma\1.3.0_0\
CHR - Extension: Settings Protector = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: Gmail = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
CHR - Extension: TV = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.11_0\
CHR - Extension: YouTube = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_2\
CHR - Extension: Szukaj w Google = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_2\
CHR - Extension: Chrome Updater = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoijihiiolhlopbdlcphkfdobmkfkap\1.1_0\
CHR - Extension: Bowling 3D = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemohgpikgjbgmdfbfjdailocichgbjm\2.0_0\
CHR - Extension: AdBlock = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.51_0\
CHR - Extension: Bubble Shooter-HD = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\
CHR - Extension: Szybka Wyszukiwarka = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneiphgeigocbbbojlnknhmknlnmdjnf\1.3_0\
CHR - Extension: Duck Gravity = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpikpdaalmlcipfphefaajfiofglcma\1.3.0_0\
CHR - Extension: Settings Protector = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: Gmail = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [CTSysVol] C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DelReg] C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NBKeyScan] E:\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [P17Helper] C:\Windows\SysWow64\P17.DLL ()
O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe" -controlservice -slave File not found
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [AQQ] E:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.)
O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [Clock Widget (HTC Home)] E:\Program Files (x86)\HTC Home\Clock.exe ()
O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [DAEMON Tools Lite] E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [EADM] E:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [GarenaPlus] E:\Program Files\Garena Plus\GarenaMessenger.exe ()
O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001..\Run: [SpybotSD TeaTimer] e:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [*CA] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Pacak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WarKey.exe.lnk = C:\Users\Pacak\Desktop\warkey\WarKey.exe (YuLv.Net)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 46.148.166.31 46.148.166.33
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04AE9F5A-D32F-491F-AC6A-7BCBA5FE968B}: DhcpNameServer = 46.148.166.31 46.148.166.33
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll) - c:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-03-24 00:54:52 | 000,000,175 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006-10-23 21:52:06 | 001,191,936 | R--- | M] () - H:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2006-10-23 21:52:08 | 000,000,108 | R--- | M] () - H:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{22e02608-364e-11e2-b757-6c626ddb478d}\Shell - "" = AutoRun
O33 - MountPoints2\{22e02608-364e-11e2-b757-6c626ddb478d}\Shell\AutoRun\command - "" = G:\setup.exe -- [2010-03-12 08:49:40 | 001,100,664 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{22e02608-364e-11e2-b757-6c626ddb478d}\Shell\configure\command - "" = G:\setup.exe -- [2010-03-12 08:49:40 | 001,100,664 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{22e02608-364e-11e2-b757-6c626ddb478d}\Shell\install\command - "" = G:\setup.exe -- [2010-03-12 08:49:40 | 001,100,664 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{22e02613-364e-11e2-b757-6c626ddb478d}\Shell - "" = AutoRun
O33 - MountPoints2\{22e02613-364e-11e2-b757-6c626ddb478d}\Shell\AutoRun\command - "" = H:\autorun.exe -- [2006-10-23 21:52:06 | 001,191,936 | R--- | M] ()
O33 - MountPoints2\{22e02613-364e-11e2-b757-6c626ddb478d}\Shell\install\command - "" = H:\autorun.exe -- [2006-10-23 21:52:06 | 001,191,936 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-12-15 12:55:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\COMODO
[2012-12-15 12:55:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Comodo
[2012-12-13 02:39:43 | 000,000,000 | ---D | C] -- C:\Users\Pacak\.gstreamer-0.10
[2012-12-13 02:39:40 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\ChomikBox
[2012-12-13 02:39:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl
[2012-12-13 02:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ChomikBox
[2012-12-11 11:36:28 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\gothic3
[2012-12-11 11:35:30 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Xfire
[2012-12-11 11:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire
[2012-12-11 11:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic III
[2012-12-10 13:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-12-10 13:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-12-10 13:19:47 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012-12-07 10:54:17 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoKMS
[2012-12-06 20:13:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\Pliki programu Outlook
[2012-12-06 20:07:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2012-12-06 20:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2012-12-06 20:05:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012-12-06 20:05:05 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012-12-06 20:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2012-12-06 20:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012-12-06 19:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012-12-06 19:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012-12-06 19:53:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012-12-06 19:52:58 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Microsoft Help
[2012-12-06 19:52:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012-12-06 19:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012-12-06 19:52:33 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012-12-04 09:41:28 | 000,037,976 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysWow64\drivers\CFRMD.sys
[2012-11-29 16:12:53 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bink and Smacker
[2012-11-26 16:03:54 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gothic Multiplayer
[2012-11-25 21:36:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
[2012-11-25 18:02:47 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\SKIDROW
[2012-11-25 17:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
[2012-11-25 15:13:25 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Chromium
[2012-11-25 15:09:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2012-11-25 15:09:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Sports Interactive
[2012-11-25 15:09:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Sports Interactive
[2012-11-25 00:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MoorHunt
[2012-11-24 16:49:10 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012-11-24 16:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-11-20 17:03:36 | 000,000,000 | R--D | C] -- C:\Users\Pacak\Documents\Scanned Documents
[2012-11-20 17:03:36 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\Fax
[2012-11-04 23:36:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2012-11-04 19:43:53 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Publish Providers
[2012-11-04 19:39:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2012-11-04 19:38:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2012-11-04 19:38:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2012-11-04 18:54:21 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Sony
[2012-11-04 18:48:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Sony
[2012-11-02 12:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012-11-02 12:19:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2012-11-02 12:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012-11-02 12:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-10-30 11:58:02 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\MOHW
[2012-10-29 15:04:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2012-10-29 13:00:57 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\PunkBuster
[2012-10-29 13:00:49 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\MOHW_DayOnePatch_PC
[2012-10-29 12:43:14 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Origin
[2012-10-29 12:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2012-10-29 12:42:52 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Origin
[2012-10-29 12:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012-10-29 12:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012-10-29 12:38:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012-10-27 20:13:18 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-10-25 23:16:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-10-23 18:18:36 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Opera
[2012-10-23 18:18:36 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Opera
[2012-10-23 18:18:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2012-10-23 16:46:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012-10-22 00:48:54 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Garena
[2012-10-22 00:48:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Garena
[2012-10-21 15:23:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt
[2012-10-21 15:14:48 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Nero
[2012-10-21 15:08:35 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Ahead
[2012-10-21 15:08:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NeroInstall.bak
[2012-10-21 15:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
[2012-10-21 15:03:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012-10-21 15:03:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2012-10-21 14:38:59 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\Alcohol 120%
[2012-10-21 14:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2012-10-21 14:32:39 | 000,564,824 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2012-10-21 14:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012-10-21 14:23:19 | 000,569,344 | ---- | C] (Pegasus Software,LLC) -- C:\Windows\SysWow64\imagr5.dll
[2012-10-21 14:23:19 | 000,544,768 | ---- | C] (Pegasus Software, LLC) -- C:\Windows\SysWow64\imagx5.dll
[2012-10-21 14:23:19 | 000,283,920 | ---- | C] (Pegasus Software, LLC) -- C:\Windows\SysWow64\ImagXpr5.dll
[2012-10-21 14:23:19 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\Windows\SysWow64\NeroCheck.exe
[2012-10-21 14:23:19 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\picn20.dll
[2012-10-21 13:28:11 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Ahead
[2012-10-21 13:26:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead
[2012-10-16 16:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012-10-16 16:30:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-12-15 13:21:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-12-15 12:55:15 | 000,002,043 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2012-12-15 12:35:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-15 12:04:56 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-12-15 12:04:56 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-12-15 11:57:39 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-15 11:57:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-12-15 11:57:24 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys
[2012-12-12 17:23:36 | 000,045,270 | ---- | M] () -- C:\Users\Pacak\AppData\Roaming\room_v3.dat
[2012-12-12 13:21:50 | 000,440,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-12-11 11:32:59 | 000,000,542 | ---- | M] () -- C:\Users\Public\Desktop\Gothic III.lnk
[2012-12-10 13:19:51 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-12-08 13:31:15 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012-12-08 13:31:06 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012-12-06 20:14:12 | 000,446,258 | ---- | M] () -- C:\Windows\AutoKMS.exe
[2012-12-04 09:41:28 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysWow64\drivers\CFRMD.sys
[2012-12-02 23:11:22 | 000,000,600 | ---- | M] () -- C:\Users\Pacak\AppData\Roaming\winscp.rnd
[2012-12-01 14:07:25 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-12-01 14:07:25 | 000,697,674 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-12-01 14:07:25 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-12-01 14:07:25 | 000,134,784 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-12-01 14:07:25 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-11-25 12:39:19 | 000,008,192 | ---- | M] () -- C:\Windows\d3dx.dat
[2012-11-25 10:29:17 | 000,000,935 | ---- | M] () -- C:\Users\Pacak\Desktop\JDownloader.lnk
[2012-11-24 16:49:10 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012-11-24 16:44:36 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2012-11-13 12:42:35 | 000,000,600 | ---- | M] () -- C:\Users\Pacak\AppData\Local\PUTTY.RND
[2012-11-08 00:37:57 | 000,022,736 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys
[2012-11-08 00:37:36 | 000,041,240 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll
[2012-11-08 00:37:34 | 000,301,264 | ---- | M] (COMODO) -- C:\Windows\SysWow64\guard32.dll
[2012-11-08 00:37:31 | 000,390,392 | ---- | M] (COMODO) -- C:\Windows\SysNative\guard64.dll
[2012-11-06 22:45:43 | 000,000,213 | ---- | M] () -- C:\Users\Pacak\Desktop\Dota 2.url
[2012-11-05 01:49:58 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012-11-04 23:45:05 | 000,001,488 | ---- | M] () -- C:\Users\Pacak\Desktop\MOH Warfighter.lnk
[2012-11-04 23:36:22 | 000,000,543 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk
[2012-11-04 19:43:21 | 000,002,448 | ---- | M] () -- C:\Users\Pacak\Documents\Register Vegas Pro.htm
[2012-11-04 19:39:19 | 000,000,543 | ---- | M] () -- C:\Users\Pacak\Desktop\Vegas Pro 11.0 (64-bit).lnk
[2012-10-28 17:03:39 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-10-28 02:19:52 | 000,000,904 | ---- | M] () -- C:\Users\Public\Desktop\CWK.lnk
[2012-10-25 23:16:59 | 000,002,261 | ---- | M] () -- C:\Users\Pacak\Desktop\Google Chrome.lnk
[2012-10-21 15:06:19 | 000,001,439 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2012-10-21 15:04:54 | 000,000,026 | ---- | M] () -- C:\Windows\Irremote.ini
[2012-10-21 15:04:42 | 000,001,024 | ---- | M] () -- C:\Users\Pacak\.rnd
[2012-10-21 14:46:32 | 000,000,124 | ---- | M] () -- C:\Users\Pacak\Documents\ax_files.xml

