x-kom hosting

[Rozwiązany] Proszę o sprawdzenie logów

Kuba516
utworzono
utworzono (edytowane)

Proszę o sprawdzenie logów:

 

OTL:

[log]OTL logfile created on: 2013-01-09 18:41:23 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = E:\Pobrane
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,95 Gb Total Physical Memory | 5,69 Gb Available Physical Memory | 71,62% Memory free
15,90 Gb Paging File | 13,06 Gb Available in Paging File | 82,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 79,64 Gb Total Space | 44,97 Gb Free Space | 56,46% Space Free | Partition Type: NTFS
Drive D: | 97,56 Gb Total Space | 38,06 Gb Free Space | 39,01% Space Free | Partition Type: NTFS
Drive E: | 195,31 Gb Total Space | 65,22 Gb Free Space | 33,39% Space Free | Partition Type: NTFS
Drive G: | 3,62 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days
 
========== Processes (All) ==========
 
PRC - [2013-01-09 18:39:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Pobrane\OTL.exe
PRC - [2013-01-09 17:54:31 | 001,808,392 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
PRC - [2012-12-31 15:40:00 | 008,866,816 | ---- | M] (AQQ Sp. z o.o.) -- C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe
PRC - [2012-12-06 15:08:57 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012-12-06 15:08:57 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2012-11-16 23:02:32 | 000,443,760 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2012-11-15 20:59:44 | 000,527,728 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
PRC - [2012-11-15 04:03:24 | 000,389,488 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2012-10-19 15:18:36 | 017,875,120 | R--- | M] (Skype Technologies S.A.) -- E:\Programy\Skype\Phone\Skype.exe
PRC - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-07-25 15:13:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012-07-25 15:12:24 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012-07-25 15:11:22 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2012-05-25 13:19:26 | 001,540,120 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
PRC - [2012-05-25 06:36:32 | 001,618,456 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
PRC - [2012-05-24 04:23:02 | 000,985,624 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
PRC - [2012-04-03 19:45:36 | 002,121,216 | ---- | M] () -- E:\Programy\screenSHU\screenSHU.exe
PRC - [2012-03-29 03:42:28 | 000,470,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
PRC - [2012-01-27 10:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012-01-27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
PRC - [2012-01-27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
PRC - [2010-01-27 16:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2010-01-26 16:18:16 | 000,304,712 | ---- | M] (G Data Software) -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- E:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe
 
 
========== Modules (All) ==========
 
MOD - [2013-01-09 18:39:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Pobrane\OTL.exe
MOD - [2013-01-09 17:54:31 | 014,586,888 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
MOD - [2013-01-09 17:54:31 | 001,808,392 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
MOD - [2012-12-31 15:44:24 | 001,060,864 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\SMS.dll
MOD - [2012-12-31 15:40:00 | 008,866,816 | ---- | M] (AQQ Sp. z o.o.) -- C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe
MOD - [2012-12-30 23:42:20 | 001,375,232 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\GGNet.dll
MOD - [2012-12-30 08:09:22 | 000,054,784 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\Contact.dll
MOD - [2012-12-06 15:08:57 | 015,112,160 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll
MOD - [2012-12-06 15:08:57 | 004,220,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
MOD - [2012-12-06 15:08:57 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012-12-06 15:08:57 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MOD - [2012-12-06 15:08:57 | 000,810,976 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
MOD - [2012-12-06 15:08:57 | 000,638,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MOD - [2012-12-06 15:08:57 | 000,370,656 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MOD - [2012-12-06 15:08:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
MOD - [2012-12-06 15:08:57 | 000,258,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MOD - [2012-12-06 15:08:57 | 000,172,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
MOD - [2012-12-06 15:08:57 | 000,155,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MOD - [2012-12-06 15:08:57 | 000,145,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
MOD - [2012-12-06 15:08:57 | 000,124,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
MOD - [2012-12-06 15:08:57 | 000,096,224 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MOD - [2012-12-06 15:08:57 | 000,092,640 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
MOD - [2012-12-06 15:08:57 | 000,091,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll
MOD - [2012-12-06 15:08:57 | 000,021,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll
MOD - [2012-12-06 15:08:57 | 000,020,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll
MOD - [2012-12-06 15:08:57 | 000,019,424 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
MOD - [2012-12-06 15:08:57 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
MOD - [2012-12-06 15:08:57 | 000,015,840 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MOD - [2012-11-14 03:48:26 | 012,320,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012-11-14 03:14:59 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-11-14 03:09:22 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2012-11-14 02:57:44 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-11-14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-11-14 02:52:27 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2012-11-14 02:46:38 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-10-19 15:18:36 | 017,875,120 | R--- | M] (Skype Technologies S.A.) -- E:\Programy\Skype\Phone\Skype.exe
MOD - [2012-10-11 02:04:04 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCR100.dll
MOD - [2012-10-11 02:04:04 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCP100.dll
MOD - [2012-10-09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2012-10-04 17:47:41 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2012-10-04 17:47:40 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2012-09-28 03:23:00 | 005,557,928 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdag.dll
MOD - [2012-09-28 02:43:28 | 000,935,424 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll
MOD - [2012-09-28 02:39:36 | 006,536,192 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2012-09-28 02:22:30 | 002,691,584 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdva.dll
MOD - [2012-09-28 02:11:16 | 000,109,568 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiuxpag.dll
MOD - [2012-09-28 02:10:58 | 000,082,944 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiu9pag.dll
MOD - [2012-08-24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2012-06-19 18:40:20 | 001,198,080 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\Intel\iCLS Client\LIBEAY32.dll
MOD - [2012-06-19 18:40:20 | 000,303,104 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\Intel\iCLS Client\ssleay32.dll
MOD - [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-06-06 06:05:52 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2012-06-06 06:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2012-06-02 05:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2012-06-02 05:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2012-06-02 05:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2012-06-02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012-06-02 05:36:29 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2012-06-02 05:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2012-05-25 03:42:00 | 000,699,928 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\ObjBrwse.dll
MOD - [2012-05-24 04:23:02 | 000,985,624 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
MOD - [2012-05-21 12:43:10 | 001,274,880 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\WapSter\WapSter AQQ\LIBEAY32.DLL
MOD - [2012-05-21 12:43:10 | 000,330,752 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\WapSter\WapSter AQQ\SSLEAY32.DLL
MOD - [2012-05-20 19:49:11 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
MOD - [2012-05-20 19:48:51 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-05-20 19:47:19 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2012-05-20 19:46:18 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2012-05-20 19:45:32 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2012-05-20 19:40:55 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2012-05-20 19:39:09 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2012-05-20 19:39:09 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2012-05-20 19:38:49 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2012-05-20 19:38:07 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2012-05-20 19:38:07 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2012-05-20 19:38:07 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2012-05-20 19:33:35 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2012-05-20 19:31:55 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2012-05-20 19:30:50 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2012-05-20 19:26:58 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2012-05-05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2012-04-05 10:17:06 | 001,618,440 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Common\AVKRes.dll
MOD - [2012-04-03 19:45:36 | 002,121,216 | ---- | M] () -- E:\Programy\screenSHU\screenSHU.exe
MOD - [2012-02-02 18:27:54 | 002,843,136 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\QtCore4.dll
MOD - [2012-02-02 18:27:44 | 000,276,480 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\QtSql4.dll
MOD - [2012-02-02 18:27:34 | 001,289,728 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\QtNetwork4.dll
MOD - [2012-02-02 18:27:08 | 010,135,040 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\QtGui4.dll
MOD - [2012-02-02 18:26:54 | 000,527,360 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\sqldrivers\qsqlite4.dll
MOD - [2012-02-02 18:26:52 | 000,288,256 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\imageformats\qjpeg4.dll
MOD - [2012-02-02 18:26:52 | 000,043,008 | ---- | M] () -- E:\Programy\screenSHU\libgcc_s_dw2-1.dll
MOD - [2012-02-02 18:26:52 | 000,011,362 | ---- | M] () -- E:\Programy\screenSHU\mingwm10.dll
MOD - [2012-01-27 14:41:04 | 000,250,872 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\Banksafe.dll
MOD - [2012-01-27 10:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
MOD - [2012-01-27 10:38:07 | 000,073,728 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
MOD - [2012-01-27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
MOD - [2012-01-13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010-11-21 04:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-21 04:25:10 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll
MOD - [2010-11-21 04:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-21 04:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-21 04:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-21 04:24:32 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll
MOD - [2010-11-21 04:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-21 04:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-21 04:24:28 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2010-11-21 04:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-21 04:24:23 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010-11-21 04:24:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-21 04:24:16 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
MOD - [2010-11-21 04:24:16 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-21 04:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-21 04:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-21 04:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-21 04:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-21 04:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010-11-21 04:24:14 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msftedit.dll
MOD - [2010-11-21 04:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-21 04:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-21 04:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-21 04:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-21 04:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010-11-21 04:24:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-21 04:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-21 04:24:08 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010-11-21 04:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010-11-21 04:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-21 04:24:08 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-21 04:24:08 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mapi32.dll
MOD - [2010-11-21 04:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-21 04:24:03 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll
MOD - [2010-11-21 04:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-21 04:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-21 04:24:02 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010-11-21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-21 04:24:01 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-21 04:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-21 04:23:55 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-21 04:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-21 04:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010-11-21 04:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-21 04:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-21 04:23:48 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010-11-21 04:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2009-08-18 11:29:22 | 000,134,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MOD - [2009-07-14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 02:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 02:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009-07-14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 02:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 02:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PeerDist.dll
MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 02:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-07-14 02:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll
MOD - [2009-07-14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 02:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009-07-14 02:15:27 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\idndl.dll
MOD - [2009-07-14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll
MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 02:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 02:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsrole.dll
MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 02:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009-07-14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009-07-14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009-07-14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 02:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 02:09:53 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\security.dll
MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012-09-28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012-06-19 19:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2010-04-06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013-01-09 17:54:31 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-12-20 19:23:00 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-12-06 15:08:57 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-11-16 23:02:32 | 000,443,760 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2012-11-15 20:59:44 | 000,527,728 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2012-11-15 04:03:24 | 000,389,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2012-11-15 02:40:58 | 000,078,072 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE -- (HssTrayService)
SRV - [2012-10-25 10:27:45 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012-10-19 15:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- E:\Programy\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-07-25 15:13:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-07-25 15:12:24 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-07-25 15:11:22 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-05-25 13:19:26 | 001,540,120 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2012-05-25 06:36:32 | 001,618,456 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe -- (GDBackupSvc)
SRV - [2012-05-25 04:11:06 | 001,766,976 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2012-05-14 04:26:48 | 001,218,552 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe -- (GDTunerSvc)
SRV - [2012-03-29 03:42:28 | 000,470,008 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2012-01-27 05:01:08 | 002,006,872 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2012-01-27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe -- (AVKService)
SRV - [2012-01-05 16:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- E:\Programy\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2011-12-09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011-08-30 14:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-01-27 16:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010-01-26 16:18:16 | 000,304,712 | ---- | M] (G Data Software) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe -- (TSNxGService)
SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- E:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012-12-27 13:05:54 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2012-12-27 13:05:54 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2012-12-25 18:16:15 | 000,021,832 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2012-11-15 02:38:20 | 000,040,712 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2012-11-15 02:33:20 | 000,042,248 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2012-10-27 11:12:36 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:64bit: - [2012-10-25 10:33:12 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012-10-24 21:53:07 | 000,098,760 | ---- | M] (G Data Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TS4nt.sys -- (TS4NT)
DRV:64bit: - [2012-10-24 21:53:03 | 000,059,768 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:64bit: - [2012-10-24 21:52:55 | 000,122,744 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:64bit: - [2012-10-24 21:52:55 | 000,064,376 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:64bit: - [2012-10-24 21:52:55 | 000,054,136 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:64bit: - [2012-10-24 21:52:54 | 000,065,912 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:64bit: - [2012-09-28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012-09-28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012-09-24 17:25:10 | 000,117,912 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012-07-25 15:11:36 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012-05-20 19:46:58 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-05-20 19:29:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012-05-20 19:29:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012-01-27 10:39:33 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012-01-27 10:39:33 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012-01-27 10:39:33 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012-01-18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011-11-02 09:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010-11-21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009-12-30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008-08-14 13:48:34 | 000,024,064 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\skfiltv.sys -- (skfiltv)
DRV - [2012-10-24 21:29:00 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3687210550-4096669916-69700731-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3687210550-4096669916-69700731-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
IE - HKU\S-1-5-21-3687210550-4096669916-69700731-1000\..\SearchScopes\{59B5EF52-1A08-44ac-A278-D89419214A9D}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
IE - HKU\S-1-5-21-3687210550-4096669916-69700731-1000\..\SearchScopes\{88302EF8-E6A1-49ba-B959-9A59E9A30F95}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
IE - HKU\S-1-5-21-3687210550-4096669916-69700731-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B906305f7-aafc-45e9-8bbd-941950a84dad%7D:1.1.11215.1124
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-12-06 15:08:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-12-06 15:08:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012-10-24 21:35:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Extensions
[2012-12-15 14:35:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\3hev22t6.default\extensions
[2012-12-15 14:35:15 | 000,243,496 | ---- | M] () (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\firefox\profiles\3hev22t6.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013-01-04 17:00:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-12-06 15:08:55 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\mozilla firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2013-01-04 17:00:54 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\mozilla firefox\extensions\afurladvisor@anchorfree.com
[2012-12-06 15:08:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-10-11 03:58:06 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-10-11 03:58:06 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-10-11 03:58:06 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-10-11 03:58:06 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-10-11 03:58:06 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-10-11 03:58:06 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
Hosts file not found
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3 - HKLM\..\Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Driver Genius]  File not found
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] "E:\Programy\LogMeIn Hamach\hamachi-2-ui.exe" --auto-start File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3687210550-4096669916-69700731-1000..\Run: [AlcoholAutomount] E:\Programy\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-3687210550-4096669916-69700731-1000..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe (AQQ Sp. z o.o.)
O4 - HKU\S-1-5-21-3687210550-4096669916-69700731-1000..\Run: [screenSHU] E:\Programy\screenSHU\screenSHU.exe ()
O4 - HKU\S-1-5-21-3687210550-4096669916-69700731-1000..\Run: [Steam] E:\Gry\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B084D405-98AE-4C21-BFE5-B665FFE91326}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-02-23 10:19:35 | 001,747,800 | R--- | M] () - G:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2008-01-28 19:26:18 | 000,000,049 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{6c41285c-1e8c-11e2-8bca-902b3461527a}\Shell - "" = AutoRun
O33 - MountPoints2\{6c41285c-1e8c-11e2-8bca-902b3461527a}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2010-02-23 10:19:35 | 001,747,800 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
 
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
========== Files/Folders - Created Within 60 Days ==========
 