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-12-15 12:55:15 | 000,002,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2012-12-11 11:32:59 | 000,000,542 | ---- | C] () -- C:\Users\Public\Desktop\Gothic III.lnk
[2012-12-08 13:31:15 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012-12-08 13:31:06 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012-12-06 20:14:11 | 000,446,258 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2012-11-25 21:46:21 | 000,000,212 | ---- | C] () -- C:\Users\Pacak\Desktop\Counter-Strike.url
[2012-11-25 12:39:19 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat
[2012-11-25 10:29:17 | 000,000,935 | ---- | C] () -- C:\Users\Pacak\Desktop\JDownloader.lnk
[2012-11-25 10:27:44 | 000,000,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012-11-25 10:27:44 | 000,000,859 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012-11-25 10:27:44 | 000,000,844 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012-11-15 21:12:31 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012-11-15 21:02:29 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012-11-06 22:45:43 | 000,000,213 | ---- | C] () -- C:\Users\Pacak\Desktop\Dota 2.url
[2012-11-05 01:49:55 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012-11-04 23:45:06 | 000,001,488 | ---- | C] () -- C:\Users\Pacak\Desktop\MOH Warfighter.lnk
[2012-11-04 23:36:22 | 000,000,543 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk
[2012-11-04 19:39:19 | 000,000,543 | ---- | C] () -- C:\Users\Pacak\Desktop\Vegas Pro 11.0 (64-bit).lnk
[2012-11-04 19:32:41 | 000,002,448 | ---- | C] () -- C:\Users\Pacak\Documents\Register Vegas Pro.htm
[2012-10-28 02:19:52 | 000,000,904 | ---- | C] () -- C:\Users\Public\Desktop\CWK.lnk
[2012-10-28 02:19:52 | 000,000,904 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CWK.lnk
[2012-10-25 23:16:58 | 000,002,261 | ---- | C] () -- C:\Users\Pacak\Desktop\Google Chrome.lnk
[2012-10-21 15:06:19 | 000,001,439 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2012-10-21 15:04:54 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2012-10-21 15:04:41 | 000,001,024 | ---- | C] () -- C:\Users\Pacak\.rnd
[2012-10-21 14:46:32 | 000,000,124 | ---- | C] () -- C:\Users\Pacak\Documents\ax_files.xml
[2012-10-16 16:30:44 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-10-16 16:30:43 | 000,001,042 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-10-09 00:32:09 | 000,000,600 | ---- | C] () -- C:\Users\Pacak\AppData\Roaming\winscp.rnd
[2012-10-08 15:45:43 | 000,000,600 | ---- | C] () -- C:\Users\Pacak\AppData\Local\PUTTY.RND
[2012-10-02 22:01:35 | 000,000,087 | ---- | C] () -- C:\Windows\SysWow64\tcfg.ini
[2012-08-28 09:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012-08-28 09:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012-08-28 09:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012-08-28 09:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012-08-28 09:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012-08-22 10:37:09 | 000,172,893 | ---- | C] () -- C:\Windows\hpoins45.dat
[2012-08-08 23:35:16 | 000,045,270 | ---- | C] () -- C:\Users\Pacak\AppData\Roaming\room_v3.dat
[2012-08-08 14:35:46 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-08-07 12:50:45 | 000,000,039 | R--- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2012-08-07 12:12:54 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI
[2012-08-07 10:58:45 | 001,548,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-08-07 00:36:48 | 000,005,627 | R--- | C] () -- C:\Windows\SysWow64\Ludap17.ini
[2012-08-07 00:26:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-08-07 00:20:35 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2012-08-07 00:03:45 | 000,007,610 | ---- | C] () -- C:\Users\Pacak\AppData\Local\resmon.resmoncfg
[2012-06-11 17:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-06-11 17:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-05-02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2012-09-17 02:13:28 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\.minecraft
[2012-09-11 15:57:38 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Altaron
[2012-09-15 12:15:10 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\AVG2013
[2012-08-12 10:38:22 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Avnex
[2012-10-01 15:19:24 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Chrome_updater
[2012-12-11 00:32:21 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\DAEMON Tools Lite
[2012-10-06 22:23:59 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Dev-Cpp
[2012-10-01 15:19:24 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\firefox@mozilla.com
[2012-10-22 00:48:54 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Garena
[2012-12-15 12:53:57 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\GarenaPlus
[2012-10-01 15:19:49 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\IE
[2012-08-27 23:04:13 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\NapiProjekt
[2012-11-06 12:35:01 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Notepad++
[2012-12-15 00:15:13 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\OpenCandy
[2012-09-04 08:00:24 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\OpenOffice.org
[2012-10-23 18:27:18 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Opera
[2012-12-02 12:41:24 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Origin
[2012-11-04 19:43:53 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Publish Providers
[2012-10-07 01:59:59 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Remere's Map Editor
[2012-09-18 19:54:46 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Samsung
[2012-11-04 19:47:25 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Sony
[2012-11-25 15:09:19 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Sports Interactive
[2012-09-15 12:13:51 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\TuneUp Software
[2012-12-06 20:04:43 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\uTorrent
[2012-08-07 19:42:59 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\wargaming.net

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-11-21 04:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2012-08-07 00:44:17 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-09-19 11:59:47 | 000,000,471 | ---- | M] () -- C:\CustomKeys.txt
[2012-12-15 11:57:24 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys
[2012-08-07 00:32:27 | 000,034,239 | ---- | M] () -- C:\LU4.log
[2012-12-15 11:57:26 | 504,991,743 | -HS- | M] () -- C:\pagefile.sys
[2012-08-07 13:49:59 | 000,000,608 | ---- | M] () -- C:\user.js
[2012-08-06 23:59:40 | 000,283,507 | RHS- | M] () -- C:\VLXEM
[2012-08-06 23:59:40 | 000,000,020 | RHS- | M] () -- C:\win7.ld

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2012-08-22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010-11-21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< End of report >
[/log]

RSIT:
[log]Logfile of random's system information tool 1.09 (written by random/random)
Run by Pacak at 2012-12-15 13:49:51
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 870 MB (2%) free of 35 GB
Total RAM: 8191 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:49:58, on 2012-12-15
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
E:\Program Files\Garena Plus\GarenaMessenger.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\Pobieranie\Downloads\RSIT.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\trend micro\Pacak.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD502HJ_S20BJ90ZB42528&ts=1355249658
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.yahoo.com?fr=fp-comodo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD502HJ_S20BJ90ZB42528&ts=1355249658
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD502HJ_S20BJ90ZB42528&ts=1355249658
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=TJ&userid=59af5cbc-e873-4e8b-8db3-c1414f9290ea&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.v9.com/web/?q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com/web/?q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O4 - HKLM\..\Run: [DelReg] C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "E:\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe" -controlservice -slave
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Clock Widget (HTC Home)] "E:\Program Files (x86)\HTC Home\Clock.exe"
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [AQQ] E:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [SpybotSD TeaTimer] e:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [EADM] "E:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [GarenaPlus] "E:\Program Files\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O4 - Startup: WarKey.exe.lnk = Pacak\Desktop\warkey\WarKey.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files (x86)\COMODO\GeekBuddy\launcher.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GeekBuddy Remote Screen Protocol (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - E:\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15820 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Pacak\AppData\Roaming\Mozilla\Firefox\Profiles\ihdh8t4s.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://pl.yahoo.com?fr=fp-comodo"
prefs.js - "keyword.URL" - "http://pl.search.yahoo.com/search?fr=ytff-comodo&p="

"smartwebprinting@hp.com"=C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

e:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

e:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

e:\Program Files (x86)\Mozilla Firefox\searchplugins\
allegro-pl.xml
babylon.xml
fbc-pl.xml
google.xml
merlin-pl.xml
pwn-pl.xml
v9.xml
wikipedia-pl.xml
wp-pl.xml

C:\Users\Pacak\AppData\Roaming\Mozilla\Firefox\Profiles\ihdh8t4s.default\extensions\
ffxtlbr@babylon.com

C:\Users\Pacak\AppData\Roaming\Mozilla\Firefox\Profiles\ihdh8t4s.default\searchplugins\
browsemngr.xml
mngr.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - E:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-24 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-24 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DelReg"=C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe [2008-12-04 196608]
"Adobe Reader Speed Launcher"=E:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"CTSysVol"=C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [2005-10-31 57344]
"P17Helper"=Rundll32 P17.dll,P17Helper []
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10 49208]
""= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-08-31 3524536]
"NeroCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"NBKeyScan"=E:\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"tvncontrol"=C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe -controlservice -slave []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"*CA"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Clock Widget (HTC Home)"=E:\Program Files (x86)\HTC Home\Clock.exe [2011-11-28 2036736]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2012-08-31 964024]
"KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-08-31 21432]
"AQQ"=E:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe [2012-12-04 10742272]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"SpybotSD TeaTimer"=e:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"EADM"=E:\Program Files (x86)\Origin\Origin.exe [2012-11-30 3492504]
"GarenaPlus"=E:\Program Files\Garena Plus\GarenaMessenger.exe [2012-11-30 9063800]
"DAEMON Tools Lite"=E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2010-09-30 393216]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Start GeekBuddy.lnk - C:\Program Files (x86)\COMODO\GeekBuddy\launcher.exe

C:\Users\Pacak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
WarKey.exe.lnk - C:\Users\Pacak\Desktop\warkey\WarKey.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-12-15 13:35:19 ----D---- C:\rsit
2012-12-15 13:35:19 ----D---- C:\Program Files (x86)\trend micro
2012-12-15 12:55:10 ----D---- C:\Program Files (x86)\COMODO
2012-12-15 12:55:10 ----D---- C:\Program Files (x86)\Common Files\Comodo
2012-12-13 02:39:22 ----D---- C:\Program Files (x86)\ChomikBox
2012-12-12 13:08:41 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2012-12-12 13:08:28 ----A---- C:\Windows\SysWOW64\vbscript.dll
2012-12-12 13:08:23 ----A---- C:\Windows\SysWOW64\ieui.dll
2012-12-12 13:08:18 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2012-12-12 13:08:16 ----A---- C:\Windows\SysWOW64\url.dll
2012-12-12 13:08:12 ----A---- C:\Windows\SysWOW64\urlmon.dll
2012-12-12 13:08:05 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2012-12-12 13:08:02 ----A---- C:\Windows\SysWOW64\wininet.dll
2012-12-12 13:07:59 ----A---- C:\Windows\SysWOW64\jscript9.dll
2012-12-12 13:07:59 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-12-12 13:07:54 ----A---- C:\Windows\SysWOW64\iertutil.dll
2012-12-12 13:07:52 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2012-12-12 13:07:46 ----A---- C:\Windows\SysWOW64\mshtml.dll
2012-12-12 13:07:42 ----A---- C:\Windows\SysWOW64\ieframe.dll
2012-12-12 13:05:13 ----A---- C:\Windows\SysWOW64\atmlib.dll
2012-12-12 13:05:13 ----A---- C:\Windows\SysWOW64\atmfd.dll
2012-12-12 13:05:02 ----A---- C:\Windows\SysWOW64\tzres.dll
2012-12-12 13:04:32 ----A---- C:\Windows\SysWOW64\dpnet.dll
2012-12-12 13:03:48 ----A---- C:\Windows\SysWOW64\kernel32.dll
2012-12-12 13:03:47 ----A---- C:\Windows\SysWOW64\wow32.dll
2012-12-12 13:03:47 ----A---- C:\Windows\SysWOW64\setup16.exe
2012-12-12 13:03:47 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2012-12-12 13:03:47 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-12 13:03:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-12-12 13:03:46 ----A---- C:\Windows\SysWOW64\instnm.exe
2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-12-12 13:03:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 13:03:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-12-12 13:03:40 ----A---- C:\Windows\SysWOW64\user.exe
2012-12-11 11:35:30 ----D---- C:\Users\Pacak\AppData\Roaming\Xfire
2012-12-10 13:19:50 ----D---- C:\Program Files (x86)\Common Files\Skype
2012-12-10 13:19:47 ----RD---- C:\Program Files (x86)\Skype
2012-12-08 13:31:18 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-12-08 13:31:18 ----A---- C:\Windows\SysWOW64\msls31.dll
2012-12-08 13:31:17 ----A---- C:\Windows\SysWOW64\msrating.dll
2012-12-08 13:31:17 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2012-12-08 13:31:17 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2012-12-08 13:31:17 ----A---- C:\Windows\SysWOW64\iepeers.dll
2012-12-08 13:31:17 ----A---- C:\Windows\SysWOW64\ieakeng.dll
2012-12-08 13:31:17 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll
2012-12-08 13:31:16 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-12-08 13:31:16 ----A---- C:\Windows\SysWOW64\mshtmler.dll
2012-12-08 13:31:16 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2012-12-08 13:31:16 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\iesetup.dll
2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\iernonce.dll
2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\ieapfltr.dat
2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\ie4uinit.exe
2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\icardie.dll
2012-12-08 13:31:15 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2012-12-08 13:31:14 ----A---- C:\Windows\SysWOW64\wextract.exe
2012-12-08 13:31:14 ----A---- C:\Windows\SysWOW64\webcheck.dll
2012-12-08 13:31:14 ----A---- C:\Windows\SysWOW64\pngfilt.dll
2012-12-08 13:31:14 ----A---- C:\Windows\SysWOW64\inseng.dll
2012-12-08 13:31:14 ----A---- C:\Windows\SysWOW64\iexpress.exe
2012-12-08 13:31:13 ----A---- C:\Windows\SysWOW64\occache.dll
2012-12-08 13:31:13 ----A---- C:\Windows\SysWOW64\mshta.exe
2012-12-08 13:31:13 ----A---- C:\Windows\SysWOW64\imgutil.dll
2012-12-08 13:31:13 ----A---- C:\Windows\SysWOW64\ieakui.dll
2012-12-08 13:31:13 ----A---- C:\Windows\SysWOW64\ieaksie.dll
2012-12-08 13:31:13 ----A---- C:\Windows\SysWOW64\admparse.dll
2012-12-08 13:25:01 ----A---- C:\Windows\SysWOW64\wksprtPS.dll
2012-12-08 13:25:01 ----A---- C:\Windows\SysWOW64\tsgqec.dll
2012-12-08 13:25:01 ----A---- C:\Windows\SysWOW64\rdpendp_winip.dll
2012-12-08 13:25:01 ----A---- C:\Windows\SysWOW64\MsRdpWebAccess.dll
2012-12-08 13:25:01 ----A---- C:\Windows\SysWOW64\aaclient.dll
2012-12-08 13:25:00 ----A---- C:\Windows\SysWOW64\mstsc.exe
2012-12-08 13:24:59 ----A---- C:\Windows\SysWOW64\mstscax.dll
2012-12-08 13:23:19 ----A---- C:\Windows\SysWOW64\schannel.dll
2012-12-08 13:23:19 ----A---- C:\Windows\SysWOW64\ncrypt.dll
2012-12-08 13:23:18 ----A---- C:\Windows\SysWOW64\sspicli.dll
2012-12-08 13:23:18 ----A---- C:\Windows\SysWOW64\secur32.dll
2012-12-08 13:23:16 ----A---- C:\Windows\SysWOW64\qdvd.dll
2012-12-07 10:54:17 ----D---- C:\ProgramData\AutoKMS
2012-12-06 20:14:11 ----A---- C:\Windows\AutoKMS.exe
2012-12-06 20:05:44 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2012-12-06 20:05:42 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2012-12-06 20:05:05 ----D---- C:\Windows\PCHEALTH
2012-12-06 20:05:05 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2012-12-06 20:05:05 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-12-06 19:54:42 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-12-06 19:53:32 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2012-12-06 19:52:51 ----D---- C:\ProgramData\Microsoft Help
2012-12-06 19:52:51 ----D---- C:\Program Files (x86)\Microsoft Office
2012-12-06 19:52:33 ----RHD---- C:\MSOCache
2012-12-04 09:41:28 ----A---- C:\Windows\SysWOW64\drivers\CFRMD.sys
2012-11-29 13:43:33 ----A---- C:\Windows\SysWOW64\d2d1.dll
2012-11-25 15:09:19 ----D---- C:\Users\Pacak\AppData\Roaming\Sports Interactive
2012-11-25 12:39:19 ----A---- C:\Windows\d3dx.dat

======List of files/folders modified in the last 1 month======

2012-12-15 13:35:19 ----RD---- C:\Program Files (x86)
2012-12-15 13:35:00 ----D---- C:\Windows\Temp
2012-12-15 13:27:46 ----D---- C:\Users\Pacak\AppData\Roaming\Skype
2012-12-15 12:55:55 ----D---- C:\Windows\SysWOW64\drivers
2012-12-15 12:55:54 ----D---- C:\Windows\inf
2012-12-15 12:55:22 ----SHD---- C:\Windows\Installer
2012-12-15 12:55:22 ----SHD---- C:\Config.Msi
2012-12-15 12:55:19 ----D---- C:\Windows\winsxs
2012-12-15 12:55:10 ----D---- C:\Program Files (x86)\Common Files
2012-12-15 12:53:58 ----D---- C:\ProgramData\GarenaMessenger
2012-12-15 12:53:57 ----D---- C:\Users\Pacak\AppData\Roaming\GarenaPlus
2012-12-15 00:15:13 ----D---- C:\Users\Pacak\AppData\Roaming\OpenCandy
2012-12-14 23:38:38 ----SHD---- C:\System Volume Information
2012-12-14 21:49:49 ----HD---- C:\ProgramData
2012-12-14 21:31:55 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-12-14 21:21:18 ----D---- C:\Windows\Prefetch
2012-12-12 13:20:33 ----D---- C:\Windows\SysWOW64\pl-PL
2012-12-12 13:20:33 ----D---- C:\Windows\SysWOW64
2012-12-12 13:20:33 ----D---- C:\Windows\System32
2012-12-12 13:20:32 ----D---- C:\Windows\SysWOW64\migration
2012-12-12 13:20:32 ----D---- C:\Windows\AppPatch
2012-12-12 13:20:32 ----D---- C:\Program Files (x86)\Internet Explorer
2012-12-12 13:13:47 ----D---- C:\Windows\debug
2012-12-11 20:21:30 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-12-11 17:22:42 ----D---- C:\Users\Pacak\AppData\Roaming\Media Player Classic
2012-12-11 11:39:09 ----D---- C:\Windows
2012-12-11 11:32:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-12-11 00:32:21 ----D---- C:\Users\Pacak\AppData\Roaming\DAEMON Tools Lite
2012-12-11 00:30:45 ----D---- C:\Windows\Panther
2012-12-11 00:30:44 ----D---- C:\Windows\Logs
2012-12-10 13:19:55 ----D---- C:\ProgramData\Skype
2012-12-09 19:40:54 ----SD---- C:\Users\Pacak\AppData\Roaming\Microsoft
2012-12-09 11:52:50 ----A---- C:\Windows\win.ini
2012-12-09 11:52:47 ----D---- C:\Program Files (x86)\Common Files\System
2012-12-09 11:43:24 ----D---- C:\Windows\SysWOW64\en-US
2012-12-09 11:43:19 ----D---- C:\Windows\PolicyDefinitions
2012-12-09 11:43:16 ----D---- C:\Windows\SysWOW64\wbem
2012-12-07 23:17:28 ----D---- C:\Windows\Microsoft.NET
2012-12-07 15:45:02 ----RSD---- C:\Windows\assembly
2012-12-07 10:53:40 ----D---- C:\ProgramData\Browser Manager
2012-12-06 21:24:02 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2012-12-06 20:07:01 ----RSD---- C:\Windows\Fonts
2012-12-06 20:06:44 ----D---- C:\Windows\ShellNew
2012-12-06 20:06:43 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2012-12-06 20:06:26 ----D---- C:\Program Files (x86)\MSBuild
2012-12-06 20:05:05 ----SD---- C:\ProgramData\Microsoft
2012-12-06 20:05:05 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-12-06 20:04:43 ----D---- C:\Users\Pacak\AppData\Roaming\uTorrent
2012-12-06 19:59:24 ----D---- C:\Program Files (x86)\Google
2012-12-06 19:55:33 ----SHD---- C:\$Recycle.Bin
2012-12-06 19:54:04 ----RD---- C:\Program Files
2012-12-02 12:41:36 ----D---- C:\ProgramData\Origin
2012-12-02 12:41:24 ----D---- C:\Users\Pacak\AppData\Roaming\Origin
2012-11-22 14:23:24 ----D---- C:\Program Files (x86)\v9Soft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys []
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys []
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys []
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys []
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\DRIVERS\ctsfm2k.sys []
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\DRIVERS\ctoss2k.sys []
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys []
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys []
S1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2012-12-04 37976]
S3 ALSysIO;ALSysIO; \??\C:\Users\Pacak\AppData\Local\Temp\ALSysIO64.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys []
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys [2010-04-12 44344]
S3 GGSAFERDriver;GGSAFER Driver; \??\E:\Program Files\Garena Plus\Room\safedrv.sys []
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 4\LU4\NTIOLib_X64.sys [2010-10-22 14136]
S3 NTIOLib_1_0_5;NTIOLib_1_0_5; \??\C:\Program Files (x86)\MSI\OverclockingCenter\NTIOLib_X64.sys [2010-12-20 11888]
S3 P1764;Sound Blaster Audigy; C:\Windows\system32\drivers\P1764.sys []
S3 PCAlertDriver;PCAlertDriver; \??\E:\Program Files (x86)\MSI\PC Alert 4\NTGLM7X64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 RushTopDevice_J;RushTopDevice_J; \??\C:\Program Files (x86)\MSI\OverclockingCenter\RushJ64.sys [2009-03-05 33080]
S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files (x86)\MSI\OverclockingCenter\RushTop64.sys [2008-12-19 75576]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys []
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys []
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 361984]
R2 Browser Manager;Browser Manager; C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe [2012-12-05 2403352]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [2012-11-01 70352]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 2828408]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 GeekBuddyRSP;GeekBuddy Remote Screen Protocol; C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [2012-10-31 1467088]
R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; E:\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-11 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-08-07 79360]
S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-16 116648]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-11-04 529744]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------
[/log]

Prosze o pomoc i pozdrawiam

Gość
komentarz
komentarz

Pierwsza sprawa: Wyłącz ochrone w antywirusie
Druga sprawa:W systemie może byc[b] tylko 1 [/b]Antywirus
Trzecia:Wywalaj spybota to do niczego sie tera nie nadaje.


1. Uruchom OTL i w okno [b]Własne opcje skanowania /skrypt[/b]


Wklej

[code]
:Services
Browser Manager
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?u...8&ts=1355249658
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?u...8&ts=1355249658
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.v9.com...q={searchTerms}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperba...q={searchTerms}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylo...0006c626ddb478d
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?u...8&ts=1355249658
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperba...q={searchTerms}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperba...q={searchTerms}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.yahoo.com?fr=fp-comodo
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperba...q={searchTerms}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperba...q={searchTerms}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperba...q={searchTerms}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com...q={searchTerms}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{0E756860-460A-4F02-8D89-52D278659C5D}: "URL" = http://websearch.ask...41-4BEA0B6675DE
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0006c626ddb478d
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com...q={searchTerms}
IE - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://pl.search.yah...}&fr=chr-comodo
FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.5.0
FF - prefs.js..extensions.enabledAddons: {58bd07eb-0ee0-4df0-8121-dc9b693373df}:2.5.911.18
FF - prefs.js..browser.search.order.1: "v9"
FF - prefs.js..browser.startup.homepage: "http://pl.yahoo.com?fr=fp-comodo"
FF - prefs.js..keyword.URL: "http://pl.search.yahoo.com/search?fr=ytff-comodo&p="
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKU\S-1-5-21-980624602-1416993403-1426546977-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\RunOnce: [*CA] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O20 - AppInit_DLLs: (c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll) - c:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()

:Files

C:\ProgramData\Browser Manager

:Commands
[emptytemp]
[/code]

Kliknij [b]Wykonaj skrypt[/b]


2.Użyj adwcleaner-a

http://general-changelog-team.fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner

Opcja delete


3.Wyskanuj system skanerem malwarebytes anti-malware(odrzuć ofertę testową)