[2013-01-05 15:35:33 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\FLT
[2013-01-04 17:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
[2013-01-04 17:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Hotspot Shield
[2013-01-04 17:00:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotspot Shield
[2012-12-30 02:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2012-12-28 15:39:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012-12-28 13:19:43 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\XRay Engine
[2012-12-27 12:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
[2012-12-27 12:49:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\STALKER-STCS
[2012-12-25 18:16:57 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Hamachi
[2012-12-25 18:16:15 | 000,021,832 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2012-12-25 13:12:48 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
[2012-12-25 12:50:52 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT
[2012-12-25 12:50:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT
[2012-12-25 02:34:18 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\3DMark 11
[2012-12-25 02:32:57 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\IsolatedStorage
[2012-12-25 02:32:54 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Futuremark_Corporation
[2012-12-25 02:31:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2012-12-25 02:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
[2012-12-25 02:16:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012-12-23 20:26:58 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\Serwer
[2012-12-22 17:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012-12-22 17:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2012-12-15 15:16:49 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012-12-15 15:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012-12-15 15:16:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2012-12-06 15:08:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-12-02 16:15:36 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-12-02 14:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
[2012-11-29 15:33:23 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Apps
[2012-11-24 16:00:49 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012-11-17 20:05:04 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Rockstar Games
[2012-11-17 19:48:31 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Rockstar Games
[2012-11-17 19:48:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2012-11-17 19:47:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012-11-17 19:42:01 | 000,000,000 | RH-D | C] -- C:\Users\Kuba\AppData\Roaming\SecuROM
[2012-11-17 19:37:18 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012-11-17 19:35:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012-11-17 19:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012-11-17 19:21:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012-11-17 12:58:49 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\BioWare
[2012-11-17 12:54:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age II
[2012-11-17 12:46:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2012-11-17 11:37:07 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\storage
[2012-11-16 17:26:20 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Ubisoft Game Launcher
[2012-11-16 17:25:34 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\SKIDROW
[2012-11-16 17:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012-11-16 17:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012-11-16 17:22:09 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Ubisoft
[2012-11-16 17:22:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2012-11-16 16:46:13 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2012-11-16 12:40:12 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Skyrim
[2012-11-16 12:40:12 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\My Games
[2012-11-16 12:23:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012-11-16 12:18:53 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\2K Games
[2012-11-16 09:03:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012-11-16 08:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda
[2012-11-16 08:54:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
[2012-11-16 08:23:41 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Alcohol 120%
[2012-11-15 02:38:20 | 000,040,712 | ---- | C] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys
[2012-11-15 02:33:20 | 000,042,248 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
 
========== Files - Modified Within 60 Days ==========
 
[2013-01-09 17:54:32 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-01-09 17:22:30 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-01-09 17:22:30 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-01-09 17:16:15 | 000,007,597 | ---- | M] () -- C:\Users\Kuba\AppData\Local\Resmon.ResmonCfg
[2013-01-09 17:10:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-01-09 17:10:53 | 2106,269,695 | -HS- | M] () -- C:\hiberfil.sys
[2013-01-05 15:33:06 | 000,000,912 | ---- | M] () -- C:\Users\Kuba\Desktop\Don't Starve Beta (18 November).lnk
[2013-01-04 17:01:45 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2012-12-30 23:25:23 | 000,000,857 | ---- | M] () -- C:\Users\Kuba\Documents\ax_files.xml
[2012-12-30 02:25:04 | 000,000,604 | ---- | M] () -- C:\Users\Kuba\Desktop\HD Tune.lnk
[2012-12-28 23:53:13 | 004,295,168 | ---- | M] () -- C:\Users\Kuba\Desktop\hamachi.msi
[2012-12-27 14:12:14 | 000,001,750 | ---- | M] () -- C:\Users\Kuba\Documents\cc_20121227_141208.reg
[2012-12-27 13:05:54 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2012-12-27 13:05:54 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2012-12-27 12:50:27 | 000,000,892 | ---- | M] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Clear Sky.lnk
[2012-12-25 18:16:15 | 000,021,832 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2012-12-25 12:50:55 | 000,000,629 | ---- | M] () -- C:\Users\Kuba\Desktop\OCCT.lnk
[2012-12-25 02:30:44 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2012-12-25 02:16:09 | 000,000,622 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012-12-22 11:22:29 | 000,276,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-12-15 15:16:49 | 000,001,007 | ---- | M] () -- C:\Users\Kuba\Desktop\SpeedFan.lnk
[2012-12-15 15:16:48 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-12-15 11:15:32 | 000,581,642 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\technic-launcher.jar
[2012-12-09 16:50:10 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-12-09 16:50:10 | 000,697,674 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-12-09 16:50:10 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-12-09 16:50:10 | 000,134,784 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-12-09 16:50:10 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-12-02 14:28:24 | 000,000,639 | ---- | M] () -- C:\Users\Kuba\Desktop\Resource Hacker.lnk
[2012-12-02 00:32:53 | 000,581,172 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\technic-launcher.jar.bak
[2012-11-24 16:36:11 | 000,000,203 | ---- | M] () -- C:\Users\Kuba\Desktop\Team Fortress 2.url
[2012-11-24 16:28:19 | 000,000,202 | ---- | M] () -- C:\Users\Kuba\Desktop\Counter-Strike.url
[2012-11-24 16:00:49 | 000,000,203 | ---- | M] () -- C:\Users\Kuba\Desktop\Dota 2.url
[2012-11-22 21:37:36 | 000,885,503 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2012-11-22 21:37:36 | 000,046,790 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2012-11-18 17:06:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-11-17 19:37:18 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012-11-17 19:35:15 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2012-11-17 12:54:46 | 000,000,676 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Age II.lnk
[2012-11-17 11:38:49 | 000,001,158 | ---- | M] () -- C:\Users\Kuba\Desktop\AssassinsCreed II.lnk
[2012-11-16 08:59:41 | 000,000,726 | ---- | M] () -- C:\Users\Public\Desktop\The Elder Scrolls V - Skyrim.lnk
[2012-11-16 08:54:14 | 000,000,749 | ---- | M] () -- C:\Users\Public\Desktop\Mafia II.lnk
[2012-11-15 02:38:20 | 000,040,712 | ---- | M] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys
[2012-11-15 02:33:20 | 000,042,248 | ---- | M] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
 
========== Files Created - No Company Name ==========
 
[2013-01-05 15:33:06 | 000,000,912 | ---- | C] () -- C:\Users\Kuba\Desktop\Don't Starve Beta (18 November).lnk
[2013-01-04 17:01:45 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2012-12-30 02:25:04 | 000,000,604 | ---- | C] () -- C:\Users\Kuba\Desktop\HD Tune.lnk
[2012-12-28 23:53:16 | 004,295,168 | ---- | C] () -- C:\Users\Kuba\Desktop\hamachi.msi
[2012-12-27 14:12:11 | 000,001,750 | ---- | C] () -- C:\Users\Kuba\Documents\cc_20121227_141208.reg
[2012-12-27 13:05:54 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2012-12-27 13:05:54 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2012-12-27 12:50:27 | 000,000,892 | ---- | C] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Clear Sky.lnk
[2012-12-25 12:50:55 | 000,000,629 | ---- | C] () -- C:\Users\Kuba\Desktop\OCCT.lnk
[2012-12-25 02:30:44 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2012-12-25 02:16:09 | 000,000,622 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012-12-15 15:16:49 | 000,001,007 | ---- | C] () -- C:\Users\Kuba\Desktop\SpeedFan.lnk
[2012-12-15 15:16:48 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-12-02 14:28:24 | 000,000,639 | ---- | C] () -- C:\Users\Kuba\Desktop\Resource Hacker.lnk
[2012-11-24 16:36:11 | 000,000,203 | ---- | C] () -- C:\Users\Kuba\Desktop\Team Fortress 2.url
[2012-11-24 16:28:19 | 000,000,202 | ---- | C] () -- C:\Users\Kuba\Desktop\Counter-Strike.url
[2012-11-24 16:00:49 | 000,000,203 | ---- | C] () -- C:\Users\Kuba\Desktop\Dota 2.url
[2012-11-18 17:06:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-11-17 19:47:16 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012-11-17 19:35:15 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2012-11-17 12:54:46 | 000,000,676 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Age II.lnk
[2012-11-17 11:38:52 | 000,001,158 | ---- | C] () -- C:\Users\Kuba\Desktop\AssassinsCreed II.lnk
[2012-11-16 08:59:41 | 000,000,726 | ---- | C] () -- C:\Users\Public\Desktop\The Elder Scrolls V - Skyrim.lnk
[2012-11-16 08:54:14 | 000,000,749 | ---- | C] () -- C:\Users\Public\Desktop\Mafia II.lnk
[2012-11-16 07:04:23 | 000,007,597 | ---- | C] () -- C:\Users\Kuba\AppData\Local\Resmon.ResmonCfg
[2012-11-14 20:30:42 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012-11-14 20:25:06 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012-10-25 12:29:28 | 000,581,642 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\technic-launcher.jar
[2012-10-25 12:29:28 | 000,581,172 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\technic-launcher.jar.bak
[2012-10-25 10:27:07 | 000,001,209 | ---- | C] () -- C:\Windows\skSPcfg.ini
[2012-10-25 10:27:07 | 000,000,381 | ---- | C] () -- C:\Windows\skMCcfg.ini
[2012-10-25 10:27:06 | 000,128,512 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012-10-25 10:27:06 | 000,069,120 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012-10-25 08:58:49 | 000,885,503 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2012-10-24 21:42:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-10-24 21:40:55 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-10-24 21:40:55 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-10-24 21:40:55 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012-10-24 21:24:52 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012-10-24 21:18:53 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012-05-02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011-12-08 15:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
 
========== ZeroAccess Check ==========
 
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012-12-24 15:35:03 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.minecraft
[2013-01-04 22:58:56 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.techniclauncher
[2012-10-30 14:55:53 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Easeware
[2012-12-01 19:38:42 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\EurekaLog
[2012-10-27 10:07:14 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\FileZilla
[2013-01-04 22:58:49 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\logs
[2012-10-27 10:25:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Notepad++
[2012-10-25 09:39:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Splashtop
[2012-10-25 20:01:17 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Teeworlds
[2013-01-07 20:55:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\TS3Client
[2012-11-16 17:22:09 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ubisoft
[2012-12-28 13:19:43 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\XRay Engine
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %systemdrive%\*.* >
[2012-10-24 21:24:58 | 000,000,180 | ---- | M] () -- C:\csb.log
[2013-01-09 17:10:53 | 2106,269,695 | -HS- | M] () -- C:\hiberfil.sys
[2012-10-24 21:22:19 | 000,000,206 | ---- | M] () -- C:\Install.log
[2013-01-09 17:10:54 | 4240,015,359 | -HS- | M] () -- C:\pagefile.sys
[2012-10-24 21:22:19 | 000,003,235 | ---- | M] () -- C:\RHDSetup.log
 
< MD5 for: AGP440.SYS  >
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: BEEP.SYS  >
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys
 
< MD5 for: CDROM.SYS  >
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
 
< MD5 for: NDIS.SYS  >
[2012-08-22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010-11-21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
 
< MD5 for: WINLOGON.EXE  >
[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< End of report >

[/log]

 

 