4.Podaj nowy log z OTL

pacyna
komentarz
komentarz (edytowane)

[log]OTL logfile created on: 2012-12-15 16:22:39 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Pobieranie\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

8,00 Gb Total Physical Memory | 5,54 Gb Available Physical Memory | 69,22% Memory free
12,54 Gb Paging File | 9,81 Gb Available in Paging File | 78,20% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 34,18 Gb Total Space | 0,96 Gb Free Space | 2,82% Space Free | Partition Type: NTFS
Drive D: | 214,84 Gb Total Space | 7,91 Gb Free Space | 3,68% Space Free | Partition Type: NTFS
Drive E: | 216,73 Gb Total Space | 1,58 Gb Free Space | 0,73% Space Free | Partition Type: NTFS

Computer Name: PACAK-KOMPUTER | User Name: Pacak | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-12-15 13:07:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Pobieranie\Downloads\OTL.exe
PRC - [2012-12-06 20:14:12 | 000,446,258 | ---- | M] () -- C:\Windows\AutoKMS.exe
PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-12-04 23:27:38 | 010,742,272 | ---- | M] (Creative Team S.A.) -- E:\Program Files\WapSter\WapSter AQQ\AQQ.exe
PRC - [2012-11-30 14:52:40 | 009,063,800 | ---- | M] () -- E:\Program Files\Garena Plus\GarenaMessenger.exe
PRC - [2012-11-30 12:12:17 | 003,492,504 | ---- | M] (Electronic Arts) -- E:\Program Files (x86)\Origin\Origin.exe
PRC - [2012-10-16 16:30:38 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012-08-31 08:52:22 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012-08-31 08:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012-08-31 08:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2011-05-10 01:41:12 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
PRC - [2010-11-21 04:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2009-07-14 02:14:44 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WerFault.exe
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe
PRC - [2009-05-21 21:13:36 | 000,275,768 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2009-05-21 20:46:36 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2009-05-21 20:46:36 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
PRC - [2009-05-21 17:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
PRC - [2008-06-12 01:38:00 | 000,034,672 | ---- | M] (Adobe Systems Incorporated) -- E:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
PRC - [2008-02-28 16:07:48 | 000,529,704 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
PRC - [2008-02-18 15:29:12 | 000,877,864 | ---- | M] (Nero AG) -- E:\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2006-12-19 08:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe
PRC - [2005-10-31 09:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
PRC - [2001-01-13 01:15:44 | 000,054,272 | ---- | M] () -- C:\ProgramData\AutoKMS\Resources\MSGBox\Messagebox.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-12-15 16:19:09 | 000,115,137 | ---- | M] () -- C:\Users\Pacak\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
MOD - [2012-12-15 13:07:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Pobieranie\Downloads\OTL.exe
MOD - [2012-12-12 13:06:31 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2012-12-12 13:06:31 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2012-12-05 18:09:41 | 002,148,376 | R--- | M] () -- c:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll
MOD - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012-12-05 02:14:29 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
MOD - [2012-12-05 02:14:28 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libegl.dll
MOD - [2012-12-05 02:14:27 | 009,963,112 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\icudt.dll
MOD - [2012-12-05 02:14:23 | 041,743,976 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\chrome.dll
MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
MOD - [2012-12-04 23:27:38 | 010,742,272 | ---- | M] (Creative Team S.A.) -- E:\Program Files\WapSter\WapSter AQQ\AQQ.exe
MOD - [2012-11-30 14:52:40 | 009,063,800 | ---- | M] () -- E:\Program Files\Garena Plus\GarenaMessenger.exe
MOD - [2012-11-30 12:53:12 | 000,021,504 | ---- | M] () -- E:\Program Files\Garena Plus\VersionModule.dll
MOD - [2012-11-30 12:43:49 | 000,287,232 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\DailyTaskPlugin.dll
MOD - [2012-11-30 12:43:39 | 000,345,600 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\GarenaTalkPlugin.dll
MOD - [2012-11-30 12:40:07 | 000,480,768 | ---- | M] () -- E:\Program Files\Garena Plus\CxImage.dll
MOD - [2012-11-30 12:12:34 | 000,265,216 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- E:\Program Files (x86)\Origin\ssleay32.dll
MOD - [2012-11-30 12:12:34 | 000,062,976 | ---- | M] () -- E:\Program Files (x86)\Origin\tufao.dll
MOD - [2012-11-30 12:12:33 | 003,514,368 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\QtXmlPatterns4.dll
MOD - [2012-11-30 12:12:32 | 018,627,072 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\QtWebKit4.dll
MOD - [2012-11-30 12:12:32 | 000,411,648 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\QtXml4.dll
MOD - [2012-11-30 12:12:27 | 009,671,168 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\QtGui4.dll
MOD - [2012-11-30 12:12:27 | 001,226,752 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\QtNetwork4.dll
MOD - [2012-11-30 12:12:25 | 002,923,008 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\QtCore4.dll
MOD - [2012-11-30 12:12:24 | 027,912,360 | ---- | M] (Electronic Arts) -- E:\Program Files (x86)\Origin\OriginClient.dll
MOD - [2012-11-30 12:12:17 | 003,492,504 | ---- | M] (Electronic Arts) -- E:\Program Files (x86)\Origin\Origin.exe
MOD - [2012-11-30 12:12:13 | 001,156,608 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- E:\Program Files (x86)\Origin\libeay32.dll
MOD - [2012-11-30 12:11:38 | 000,312,320 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\imageformats\qtiff4.dll
MOD - [2012-11-30 12:11:38 | 000,264,192 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\imageformats\qmng4.dll
MOD - [2012-11-30 12:11:38 | 000,211,968 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\imageformats\qjpeg4.dll
MOD - [2012-11-30 12:11:38 | 000,032,256 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\imageformats\qico4.dll
MOD - [2012-11-30 12:11:38 | 000,028,672 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\imageformats\qgif4.dll
MOD - [2012-11-30 12:11:38 | 000,022,528 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Program Files (x86)\Origin\imageformats\qtga4.dll
MOD - [2012-11-29 22:32:28 | 001,400,320 | ---- | M] () -- E:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\GGNet.dll
MOD - [2012-11-29 12:42:20 | 000,313,344 | ---- | M] () -- E:\Program Files\Garena Plus\lib\Http.dll
MOD - [2012-11-28 15:16:14 | 000,223,232 | ---- | M] () -- E:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\Contact.dll
MOD - [2012-11-28 12:13:06 | 000,938,496 | ---- | M] () -- E:\Program Files\Garena Plus\lib\XLL.dll
MOD - [2012-11-28 12:03:11 | 000,718,848 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\ggplugin.dll
MOD - [2012-11-28 12:00:52 | 000,228,864 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\PluginNews.dll
MOD - [2012-11-28 12:00:45 | 000,178,688 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\StatsPlugin.dll
MOD - [2012-11-23 10:02:48 | 001,537,024 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\FileSender.dll
MOD - [2012-11-19 05:25:25 | 001,081,344 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\GaFileTransfer.dll
MOD - [2012-11-15 21:51:06 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\adaaf894878905f022f824b84fcd59a8\System.ServiceProcess.ni.dll
MOD - [2012-11-15 21:50:47 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\38e2909de0b5e7887b46dd28725ba718\System.Management.ni.dll
MOD - [2012-11-15 21:23:26 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\0e5254a1a3d59b3a037029e5af1bd32b\System.Runtime.Remoting.ni.dll
MOD - [2012-11-15 21:23:21 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\aebb94e0eea9c39ec18a7915a711f621\System.Xaml.ni.dll
MOD - [2012-11-15 21:16:12 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7c8bffb6e42a248341d7821a8464ef0b\PresentationFramework.ni.dll
MOD - [2012-11-15 21:16:02 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74fade4c3e490c62af3d60742fb078a\PresentationCore.ni.dll
MOD - [2012-11-15 21:15:55 | 003,882,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dfe6e22159d3f5bf61b5bfe1da6f2758\WindowsBase.ni.dll
MOD - [2012-11-15 21:15:53 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\46215c6276fca8ba6b8a765dfa384c73\PresentationFramework.Aero.ni.dll
MOD - [2012-11-15 21:10:14 | 013,198,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ecbb113bbad9034fa8385c15f73fb4cf\System.Windows.Forms.ni.dll
MOD - [2012-11-15 21:10:06 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14d2241be401f66cc1898dc5dc383b80\System.Core.ni.dll
MOD - [2012-11-15 21:10:04 | 001,666,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\a8dfd1388afc0a50f39f9e1dc7ecd45c\System.Drawing.ni.dll
MOD - [2012-11-15 21:10:04 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c63fe1e324904c893d2a5d02f0783658\System.Configuration.ni.dll
MOD - [2012-11-15 21:10:03 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e10bbd79027aa4c1ca8950b78fd640d4\System.Xml.ni.dll
MOD - [2012-11-15 21:10:00 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\379599837ade465016dd5d96798b2766\System.ni.dll
MOD - [2012-11-15 21:09:55 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dbc34d53e1fbedabecd201fe4f264961\mscorlib.ni.dll
MOD - [2012-11-15 12:19:08 | 000,186,368 | ---- | M] () -- E:\Program Files\Garena Plus\ImageModule.dll
MOD - [2012-11-14 03:48:26 | 012,320,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012-11-14 03:14:59 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-11-14 02:57:44 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-11-14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-11-14 02:46:38 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-11-08 12:28:10 | 000,027,136 | ---- | M] () -- E:\Program Files\Garena Plus\DibModule.dll
MOD - [2012-11-08 12:28:09 | 000,045,056 | ---- | M] () -- E:\Program Files\Garena Plus\FileLoader.dll
MOD - [2012-11-08 12:28:07 | 000,169,472 | ---- | M] () -- E:\Program Files\Garena Plus\ggspawn.dll
MOD - [2012-11-08 12:27:53 | 000,081,408 | ---- | M] () -- E:\Program Files\Garena Plus\PluginKernel.dll
MOD - [2012-11-08 12:27:47 | 000,018,944 | ---- | M] () -- E:\Program Files\Garena Plus\PluginModule.dll
MOD - [2012-11-08 00:37:34 | 000,301,264 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll
MOD - [2012-10-30 11:19:43 | 000,059,904 | ---- | M] () -- E:\Program Files\Garena Plus\Plugins\PlatformPlugin.dll
MOD - [2012-10-28 16:14:04 | 001,094,144 | ---- | M] () -- E:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\SMS.dll
MOD - [2012-10-16 08:39:52 | 000,561,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll
MOD - [2012-10-09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2012-10-04 17:47:41 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2012-10-04 17:47:40 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2012-10-04 17:40:23 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\acwow64.dll
MOD - [2012-09-28 03:23:00 | 005,557,928 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdag.dll
MOD - [2012-09-28 02:43:28 | 000,935,424 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll
MOD - [2012-09-28 02:22:30 | 002,691,584 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdva.dll
MOD - [2012-09-28 02:10:58 | 000,082,944 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiu9pag.dll
MOD - [2012-09-13 07:19:39 | 000,099,328 | ---- | M] () -- E:\Program Files\Garena Plus\lib\UILayout.dll
MOD - [2012-09-13 07:19:19 | 000,048,640 | ---- | M] () -- E:\Program Files\Garena Plus\lib\XmlUIModule.dll
MOD - [2012-09-10 06:43:02 | 001,664,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
MOD - [2012-09-06 12:30:31 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2012-09-06 12:30:27 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012-09-06 12:30:27 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012-09-06 12:30:23 | 000,159,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
MOD - [2012-09-06 07:06:20 | 006,730,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
MOD - [2012-09-06 07:06:20 | 000,056,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
MOD - [2012-08-31 08:52:22 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012-08-31 08:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MOD - [2012-08-31 08:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
MOD - [2012-08-31 08:45:00 | 000,250,368 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
MOD - [2012-08-30 15:17:05 | 002,984,960 | ---- | M] () -- E:\Program Files\Garena Plus\ggdownloader.dll
MOD - [2012-08-28 09:05:34 | 000,307,200 | ---- | M] ( MarkAny.) -- C:\Program Files (x86)\Samsung\Kies\External\MACSSDK.dll
MOD - [2012-08-24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-08-24 17:57:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2012-08-24 17:57:40 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2012-08-24 17:57:37 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2012-08-24 17:53:35 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2012-08-03 09:31:57 | 000,228,864 | ---- | M] (The cURL library, [url="http://curl.haxx.se/"]http://curl.haxx.se/[/url]) -- E:\Program Files\Garena Plus\libcurl.dll
MOD - [2012-07-31 11:38:37 | 000,156,160 | ---- | M] () -- E:\Program Files\Garena Plus\libzmq.dll
MOD - [2012-07-27 07:59:42 | 000,010,240 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\ClientTcp.dll
MOD - [2012-07-27 07:59:28 | 000,061,952 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\UdtLib.dll
MOD - [2012-07-27 07:59:23 | 000,163,328 | ---- | M] () -- E:\Program Files\Garena Plus\lib\fs\YYFileSystem.dll
MOD - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-06-06 06:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2012-06-02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012-06-02 05:36:29 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2012-05-21 12:43:10 | 001,274,880 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- E:\Program Files\WapSter\WapSter AQQ\libeay32.dll
MOD - [2012-05-21 12:43:10 | 000,330,752 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- E:\Program Files\WapSter\WapSter AQQ\ssleay32.dll
MOD - [2012-05-15 03:11:46 | 000,190,976 | ---- | M] (Garena Online Pte Ltd) -- E:\Program Files\Garena Plus\lib\delay_load\GaVoiceGroup.dll
MOD - [2012-05-05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2012-04-24 02:19:17 | 000,238,592 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\MediaEngine.dll
MOD - [2012-04-21 05:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
MOD - [2012-04-13 04:12:19 | 000,059,392 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\AudioMixerLib.dll
MOD - [2012-04-13 04:12:18 | 000,019,968 | ---- | M] () -- E:\Program Files\Garena Plus\ServerMemAlloc.dll
MOD - [2012-04-07 12:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2012-03-08 09:56:40 | 000,510,464 | ---- | M] () -- E:\Program Files\Garena Plus\lib\delay_load\RSALib.dll
MOD - [2012-03-08 09:56:32 | 001,097,216 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- E:\Program Files\Garena Plus\libeay32.dll
MOD - [2012-03-03 06:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-03-01 06:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-02-22 09:52:18 | 000,162,304 | ---- | M] () -- E:\Program Files\Garena Plus\lame_enc.dll
MOD - [2012-02-22 09:52:16 | 001,739,264 | ---- | M] (Apache Software Foundation) -- E:\Program Files\Garena Plus\log4cxx.dll
MOD - [2012-02-22 09:52:16 | 000,573,100 | ---- | M] () -- E:\Program Files\Garena Plus\sqlite3.dll