[log]OTL Extras logfile created on: 2013-01-09 18:41:23 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = E:\Pobrane
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,95 Gb Total Physical Memory | 5,69 Gb Available Physical Memory | 71,62% Memory free
15,90 Gb Paging File | 13,06 Gb Available in Paging File | 82,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 79,64 Gb Total Space | 44,97 Gb Free Space | 56,46% Space Free | Partition Type: NTFS
Drive D: | 97,56 Gb Total Space | 38,06 Gb Free Space | 39,01% Space Free | Partition Type: NTFS
Drive E: | 195,31 Gb Total Space | 65,22 Gb Free Space | 33,39% Space Free | Partition Type: NTFS
Drive G: | 3,62 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3687210550-4096669916-69700731-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0402F9F3-436E-469A-A985-044B3AD38A88}" = lport=139 | protocol=6 | dir=in | app=system |
"{0C469EA9-3F5D-4194-ACAA-415E1D4246FD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1B2C321A-2466-4EBA-AAC2-7DC7EF30E69C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1BA37879-583C-4F10-8B30-0ED6F74AAC7B}" = rport=445 | protocol=6 | dir=out | app=system |
"{27D14CF6-52E1-490A-B398-AD4F18227262}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3FF1312F-B611-46D0-86A9-93C7407A95AE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41C5074B-6F52-4445-BDE8-3EFB8989A4A3}" = rport=139 | protocol=6 | dir=out | app=system |
"{4BA28922-FBB2-4345-9CA8-A68BD3DC5DB6}" = rport=137 | protocol=17 | dir=out | app=system |
"{4BF9BAA8-F400-46BA-A256-D484498F74DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4E6A3C61-95C6-4806-95CF-D1206CBEB9B7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5DADFA2D-B035-4B32-AF19-C29DC4AF812A}" = lport=138 | protocol=17 | dir=in | app=system |
"{7FD0CBF1-369C-4135-ACAC-44DB052FC8E2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{865C67CD-98B9-4C2B-ACD9-CF44AFC4F596}" = rport=138 | protocol=17 | dir=out | app=system |
"{8D5391BC-2405-4137-B723-45247A652815}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8F618A4B-4561-42BE-83CF-0DF107DC6772}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9E568D1A-78EF-47A2-AA77-4448FC58EC62}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A24C93E1-AE30-42D7-ABBE-C2C6180071E0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A3731A21-3569-45AB-89AB-28C0332CD29C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AC205059-5EFD-4819-A5A0-ED84991D9030}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B2FC61DB-40F6-43C7-99ED-ACED5A27FC96}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BC167094-9E5C-41D3-AC79-FC3FE4051A9C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C5B9255A-BF3E-4C56-AB0A-6F414554BF7A}" = lport=445 | protocol=6 | dir=in | app=system |
"{E6162F77-C333-4460-B232-B6D815DE47E3}" = lport=137 | protocol=17 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AC3F0C-8246-4E43-BCDB-A30F44F85CF4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{01E5BD26-6276-43AE-AC80-190B9781B892}" = protocol=17 | dir=in | app=e:\gry\assassin's creed ii\uplaybrowser.exe |
"{06CA03F5-6AC7-41F8-9F9C-294F0DB51372}" = protocol=6 | dir=in | app=e:\gry\assassin's creed ii\assassinscreedii.exe |
"{0B32CB88-BE07-4EC0-B543-720A7FD07CBD}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{0E4565EB-D503-4EA8-A7A1-36ADC0DBF883}" = protocol=17 | dir=in | app=e:\gry\assassin's creed ii\assassinscreediigame.exe |
"{1239F75E-211A-49AF-8082-F4679C5B344C}" = protocol=6 | dir=in | app=e:\gry\steam\steamapps\kuba_516\counter-strike\hl.exe |
"{1BA64C07-A51E-48A0-B570-5869DB2E120A}" = protocol=17 | dir=in | app=e:\gry\assassin's creed ii\assassinscreedii.exe |
"{1E765833-4DC6-458A-965F-0411C7B69586}" = protocol=17 | dir=in | app=e:\gry\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe |
"{1FFA03F5-35BA-4AE3-BC7C-B6F45996BD57}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{27D675BA-4A82-427C-BF77-B9CB3A67A965}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{35B8646E-BF12-45A3-A004-A7F0E3F38615}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3967E8AB-8FB4-4CAE-92A6-302EB6651472}" = protocol=6 | dir=out | app=system |
"{40EA44BE-7873-40D7-AE37-564A8B49ED8D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{48151639-81D2-4485-801F-31F69F505E11}" = protocol=17 | dir=in | app=e:\gry\steam\steamapps\kuba_516\counter-strike\hl.exe |
"{4893FC5A-DD90-4A00-8F96-56C98CF402F6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4E5E6FBD-1CD1-405A-92C0-F25A9FEF9456}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{59C803F8-936D-44EC-BCEB-5F2F3CAC73B9}" = protocol=6 | dir=in | app=e:\gry\steam\steam.exe |
"{60D104FD-8A76-4ECA-8844-DDEE317F6C16}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{668530D9-8923-4A27-A6A5-D0A96880B468}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{68FA6A6B-4437-431F-B217-35C56E548AC1}" = protocol=17 | dir=in | app=e:\gry\dragon age 2\dragonage2launcher.exe |
"{73BFD577-7C1F-4E63-BF3F-89C2CF6EE9AC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{74A36A72-C4E4-4850-92C6-7317EA5C681D}" = protocol=6 | dir=in | app=e:\gry\dragon age 2\dragonage2launcher.exe |
"{891A1DB5-0D7B-488A-B0DA-C996F9D66310}" = protocol=6 | dir=in | app=e:\gry\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe |
"{8CD9E530-8569-4B5C-BD49-39B22FE142C8}" = protocol=6 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{8EA2CC40-1705-45C1-BA36-B0752078912A}" = protocol=6 | dir=in | app=e:\gry\dragon age 2\bin_ship\dragonage2.exe |
"{96F80B77-7148-46C2-A17B-7D777CF9F7C1}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{9FE8FCEA-219A-4CEC-B3B5-07B7CCED103E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A47B11F4-D2F7-4501-904B-2DBD61174C85}" = protocol=6 | dir=in | app=e:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
"{A48BECCF-CB18-42DA-9CF0-4903F65C2404}" = protocol=6 | dir=in | app=e:\gry\assassin's creed ii\uplaybrowser.exe |
"{A74120AC-D850-4FEC-9D1D-B20B9BF65727}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A7C74232-6C75-4B99-8962-E0B920CCF20D}" = protocol=17 | dir=in | app=e:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
"{AD59D626-D43F-45DF-B674-DF5EA8DDB124}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AE4C480D-827D-4BB8-9550-6DE602EAEC72}" = dir=in | app=e:\programy\skype\phone\skype.exe |
"{B4D65F48-3DB8-4FF1-8773-5D4B286705C1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B7F618AB-AF27-45E3-A20C-7662799FEE43}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BA0FA441-E99A-4421-B21F-A46DEF06F86C}" = protocol=17 | dir=in | app=e:\gry\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe |
"{C51CAD0E-2141-4686-9373-E0E6C9DE0148}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{CE96531A-66A5-4864-B9B7-D99964CC9B04}" = protocol=17 | dir=in | app=e:\gry\steam\steam.exe |
"{D5D97ADE-0579-4AA8-87D3-A1F6D8635C10}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D6A3FB9D-9469-470E-B1AD-92FFB58D10FB}" = protocol=6 | dir=in | app=e:\gry\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe |
"{D753B1BA-5A12-4AF8-BD93-5E87BEA80565}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DDBD42A6-1C20-4838-88CA-DECB97300E6B}" = protocol=17 | dir=in | app=e:\gry\dragon age 2\bin_ship\dragonage2.exe |
"{DF96CB38-2749-432E-8AE6-3E3874EF2C12}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E3F15E8A-B34E-4B9F-8259-69BD5F3C9A16}" = protocol=17 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{E44F8A62-4C38-4596-818D-418EFCAE6896}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E5E2E4B3-7C16-49C3-B060-2C806C799DDE}" = protocol=6 | dir=in | app=e:\gry\assassin's creed ii\assassinscreediigame.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18A5D014-E9AD-DEFE-FAFE-A409612F51B4}" = AMD Media Foundation Decoders
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{2D58E228-ACD8-0B8A-E1FF-D3F7020DA30F}" = AMD Media Foundation Decoders
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50BD00DC-127E-BF00-FDD5-E1A93AB3507C}" = ccc-utility64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.9
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{A71060CF-81D0-EC17-2252-78CA0E96CCCF}" = AMD Drag and Drop Transcoding
"{BB009B20-0BA0-ABDF-1947-4D56639214C7}" = AMD Accelerated Video Transcoding
"{E85D1C80-28C4-76B8-5A5A-2C8D8B38D5D9}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.62.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-bitowy)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03AEAB60-A7B3-A8DB-468B-EB30FB4B40B0}" = CCC Help German
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{162ABED6-E60C-6CFF-100E-43C16ABBC5BE}" = CCC Help Chinese Standard
"{1CB724FF-D18C-8FFB-E7C9-0A09CF8EC066}" = CCC Help Japanese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20C14CC3-5E3B-D39A-5B37-B15E59785063}" = CCC Help Chinese Traditional
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2632A2C0-ECF4-7F79-7136-9FEA4C253A4C}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{30F712DA-64FE-5DBE-AE76-3F8EA3F8223C}" = CCC Help French
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3C39B3CC-4EC8-C756-AF4B-72366504FCA5}" = CCC Help Hungarian
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CC9D761-A9B6-D8EA-D2A9-B74B5A90B108}" = CCC Help Norwegian
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{54B227A6-BDBE-69FA-D450-B99609063044}" = CCC Help Greek
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73F9192E-A60B-47BA-809A-AE07AF507EA7}" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"{7C587778-C433-980E-F3C1-203890DC4FBE}" = CCC Help Polish
"{7DC3EABF-66A2-6D79-B485-6328525CA387}" = CCC Help Swedish
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{843603C6-75B7-BAB5-80DE-E76FB28DEEF2}" = CCC Help Finnish
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8BBC66FD-0195-29B4-5A58-E0B0554E8F42}" = Catalyst Control Center
"{8D9EEAC7-42D5-3951-612A-EAA7B684C592}" = CCC Help Italian
"{9791DAED-B734-2835-988B-157BDA087496}" = CCC Help Dutch
"{98B740C3-FAA4-C523-7478-4DBCAB7B27D1}" = Catalyst Control Center Graphics Previews Common
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F0CAC6D-9B0D-A95F-CF61-6E88952D6181}" = CCC Help Thai
"{A625DB70-98D5-16FD-C49D-4B8B1B2304A4}" = CCC Help Spanish
"{A90214C3-3A0C-2F05-6083-E1A4BAD9E30D}" = CCC Help Danish
"{AA123216-6DE0-E57C-DC57-4FECEACB482F}" = CCC Help Russian
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{CE6217F3-6072-40E2-9157-A4695C334F8E}" = G Data TotalProtection 2013
"{D0837A59-83E6-3392-1BD9-86D3445676DB}" = CCC Help Korean
"{D70AB273-113B-D7DE-5C8D-82CABA7CB0AF}" = Catalyst Control Center Localization All
"{DC8772D4-C75F-5235-63E2-BBC73F909B7A}" = CCC Help Czech
"{DED7FD3C-DDD2-43BB-B0F5-B07F9D0430D3}" = CCC Help Portuguese
"{E157F2EB-E06F-B57F-9105-68F348DB2EAD}" = CCC Help English
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EBC8C5A1-7745-419F-B6C6-B0DD87F24D52}" = LogMeIn Hamachi
"{EF036F44-A287-BC23-3F6E-AAE6FDEF47EF}" = Catalyst Control Center InstallProxy
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AQQ" = WapSter AQQ
"AudioCS" = Creative Audio Control Panel
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"FileZilla Client" = FileZilla Client 3.5.3
"Fraps" = Fraps (remove only)
"HD Tune_is1" = HD Tune 2.55
"Host OpenAL" = Host OpenAL
"HotspotShield" = Hotspot Shield 2.78
"Łatka polonizacyjna GTA IV v1.0" = Łatka polonizacyjna GTA IV v1.0
"Mafia II_is1" = Mafia II
"Mozilla Firefox 17.0.1 (x86 pl)" = Mozilla Firefox 17.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"OCCT" = OCCT 4.3.2
"ResourceHacker_is1" = Resource Hacker Version 3.6.0
"S.T.A.L.K.E.R. - Clear Sky_is1" = S.T.A.L.K.E.R. - Clear Sky
"screenSHU" = screenSHU - the fastest screen capture ever.
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"Steam App 440" = Team Fortress 2
"Steam App 570" = Dota 2
"The Elder Scrolls V - Skyrim_is1" = The Elder Scrolls V - Skyrim
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 2013-01-06 04:56:10 | Computer Name = Kuba-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-01-06 14:03:26 | Computer Name = Kuba-Komputer | Source = Windows Backup | ID = 4104
Description =
 
Error - 2013-01-07 11:05:47 | Computer Name = Kuba-Komputer | Source = TSNxGService | ID = 131074
Description = G Data TopSecret Inicjalizacja modułu ochrony plików (AFP) nie powiodła
 się Kod błędu: 1
 
Error - 2013-01-07 11:07:15 | Computer Name = Kuba-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-01-07 16:13:38 | Computer Name = Kuba-Komputer | Source = SideBySide | ID = 16842815
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\WapSter\wapster
 aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program
 files (x86)\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8.  Wartość "*" atrybutu
 "language" elementu "assemblyIdentity" jest nieprawidłowa.
 
Error - 2013-01-08 11:15:29 | Computer Name = Kuba-Komputer | Source = TSNxGService | ID = 131074
Description = G Data TopSecret Inicjalizacja modułu ochrony plików (AFP) nie powiodła
 się Kod błędu: 1
 
Error - 2013-01-08 11:16:56 | Computer Name = Kuba-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-01-08 12:38:01 | Computer Name = Kuba-Komputer | Source = SideBySide | ID = 16842815
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\WapSter\wapster
 aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program
 files (x86)\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8.  Wartość "*" atrybutu
 "language" elementu "assemblyIdentity" jest nieprawidłowa.
 
Error - 2013-01-09 12:11:16 | Computer Name = Kuba-Komputer | Source = TSNxGService | ID = 131074
Description = G Data TopSecret Inicjalizacja modułu ochrony plików (AFP) nie powiodła
 się Kod błędu: 1
 
Error - 2013-01-09 12:12:48 | Computer Name = Kuba-Komputer | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 2013-01-09 12:11:50 | Computer Name = Kuba-Komputer | Source = DCOM | ID = 10005
Description =
 
Error - 2013-01-09 12:13:38 | Computer Name = Kuba-Komputer | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Wystąpił błąd podczas próby odczytu lokalnego pliku hosts.
 
Error - 2013-01-09 12:14:10 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
Error - 2013-01-09 12:14:10 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
Error - 2013-01-09 12:14:10 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
Error - 2013-01-09 12:14:08 | Computer Name = Kuba-Komputer | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Wystąpił błąd podczas próby odczytu lokalnego pliku hosts.
 
Error - 2013-01-09 12:14:13 | Computer Name = Kuba-Komputer | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Wystąpił błąd podczas próby odczytu lokalnego pliku hosts.
 
Error - 2013-01-09 12:14:37 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
Error - 2013-01-09 12:14:37 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
Error - 2013-01-09 12:14:37 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
 
< End of report >

[/log]

 

RSIT:

[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Kuba at 2013-01-09 20:01:06
Microsoft Windows 7 Ultimate  Service Pack 1
System drive C: has 46 GB (56%) free of 82 GB
Total RAM: 8140 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:01:09, on 2013-01-09
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe
E:\Programy\screenSHU\screenSHU.exe
E:\Programy\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
E:\Pobrane\RSIT-1.06.exe
C:\Program Files (x86)\trend micro\Kuba.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "E:\Programy\LogMeIn Hamach\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe
O4 - HKCU\..\Run: [Steam] "E:\Gry\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AlcoholAutomount] "E:\Programy\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [screenSHU] "E:\Programy\screenSHU\screenSHU.exe" --hidden
O4 - HKCU\..\Run: [Skype] "E:\Programy\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
O23 - Service: G Data Strażnik systemu plików (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - E:\Programy\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: G Data Backup Service (GDBackupSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: G Data Tuner Service (GDTunerSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - Unknown owner - E:\Programy\LogMeIn Hamach\hamachi-2.exe (file missing)
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - E:\Programy\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - E:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: G Data TopSecret Service (TSNxGService) - G Data Software - C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12212 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-10-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}]
G Data BankGuard - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll [2012-01-27 52728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-10-25 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll [2012-11-08 233288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2012-07-25 133440]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-27 291608]
"G Data AntiVirus Tray Application"=C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe [2012-05-24 985624]
"GDFirewallTray"=C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe [2012-01-27 1470968]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Driver Genius"= []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"LogMeIn Hamachi Ui"=E:\Programy\LogMeIn Hamach\hamachi-2-ui.exe --auto-start []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AQQ"=C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe [2012-12-31 8866816]
"Steam"=E:\Gry\Steam\Steam.exe [2012-12-03 1354736]
"AlcoholAutomount"=E:\Programy\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
"screenSHU"=E:\Programy\screenSHU\screenSHU.exe [2012-04-03 2121216]
"Skype"=E:\Programy\Skype\Phone\Skype.exe [2012-10-19 17875120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-01-09 20:01:06 ----D---- C:\rsit
2013-01-04 17:01:16 ----D---- C:\ProgramData\Hotspot Shield
2013-01-04 17:00:54 ----D---- C:\Program Files (x86)\Hotspot Shield
2012-12-28 15:39:41 ----D---- C:\Program Files (x86)\trend micro
2012-12-28 13:19:43 ----D---- C:\Users\Kuba\AppData\Roaming\XRay Engine
2012-12-25 18:16:57 ----D---- C:\Users\Kuba\AppData\Roaming\Hamachi
2012-12-25 02:31:06 ----D---- C:\Program Files (x86)\Futuremark
2012-12-22 17:15:19 ----D---- C:\ProgramData\Electronic Arts
2012-12-22 17:15:19 ----D---- C:\ProgramData\EA Core
2012-12-22 00:39:02 ----A---- C:\Windows\SysWOW64\atmlib.dll
2012-12-22 00:39:01 ----A---- C:\Windows\SysWOW64\atmfd.dll
2012-12-15 15:16:48 ----D---- C:\Program Files (x86)\SpeedFan
2012-12-13 17:45:20 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2012-12-13 17:45:19 ----A---- C:\Windows\SysWOW64\vbscript.dll
2012-12-13 17:45:19 ----A---- C:\Windows\SysWOW64\urlmon.dll
2012-12-13 17:45:19 ----A---- C:\Windows\SysWOW64\url.dll
2012-12-13 17:45:19 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2012-12-13 17:45:19 ----A---- C:\Windows\SysWOW64\ieui.dll
2012-12-13 17:45:18 ----A---- C:\Windows\SysWOW64\wininet.dll
2012-12-13 17:45:18 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2012-12-13 17:45:17 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2012-12-13 17:45:17 ----A---- C:\Windows\SysWOW64\jscript9.dll
2012-12-13 17:45:17 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-12-13 17:45:17 ----A---- C:\Windows\SysWOW64\iertutil.dll
2012-12-13 17:45:15 ----A---- C:\Windows\SysWOW64\mshtml.dll
2012-12-13 17:45:14 ----A---- C:\Windows\SysWOW64\ieframe.dll
2012-12-13 16:14:53 ----A---- C:\Windows\SysWOW64\tzres.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-12-13 16:14:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-12-13 16:14:43 ----A---- C:\Windows\SysWOW64\wow32.dll
2012-12-13 16:14:43 ----A---- C:\Windows\SysWOW64\setup16.exe
2012-12-13 16:14:43 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2012-12-13 16:14:43 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2012-12-13 16:14:43 ----A---- C:\Windows\SysWOW64\kernel32.dll
2012-12-13 16:14:43 ----A---- C:\Windows\SysWOW64\instnm.exe
2012-12-13 16:14:42 ----A---- C:\Windows\SysWOW64\user.exe
2012-12-13 16:14:35 ----A---- C:\Windows\SysWOW64\dpnet.dll