MOD - [2012-02-22 09:52:16 | 000,197,632 | ---- | M] () -- E:\Program Files\Garena Plus\lib\TaskManagerLib.dll
MOD - [2012-02-22 09:52:16 | 000,178,176 | ---- | M] () -- E:\Program Files\Garena Plus\lib\MP3Module.dll
MOD - [2012-02-22 09:52:16 | 000,122,136 | ---- | M] () -- E:\Program Files\Garena Plus\ggcode.dll
MOD - [2012-02-22 09:52:16 | 000,097,792 | ---- | M] () -- E:\Program Files\Garena Plus\CommonLib.dll
MOD - [2012-01-13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2012-01-04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011-12-16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-12-15 07:07:16 | 000,386,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
MOD - [2011-11-17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-17 06:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-06-12 11:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) -- C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
MOD - [2011-06-11 00:58:52 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll
MOD - [2011-06-11 00:58:52 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp100.dll
MOD - [2011-05-24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-05-24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-05-18 17:57:22 | 000,413,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2011-05-10 01:41:12 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
MOD - [2011-03-15 07:13:46 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2011-03-11 06:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011-03-03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-01-20 07:15:56 | 008,906,704 | ---- | M] (Microsoft Corporation) -- C:\PROGRA~2\MICROS~4\Office14\1045\GrooveIntlResource.dll
MOD - [2010-11-21 04:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-21 04:25:11 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2010-11-21 04:25:11 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll
MOD - [2010-11-21 04:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-21 04:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-21 04:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-21 04:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-21 04:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-21 04:24:28 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2010-11-21 04:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010-11-21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-21 04:24:23 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010-11-21 04:24:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-21 04:24:16 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-21 04:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-21 04:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-21 04:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-21 04:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-21 04:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010-11-21 04:24:15 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Faultrep.dll
MOD - [2010-11-21 04:24:14 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msftedit.dll
MOD - [2010-11-21 04:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-21 04:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-21 04:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-21 04:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-21 04:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010-11-21 04:24:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-21 04:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-21 04:24:08 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010-11-21 04:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010-11-21 04:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-21 04:24:08 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-21 04:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-21 04:24:03 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll
MOD - [2010-11-21 04:24:03 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sqmapi.dll
MOD - [2010-11-21 04:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-21 04:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-21 04:24:02 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010-11-21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-21 04:24:01 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010-11-21 04:24:01 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll
MOD - [2010-11-21 04:24:01 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-21 04:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-21 04:23:55 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-21 04:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-21 04:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010-11-21 04:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-21 04:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-21 04:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010-09-30 21:26:58 | 000,208,896 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH.dll
MOD - [2010-06-28 22:06:38 | 000,472,576 | ---- | M] (Krzysztof Grochocki (Beherit)) -- C:\Users\Pacak\WapSter\AQQ Folder\Profiles\Łukasz\Plugins\AQQRestarter.dll
MOD - [2010-05-26 10:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DCompiler_43.dll
MOD - [2010-05-26 10:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DX9_43.dll
MOD - [2010-03-18 12:16:28 | 000,801,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
MOD - [2010-03-18 12:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100_clr0400.dll
MOD - [2010-02-28 02:13:36 | 000,049,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
MOD - [2009-12-10 21:01:16 | 000,593,920 | ---- | M] (VOY) -- C:\Users\Pacak\WapSter\AQQ Folder\Profiles\Łukasz\Plugins\Okrety.dll
MOD - [2009-07-14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009-07-14 02:16:18 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\werui.dll
MOD - [2009-07-14 02:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\upnphost.dll
MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 02:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 02:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 02:16:15 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ssdpapi.dll
MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 02:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll
MOD - [2009-07-14 02:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 02:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PeerDist.dll
MOD - [2009-07-14 02:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 02:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 02:15:50 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp60.dll
MOD - [2009-07-14 02:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 02:15:46 | 002,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll
MOD - [2009-07-14 02:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msiltcfg.dll
MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-07-14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 02:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 02:15:27 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\idndl.dll
MOD - [2009-07-14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 02:15:21 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fltLib.dll
MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 02:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 02:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009-07-14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 02:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 02:14:44 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WerFault.exe
MOD - [2009-07-14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe
MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 02:10:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll
MOD - [2009-07-14 02:09:53 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\security.dll
MOD - [2009-07-14 02:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-06-19 22:47:52 | 000,293,888 | ---- | M] () -- C:\Users\Pacak\WapSter\AQQ Folder\Profiles\Łukasz\Plugins\SpellChecker.dll
MOD - [2009-05-21 21:13:36 | 000,275,768 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
MOD - [2009-05-21 21:13:36 | 000,205,312 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
MOD - [2009-05-21 21:13:36 | 000,150,528 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
MOD - [2009-05-21 21:13:36 | 000,048,128 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
MOD - [2009-05-21 21:03:06 | 000,213,504 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll
MOD - [2009-05-21 21:03:06 | 000,049,664 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll
MOD - [2009-05-21 20:46:38 | 000,948,224 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
MOD - [2009-05-21 20:46:38 | 000,203,264 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqssm08.dll
MOD - [2009-05-21 20:46:38 | 000,012,288 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
MOD - [2009-05-21 20:46:36 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
MOD - [2009-05-21 20:46:36 | 000,485,888 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll
MOD - [2009-05-21 20:46:36 | 000,307,712 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll
MOD - [2009-05-21 20:46:36 | 000,285,184 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.dll
MOD - [2009-05-21 20:46:36 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
MOD - [2009-05-21 20:46:36 | 000,057,856 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSplh08.dll
MOD - [2009-05-21 19:09:24 | 000,554,496 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
MOD - [2009-05-21 19:09:24 | 000,338,432 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
MOD - [2009-05-21 19:05:48 | 000,326,144 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll
MOD - [2009-05-21 19:05:48 | 000,097,280 | ---- | M] (Hewlett Packard) -- C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbevst.dll
MOD - [2009-05-21 18:31:52 | 001,170,944 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll
MOD - [2009-05-21 18:31:52 | 000,538,112 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll
MOD - [2009-05-21 18:31:52 | 000,292,864 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll
MOD - [2009-05-21 18:31:52 | 000,274,432 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
MOD - [2009-05-21 18:31:52 | 000,032,256 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
MOD - [2009-05-21 17:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
MOD - [2009-05-21 17:57:00 | 000,040,960 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll
MOD - [2009-05-21 17:57:00 | 000,038,912 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpreh.dll
MOD - [2008-12-03 19:05:44 | 000,033,792 | ---- | M] (Hewlett-Packard) -- C:\Windows\SysWOW64\HPZipr12.dll
MOD - [2008-06-12 01:38:00 | 000,034,672 | ---- | M] (Adobe Systems Incorporated) -- E:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
MOD - [2008-03-28 14:57:30 | 000,014,848 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysWOW64\P17RunE.dll
MOD - [2006-05-03 09:52:12 | 000,110,592 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\GDICtrl3.skc
MOD - [2006-03-31 16:26:40 | 000,331,776 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\GDICtrl.skc
MOD - [2006-03-31 09:10:08 | 000,151,552 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\GDICtrl2.skc
MOD - [2006-03-28 15:21:56 | 000,110,592 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\RtxCtrl.skc
MOD - [2006-03-24 08:29:36 | 000,155,648 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTTheme.dll
MOD - [2005-10-31 09:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
MOD - [2005-10-25 09:31:14 | 000,077,824 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Creative\Shared Files\mxlib.dll
MOD - [2005-10-21 16:57:32 | 000,040,960 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Creative\Shared Files\CtrlSrc.dll
MOD - [2005-10-20 13:49:06 | 000,024,660 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.crl
MOD - [2005-05-03 12:38:42 | 000,064,512 | ---- | M] () -- C:\Windows\SysWOW64\P17.DLL
MOD - [2002-11-22 00:01:00 | 000,053,248 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTIniF.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2012-11-08 00:37:39 | 002,828,408 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:[b]64bit:[/b] - [2012-09-28 15:43:40 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:[b]64bit:[/b] - [2012-09-28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2012-09-12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2012-09-12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-12-11 20:21:30 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-11-04 22:04:32 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-09-06 02:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-08-07 01:01:33 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006-12-19 08:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-11-24 16:49:10 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2012-11-24 16:44:36 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2012-09-28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2012-09-28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2012-08-30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2012-08-23 15:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012-08-23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2012-04-09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-06-10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-05-13 02:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:[b]64bit:[/b] - [2011-05-13 02:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:[b]64bit:[/b] - [2011-05-13 02:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:[b]64bit:[/b] - [2011-05-13 02:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-02-18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:[b]64bit:[/b] - [2009-12-22 01:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-05 02:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:[b]64bit:[/b] - [2008-12-26 11:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV:[b]64bit:[/b] - [2007-02-05 09:49:20 | 001,529,856 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17)
DRV:[b]64bit:[/b] - [2005-07-07 09:19:08 | 001,579,008 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\P1764.SYS -- (P1764)
DRV:[b]64bit:[/b] - [2005-02-28 04:12:50 | 000,205,824 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTOSS2K.SYS -- (ossrv)
DRV:[b]64bit:[/b] - [2005-02-28 04:12:46 | 000,284,160 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2010-12-20 13:50:44 | 000,011,888 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\NTIOLib_X64.sys -- (NTIOLib_1_0_5)
DRV - [2010-10-22 09:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 4\LU4\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
DRV - [2010-04-12 10:36:26 | 000,044,344 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys -- (DualCoreCenter)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-03-05 21:55:20 | 000,033,080 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\RushJ64.sys -- (RushTopDevice_J)
DRV - [2008-12-19 03:17:36 | 000,075,576 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\RushTop64.sys -- (RushTopDevice2)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Pacak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-22 10:43:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: e:\Program Files (x86)\Mozilla Firefox\components [2012-09-10 09:56:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: e:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-22 10:43:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firefox@mozilla.com: C:\Users\Pacak\AppData\Roaming\firefox@mozilla.com