======List of files/folders modified in the last 1 months======

2013-01-09 20:01:09 ----D---- C:\Windows\Temp
2013-01-09 19:27:14 ----D---- C:\Users\Kuba\AppData\Roaming\Skype
2013-01-09 17:54:33 ----D---- C:\Windows\SysWOW64
2013-01-09 17:54:31 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-01-09 17:21:01 ----D---- C:\Windows\winsxs
2013-01-09 17:13:34 ----A---- C:\Windows\SysWOW64\log.txt
2013-01-09 17:13:30 ----D---- C:\Windows\inf
2013-01-08 17:09:04 ----SHD---- C:\System Volume Information
2013-01-08 16:15:10 ----D---- C:\Windows
2013-01-07 22:17:55 ----D---- C:\Windows\Logs
2013-01-07 20:55:32 ----D---- C:\Users\Kuba\AppData\Roaming\TS3Client
2013-01-05 15:32:49 ----SHD---- C:\Windows\Installer
2013-01-04 22:58:56 ----D---- C:\Users\Kuba\AppData\Roaming\.techniclauncher
2013-01-04 22:58:49 ----D---- C:\Users\Kuba\AppData\Roaming\logs
2013-01-04 17:01:47 ----SD---- C:\ProgramData\Microsoft
2013-01-04 17:01:16 ----HD---- C:\ProgramData
2013-01-04 17:00:54 ----RD---- C:\Program Files (x86)
2012-12-28 23:28:37 ----D---- C:\Windows\System32
2012-12-28 15:16:56 ----SHD---- C:\$Recycle.Bin
2012-12-27 13:03:41 ----RSD---- C:\Windows\assembly
2012-12-25 13:12:49 ----SD---- C:\Users\Kuba\AppData\Roaming\Microsoft
2012-12-25 12:50:47 ----D---- C:\Windows\SysWOW64\directx
2012-12-25 02:31:06 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-12-24 15:42:05 ----RD---- C:\Users
2012-12-24 15:35:03 ----D---- C:\Users\Kuba\AppData\Roaming\.minecraft
2012-12-21 00:49:50 ----D---- C:\Program Files (x86)\Common Files\Steam
2012-12-16 00:49:19 ----D---- C:\Windows\debug
2012-12-15 19:52:37 ----D---- C:\Windows\SoftwareDistribution
2012-12-14 20:32:04 ----D---- C:\Windows\rescache
2012-12-13 19:08:29 ----D---- C:\Windows\SysWOW64\pl-PL
2012-12-13 19:08:27 ----D---- C:\Windows\SysWOW64\migration
2012-12-13 19:08:27 ----D---- C:\Windows\AppPatch
2012-12-13 19:08:27 ----D---- C:\Program Files (x86)\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 GDBehave;GDBehave; C:\Windows\system32\drivers\GDBehave.sys []
R0 iusb3hcs;Sterownik przełącznika kontrolera hosta Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R0 TS4NT;TS4nt driver; C:\Windows\System32\Drivers\TS4nt.sys []
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys []
R1 gdwfpcd;G Data WFP CD; C:\Windows\system32\drivers\gdwfpcd64.sys []
R1 GRD;G Data Rootkit Detector Driver; \??\C:\Windows\system32\drivers\GRD.sys []
R1 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys []
R1 HssDRV6;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys []
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
R3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 iusb3hub;Sterownik koncentratora Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys []
R3 iusb3xhc;Sterownik kontrolera hosta Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys []
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys []
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys []
R3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys []
S1 GLogin;GLogin; C:\Windows\SysWOW64\drivers\GLogin.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2012-10-24 30528]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys []
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2012-05-25 1540120]
R2 AVKService;G Data Scheduler; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe [2012-01-27 468472]
R2 AVKWCtl;G Data Strażnik systemu plików; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe [2012-01-27 2006872]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-01-27 286720]
R2 GDBackupSvc;G Data Backup Service; C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [2012-05-25 1618456]
R2 hshld;Hotspot Shield Service; C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-11-15 527728]
R2 HssSrv;Hotspot Shield Routing Service; C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe [2012-11-16 443760]
R2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2012-11-15 389488]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-19 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-25 277824]
R2 StarWindServiceAE;StarWind AE Service; E:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TSNxGService;G Data TopSecret Service; C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [2010-01-26 304712]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-25 365376]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 GDFwSvc;G Data Personal Firewall; C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [2012-05-25 1766976]
R3 GDScan;G Data Scanner; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2012-03-29 470008]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; E:\Programy\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; E:\Programy\LogMeIn Hamach\hamachi-2.exe -s []
S2 SkypeUpdate;Skype Updater; E:\Programy\Skype\Updater\Updater.exe [2012-10-19 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-10-25 79360]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584]
S3 GDTunerSvc;G Data Tuner Service; C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [2012-05-14 1218552]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [2012-11-15 78072]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-12-06 115168]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-12-20 541760]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------

[/log]

 

 

[log]info.txt logfile of random's system information tool 1.08 2013-01-09 20:01:10

======Uninstall list======

-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9  /remove
3DMark 11-->"C:\Program Files (x86)\InstallShield Installation Information\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}\setup.exe" -runfromtemp -l0x0409  -removeonly
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -maintain plugin
Adobe Reader XI-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AB0000000001}
Assassin's Creed II-->"C:\Program Files (x86)\InstallShield Installation Information\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}\setup.exe" -runfromtemp -l0x0009 -removeonly
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe"   -runfromtemp -removeonly
Catalyst Control Center - Branding-->MsiExec.exe /I{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}
Counter-Strike-->"E:\Gry\Steam\steam.exe" steam://uninstall/10
Creative Audio Control Panel-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9  /remove
Dota 2-->"E:\Gry\Steam\steam.exe" steam://uninstall/570
Dragon Age II-->"C:\Program Files (x86)\Common Files\BioWare\Uninstall Dragon Age 2.exe"
Driver Genius Professional Edition-->"E:\Programy\DriverGenius\unins000.exe"
EVEREST Ultimate Edition v5.50-->"C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\unins000.exe"
FileZilla Client 3.5.3-->E:\Programy\FileZilla FTP Client\uninstall.exe
Fraps (remove only)-->"E:\Programy\Fraps\uninstall.exe"
Futuremark SystemInfo-->"C:\Program Files (x86)\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0409  -removeonly
G Data TotalProtection 2013-->MsiExec.exe /I{CE6217F3-6072-40E2-9157-A4695C334F8E}
Grand Theft Auto IV-->"C:\Program Files (x86)\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8301}
HD Tune 2.55-->"E:\Programy\HD Tune\unins000.exe"
Host OpenAL-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x9  /remove
Hotspot Shield 2.78-->C:\Program Files (x86)\Hotspot Shield\Uninstall.exe
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) USB 3.0 eXtensible Host Controller Driver-->C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall
Internet Explorer Toolbar 4.6 by SweetPacks-->MsiExec.exe /X{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Java 7 Update 9-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217009FF}
JDownloader 0.9-->E:\Programy\JDownloader\JDUninstall.exe
LogMeIn Hamachi-->MsiExec.exe /I{EBC8C5A1-7745-419F-B6C6-B0DD87F24D52}
Łatka polonizacyjna GTA IV v1.0-->"E:\Gry\Rockstar Games\Grand Theft Auto IV\Spolszczenie\Deinstalator.exe"
Mafia II-->"E:\Gry\Mafia II\unins000.exe"
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Mozilla Firefox 17.0.1 (x86 pl)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Notepad++-->E:\Programy\Notepad++\uninstall.exe
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
OCCT 4.3.2-->E:\Programy\OCCTPT\uninst.exe
ON_OFF Charge B11.1102.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3DECD372-76A1-4483-BF10-B547790A3261}\setup.exe" -l0x9  -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\LSetup.Exe"  -removeonly
Resource Hacker Version 3.6.0-->"E:\Programy\Resource Hacker\unins000.exe"
S.T.A.L.K.E.R. - Clear Sky-->"E:\Gry\S.T.A.L.K.E.R. - Clear Sky\unins000.exe"
S.T.A.L.K.E.R. - Shadow of Chernobyl-->C:\Program Files (x86)\InstallShield Installation Information\{73F9192E-A60B-47BA-809A-AE07AF507EA7}\setup.exe -runfromtemp -l0x0015 -removeonly
screenSHU - the fastest screen capture ever.-->"E:\Programy\screenSHU\uninstall.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Skype™ 6.0-->MsiExec.exe /X{EA17F4FC-FDBF-4CF8-A529-2D983132D053}
SpeedFan (remove only)-->"C:\Program Files (x86)\SpeedFan\uninstall.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Team Fortress 2-->"E:\Gry\Steam\steam.exe" steam://uninstall/440
The Elder Scrolls V - Skyrim-->"E:\Gry\The Elder Scrolls V - Skyrim\unins000.exe"
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409  -removeonly
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
WapSter AQQ-->C:\Program Files (x86)\WapSter\WapSter AQQ\uninstall.exe

Hosts File Missing
======System event log======

Computer Name: 37L4247F27-25
Event Code: 7036
Message: Usługa Windows Event Log weszła w stan stopped.
Record Number: 5
Source Name: Service Control Manager
Time Written: 20101121035831.093172-000
Event Type: Informacje
User:

Computer Name: 37L4247F27-25
Event Code: 7036
Message: Usługa Diagnostic Policy Service weszła w stan stopped.
Record Number: 4
Source Name: Service Control Manager
Time Written: 20101121035831.093172-000
Event Type: Informacje
User:

Computer Name: 37L4247F27-25
Event Code: 6005
Message: Uruchomiono usługę Dziennik zdarzeń.
Record Number: 3
Source Name: EventLog
Time Written: 20121024014155.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247F27-25
Event Code: 6009
Message: Microsoft (R) Windows (R) 6.01. 7601 Service Pack 1 Multiprocessor Free.
Record Number: 2
Source Name: EventLog
Time Written: 20121024014155.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247F27-25
Event Code: 6011
Message: Nazwa NetBIOS i nazwa hosta DNS tego komputera zostały zmienione z 37L4247F27-25 na WIN-K7J0D1T7T00.
Record Number: 1
Source Name: EventLog
Time Written: 20121024014155.000000-000
Event Type: Informacje
User:

=====Application event log=====

Computer Name: 37L4247F27-25
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 5
Source Name: Microsoft-Windows-WMI
Time Written: 20121024014209.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247F27-25
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20121024014204.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247F27-25
Event Code: 4625
Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 3
Source Name: Microsoft-Windows-EventSystem
Time Written: 20121024014157.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247F27-25
Event Code: 1531
Message: Usługa profilów użytkowników została uruchomiona pomyślnie.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20121024014156.924916-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: 37L4247F27-25
Event Code: 1532
Message: Usługa profilów użytkowników została zatrzymana.


Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101121035831.124372-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

=====Security event log=====

Computer Name: 37L4247F27-25
Event Code: 4735
Message: Zmieniono grupę lokalną z włączonymi zabezpieczeniami.

Podmiot:
    Identyfikator zabezpieczeń:        S-1-5-18
    Nazwa konta:        37L4247F27-25$
    Domena konta:        WORKGROUP
    Identyfikator logowania:        0x3e7

Grupa:
    Identyfikator zabezpieczeń:        S-1-5-32-551
    Nazwa grupy:        Operatorzy kopii zapasowych
    Domena grupy:        Builtin

Zmienione atrybuty:
    Nazwa konta SAM:    -
    Historia identyfikatora SID:        -

Informacje dodatkowe:
    Uprawnienia:        -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121024014132.900874-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247F27-25
Event Code: 4731
Message: Utworzono grupę lokalną z włączonymi zabezpieczeniami.

Podmiot:
    Identyfikator zabezpieczeń:        S-1-5-18
    Nazwa konta:        37L4247F27-25$
    Domena konta:        WORKGROUP
    Identyfikator logowania:        0x3e7

Nowa grupa:
    Identyfikator zabezpieczeń:        S-1-5-32-551
    Nazwa grupy:        Operatorzy kopii zapasowych
    Domena grupy:        Builtin

Atrybuty:
    Nazwa konta SAM:    Operatorzy kopii zapasowych
    Historia identyfikatora SID:        -

Informacje dodatkowe:
    Uprawnienia:        -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121024014132.869674-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247F27-25
Event Code: 4902
Message: Utworzono tabelę zasad inspekcji użytkownika.

Liczba elementów:    0
Identyfikator zasad:    0x32f20
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121024014132.526473-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247F27-25
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
    Identyfikator zabezpieczeń:        S-1-0-0
    Nazwa konta:        -
    Domena konta:        -
    Identyfikator logowania:        0x0

Typ logowania:            0

Nowe logowanie:
    Identyfikator zabezpieczeń:        S-1-5-18
    Nazwa konta:        SYSTEM
    Domena konta:        ZARZĄDZANIE NT
    Identyfikator logowania:        0x3e7
    Identyfikator GUID logowania:        {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
    Identyfikator procesu:        0x4
    Nazwa procesu:        

Informacje o sieci:
    Nazwa stacji roboczej:    -
    Adres źródłowy sieci:    -
    Port źródłowy:        -

Szczegółowe informacje o uwierzytelnianiu:
    Proces logowania:        -
    Pakiet uwierzytelniania:    -
    Usługi przejściowe:    -
    Nazwa pakietu (tylko NTLM):    -
    Długość klucza:        0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
    - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
    - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
    - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
    - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121024014129.609268-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247F27-25
Event Code: 4608
Message: Trwa uruchamianie systemu Windows.

To zdarzenie jest rejestrowane w momencie uruchamiania programu LSASS.EXE i inicjowania podsystemu inspekcji.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121024014129.484468-000
Event Type: Sukcesy inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\

-----------------EOF-----------------

[/log]

 

Z góry dziękuję i pozdrawiam :)

Natsuki Kuga
komentarz
komentarz

1. Do OTL wklej:
[spoiler]
:OTL
FF - prefs.js..extensions.enabledAddons: %7B906305f7-aafc-45e9-8bbd-941950a84dad%7D:1.1.11215.1124
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: "http://search.sweeti...ch.asp?src=2&q="
O3 - HKLM\..\Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Driver Genius"=-

:Commands
[resethosts]
[emptytemp]
[/spoiler]
Wykonaj skrypt, pokaż raport.

2. Użyj AdwCleaner z opcji Delete. Pokaż raport.

  • Dobra wypowiedź 1
Kuba516
komentarz
komentarz

Log z Otl'a :

 

[log]All processes killed
========== OTL ==========
Prefs.js: %7B906305f7-aafc-45e9-8bbd-941950a84dad%7D:1.1.11215.1124 removed from extensions.enabledAddons
Prefs.js: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.5 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 removed from extensions.enabledAddons
Prefs.js: "http://search.sweeti...h.asp?src=2&q=" removed from keyword.URL
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Driver Genius deleted successfully.
========== COMMANDS ==========
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Gość
->Temp folder emptied: 50826 bytes
->Temporary Internet Files folder emptied: 38417 bytes
 
User: Kuba
->Temp folder emptied: 156683 bytes
->Temporary Internet Files folder emptied: 1799281 bytes
->Java cache emptied: 43743 bytes
->FireFox cache emptied: 451157318 bytes
->Flash cache emptied: 2220 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3842330 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67965 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 436,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 01102013_162506

Files\Folders moved on Reboot...
C:\Users\Kuba\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\temp\JETBE3F.tmp moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[/log]

 

Raport z AdwCleaner'a :

 

[log]# AdwCleaner v2.105 - Log utworzony 10/01/2013 o 16:38:25
# Aktualizacja 08/01/2013 przez Xplode
# System operacyjny : Windows 7 Ultimate Service Pack 1 (64 bits)
# Użytkownik : Kuba - KUBA-KOMPUTER
# Tryb uruchomienia : Normalny
# Ścieżka : E:\Pobrane\adwcleaner_www.INSTALKI.pl.exe
# Opcja [Usuń]

***** [Usługi] *****


***** [Pliki / Foldery] *****

Folder Usunięto : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Usunięto : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}

***** [Rejestr] *****

Klucz Usunięto : HKCU\Software\APN PIP
Klucz Usunięto : HKCU\Software\InstallCore
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Klucz Usunięto : HKCU\Software\SweetIM
Klucz Usunięto : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Klucz Usunięto : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\Software\PIP
Klucz Usunięto : HKLM\Software\SweetIM
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

***** [Przeglądarki Internetowe] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Rejestr w porządku.

-\\ Mozilla Firefox v17.0.1 (pl)

Plik : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\3hev22t6.default\prefs.js

[OK] Plik w porządku.