[2012-09-17 15:35:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pacak\AppData\Roaming\mozilla\Extensions
[2012-08-07 13:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: [url="http://www.google.com/"]http://www.google.com/[/url]
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: [url="http://www.google.com/"]http://www.google.com/[/url]
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = E:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Pacak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: TV = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.11_0\
CHR - Extension: YouTube = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Chrome Updater = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoijihiiolhlopbdlcphkfdobmkfkap\1.1_0\
CHR - Extension: Bowling 3D = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemohgpikgjbgmdfbfjdailocichgbjm\2.0_0\
CHR - Extension: AdBlock = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.51_0\
CHR - Extension: Bubble Shooter-HD = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\
CHR - Extension: Szybka Wyszukiwarka = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneiphgeigocbbbojlnknhmknlnmdjnf\1.3_0\
CHR - Extension: Duck Gravity = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpikpdaalmlcipfphefaajfiofglcma\1.3.0_0\
CHR - Extension: Gmail = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: TV = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.11_0\
CHR - Extension: YouTube = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Chrome Updater = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoijihiiolhlopbdlcphkfdobmkfkap\1.1_0\
CHR - Extension: Bowling 3D = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemohgpikgjbgmdfbfjdailocichgbjm\2.0_0\
CHR - Extension: AdBlock = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.51_0\
CHR - Extension: Bubble Shooter-HD = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\
CHR - Extension: Szybka Wyszukiwarka = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneiphgeigocbbbojlnknhmknlnmdjnf\1.3_0\
CHR - Extension: Duck Gravity = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpikpdaalmlcipfphefaajfiofglcma\1.3.0_0\
CHR - Extension: Gmail = C:\Users\Pacak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DelReg] C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NBKeyScan] E:\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [P17Helper] C:\Windows\SysWow64\P17.DLL ()
O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [AQQ] E:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.)
O4 - HKCU..\Run: [Clock Widget (HTC Home)] E:\Program Files (x86)\HTC Home\Clock.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EADM] E:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [GarenaPlus] E:\Program Files\Garena Plus\GarenaMessenger.exe ()
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - Startup: C:\Users\Pacak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WarKey.exe.lnk = C:\Users\Pacak\Desktop\warkey\WarKey.exe (YuLv.Net)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} [url="http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab"]http://ccfiles.creat...13/CTPIDPDE.cab[/url] (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} [url="http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab"]http://ccfiles.creat...015/CTSUEng.cab[/url] (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} [url="http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab"]http://ccfiles.creat...10926/CTPID.cab[/url] (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 46.148.166.31 46.148.166.33
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04AE9F5A-D32F-491F-AC6A-7BCBA5FE968B}: DhcpNameServer = 46.148.166.31 46.148.166.33
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll) - c:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-12-15 14:51:24 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Malwarebytes
[2012-12-15 14:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-12-15 14:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-12-15 14:51:07 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-12-15 13:35:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012-12-15 13:35:19 | 000,000,000 | ---D | C] -- C:\rsit
[2012-12-15 12:55:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\COMODO
[2012-12-13 02:39:43 | 000,000,000 | ---D | C] -- C:\Users\Pacak\.gstreamer-0.10
[2012-12-13 02:39:40 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\ChomikBox
[2012-12-13 02:39:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl
[2012-12-13 02:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ChomikBox
[2012-12-11 11:36:28 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\gothic3
[2012-12-11 11:35:30 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Xfire
[2012-12-11 11:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire
[2012-12-11 11:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic III
[2012-12-10 13:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-12-10 13:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-12-10 13:19:47 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012-12-07 10:54:17 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoKMS
[2012-12-06 20:13:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\Pliki programu Outlook
[2012-12-06 20:07:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2012-12-06 20:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2012-12-06 20:05:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012-12-06 20:05:05 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012-12-06 20:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2012-12-06 20:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012-12-06 19:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012-12-06 19:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012-12-06 19:53:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012-12-06 19:52:58 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Microsoft Help
[2012-12-06 19:52:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012-12-06 19:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012-12-06 19:52:33 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012-11-29 16:12:53 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bink and Smacker
[2012-11-26 16:03:54 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gothic Multiplayer
[2012-11-25 21:36:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
[2012-11-25 18:02:47 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\SKIDROW
[2012-11-25 17:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
[2012-11-25 15:13:25 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Chromium
[2012-11-25 15:09:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2012-11-25 15:09:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Sports Interactive
[2012-11-25 15:09:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Sports Interactive
[2012-11-25 00:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MoorHunt
[2012-11-24 16:49:10 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012-11-24 16:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-11-20 17:03:36 | 000,000,000 | R--D | C] -- C:\Users\Pacak\Documents\Scanned Documents
[2012-11-20 17:03:36 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\Fax
[2012-11-04 23:36:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2012-11-04 19:43:53 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Publish Providers
[2012-11-04 19:39:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2012-11-04 19:38:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2012-11-04 19:38:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2012-11-04 18:54:21 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Sony
[2012-11-04 18:48:19 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Sony
[2012-11-02 12:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012-11-02 12:19:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2012-11-02 12:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012-11-02 12:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-10-30 11:58:02 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\MOHW
[2012-10-29 15:04:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2012-10-29 13:00:57 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\PunkBuster
[2012-10-29 13:00:49 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\MOHW_DayOnePatch_PC
[2012-10-29 12:43:14 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Origin
[2012-10-29 12:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2012-10-29 12:42:52 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Origin
[2012-10-29 12:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012-10-29 12:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012-10-29 12:38:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012-10-27 20:13:18 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-10-25 23:16:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-10-23 18:18:36 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Opera
[2012-10-23 18:18:36 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Opera
[2012-10-23 18:18:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2012-10-22 00:48:54 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Garena
[2012-10-22 00:48:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Garena
[2012-10-21 15:23:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt
[2012-10-21 15:14:48 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Nero
[2012-10-21 15:08:35 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Local\Ahead
[2012-10-21 15:08:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NeroInstall.bak
[2012-10-21 15:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
[2012-10-21 15:03:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012-10-21 15:03:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2012-10-21 14:38:59 | 000,000,000 | ---D | C] -- C:\Users\Pacak\Documents\Alcohol 120%
[2012-10-21 14:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2012-10-21 14:32:39 | 000,564,824 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2012-10-21 14:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012-10-21 14:23:19 | 000,569,344 | ---- | C] (Pegasus Software,LLC) -- C:\Windows\SysWow64\imagr5.dll
[2012-10-21 14:23:19 | 000,544,768 | ---- | C] (Pegasus Software, LLC) -- C:\Windows\SysWow64\imagx5.dll
[2012-10-21 14:23:19 | 000,283,920 | ---- | C] (Pegasus Software, LLC) -- C:\Windows\SysWow64\ImagXpr5.dll
[2012-10-21 14:23:19 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\Windows\SysWow64\NeroCheck.exe
[2012-10-21 14:23:19 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\picn20.dll
[2012-10-21 13:28:11 | 000,000,000 | ---D | C] -- C:\Users\Pacak\AppData\Roaming\Ahead
[2012-10-21 13:26:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead
[2012-10-16 16:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012-10-16 16:30:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-12-15 16:21:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-12-15 16:20:46 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-12-15 16:20:46 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-12-15 16:17:22 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-15 16:17:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-12-15 16:17:04 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys
[2012-12-15 15:35:03 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-12 17:23:36 | 000,045,270 | ---- | M] () -- C:\Users\Pacak\AppData\Roaming\room_v3.dat
[2012-12-12 13:21:50 | 000,440,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-12-11 11:32:59 | 000,000,542 | ---- | M] () -- C:\Users\Public\Desktop\Gothic III.lnk
[2012-12-10 13:19:51 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-12-08 13:31:15 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012-12-08 13:31:06 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012-12-06 20:14:12 | 000,446,258 | ---- | M] () -- C:\Windows\AutoKMS.exe
[2012-12-02 23:11:22 | 000,000,600 | ---- | M] () -- C:\Users\Pacak\AppData\Roaming\winscp.rnd
[2012-12-01 14:07:25 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-12-01 14:07:25 | 000,697,674 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-12-01 14:07:25 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-12-01 14:07:25 | 000,134,784 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-12-01 14:07:25 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-11-25 12:39:19 | 000,008,192 | ---- | M] () -- C:\Windows\d3dx.dat
[2012-11-25 10:29:17 | 000,000,935 | ---- | M] () -- C:\Users\Pacak\Desktop\JDownloader.lnk
[2012-11-24 16:49:10 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012-11-24 16:44:36 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2012-11-13 12:42:35 | 000,000,600 | ---- | M] () -- C:\Users\Pacak\AppData\Local\PUTTY.RND
[2012-11-08 00:37:57 | 000,022,736 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys
[2012-11-08 00:37:36 | 000,041,240 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll
[2012-11-08 00:37:34 | 000,301,264 | ---- | M] (COMODO) -- C:\Windows\SysWow64\guard32.dll
[2012-11-08 00:37:31 | 000,390,392 | ---- | M] (COMODO) -- C:\Windows\SysNative\guard64.dll
[2012-11-06 22:45:43 | 000,000,213 | ---- | M] () -- C:\Users\Pacak\Desktop\Dota 2.url
[2012-11-05 01:49:58 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012-11-04 23:45:05 | 000,001,488 | ---- | M] () -- C:\Users\Pacak\Desktop\MOH Warfighter.lnk
[2012-11-04 23:36:22 | 000,000,543 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk
[2012-11-04 19:43:21 | 000,002,448 | ---- | M] () -- C:\Users\Pacak\Documents\Register Vegas Pro.htm
[2012-11-04 19:39:19 | 000,000,543 | ---- | M] () -- C:\Users\Pacak\Desktop\Vegas Pro 11.0 (64-bit).lnk
[2012-10-28 17:03:39 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-10-28 02:19:52 | 000,000,904 | ---- | M] () -- C:\Users\Public\Desktop\CWK.lnk
[2012-10-25 23:16:59 | 000,002,261 | ---- | M] () -- C:\Users\Pacak\Desktop\Google Chrome.lnk
[2012-10-21 15:06:19 | 000,001,439 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2012-10-21 15:04:54 | 000,000,026 | ---- | M] () -- C:\Windows\Irremote.ini
[2012-10-21 15:04:42 | 000,001,024 | ---- | M] () -- C:\Users\Pacak\.rnd
[2012-10-21 14:46:32 | 000,000,124 | ---- | M] () -- C:\Users\Pacak\Documents\ax_files.xml