*************************

AdwCleaner[S2].txt - [2846 octets] - [10/01/2013 16:38:25]

########## EOF - C:\AdwCleaner[S2].txt - [2906 octets] ##########

[/log]



Odswiezam + nie wiem czy nie powinienem dać nowych logów, gdyz w procesach pojawil mi sie proces o nazwie 'doaw' z opisem  'Напоминания Windows OOBE', plik doaw znajdowal sie w C:\Users\Kuba\AppData\Roaming\Ygorom .



Daje nowe logi,

 

OTL:

[log]OTL logfile created on: 2013-01-13 11:17:50 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kuba\Desktop\OTL & RSIT
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,95 Gb Total Physical Memory | 5,94 Gb Available Physical Memory | 74,73% Memory free
15,90 Gb Paging File | 13,24 Gb Available in Paging File | 83,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 79,64 Gb Total Space | 43,18 Gb Free Space | 54,22% Space Free | Partition Type: NTFS
Drive D: | 97,56 Gb Total Space | 38,06 Gb Free Space | 39,01% Space Free | Partition Type: NTFS
Drive E: | 195,31 Gb Total Space | 68,94 Gb Free Space | 35,30% Space Free | Partition Type: NTFS
 
Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days
 
[color=#E56717]========== Processes (All) ==========[/color]
 
PRC - [2013-01-11 13:17:32 | 000,917,552 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013-01-11 13:17:31 | 000,017,456 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2013-01-09 18:39:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL & RSIT\OTL.exe
PRC - [2013-01-09 17:54:31 | 001,808,392 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
PRC - [2012-12-31 15:40:00 | 008,866,816 | ---- | M] (AQQ Sp. z o.o.) -- C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe
PRC - [2012-12-20 19:23:00 | 000,541,760 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-12-03 20:19:31 | 001,354,736 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\Steam.exe
PRC - [2012-11-16 23:02:32 | 000,443,760 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2012-11-15 20:59:44 | 000,527,728 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
PRC - [2012-11-15 04:03:24 | 000,389,488 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2012-10-22 14:23:04 | 000,364,832 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012-10-22 14:23:02 | 000,277,792 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012-10-19 15:18:36 | 017,875,120 | R--- | M] (Skype Technologies S.A.) -- E:\Programy\Skype\Phone\Skype.exe
PRC - [2012-08-23 17:16:22 | 000,165,664 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2012-05-25 13:19:26 | 001,540,120 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
PRC - [2012-05-25 06:36:32 | 001,618,456 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
PRC - [2012-05-24 04:23:02 | 000,985,624 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
PRC - [2012-04-03 19:45:36 | 002,121,216 | ---- | M] () -- E:\Programy\screenSHU\screenSHU.exe
PRC - [2012-03-29 03:42:28 | 000,470,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
PRC - [2012-01-27 10:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012-01-27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
PRC - [2012-01-27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
PRC - [2010-01-27 16:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2010-01-26 16:18:16 | 000,304,712 | ---- | M] (G Data Software) -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- E:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009-07-14 02:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dllhost.exe
 
 
[color=#E56717]========== Modules (All) ==========[/color]
 
MOD - [2013-01-11 13:17:32 | 003,021,872 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013-01-11 13:17:32 | 002,850,864 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
MOD - [2013-01-11 13:17:32 | 000,917,552 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MOD - [2013-01-11 13:17:32 | 000,814,128 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
MOD - [2013-01-11 13:17:32 | 000,642,096 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MOD - [2013-01-11 13:17:32 | 000,375,344 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MOD - [2013-01-11 13:17:32 | 000,277,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MOD - [2013-01-11 13:17:32 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
MOD - [2013-01-11 13:17:32 | 000,172,080 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
MOD - [2013-01-11 13:17:32 | 000,142,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
MOD - [2013-01-11 13:17:32 | 000,104,496 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
MOD - [2013-01-11 13:17:32 | 000,091,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MOD - [2013-01-11 13:17:32 | 000,016,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MOD - [2013-01-11 13:17:31 | 017,798,192 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll
MOD - [2013-01-11 13:17:31 | 000,155,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
MOD - [2013-01-11 13:17:31 | 000,152,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MOD - [2013-01-11 13:17:31 | 000,092,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll
MOD - [2013-01-11 13:17:31 | 000,022,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll
MOD - [2013-01-11 13:17:31 | 000,021,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll
MOD - [2013-01-11 13:17:31 | 000,019,504 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
MOD - [2013-01-11 13:17:31 | 000,017,456 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
MOD - [2013-01-09 18:39:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL & RSIT\OTL.exe
MOD - [2013-01-09 17:54:31 | 014,586,888 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
MOD - [2013-01-09 17:54:31 | 001,808,392 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
MOD - [2012-12-31 15:44:24 | 001,060,864 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\SMS.dll
MOD - [2012-12-31 15:40:00 | 008,866,816 | ---- | M] (AQQ Sp. z o.o.) -- C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe
MOD - [2012-12-30 23:42:20 | 001,375,232 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\GGNet.dll
MOD - [2012-12-30 08:09:22 | 000,054,784 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\Contact.dll
MOD - [2012-12-20 19:23:13 | 000,647,168 | ---- | M] () -- E:\Gry\Steam\sdl.dll
MOD - [2012-12-20 19:23:09 | 000,282,176 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\crashhandler.dll
MOD - [2012-12-20 19:23:06 | 007,020,608 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\steamclient.dll
MOD - [2012-12-20 19:23:06 | 000,242,240 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\tier0_s.dll
MOD - [2012-12-20 19:23:06 | 000,214,080 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\vstdlib_s.dll
MOD - [2012-12-20 19:23:04 | 000,122,864 | ---- | M] (Valve) -- E:\Gry\Steam\CSERHelper.dll
MOD - [2012-12-20 19:23:00 | 000,673,344 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\bin\vgui2_s.dll
MOD - [2012-12-20 19:22:59 | 001,782,336 | ---- | M] (Valve Corporation) -- e:\Gry\Steam\bin\ServerBrowser.dll
MOD - [2012-12-20 19:22:58 | 020,320,240 | ---- | M] () -- E:\Gry\Steam\bin\libcef.dll
MOD - [2012-12-20 19:22:56 | 009,955,112 | ---- | M] (The ICU Project) -- E:\Gry\Steam\bin\icudt.dll
MOD - [2012-12-20 19:22:56 | 002,378,304 | ---- | M] (Valve Corporation) -- e:\Gry\Steam\bin\friendsUI.dll
MOD - [2012-12-20 19:22:56 | 000,969,280 | ---- | M] () -- E:\Gry\Steam\bin\chromehtml.dll
MOD - [2012-12-20 19:22:56 | 000,170,048 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\bin\FileSystem_Steam.dll
MOD - [2012-12-20 19:22:54 | 000,124,416 | ---- | M] () -- E:\Gry\Steam\bin\avutil-51.dll
MOD - [2012-12-20 19:22:52 | 000,192,000 | ---- | M] () -- E:\Gry\Steam\bin\avformat-53.dll
MOD - [2012-12-20 19:22:50 | 001,100,800 | ---- | M] () -- E:\Gry\Steam\bin\avcodec-53.dll
MOD - [2012-12-20 19:22:49 | 002,895,424 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\Steam.dll
MOD - [2012-12-20 19:22:47 | 008,192,576 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\SteamUI.dll
MOD - [2012-12-20 19:22:47 | 001,039,192 | ---- | M] (Microsoft Corporation) -- E:\Gry\Steam\dbghelp.dll
MOD - [2012-12-07 13:20:43 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll
MOD - [2012-12-03 20:19:31 | 001,354,736 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\Steam.exe
MOD - [2012-11-30 05:53:59 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2012-11-30 05:53:59 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2012-11-22 05:45:03 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2012-11-14 03:48:26 | 012,320,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012-11-14 03:14:59 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-11-14 03:09:22 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2012-11-14 02:57:44 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-11-14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-11-14 02:52:27 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2012-11-14 02:46:38 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-11-06 17:08:40 | 005,628,584 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdag.dll
MOD - [2012-11-06 16:29:34 | 000,959,488 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll
MOD - [2012-11-06 16:25:44 | 006,669,824 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2012-11-06 16:05:34 | 004,162,048 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdva.dll
MOD - [2012-11-06 15:54:52 | 000,109,568 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiuxpag.dll
MOD - [2012-11-06 15:54:38 | 000,083,968 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiu9pag.dll
MOD - [2012-10-19 15:18:36 | 017,875,120 | R--- | M] (Skype Technologies S.A.) -- E:\Programy\Skype\Phone\Skype.exe
MOD - [2012-10-11 02:04:04 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCR100.dll
MOD - [2012-10-11 02:04:04 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCP100.dll
MOD - [2012-10-09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2012-08-24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-07-27 10:26:30 | 001,198,080 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\Intel\iCLS Client\LIBEAY32.dll
MOD - [2012-07-27 10:26:30 | 000,303,104 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\Intel\iCLS Client\ssleay32.dll
MOD - [2012-07-04 22:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-06-02 05:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2012-06-02 05:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2012-06-02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012-06-02 05:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2012-05-31 11:29:22 | 000,405,032 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKScanJobC.dll
MOD - [2012-05-25 03:42:00 | 000,699,928 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\ObjBrwse.dll
MOD - [2012-05-24 04:23:02 | 000,985,624 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
MOD - [2012-05-21 12:43:10 | 001,274,880 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\WapSter\WapSter AQQ\LIBEAY32.DLL
MOD - [2012-05-21 12:43:10 | 000,330,752 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\WapSter\WapSter AQQ\SSLEAY32.DLL
MOD - [2012-05-20 19:49:11 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
MOD - [2012-05-20 19:48:51 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-05-20 19:47:19 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2012-05-20 19:46:58 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-05-20 19:46:18 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2012-05-20 19:45:32 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2012-05-20 19:40:55 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2012-05-20 19:39:09 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2012-05-20 19:39:09 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2012-05-20 19:38:49 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2012-05-20 19:38:07 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2012-05-20 19:38:07 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2012-05-20 19:33:35 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2012-05-20 19:31:55 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2012-05-20 19:30:50 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2012-05-20 19:26:58 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2012-05-05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2012-04-05 10:17:06 | 001,618,440 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Common\AVKRes.dll
MOD - [2012-04-03 19:45:36 | 002,121,216 | ---- | M] () -- E:\Programy\screenSHU\screenSHU.exe
MOD - [2012-02-02 18:27:54 | 002,843,136 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\QtCore4.dll
MOD - [2012-02-02 18:27:44 | 000,276,480 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\QtSql4.dll
MOD - [2012-02-02 18:27:34 | 001,289,728 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\QtNetwork4.dll
MOD - [2012-02-02 18:27:08 | 010,135,040 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\QtGui4.dll
MOD - [2012-02-02 18:26:54 | 000,527,360 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\sqldrivers\qsqlite4.dll
MOD - [2012-02-02 18:26:52 | 000,288,256 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\imageformats\qjpeg4.dll
MOD - [2012-02-02 18:26:52 | 000,043,008 | ---- | M] () -- E:\Programy\screenSHU\libgcc_s_dw2-1.dll
MOD - [2012-02-02 18:26:52 | 000,011,362 | ---- | M] () -- E:\Programy\screenSHU\mingwm10.dll
MOD - [2012-01-27 14:41:04 | 000,250,872 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\Banksafe.dll
MOD - [2012-01-27 10:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
MOD - [2012-01-27 10:38:07 | 000,073,728 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
MOD - [2012-01-27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
MOD - [2012-01-27 04:41:54 | 000,179,192 | ---- | M] (G DATA Software AG) -- C:\Program Files (x86)\Common Files\G DATA\AVKScanP\AVKScanP.dll
MOD - [2012-01-13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010-11-21 04:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-21 04:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-21 04:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-21 04:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-21 04:24:32 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll
MOD - [2010-11-21 04:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-21 04:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-21 04:24:28 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2010-11-21 04:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010-11-21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-21 04:24:23 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010-11-21 04:24:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-21 04:24:16 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
MOD - [2010-11-21 04:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-21 04:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-21 04:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-21 04:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-21 04:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010-11-21 04:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-21 04:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-21 04:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-21 04:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-21 04:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010-11-21 04:24:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-21 04:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-21 04:24:08 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010-11-21 04:24:08 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010-11-21 04:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010-11-21 04:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-21 04:24:08 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pdh.dll
MOD - [2010-11-21 04:24:08 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-21 04:24:08 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mapi32.dll
MOD - [2010-11-21 04:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-21 04:24:03 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll
MOD - [2010-11-21 04:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-21 04:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-21 04:24:02 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010-11-21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-21 04:24:01 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-21 04:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-21 04:23:55 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-21 04:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-21 04:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010-11-21 04:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-21 04:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-21 04:23:51 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010-11-21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-21 04:23:48 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010-11-21 04:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2009-08-18 11:29:22 | 000,134,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 02:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 02:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 02:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 02:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 02:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 02:16:12 | 000,791,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\opengl32.dll
MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 02:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PeerDist.dll
MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 02:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 02:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-07-14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 02:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009-07-14 02:15:27 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\idndl.dll
MOD - [2009-07-14 02:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hid.dll
MOD - [2009-07-14 02:15:22 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\glu32.dll
MOD - [2009-07-14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll
MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 02:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsrole.dll
MOD - [2009-07-14 02:15:11 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dinput8.dll
MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 02:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009-07-14 02:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009-07-14 02:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009-07-14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009-07-14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009-07-14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 02:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 02:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dllhost.exe
MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 02:09:53 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\security.dll
MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2007-04-04 18:53:42 | 000,081,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xinput1_3.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012-11-06 16:19:14 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2012-07-27 10:54:18 | 000,636,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2010-04-06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013-01-11 13:17:32 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-01-09 17:54:31 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-12-20 19:23:00 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-11-16 23:02:32 | 000,443,760 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2012-11-15 20:59:44 | 000,527,728 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2012-11-15 04:03:24 | 000,389,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2012-11-15 02:40:58 | 000,078,072 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE -- (HssTrayService)
SRV - [2012-10-25 10:27:45 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012-10-22 14:23:04 | 000,364,832 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-10-22 14:23:02 | 000,277,792 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-10-19 15:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- E:\Programy\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-08-23 17:16:22 | 000,165,664 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-05-25 13:19:26 | 001,540,120 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2012-05-25 06:36:32 | 001,618,456 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe -- (GDBackupSvc)
SRV - [2012-05-25 04:11:06 | 001,766,976 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2012-05-14 04:26:48 | 001,218,552 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe -- (GDTunerSvc)
SRV - [2012-03-29 03:42:28 | 000,470,008 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2012-01-27 05:01:08 | 002,006,872 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2012-01-27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe -- (AVKService)
SRV - [2012-01-05 16:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- E:\Programy\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2011-12-09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011-08-30 14:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-01-27 16:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010-01-26 16:18:16 | 000,304,712 | ---- | M] (G Data Software) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe -- (TSNxGService)
SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- E:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012-12-27 13:05:54 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2012-12-27 13:05:54 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2012-12-25 18:16:15 | 000,021,832 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:[b]64bit:[/b] - [2012-12-19 06:40:58 | 000,118,504 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2012-11-15 02:38:20 | 000,040,712 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:[b]64bit:[/b] - [2012-11-15 02:33:20 | 000,042,248 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:[b]64bit:[/b] - [2012-11-06 17:06:46 | 011,269,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2012-11-06 15:56:36 | 000,550,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2012-10-27 11:12:36 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:[b]64bit:[/b] - [2012-10-25 10:33:12 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2012-10-24 21:53:07 | 000,098,760 | ---- | M] (G Data Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TS4nt.sys -- (TS4NT)
DRV:[b]64bit:[/b] - [2012-10-24 21:53:03 | 000,059,768 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:[b]64bit:[/b] - [2012-10-24 21:52:55 | 000,122,744 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:[b]64bit:[/b] - [2012-10-24 21:52:55 | 000,064,376 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:[b]64bit:[/b] - [2012-10-24 21:52:55 | 000,054,136 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:[b]64bit:[/b] - [2012-10-24 21:52:54 | 000,065,912 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:[b]64bit:[/b] - [2012-07-12 19:56:32 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012-06-05 13:45:16 | 000,237,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:[b]64bit:[/b] - [2012-05-20 19:46:58 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-05-20 19:29:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2012-05-20 19:29:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2012-01-27 10:39:33 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012-01-27 10:39:33 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012-01-27 10:39:33 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012-01-18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:[b]64bit:[/b] - [2011-11-02 09:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2009-12-30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008-08-14 13:48:34 | 000,024,064 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\skfiltv.sys -- (skfiltv)
DRV - [2012-10-24 21:29:00 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-3687210550-4096669916-69700731-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3687210550-4096669916-69700731-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
IE - HKU\S-1-5-21-3687210550-4096669916-69700731-1000\..\SearchScopes\{59B5EF52-1A08-44ac-A278-D89419214A9D}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
IE - HKU\S-1-5-21-3687210550-4096669916-69700731-1000\..\SearchScopes\{88302EF8-E6A1-49ba-B959-9A59E9A30F95}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
IE - HKU\S-1-5-21-3687210550-4096669916-69700731-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.5
FF - prefs.js..extensions.enabledAddons: %7B906305f7-aafc-45e9-8bbd-941950a84dad%7D:1.1.11215.1124
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-11 13:17:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-11 13:17:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012-10-24 21:35:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Extensions
[2012-12-15 14:35:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\3hev22t6.default\extensions
[2012-12-15 14:35:15 | 000,243,496 | ---- | M] () (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\firefox\profiles\3hev22t6.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013-01-11 13:17:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013-01-11 13:17:29 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\mozilla firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2013-01-11 13:17:32 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-10-11 03:58:06 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-10-11 03:58:06 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-10-11 03:58:06 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-10-11 03:58:06 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-10-11 03:58:06 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-10-11 03:58:06 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2013-01-10 16:25:06 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3687210550-4096669916-69700731-1000..\Run: [AlcoholAutomount] E:\Programy\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-3687210550-4096669916-69700731-1000..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe (AQQ Sp. z o.o.)
O4 - HKU\S-1-5-21-3687210550-4096669916-69700731-1000..\Run: [Moozryhar] C:\Users\Kuba\AppData\Roaming\Ygorom\doaw.exe (Корпорация Майкрософт)
O4 - HKU\S-1-5-21-3687210550-4096669916-69700731-1000..\Run: [screenSHU] E:\Programy\screenSHU\screenSHU.exe ()
O4 - HKU\S-1-5-21-3687210550-4096669916-69700731-1000..\Run: [Steam] E:\Gry\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B084D405-98AE-4C21-BFE5-B665FFE91326}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6c41285c-1e8c-11e2-8bca-902b3461527a}\Shell - "" = AutoRun
O33 - MountPoints2\{6c41285c-1e8c-11e2-8bca-902b3461527a}\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
 
SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]
 
[2013-01-12 11:20:17 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Ypun
[2013-01-12 11:20:17 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Ymzuor
[2013-01-12 11:20:17 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Ygorom
[2013-01-11 13:17:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013-01-10 20:15:14 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013-01-10 19:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013-01-10 19:16:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013-01-10 19:13:59 | 000,550,912 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013-01-10 19:13:59 | 000,240,640 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013-01-10 19:13:59 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013-01-10 19:13:59 | 000,070,144 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_9.01.dll
[2013-01-10 19:13:59 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013-01-10 19:11:31 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64H.dll
[2013-01-10 19:11:31 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64H.dll
[2013-01-10 19:11:31 | 000,372,056 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll
[2013-01-10 19:11:31 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll
[2013-01-10 19:11:31 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll
[2013-01-10 19:11:31 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll
[2013-01-10 19:11:31 | 000,141,152 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64H.dll
[2013-01-10 19:11:31 | 000,123,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64H.dll
[2013-01-10 19:11:31 | 000,097,624 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll
[2013-01-10 19:11:31 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll
[2013-01-10 19:11:31 | 000,074,592 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64H.dll
[2013-01-10 19:00:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013-01-10 19:00:00 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2013-01-10 18:59:59 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013-01-10 18:59:59 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013-01-10 18:59:59 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013-01-10 18:59:59 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013-01-10 18:59:56 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013-01-10 18:59:56 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013-01-10 18:59:56 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013-01-10 18:59:56 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013-01-10 18:59:55 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013-01-10 18:59:55 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013-01-10 18:59:38 | 002,028,920 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2013-01-10 18:59:35 | 000,869,752 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2013-01-10 18:59:33 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013-01-10 18:59:13 | 002,714,720 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013-01-10 18:59:05 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2013-01-10 16:51:56 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\OTL & RSIT
[2013-01-09 20:01:06 | 000,000,000 | ---D | C] -- C:\rsit
[2013-01-05 15:35:33 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\FLT
[2013-01-04 17:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
[2013-01-04 17:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Hotspot Shield
[2013-01-04 17:00:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotspot Shield
[2012-12-31 10:39:05 | 000,118,504 | ---- | C] (Qualcomm Atheros Co., Ltd.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2012-12-30 02:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2012-12-28 15:39:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012-12-28 13:19:43 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\XRay Engine
[2012-12-27 12:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
[2012-12-27 12:49:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\STALKER-STCS
[2012-12-25 18:16:57 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Hamachi
[2012-12-25 18:16:15 | 000,021,832 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2012-12-25 13:12:48 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
[2012-12-25 12:50:52 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT
[2012-12-25 12:50:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT
[2012-12-25 02:34:18 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\3DMark 11
[2012-12-25 02:32:57 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\IsolatedStorage
[2012-12-25 02:32:54 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Futuremark_Corporation
[2012-12-25 02:31:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2012-12-25 02:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
[2012-12-25 02:16:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012-12-23 20:26:58 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\Serwer
[2012-12-22 17:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012-12-22 17:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2012-12-15 15:16:49 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012-12-15 15:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012-12-15 15:16:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2012-12-02 16:15:36 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-12-02 14:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
[2012-11-29 15:33:23 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Apps
[2012-11-24 16:00:49 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012-11-17 20:05:04 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Rockstar Games
[2012-11-17 19:48:31 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Rockstar Games
[2012-11-17 19:48:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2012-11-17 19:47:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012-11-17 19:42:01 | 000,000,000 | RH-D | C] -- C:\Users\Kuba\AppData\Roaming\SecuROM
[2012-11-17 19:37:18 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012-11-17 19:35:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012-11-17 19:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012-11-17 19:21:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012-11-17 12:58:49 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\BioWare
[2012-11-17 12:54:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age II
[2012-11-17 12:46:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2012-11-17 11:37:07 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\storage
[2012-11-16 17:26:20 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Ubisoft Game Launcher
[2012-11-16 17:25:34 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\SKIDROW
[2012-11-16 17:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012-11-16 17:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012-11-16 17:22:09 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Ubisoft
[2012-11-16 17:22:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2012-11-16 16:46:13 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2012-11-16 12:40:12 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Skyrim
[2012-11-16 12:40:12 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\My Games
[2012-11-16 12:23:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012-11-16 12:18:53 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\2K Games
[2012-11-16 09:03:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012-11-16 08:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda
[2012-11-16 08:54:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
[2012-11-16 08:23:41 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Alcohol 120%
[2012-11-15 02:38:20 | 000,040,712 | ---- | C] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys
[2012-11-15 02:33:20 | 000,042,248 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
 
[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]
 
[2013-01-13 11:07:01 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-01-13 11:07:01 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-01-13 10:58:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-01-13 10:58:49 | 2106,269,695 | -HS- | M] () -- C:\hiberfil.sys
[2013-01-13 02:54:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-01-12 22:51:55 | 004,295,168 | ---- | M] () -- C:\Users\Kuba\Desktop\hamachi.msi
[2013-01-11 19:30:38 | 000,582,227 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\technic-launcher.jar
[2013-01-10 18:31:15 | 000,007,597 | ---- | M] () -- C:\Users\Kuba\AppData\Local\Resmon.ResmonCfg
[2013-01-10 16:25:06 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013-01-10 13:29:55 | 000,276,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-01-05 15:33:06 | 000,000,912 | ---- | M] () -- C:\Users\Kuba\Desktop\Don't Starve Beta (18 November).lnk
[2013-01-04 17:01:45 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2012-12-30 23:25:23 | 000,000,857 | ---- | M] () -- C:\Users\Kuba\Documents\ax_files.xml
[2012-12-30 02:25:04 | 000,000,604 | ---- | M] () -- C:\Users\Kuba\Desktop\HD Tune.lnk
[2012-12-27 14:12:14 | 000,001,750 | ---- | M] () -- C:\Users\Kuba\Documents\cc_20121227_141208.reg
[2012-12-27 13:05:54 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2012-12-27 13:05:54 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2012-12-27 12:50:27 | 000,000,892 | ---- | M] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Clear Sky.lnk
[2012-12-25 18:16:15 | 000,021,832 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2012-12-25 12:50:55 | 000,000,629 | ---- | M] () -- C:\Users\Kuba\Desktop\OCCT.lnk
[2012-12-25 02:30:44 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2012-12-25 02:16:09 | 000,000,622 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012-12-19 06:40:58 | 000,118,504 | ---- | M] (Qualcomm Atheros Co., Ltd.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2012-12-15 15:16:49 | 000,001,007 | ---- | M] () -- C:\Users\Kuba\Desktop\SpeedFan.lnk
[2012-12-15 15:16:48 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-12-15 11:15:32 | 000,581,642 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\technic-launcher.jar.bak
[2012-12-09 16:50:10 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-12-09 16:50:10 | 000,697,674 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-12-09 16:50:10 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-12-09 16:50:10 | 000,134,784 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-12-09 16:50:10 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-12-02 14:28:24 | 000,000,639 | ---- | M] () -- C:\Users\Kuba\Desktop\Resource Hacker.lnk
[2012-11-28 02:30:22 | 000,381,365 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012-11-24 16:36:11 | 000,000,203 | ---- | M] () -- C:\Users\Kuba\Desktop\Team Fortress 2.url
[2012-11-24 16:28:19 | 000,000,202 | ---- | M] () -- C:\Users\Kuba\Desktop\Counter-Strike.url
[2012-11-24 16:00:49 | 000,000,203 | ---- | M] () -- C:\Users\Kuba\Desktop\Dota 2.url
[2012-11-22 21:37:36 | 000,885,503 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2012-11-22 21:37:36 | 000,046,790 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2012-11-20 01:18:06 | 002,714,720 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012-11-18 17:06:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-11-17 19:37:18 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012-11-17 19:35:15 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2012-11-17 12:54:46 | 000,000,676 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Age II.lnk
[2012-11-17 11:38:49 | 000,001,158 | ---- | M] () -- C:\Users\Kuba\Desktop\AssassinsCreed II.lnk
[2012-11-16 08:59:41 | 000,000,726 | ---- | M] () -- C:\Users\Public\Desktop\The Elder Scrolls V - Skyrim.lnk
[2012-11-16 08:54:14 | 000,000,749 | ---- | M] () -- C:\Users\Public\Desktop\Mafia II.lnk
[2012-11-15 02:38:20 | 000,040,712 | ---- | M] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys
[2012-11-15 02:33:20 | 000,042,248 | ---- | M] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-01-12 22:51:57 | 004,295,168 | ---- | C] () -- C:\Users\Kuba\Desktop\hamachi.msi
[2013-01-10 19:13:59 | 003,084,672 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013-01-10 19:13:59 | 003,053,056 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013-01-10 19:13:59 | 000,662,787 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013-01-10 19:13:59 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013-01-10 19:13:59 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013-01-10 19:13:59 | 000,076,660 | ---- | C] () -- C:\Windows\SysNative\ativce02.dat
[2013-01-10 19:13:59 | 000,042,347 | ---- | C] () -- C:\Windows\atiogl.xml
[2013-01-10 19:13:58 | 000,324,664 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013-01-10 19:13:58 | 000,324,664 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013-01-10 18:59:55 | 000,381,365 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2013-01-05 15:33:06 | 000,000,912 | ---- | C] () -- C:\Users\Kuba\Desktop\Don't Starve Beta (18 November).lnk
[2013-01-04 17:01:45 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2012-12-30 02:25:04 | 000,000,604 | ---- | C] () -- C:\Users\Kuba\Desktop\HD Tune.lnk
[2012-12-27 14:12:11 | 000,001,750 | ---- | C] () -- C:\Users\Kuba\Documents\cc_20121227_141208.reg
[2012-12-27 13:05:54 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2012-12-27 13:05:54 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2012-12-27 12:50:27 | 000,000,892 | ---- | C] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Clear Sky.lnk
[2012-12-25 12:50:55 | 000,000,629 | ---- | C] () -- C:\Users\Kuba\Desktop\OCCT.lnk
[2012-12-25 02:30:44 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2012-12-25 02:16:09 | 000,000,622 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012-12-15 15:16:49 | 000,001,007 | ---- | C] () -- C:\Users\Kuba\Desktop\SpeedFan.lnk
[2012-12-15 15:16:48 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-12-02 14:28:24 | 000,000,639 | ---- | C] () -- C:\Users\Kuba\Desktop\Resource Hacker.lnk
[2012-11-24 16:36:11 | 000,000,203 | ---- | C] () -- C:\Users\Kuba\Desktop\Team Fortress 2.url
[2012-11-24 16:28:19 | 000,000,202 | ---- | C] () -- C:\Users\Kuba\Desktop\Counter-Strike.url
[2012-11-24 16:00:49 | 000,000,203 | ---- | C] () -- C:\Users\Kuba\Desktop\Dota 2.url
[2012-11-18 17:06:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-11-17 19:47:16 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012-11-17 19:35:15 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2012-11-17 12:54:46 | 000,000,676 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Age II.lnk
[2012-11-17 11:38:52 | 000,001,158 | ---- | C] () -- C:\Users\Kuba\Desktop\AssassinsCreed II.lnk
[2012-11-16 08:59:41 | 000,000,726 | ---- | C] () -- C:\Users\Public\Desktop\The Elder Scrolls V - Skyrim.lnk
[2012-11-16 08:54:14 | 000,000,749 | ---- | C] () -- C:\Users\Public\Desktop\Mafia II.lnk
[2012-11-16 07:04:23 | 000,007,597 | ---- | C] () -- C:\Users\Kuba\AppData\Local\Resmon.ResmonCfg
[2012-11-14 20:30:42 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012-11-14 20:25:06 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012-10-25 12:29:28 | 000,582,227 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\technic-launcher.jar
[2012-10-25 12:29:28 | 000,581,642 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\technic-launcher.jar.bak
[2012-10-25 10:27:07 | 000,001,209 | ---- | C] () -- C:\Windows\skSPcfg.ini
[2012-10-25 10:27:07 | 000,000,381 | ---- | C] () -- C:\Windows\skMCcfg.ini
[2012-10-25 10:27:06 | 000,128,512 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012-10-25 10:27:06 | 000,069,120 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012-10-25 08:58:49 | 000,885,503 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2012-10-24 21:42:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-10-24 21:40:55 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-10-24 21:40:55 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-10-24 21:40:55 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012-10-24 21:24:52 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012-10-24 21:18:53 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011-12-08 15:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2012-10-25 22:15:26 | 000,000,642 | ---- | M] () -- C:\Users\Kuba\AppData\Local\Temp\Rar$DRa0.025\reifnsk\minimap\n.png
[2012-10-25 22:15:26 | 000,000,268 | ---- | M] () -- C:\Users\Kuba\AppData\Local\Temp\Rar$DRa0.025\reifnsk\minimap\zantextures\n.png
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013-01-12 16:49:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.minecraft
[2013-01-11 19:31:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.techniclauncher
[2012-10-30 14:55:53 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Easeware
[2012-12-01 19:38:42 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\EurekaLog
[2012-10-27 10:07:14 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\FileZilla
[2013-01-11 19:30:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\logs
[2012-10-27 10:25:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Notepad++
[2012-10-25 09:39:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Splashtop
[2012-10-25 20:01:17 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Teeworlds
[2013-01-13 03:15:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\TS3Client
[2012-11-16 17:22:09 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ubisoft
[2012-12-28 13:19:43 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\XRay Engine
[2013-01-13 11:14:40 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ygorom
[2013-01-13 10:59:57 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ymzuor
[2013-01-12 11:20:17 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ypun
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2013-01-10 16:38:30 | 000,002,965 | ---- | M] () -- C:\AdwCleaner[S2].txt
[2012-10-24 21:24:58 | 000,000,180 | ---- | M] () -- C:\csb.log
[2013-01-13 10:58:49 | 2106,269,695 | -HS- | M] () -- C:\hiberfil.sys
[2012-10-24 21:22:19 | 000,000,206 | ---- | M] () -- C:\Install.log
[2013-01-13 10:58:52 | 4240,015,359 | -HS- | M] () -- C:\pagefile.sys
[2012-10-24 21:22:19 | 000,003,235 | ---- | M] () -- C:\RHDSetup.log
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
[color=#A23BEC]< MD5 for: BEEP.SYS  >[/color]
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2012-08-22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010-11-21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< End of report >