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-12-11 11:32:59 | 000,000,542 | ---- | C] () -- C:\Users\Public\Desktop\Gothic III.lnk
[2012-12-08 13:31:15 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012-12-08 13:31:06 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012-12-06 20:14:11 | 000,446,258 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2012-11-25 21:46:21 | 000,000,212 | ---- | C] () -- C:\Users\Pacak\Desktop\Counter-Strike.url
[2012-11-25 12:39:19 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat
[2012-11-25 10:29:17 | 000,000,935 | ---- | C] () -- C:\Users\Pacak\Desktop\JDownloader.lnk
[2012-11-25 10:27:44 | 000,000,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012-11-25 10:27:44 | 000,000,859 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012-11-25 10:27:44 | 000,000,844 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012-11-15 21:12:31 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012-11-15 21:02:29 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012-11-06 22:45:43 | 000,000,213 | ---- | C] () -- C:\Users\Pacak\Desktop\Dota 2.url
[2012-11-05 01:49:55 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012-11-04 23:45:06 | 000,001,488 | ---- | C] () -- C:\Users\Pacak\Desktop\MOH Warfighter.lnk
[2012-11-04 23:36:22 | 000,000,543 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk
[2012-11-04 19:39:19 | 000,000,543 | ---- | C] () -- C:\Users\Pacak\Desktop\Vegas Pro 11.0 (64-bit).lnk
[2012-11-04 19:32:41 | 000,002,448 | ---- | C] () -- C:\Users\Pacak\Documents\Register Vegas Pro.htm
[2012-10-28 02:19:52 | 000,000,904 | ---- | C] () -- C:\Users\Public\Desktop\CWK.lnk
[2012-10-28 02:19:52 | 000,000,904 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CWK.lnk
[2012-10-25 23:16:58 | 000,002,261 | ---- | C] () -- C:\Users\Pacak\Desktop\Google Chrome.lnk
[2012-10-21 15:06:19 | 000,001,439 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2012-10-21 15:04:54 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2012-10-21 15:04:41 | 000,001,024 | ---- | C] () -- C:\Users\Pacak\.rnd
[2012-10-21 14:46:32 | 000,000,124 | ---- | C] () -- C:\Users\Pacak\Documents\ax_files.xml
[2012-10-16 16:30:44 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-10-16 16:30:43 | 000,001,042 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-10-09 00:32:09 | 000,000,600 | ---- | C] () -- C:\Users\Pacak\AppData\Roaming\winscp.rnd
[2012-10-08 15:45:43 | 000,000,600 | ---- | C] () -- C:\Users\Pacak\AppData\Local\PUTTY.RND
[2012-10-02 22:01:35 | 000,000,087 | ---- | C] () -- C:\Windows\SysWow64\tcfg.ini
[2012-08-28 09:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012-08-28 09:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012-08-28 09:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012-08-28 09:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012-08-28 09:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012-08-22 10:37:09 | 000,172,893 | ---- | C] () -- C:\Windows\hpoins45.dat
[2012-08-08 23:35:16 | 000,045,270 | ---- | C] () -- C:\Users\Pacak\AppData\Roaming\room_v3.dat
[2012-08-08 14:35:46 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-08-07 12:50:45 | 000,000,039 | R--- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2012-08-07 12:12:54 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI
[2012-08-07 10:58:45 | 001,548,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-08-07 00:36:48 | 000,005,627 | R--- | C] () -- C:\Windows\SysWow64\Ludap17.ini
[2012-08-07 00:26:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-08-07 00:20:35 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2012-08-07 00:03:45 | 000,007,610 | ---- | C] () -- C:\Users\Pacak\AppData\Local\resmon.resmoncfg
[2012-06-11 17:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-06-11 17:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-05-02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2012-09-17 02:13:28 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\.minecraft
[2012-09-11 15:57:38 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Altaron
[2012-08-12 10:38:22 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Avnex
[2012-10-01 15:19:24 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Chrome_updater
[2012-12-11 00:32:21 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\DAEMON Tools Lite
[2012-10-06 22:23:59 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Dev-Cpp
[2012-10-22 00:48:54 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Garena
[2012-12-15 16:22:25 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\GarenaPlus
[2012-10-01 15:19:49 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\IE
[2012-08-27 23:04:13 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\NapiProjekt
[2012-11-06 12:35:01 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Notepad++
[2012-09-04 08:00:24 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\OpenOffice.org
[2012-10-23 18:27:18 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Opera
[2012-12-02 12:41:24 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Origin
[2012-11-04 19:43:53 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Publish Providers
[2012-10-07 01:59:59 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Remere's Map Editor
[2012-09-18 19:54:46 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Samsung
[2012-11-04 19:47:25 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Sony
[2012-11-25 15:09:19 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\Sports Interactive
[2012-09-15 12:13:51 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\TuneUp Software
[2012-12-06 20:04:43 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\uTorrent
[2012-08-07 19:42:59 | 000,000,000 | ---D | M] -- C:\Users\Pacak\AppData\Roaming\wargaming.net

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2012-12-15 14:42:21 | 000,008,450 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2010-11-21 04:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2012-08-07 00:44:17 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-09-19 11:59:47 | 000,000,471 | ---- | M] () -- C:\CustomKeys.txt
[2012-12-15 16:17:04 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys
[2012-08-07 00:32:27 | 000,034,239 | ---- | M] () -- C:\LU4.log
[2012-12-15 16:17:06 | 581,603,327 | -HS- | M] () -- C:\pagefile.sys
[2012-08-06 23:59:40 | 000,283,507 | RHS- | M] () -- C:\VLXEM
[2012-08-06 23:59:40 | 000,000,020 | RHS- | M] () -- C:\win7.ld

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2012-08-22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010-11-21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< End of report >
[/log]

extras.txt
[log]OTL Extras logfile created on: 2012-12-15 16:22:39 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Pobieranie\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

8,00 Gb Total Physical Memory | 5,54 Gb Available Physical Memory | 69,22% Memory free
12,54 Gb Paging File | 9,81 Gb Available in Paging File | 78,20% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 34,18 Gb Total Space | 0,96 Gb Free Space | 2,82% Space Free | Partition Type: NTFS
Drive D: | 214,84 Gb Total Space | 7,91 Gb Free Space | 3,68% Space Free | Partition Type: NTFS
Drive E: | 216,73 Gb Total Space | 1,58 Gb Free Space | 0,73% Space Free | Partition Type: NTFS