[/log]

 

 

[log]OTL Extras logfile created on: 2013-01-13 11:17:50 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kuba\Desktop\OTL & RSIT
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,95 Gb Total Physical Memory | 5,94 Gb Available Physical Memory | 74,73% Memory free
15,90 Gb Paging File | 13,24 Gb Available in Paging File | 83,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 79,64 Gb Total Space | 43,18 Gb Free Space | 54,22% Space Free | Partition Type: NTFS
Drive D: | 97,56 Gb Total Space | 38,06 Gb Free Space | 39,01% Space Free | Partition Type: NTFS
Drive E: | 195,31 Gb Total Space | 68,94 Gb Free Space | 35,30% Space Free | Partition Type: NTFS
 
Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3687210550-4096669916-69700731-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0402F9F3-436E-469A-A985-044B3AD38A88}" = lport=139 | protocol=6 | dir=in | app=system |
"{0C469EA9-3F5D-4194-ACAA-415E1D4246FD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1B2C321A-2466-4EBA-AAC2-7DC7EF30E69C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1BA37879-583C-4F10-8B30-0ED6F74AAC7B}" = rport=445 | protocol=6 | dir=out | app=system |
"{27D14CF6-52E1-490A-B398-AD4F18227262}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3FF1312F-B611-46D0-86A9-93C7407A95AE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41C5074B-6F52-4445-BDE8-3EFB8989A4A3}" = rport=139 | protocol=6 | dir=out | app=system |
"{4BA28922-FBB2-4345-9CA8-A68BD3DC5DB6}" = rport=137 | protocol=17 | dir=out | app=system |
"{4BF9BAA8-F400-46BA-A256-D484498F74DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4E6A3C61-95C6-4806-95CF-D1206CBEB9B7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5DADFA2D-B035-4B32-AF19-C29DC4AF812A}" = lport=138 | protocol=17 | dir=in | app=system |
"{7FD0CBF1-369C-4135-ACAC-44DB052FC8E2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{865C67CD-98B9-4C2B-ACD9-CF44AFC4F596}" = rport=138 | protocol=17 | dir=out | app=system |
"{8D5391BC-2405-4137-B723-45247A652815}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8F618A4B-4561-42BE-83CF-0DF107DC6772}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9E568D1A-78EF-47A2-AA77-4448FC58EC62}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A24C93E1-AE30-42D7-ABBE-C2C6180071E0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A3731A21-3569-45AB-89AB-28C0332CD29C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AC205059-5EFD-4819-A5A0-ED84991D9030}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B2FC61DB-40F6-43C7-99ED-ACED5A27FC96}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BC167094-9E5C-41D3-AC79-FC3FE4051A9C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C5B9255A-BF3E-4C56-AB0A-6F414554BF7A}" = lport=445 | protocol=6 | dir=in | app=system |
"{E6162F77-C333-4460-B232-B6D815DE47E3}" = lport=137 | protocol=17 | dir=in | app=system |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AC3F0C-8246-4E43-BCDB-A30F44F85CF4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{01E5BD26-6276-43AE-AC80-190B9781B892}" = protocol=17 | dir=in | app=e:\gry\assassin's creed ii\uplaybrowser.exe |
"{06CA03F5-6AC7-41F8-9F9C-294F0DB51372}" = protocol=6 | dir=in | app=e:\gry\assassin's creed ii\assassinscreedii.exe |
"{0B32CB88-BE07-4EC0-B543-720A7FD07CBD}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{0E4565EB-D503-4EA8-A7A1-36ADC0DBF883}" = protocol=17 | dir=in | app=e:\gry\assassin's creed ii\assassinscreediigame.exe |
"{1693391B-A07A-4AF6-9CE2-9CAA73CB39C5}" = protocol=6 | dir=in | app=e:\gry\steam\steamapps\kuba_516\counter-strike\hl.exe |
"{1BA64C07-A51E-48A0-B570-5869DB2E120A}" = protocol=17 | dir=in | app=e:\gry\assassin's creed ii\assassinscreedii.exe |
"{1E765833-4DC6-458A-965F-0411C7B69586}" = protocol=17 | dir=in | app=e:\gry\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe |
"{1FFA03F5-35BA-4AE3-BC7C-B6F45996BD57}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{27D675BA-4A82-427C-BF77-B9CB3A67A965}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3565FDA4-18B6-43EF-8A4E-DF717063C027}" = protocol=17 | dir=in | app=e:\gry\steam\steamapps\kuba_516\counter-strike\hl.exe |
"{35B8646E-BF12-45A3-A004-A7F0E3F38615}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3967E8AB-8FB4-4CAE-92A6-302EB6651472}" = protocol=6 | dir=out | app=system |
"{40EA44BE-7873-40D7-AE37-564A8B49ED8D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4893FC5A-DD90-4A00-8F96-56C98CF402F6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4E5E6FBD-1CD1-405A-92C0-F25A9FEF9456}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{59C803F8-936D-44EC-BCEB-5F2F3CAC73B9}" = protocol=6 | dir=in | app=e:\gry\steam\steam.exe |
"{60D104FD-8A76-4ECA-8844-DDEE317F6C16}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{668530D9-8923-4A27-A6A5-D0A96880B468}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{68FA6A6B-4437-431F-B217-35C56E548AC1}" = protocol=17 | dir=in | app=e:\gry\dragon age 2\dragonage2launcher.exe |
"{73BFD577-7C1F-4E63-BF3F-89C2CF6EE9AC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{74A36A72-C4E4-4850-92C6-7317EA5C681D}" = protocol=6 | dir=in | app=e:\gry\dragon age 2\dragonage2launcher.exe |
"{8579DBAD-0B00-48DD-870D-66876F929AAC}" = protocol=17 | dir=in | app=e:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
"{891A1DB5-0D7B-488A-B0DA-C996F9D66310}" = protocol=6 | dir=in | app=e:\gry\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe |
"{8CD9E530-8569-4B5C-BD49-39B22FE142C8}" = protocol=6 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{8EA2CC40-1705-45C1-BA36-B0752078912A}" = protocol=6 | dir=in | app=e:\gry\dragon age 2\bin_ship\dragonage2.exe |
"{96F80B77-7148-46C2-A17B-7D777CF9F7C1}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{9FE8FCEA-219A-4CEC-B3B5-07B7CCED103E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A48BECCF-CB18-42DA-9CF0-4903F65C2404}" = protocol=6 | dir=in | app=e:\gry\assassin's creed ii\uplaybrowser.exe |
"{A74120AC-D850-4FEC-9D1D-B20B9BF65727}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AD59D626-D43F-45DF-B674-DF5EA8DDB124}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AE4C480D-827D-4BB8-9550-6DE602EAEC72}" = dir=in | app=e:\programy\skype\phone\skype.exe |
"{B4D65F48-3DB8-4FF1-8773-5D4B286705C1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B7F618AB-AF27-45E3-A20C-7662799FEE43}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BA0FA441-E99A-4421-B21F-A46DEF06F86C}" = protocol=17 | dir=in | app=e:\gry\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe |
"{C51CAD0E-2141-4686-9373-E0E6C9DE0148}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{CE96531A-66A5-4864-B9B7-D99964CC9B04}" = protocol=17 | dir=in | app=e:\gry\steam\steam.exe |
"{D30266DC-B828-4F3E-99A4-243E3514572E}" = protocol=6 | dir=in | app=e:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
"{D5D97ADE-0579-4AA8-87D3-A1F6D8635C10}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D6A3FB9D-9469-470E-B1AD-92FFB58D10FB}" = protocol=6 | dir=in | app=e:\gry\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe |
"{D753B1BA-5A12-4AF8-BD93-5E87BEA80565}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DDBD42A6-1C20-4838-88CA-DECB97300E6B}" = protocol=17 | dir=in | app=e:\gry\dragon age 2\bin_ship\dragonage2.exe |
"{DF96CB38-2749-432E-8AE6-3E3874EF2C12}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E3F15E8A-B34E-4B9F-8259-69BD5F3C9A16}" = protocol=17 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{E44F8A62-4C38-4596-818D-418EFCAE6896}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E5E2E4B3-7C16-49C3-B060-2C806C799DDE}" = protocol=6 | dir=in | app=e:\gry\assassin's creed ii\assassinscreediigame.exe |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08CFAEF6-7D08-9A9B-2089-FC25350C5FF4}" = ccc-utility64
"{18A5D014-E9AD-DEFE-FAFE-A409612F51B4}" = AMD Media Foundation Decoders
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{2D58E228-ACD8-0B8A-E1FF-D3F7020DA30F}" = AMD Media Foundation Decoders
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50BD00DC-127E-BF00-FDD5-E1A93AB3507C}" = ccc-utility64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.9
"{7AB8C73F-03FE-48AE-990C-CCB8D6C4FAB8}" = Intel® Trusted Connect Service Client
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{A71060CF-81D0-EC17-2252-78CA0E96CCCF}" = AMD Drag and Drop Transcoding
"{BB009B20-0BA0-ABDF-1947-4D56639214C7}" = AMD Accelerated Video Transcoding
"{E85D1C80-28C4-76B8-5A5A-2C8D8B38D5D9}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.62.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-bitowy)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03AEAB60-A7B3-A8DB-468B-EB30FB4B40B0}" = CCC Help German
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0841A593-C7D8-E4EF-9F26-CA0EE369033C}" = Catalyst Control Center
"{1432AA8A-09CC-E585-7FFB-4DC255456A57}" = CCC Help English
"{162ABED6-E60C-6CFF-100E-43C16ABBC5BE}" = CCC Help Chinese Standard
"{1CB724FF-D18C-8FFB-E7C9-0A09CF8EC066}" = CCC Help Japanese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20C14CC3-5E3B-D39A-5B37-B15E59785063}" = CCC Help Chinese Traditional
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2632A2C0-ECF4-7F79-7136-9FEA4C253A4C}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{30F712DA-64FE-5DBE-AE76-3F8EA3F8223C}" = CCC Help French
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3C39B3CC-4EC8-C756-AF4B-72366504FCA5}" = CCC Help Hungarian
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CC9D761-A9B6-D8EA-D2A9-B74B5A90B108}" = CCC Help Norwegian
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{54B227A6-BDBE-69FA-D450-B99609063044}" = CCC Help Greek
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5C56EB7A-A016-E031-525F-C967EF9749B9}" = CCC Help French
"{5DA69605-2A7F-6028-8A10-0549F924174E}" = CCC Help Italian
"{5F7308C0-56FF-415A-B34C-44A90A892A95}" = Catalyst Control Center - Branding
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6D62F011-4303-8BCC-398D-AE61684880FF}" = CCC Help German
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73F9192E-A60B-47BA-809A-AE07AF507EA7}" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"{7C587778-C433-980E-F3C1-203890DC4FBE}" = CCC Help Polish
"{7DC3EABF-66A2-6D79-B485-6328525CA387}" = CCC Help Swedish
"{7F2D87D4-5152-31B5-D7CF-67E329F6FB94}" = CCC Help Chinese Traditional
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83BE5026-D306-FE60-73D7-C9BCEE0E55E5}" = CCC Help Russian
"{843603C6-75B7-BAB5-80DE-E76FB28DEEF2}" = CCC Help Finnish
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8B758A3B-0966-A84F-9D2D-42D8025D04B2}" = CCC Help Spanish
"{8BBC66FD-0195-29B4-5A58-E0B0554E8F42}" = Catalyst Control Center
"{8D9EEAC7-42D5-3951-612A-EAA7B684C592}" = CCC Help Italian
"{9791DAED-B734-2835-988B-157BDA087496}" = CCC Help Dutch
"{98B740C3-FAA4-C523-7478-4DBCAB7B27D1}" = Catalyst Control Center Graphics Previews Common
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F0CAC6D-9B0D-A95F-CF61-6E88952D6181}" = CCC Help Thai
"{A625DB70-98D5-16FD-C49D-4B8B1B2304A4}" = CCC Help Spanish
"{A90214C3-3A0C-2F05-6083-E1A4BAD9E30D}" = CCC Help Danish
"{AA123216-6DE0-E57C-DC57-4FECEACB482F}" = CCC Help Russian
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.01)
"{B2F6521E-0207-036B-C0C3-2013BF182F86}" = CCC Help Japanese
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{CE6217F3-6072-40E2-9157-A4695C334F8E}" = G Data TotalProtection 2013
"{D0837A59-83E6-3392-1BD9-86D3445676DB}" = CCC Help Korean
"{D0D79D77-2A6C-B156-76AB-C0F93D0A40EB}" = CCC Help Chinese Standard
"{D33626D5-3D55-C79B-C372-F1D1734D8025}" = Catalyst Control Center InstallProxy
"{D70AB273-113B-D7DE-5C8D-82CABA7CB0AF}" = Catalyst Control Center Localization All
"{D72FF5C1-0DE5-17C3-F0B8-7C1CBF98C5D5}" = CCC Help Korean
"{DC8772D4-C75F-5235-63E2-BBC73F909B7A}" = CCC Help Czech
"{DED7FD3C-DDD2-43BB-B0F5-B07F9D0430D3}" = CCC Help Portuguese
"{E157F2EB-E06F-B57F-9105-68F348DB2EAD}" = CCC Help English
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E976B61A-251E-396A-9724-675C1DDE2C6F}" = Catalyst Control Center Localization All
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EBC8C5A1-7745-419F-B6C6-B0DD87F24D52}" = LogMeIn Hamachi
"{EF036F44-A287-BC23-3F6E-AAE6FDEF47EF}" = Catalyst Control Center InstallProxy
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AQQ" = WapSter AQQ
"AudioCS" = Creative Audio Control Panel
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"FileZilla Client" = FileZilla Client 3.5.3
"Fraps" = Fraps (remove only)
"HD Tune_is1" = HD Tune 2.55
"Host OpenAL" = Host OpenAL
"HotspotShield" = Hotspot Shield 2.78
"Łatka polonizacyjna GTA IV v1.0" = Łatka polonizacyjna GTA IV v1.0
"Mafia II_is1" = Mafia II
"Mozilla Firefox 18.0 (x86 pl)" = Mozilla Firefox 18.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"OCCT" = OCCT 4.3.2
"ResourceHacker_is1" = Resource Hacker Version 3.6.0
"S.T.A.L.K.E.R. - Clear Sky_is1" = S.T.A.L.K.E.R. - Clear Sky
"screenSHU" = screenSHU - the fastest screen capture ever.
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"Steam App 440" = Team Fortress 2
"Steam App 570" = Dota 2
"The Elder Scrolls V - Skyrim_is1" = The Elder Scrolls V - Skyrim
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 2013-01-12 22:00:26 | Computer Name = Kuba-Komputer | Source = MsiInstaller | ID = 11723
Description =
 