Computer Name: PACAK-KOMPUTER | User Name: Pacak | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "e:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [ChomikBox.Upload] -- "C:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( )
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "e:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [ChomikBox.Upload] -- "C:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( )
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "e:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== System Restore Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{29309AEE-0F2C-495E-9451-F7991398AF3E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2BA56983-2842-4D0D-9F51-C41167001873}" = rport=139 | protocol=6 | dir=out | app=system |
"{38C4F306-D5ED-4502-B2CA-74428E350DC9}" = rport=445 | protocol=6 | dir=out | app=system |
"{3A34083D-5771-4144-8079-41CEA5F1E4F4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3B338682-EF0A-4DA5-8045-9432E3329F7E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{41BB03CC-5445-42FE-8809-A876D62B4EF8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{42328219-077F-4C9D-A8FD-592F2162F85E}" = rport=138 | protocol=17 | dir=out | app=system |
"{72C6D136-BCFB-41C1-98EF-C9D58F7AE6CD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{96A9BE51-3DC6-48B1-A0B8-195EA7154B75}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{97AA88F4-D542-4633-86F7-326A9A5A4AF1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A0BE9FE9-0E5B-4027-B956-50D86A73F658}" = rport=137 | protocol=17 | dir=out | app=system |
"{A78806CB-3808-4A2C-8823-6F3B8CDFE386}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AC3D08F7-B969-42AA-8CE2-7179A2849F61}" = lport=138 | protocol=17 | dir=in | app=system |
"{AE4760FC-DD2E-4E08-82E2-58ABDADC2F98}" = lport=137 | protocol=17 | dir=in | app=system |
"{BDD69988-1CCC-46CE-8389-CBD22C9AAFEA}" = lport=445 | protocol=6 | dir=in | app=system |
"{BF4CE351-EA66-4B27-AF9C-DF8A2F8F5E6F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C5E33CBE-7DED-4426-BCB9-F197669F03D8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{CE9BFDEA-4A24-411E-AF0D-04CECC37F8E4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CEF865A9-6705-4651-8503-18784E6CF800}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EB561F1A-4367-4E73-BDC3-B9EDF2569AB7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EC2964EB-59F1-478A-B2AC-35903361D59F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ED06E1A1-11DE-4A27-8A1F-F6CB54E59150}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FC9B9187-5F32-4264-A24C-6E90078262E9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FEBC2933-A44A-4B09-B0E6-32214402A628}" = lport=139 | protocol=6 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0423EC2A-9A8A-4988-8D98-3E5257B17074}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{12054CBF-5CCB-48D4-B588-320AF459DC7D}" = protocol=6 | dir=out | app=system |
"{1B94FEC8-86C8-4215-8F40-66B99A3C4E66}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{1FAE260E-B693-4793-B30B-DA1A14B61406}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{208AC6B4-8772-4355-8693-96596B314376}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{225DF0C0-9421-467E-B5ED-5E1719F2BB73}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{2C51743D-D484-4A76-9801-3F22E60C8EBA}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{331312B6-3CEF-4269-B87D-F8B0A04CEDA0}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{3D38605B-5C59-41A1-A277-BC20E9D2C2B9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{3DD5F2A8-430E-4258-9EAB-2AAA6679882C}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{3E16E0FE-E268-4CD4-A726-E6CACFF9F81E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{50B0F323-C17E-492D-9A65-03408E188574}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{56B0B1ED-AC4F-4884-9928-87AB5469BEAB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{57DC54DD-E048-4E51-A8ED-2F26095915C0}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{57FE5CB4-B30F-4AC8-88DA-1ED33CEF2847}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{5810587A-09FF-46B3-855B-5D61B58F8DD8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{58429A97-99B0-4B14-95AE-E236B6DFB941}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5AFFBBAF-7E7D-4C39-BCDA-7DE06CD8F7B5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{5D72F189-F15F-4CE2-8223-2527AB910D74}" = protocol=17 | dir=in | app=e:\program files (x86)\utorrent\utorrent.exe |
"{60A2F296-5FFF-4353-80F2-96DF9675D4AD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{620C1682-E8E6-4A22-8613-1B6565DCD767}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\pacyna92\counter-strike\hl.exe |
"{636604AE-1D74-40E4-B5B3-5BF0643C8AA1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6526A6AA-0418-4091-B309-E3753748C72D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{67598F38-47A1-4793-BF33-B7A47067F721}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\pacyna92\counter-strike\hl.exe |
"{6BF44E0A-7C07-4F90-8E08-821996B76967}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{80BD6E73-EFC6-49E6-B2A0-FFB3BB5565A7}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{8A9BB4E1-D295-4523-9F70-8149BEB695AA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{8B40E5A4-42F5-4945-A63C-48E33A5A5FD5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8F18CC19-8B26-4037-A0A2-205F9BB5AAF1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{959CE920-38F1-4733-8F91-EACAA10F8AE2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{978B6354-E845-4882-9B06-002677AC2EEA}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{9E9A2293-92A3-4262-A19C-EE353B1C4759}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A092C341-4D21-4639-975A-39902C33DEC8}" = protocol=6 | dir=in | app=e:\program files (x86)\utorrent\utorrent.exe |
"{A1190823-DBE4-43CE-B1B9-493F9B270674}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{AD237B66-5BA9-4FA8-A981-362060F296B6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AEBC8302-EDC7-4FB7-8C44-C6DEE334F841}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{AEFC408C-5C98-498F-907F-68F80E15F241}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B48066DD-A5A8-40DA-B6C1-D392B3204816}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BB2BDCA6-6B1D-4A6E-B10C-D6AFFC93D3BE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{BCA30DF4-D7E4-47A2-A6D7-59C9B1FF2444}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{BD00E03D-3EBC-4EF3-9070-292DEEF71D3D}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{BE23DD90-95F4-4645-ACD8-314A76FCBA97}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C1CC061D-EBB1-425D-80AC-64090F05ECC5}" = protocol=58 | dir=in | app=system |
"{C3F212F0-22AC-4129-82D7-D085675526A6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C78ABFD4-1FAF-4E30-81E1-BA380005CAFB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{D15EDE12-BF9D-4CC7-BD3A-8DC8F4D4C78F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{DDA58614-7F77-41BC-9763-357FAA234C15}" = protocol=6 | dir=in | app=e:\program files\steam\steam.exe |
"{DF668AD6-3BEA-48AE-ABAC-33448E1BFC71}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{E9048138-5636-4037-8E32-66F21190C125}" = protocol=17 | dir=in | app=e:\program files\steam\steam.exe |
"{EA66FF70-D73F-4055-9960-104A9D482876}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EB1CE2AD-6D3C-4706-A376-9FA19C10507A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{EDAB8597-E87C-43F7-AFD3-B649CD05E02B}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{EFDC0306-F6A2-4B11-91F8-C700A46D7FA9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{FD5A0102-FFC4-4C3B-85DA-A41D16DCBF0B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{FDB4F84E-4B67-4C12-8EB1-DBF731F16B26}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{1A85FA42-221A-45D4-8B0D-549A68D56F32}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{24B9424E-A810-49A9-9979-1C249B34E8A9}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{40062DAC-27A7-47CB-B29B-61B8484DD192}E:\program files\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=e:\program files\garena plus\room\garena_room.exe |
"TCP Query User{6B78D153-E6E3-44F2-97F7-F36932EEB9C3}D:\gry\warcraft iii roh & tft\war3.exe" = protocol=6 | dir=in | app=d:\gry\warcraft iii roh & tft\war3.exe |
"TCP Query User{ADA287E0-8D4F-466D-8244-28A2E76F25D0}E:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=e:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{31EAB29F-0634-48D5-87D3-1C9D653D83BA}D:\gry\warcraft iii roh & tft\war3.exe" = protocol=17 | dir=in | app=d:\gry\warcraft iii roh & tft\war3.exe |
"UDP Query User{41DD6DF5-3CC7-43A1-9A81-C93A60C81EB0}E:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=e:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{86C623EB-6EF7-48C8-8E47-CB37AABBEA22}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{C0F4E9F6-F166-4DC9-939E-789832164EC6}E:\program files\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=e:\program files\garena plus\room\garena_room.exe |
"UDP Query User{DD502F8E-F39F-4DE6-8F98-685D1CDCEAA4}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{042B10AA-8233-A9E0-4DEB-B7253C686DBB}" = AMD Fuel
"{0DCAB5DD-CC69-271A-CF03-F2BD6B60BD8A}" = AMD Media Foundation Decoders
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{35B226DA-E3F6-21FD-31AB-0046C6E87043}" = ATI Problem Report Wizard
"{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{504184A2-1B0E-5D93-603A-517E93E7EDB3}" = AMD Accelerated Video Transcoding
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{57580625-C673-7FEA-8791-E84B7AAF5069}" = ccc-utility64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{653D48F0-098C-45C1-8267-86EA7B9D0EDB}" = ActivePerl 5.16.1 Build 1601 (64-bit)
"{698EDD46-FC0B-926F-54DF-23B6BB20EDFC}" = AMD Drag and Drop Transcoding
"{8AAA8780-1D35-11E2-A3A6-F04DA23A5C58}" = MSVCRT Redists
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2010
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{B45B5123-C009-F8B4-FE93-45B42C8A786F}" = ATI AVIVO64 Codecs
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{CF411A4F-5ED9-11E1-B971-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4761C4F-5ED9-11E1-9202-F04DA23A5C58}" = MSVCRT Redists
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DB982BEA-E9FF-4C61-9058-57FFDA5076D1}" = HP Deskjet Ink Advant K209a-z All-in-One Driver Software 13.0 Rel .6
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = Archiwizator WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F7A6FD0-87F5-FB5D-973C-CF604DE1BC6B}" = CCC Help Polish
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1A9BE3D6-4D53-2C9D-B77D-562D85936B91}" = CCC Help Norwegian
"{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{210DFA65-F805-1A2B-4F83-8E27279AE385}" = Catalyst Control Center Graphics Previews Common
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{26050F54-3928-4D9C-849A-C48A9E831E6F}" = ChomikBox
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{29822CAD-C76A-0BEE-55F5-AAA524DA814F}" = CCC Help Greek
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3A1293DF-7D09-BB0F-9576-EC47EE4A9362}" = CCC Help Italian
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{47416F0B-6589-591E-C6F8-4235D2230B14}" = Catalyst Control Center InstallProxy
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{625FC7D1-656D-1BEC-F86F-3EACAFDAA8FE}" = CCC Help English
"{6372F44B-392B-4FD8-AF1E-E185283F6528}" = DJ_AIO_06_K209a-z_SW_Min
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7351EEF8-9D6C-5F46-5A19-F2C7456CE132}" = CCC Help German
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7F172E34-4107-8964-6AEA-5051FFD265FF}" = CCC Help Portuguese
"{86095E92-1959-8364-920E-82E81F64F8FB}" = AMD VISION Engine Control Center
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89D05F35-933A-89C0-B935-C92BEE4229BD}" = CCC Help French
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0015-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0016-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0018-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-0019-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001A-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001B-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0415-1000-0000000FF1CE}_Office14.PROPLUS_{0844B6E1-0A6F-4D81-8BCF-48F883F521FE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-0044-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-006E-0415-0000-0000000FF1CE}_Office14.PROPLUS_{6AF8887A-72F7-4FA0-ABE4-396172B64550}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00A1-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{90140000-00BA-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{959E4378-CCA1-E4E4-2425-793DA92E8D95}" = CCC Help Czech
"{96BB3C67-4EB4-9757-E0C2-C0D2FE9053B1}" = CCC Help Turkish
"{974F4B73-2017-E174-9070-3F58F01B341F}" = CCC Help Danish
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{98E20A18-3C29-86FA-50B4-918C2B34A082}" = CCC Help Hungarian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CBEAEF3-C6BA-4F0F-8DC2-03B12BC8CF2F}" = Remere's Map Editor
"{9E2E5EB3-DC6E-9277-E9DB-13175E7DDA39}" = CCC Help Dutch
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAACC0A5-4382-04D0-C75E-0669C7B949B6}" = CCC Help Japanese
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{ACEF4078-9B86-2455-E18D-34D52D37D9D5}" = CCC Help Chinese Standard
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B55FB422-B803-11F5-5582-B3666EA1B9AC}" = Catalyst Control Center Localization All
"{B8010864-15F8-613B-20EF-AC35B14B3E0D}" = CCC Help Russian
"{B80BE2E3-EA77-53D4-7A56-C53D452E6D50}" = HydraVision
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C1342411-5A98-DE8A-5629-D0C518E1C280}" = CCC Help Finnish
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D08B4177-5160-6B66-8934-2F9012134D61}" = CCC Help Thai
"{D34A6029-FB1A-9EA8-A938-5393F82A3A00}" = CCC Help Korean
"{D6D5CB84-0E6E-4E69-B300-C690B6911045}" = Nero 8
"{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = OSCAR Editor
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3A09D13-4D40-3CF8-7D32-8BD55F8D1533}" = CCC Help Spanish
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EE51AA68-7BF9-4FB3-9BB4-57CCD2C7EFFA}" = K209a-z
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2C35491-9323-3AE7-6023-6B4128045153}" = CCC Help Swedish
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FC66A32F-1A57-AC5C-4F12-DAC2F4CB77A0}" = CCC Help Chinese Traditional
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AQQ" = WapSter AQQ
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"CWK" = CWK (Czasowy Wyłącznik Komputera)
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"HTC Home Apis" = HTC Home Apis
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = Anti-Vibrate Oscar Editor
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.1.0 (Full)
"Liveupdate4_is1" = Liveupdate4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.65.1.1000
"MoorHunt_is1" = MoorHunt 0.6.7.2
"Mozilla Firefox 15.0.1 (x86 pl)" = Mozilla Firefox 15.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt (2.0.0.2151)
"Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM
"Notepad++" = Notepad++
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Origin" = Origin
"OverclockingCenter_is1" = OverclockingCenter
"RADVideo" = RAD Video Tools
"SopCast" = SopCast 3.5.0
"Steam App 10" = Counter-Strike
"Steam App 570" = Dota 2
"Tibia Auto" = NSIS Example2
"TrayEverything" = TrayEverything
"uTorrent" = µTorrent
"Xfire" = Xfire (remove only)

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-12-15 06:59:13 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2012-12-15 09:33:26 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2012-12-15 09:42:03 | Computer Name = Pacak-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: NMIndexStoreSvr.exe, wersja: 3.3.3.0,
sygnatura czasowa: 0x47c6bd1b Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0,
sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x03030303
Identyfikator
procesu powodującego błąd: 0x1f0 Godzina uruchomienia aplikacji powodującej błąd:
0x01cddac9eb4e63d2 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Common
Files\Nero\Lib\NMIndexStoreSvr.exe Ścieżka modułu powodującego błąd: unknown Identyfikator
raportu: 34a3ec47-46bd-11e2-82f2-6c626ddb478d

Error - 2012-12-15 09:42:42 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2012-12-15 09:43:49 | Computer Name = Pacak-Komputer | Source = .NET Runtime | ID = 1026
Description =

Error - 2012-12-15 09:43:56 | Computer Name = Pacak-Komputer | Source = Windows Search Service | ID = 3084
Description =

Error - 2012-12-15 09:46:23 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2012-12-15 11:18:02 | Computer Name = Pacak-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: NMIndexStoreSvr.exe, wersja: 3.3.3.0,
sygnatura czasowa: 0x47c6bd1b Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0,
sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x03030202
Identyfikator
procesu powodującego błąd: 0xdec Godzina uruchomienia aplikacji powodującej błąd:
0x01cddad7574234e5 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Common
Files\Nero\Lib\NMIndexStoreSvr.exe Ścieżka modułu powodującego błąd: unknown Identyfikator
raportu: 9d9b77ef-46ca-11e2-9746-6c626ddb478d

Error - 2012-12-15 11:18:58 | Computer Name = Pacak-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2012-12-15 11:24:52 | Computer Name = Pacak-Komputer | Source = Application Hang | ID = 1002
Description = Program AQQ.exe w wersji 2.4.3.12 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: de4 Godzina rozpoczęcia: 01cddad757364e04 Godzina zakończenia:
6 Ścieżka aplikacji: E:\Program Files\WapSter\WapSter AQQ\AQQ.exe Identyfikator raportu:
1727f3b9-46cb-11e2-9746-6c626ddb478d

[ System Events ]
Error - 2012-12-15 08:01:41 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 8. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2012-12-15 08:02:15 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 9. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2012-12-15 08:04:35 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 10. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2012-12-15 08:05:08 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 11. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2012-12-15 08:06:10 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 12. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2012-12-15 09:28:18 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Browser Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 13. W przeciągu 30000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2012-12-15 09:31:59 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: CFRMD

Error - 2012-12-15 09:40:59 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: CFRMD

Error - 2012-12-15 09:44:41 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: CFRMD

Error - 2012-12-15 11:14:28 | Computer Name = Pacak-Komputer | Source = Service Control Manager | ID = 7034
Description = Usługa Nero BackItUp Scheduler 3 niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.


< End of report >
[/log]

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.