Error - 2013-01-12 22:00:27 | Computer Name = Kuba-Komputer | Source = MsiInstaller | ID = 1023
Description =
 
Error - 2013-01-12 22:00:34 | Computer Name = Kuba-Komputer | Source = MsiInstaller | ID = 11723
Description =
 
Error - 2013-01-12 22:00:34 | Computer Name = Kuba-Komputer | Source = MsiInstaller | ID = 1023
Description =
 
Error - 2013-01-12 22:16:51 | Computer Name = Kuba-Komputer | Source = MsiInstaller | ID = 11723
Description =
 
Error - 2013-01-12 22:16:51 | Computer Name = Kuba-Komputer | Source = MsiInstaller | ID = 1023
Description =
 
Error - 2013-01-12 22:16:58 | Computer Name = Kuba-Komputer | Source = MsiInstaller | ID = 11723
Description =
 
Error - 2013-01-12 22:16:58 | Computer Name = Kuba-Komputer | Source = MsiInstaller | ID = 1023
Description =
 
Error - 2013-01-13 05:59:29 | Computer Name = Kuba-Komputer | Source = TSNxGService | ID = 131074
Description = G Data TopSecret Inicjalizacja modułu ochrony plików (AFP) nie powiodła
 się Kod błędu: 1
 
Error - 2013-01-13 06:00:45 | Computer Name = Kuba-Komputer | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 2013-01-12 15:46:04 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
Error - 2013-01-12 15:46:04 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
Error - 2013-01-12 15:46:04 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
Error - 2013-01-12 22:00:39 | Computer Name = Kuba-Komputer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować
następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Aktualizacja zabezpieczeń
 dla programu Microsoft .NET Framework 4 w systemach Windows XP, Server 2003, Vista,
 Windows 7, Server 2008 i Server 2008 R2 dla syst. opartych na proc. x64 (KB2742595).
 
Error - 2013-01-12 22:16:59 | Computer Name = Kuba-Komputer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować
następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Aktualizacja zabezpieczeń
 dla programu Microsoft .NET Framework 4 w systemach Windows XP, Server 2003, Vista,
 Windows 7, Server 2008 i Server 2008 R2 dla syst. opartych na proc. x64 (KB2742595).
 
Error - 2013-01-13 05:59:07 | Computer Name = Kuba-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi LogMeIn Hamachi Tunneling Engine z powodu
 następującego błędu:   %%2
 
Error - 2013-01-13 05:59:38 | Computer Name = Kuba-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   GLogin
 
Error - 2013-01-13 06:00:07 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
Error - 2013-01-13 06:00:07 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
Error - 2013-01-13 06:00:07 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
 
< End of report >

[/log]

 

 

Rsit

[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Kuba at 2013-01-13 11:26:09
Microsoft Windows 7 Ultimate  Service Pack 1
System drive C: has 44 GB (54%) free of 82 GB
Total RAM: 8140 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:26:12, on 2013-01-13
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe
E:\Gry\Steam\Steam.exe
E:\Programy\screenSHU\screenSHU.exe
E:\Programy\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Users\Kuba\Desktop\OTL & RSIT\RSIT-1.06.exe
C:\Program Files (x86)\trend micro\Kuba.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe
O4 - HKCU\..\Run: [Steam] "E:\Gry\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AlcoholAutomount] "E:\Programy\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [screenSHU] "E:\Programy\screenSHU\screenSHU.exe" --hidden
O4 - HKCU\..\Run: [Skype] "E:\Programy\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Moozryhar] C:\Users\Kuba\AppData\Roaming\Ygorom\doaw.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
O23 - Service: G Data Strażnik systemu plików (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - E:\Programy\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: G Data Backup Service (GDBackupSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: G Data Tuner Service (GDTunerSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - Unknown owner - E:\Programy\LogMeIn Hamach\hamachi-2.exe (file missing)
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - E:\Programy\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - E:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: G Data TopSecret Service (TSNxGService) - G Data Software - C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11869 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-10-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}]
G Data BankGuard - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll [2012-01-27 52728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-10-25 155384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2012-07-25 133440]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-27 291608]
"G Data AntiVirus Tray Application"=C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe [2012-05-24 985624]
"GDFirewallTray"=C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe [2012-01-27 1470968]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-06 642216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AQQ"=C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe [2012-12-31 8866816]
"Steam"=E:\Gry\Steam\Steam.exe [2012-12-03 1354736]
"AlcoholAutomount"=E:\Programy\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
"screenSHU"=E:\Programy\screenSHU\screenSHU.exe [2012-04-03 2121216]
"Skype"=E:\Programy\Skype\Phone\Skype.exe [2012-10-19 17875120]
"Moozryhar"=C:\Users\Kuba\AppData\Roaming\Ygorom\doaw.exe [2012-12-06 313624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-01-12 11:20:17 ----D---- C:\Users\Kuba\AppData\Roaming\Ypun
2013-01-12 11:20:17 ----D---- C:\Users\Kuba\AppData\Roaming\Ymzuor
2013-01-12 11:20:17 ----D---- C:\Users\Kuba\AppData\Roaming\Ygorom
2013-01-11 13:17:29 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-01-10 20:15:14 ----SHD---- C:\Config.Msi
2013-01-10 19:21:38 ----D---- C:\ProgramData\ATI
2013-01-10 19:13:59 ----A---- C:\Windows\SysWOW64\atisamu32.dll
2013-01-10 19:13:59 ----A---- C:\Windows\SysWOW64\atioglxx.dll
2013-01-10 19:13:59 ----A---- C:\Windows\SysWOW64\atimpc32.dll
2013-01-10 19:13:59 ----A---- C:\Windows\SysWOW64\atiglpxx.dll
2013-01-10 19:13:59 ----A---- C:\Windows\SysWOW64\atigktxx.dll
2013-01-10 19:13:59 ----A---- C:\Windows\SysWOW64\amdpcom32.dll
2013-01-10 19:13:58 ----A---- C:\Windows\SysWOW64\aticalrt.dll
2013-01-10 19:13:58 ----A---- C:\Windows\SysWOW64\aticaldd.dll
2013-01-10 19:13:58 ----A---- C:\Windows\SysWOW64\aticalcl.dll
2013-01-10 19:13:58 ----A---- C:\Windows\SysWOW64\atiadlxy.dll
2013-01-10 19:13:58 ----A---- C:\Windows\SysWOW64\ati2edxx.dll
2013-01-10 19:13:58 ----A---- C:\Windows\SysWOW64\amdave32.dll
2013-01-10 19:00:16 ----D---- C:\Windows\SysWOW64\RTCOM
2013-01-10 18:59:47 ----A---- C:\Windows\SysWOW64\MBAPO32.dll
2013-01-10 16:38:25 ----A---- C:\AdwCleaner[S2].txt
2013-01-09 20:01:06 ----D---- C:\rsit
2013-01-09 17:21:44 ----A---- C:\Windows\SysWOW64\win32spl.dll
2013-01-09 17:21:39 ----A---- C:\Windows\SysWOW64\ncrypt.dll
2013-01-09 17:21:39 ----A---- C:\Windows\SysWOW64\msxml6.dll
2013-01-09 17:21:39 ----A---- C:\Windows\SysWOW64\msxml3.dll
2013-01-09 17:21:38 ----A---- C:\Windows\SysWOW64\usp10.dll
2013-01-09 17:21:36 ----A---- C:\Windows\SysWOW64\Wpc.dll
2013-01-09 17:21:36 ----A---- C:\Windows\SysWOW64\gameux.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 17:21:22 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-09 17:21:22 ----A---- C:\Windows\SysWOW64\wow32.dll
2013-01-09 17:21:22 ----A---- C:\Windows\SysWOW64\user.exe
2013-01-09 17:21:22 ----A---- C:\Windows\SysWOW64\setup16.exe
2013-01-09 17:21:22 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2013-01-09 17:21:22 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2013-01-09 17:21:22 ----A---- C:\Windows\SysWOW64\kernel32.dll
2013-01-09 17:21:22 ----A---- C:\Windows\SysWOW64\instnm.exe
2013-01-04 17:01:16 ----D---- C:\ProgramData\Hotspot Shield
2013-01-04 17:00:54 ----D---- C:\Program Files (x86)\Hotspot Shield
2012-12-28 15:39:41 ----D---- C:\Program Files (x86)\trend micro
2012-12-28 13:19:43 ----D---- C:\Users\Kuba\AppData\Roaming\XRay Engine
2012-12-25 18:16:57 ----D---- C:\Users\Kuba\AppData\Roaming\Hamachi
2012-12-25 02:31:06 ----D---- C:\Program Files (x86)\Futuremark
2012-12-22 17:15:19 ----D---- C:\ProgramData\Electronic Arts
2012-12-22 17:15:19 ----D---- C:\ProgramData\EA Core
2012-12-22 00:39:02 ----A---- C:\Windows\SysWOW64\atmlib.dll
2012-12-22 00:39:01 ----A---- C:\Windows\SysWOW64\atmfd.dll
2012-12-15 15:16:48 ----D---- C:\Program Files (x86)\SpeedFan

======List of files/folders modified in the last 1 months======

2013-01-13 11:26:12 ----D---- C:\Windows\Temp
2013-01-13 11:01:47 ----A---- C:\Windows\SysWOW64\log.txt
2013-01-13 11:01:07 ----D---- C:\Users\Kuba\AppData\Roaming\Skype
2013-01-13 03:16:58 ----SHD---- C:\Windows\Installer
2013-01-13 03:16:38 ----SHD---- C:\System Volume Information
2013-01-13 03:15:29 ----D---- C:\Users\Kuba\AppData\Roaming\TS3Client
2013-01-13 01:00:00 ----D---- C:\Windows\inf
2013-01-13 01:00:00 ----D---- C:\Windows
2013-01-12 16:49:30 ----D---- C:\Users\Kuba\AppData\Roaming\.minecraft
2013-01-12 11:20:24 ----SD---- C:\Users\Kuba\AppData\Roaming\Microsoft
2013-01-12 10:09:33 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-01-11 19:31:22 ----D---- C:\Users\Kuba\AppData\Roaming\.techniclauncher
2013-01-11 19:30:29 ----D---- C:\Users\Kuba\AppData\Roaming\logs
2013-01-11 17:57:52 ----RD---- C:\Program Files (x86)
2013-01-10 21:20:52 ----D---- C:\Windows\rescache
2013-01-10 20:16:07 ----D---- C:\ProgramData\DriverGenius
2013-01-10 20:15:48 ----HD---- C:\ProgramData
2013-01-10 20:15:37 ----D---- C:\Program Files (x86)\Intel
2013-01-10 19:56:42 ----HD---- C:\Program Files (x86)\Temp
2013-01-10 19:42:50 ----D---- C:\Windows\SysWOW64
2013-01-10 19:42:50 ----D---- C:\Windows\System32
2013-01-10 19:41:14 ----D---- C:\Windows\SysWOW64\Atheros_L1e
2013-01-10 19:16:36 ----D---- C:\ProgramData\AMD
2013-01-10 18:58:58 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-01-10 16:52:54 ----D---- C:\Windows\debug
2013-01-10 13:58:37 ----D---- C:\Windows\Microsoft.NET
2013-01-10 13:58:21 ----RSD---- C:\Windows\assembly
2013-01-10 13:30:28 ----D---- C:\Windows\winsxs
2013-01-10 13:28:45 ----D---- C:\Windows\SysWOW64\pl-PL
2013-01-10 13:28:41 ----D---- C:\Windows\AppPatch
2013-01-09 17:54:31 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-01-07 22:17:55 ----D---- C:\Windows\Logs
2013-01-04 17:01:47 ----SD---- C:\ProgramData\Microsoft
2012-12-28 15:16:56 ----SHD---- C:\$Recycle.Bin
2012-12-25 12:50:47 ----D---- C:\Windows\SysWOW64\directx
2012-12-24 15:42:05 ----RD---- C:\Users
2012-12-21 00:49:50 ----D---- C:\Program Files (x86)\Common Files\Steam
2012-12-15 19:52:37 ----D---- C:\Windows\SoftwareDistribution
2012-12-15 11:15:32 ----A---- C:\Users\Kuba\AppData\Roaming\technic-launcher.jar.bak

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 GDBehave;GDBehave; C:\Windows\system32\drivers\GDBehave.sys []
R0 iusb3hcs;Sterownik przełącznika kontrolera hosta Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R0 TS4NT;TS4nt driver; C:\Windows\System32\Drivers\TS4nt.sys []
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys []
R1 gdwfpcd;G Data WFP CD; C:\Windows\system32\drivers\gdwfpcd64.sys []
R1 GRD;G Data Rootkit Detector Driver; \??\C:\Windows\system32\drivers\GRD.sys []
R1 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys []
R1 HssDRV6;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys []
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 iusb3hub;Sterownik koncentratora Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys []
R3 iusb3xhc;Sterownik kontrolera hosta Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys []
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys []
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
R3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys []
R3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys []
S1 GLogin;GLogin; C:\Windows\SysWOW64\drivers\GLogin.sys []
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2012-10-24 30528]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2012-05-25 1540120]
R2 AVKService;G Data Scheduler; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe [2012-01-27 468472]
R2 AVKWCtl;G Data Strażnik systemu plików; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe [2012-01-27 2006872]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-01-27 286720]
R2 GDBackupSvc;G Data Backup Service; C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [2012-05-25 1618456]
R2 hshld;Hotspot Shield Service; C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-11-15 527728]
R2 HssSrv;Hotspot Shield Routing Service; C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe [2012-11-16 443760]
R2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2012-11-15 389488]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-07-27 636952]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-08-23 165664]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-10-22 277792]
R2 StarWindServiceAE;StarWind AE Service; E:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TSNxGService;G Data TopSecret Service; C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [2010-01-26 304712]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-10-22 364832]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 GDFwSvc;G Data Personal Firewall; C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [2012-05-25 1766976]
R3 GDScan;G Data Scanner; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2012-03-29 470008]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-12-20 541760]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; E:\Programy\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; E:\Programy\LogMeIn Hamach\hamachi-2.exe -s []
S2 SkypeUpdate;Skype Updater; E:\Programy\Skype\Updater\Updater.exe [2012-10-19 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-10-25 79360]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584]
S3 GDTunerSvc;G Data Tuner Service; C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [2012-05-14 1218552]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [2012-11-15 78072]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-11 115760]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------

[/log]

Natsuki Kuga
komentarz
komentarz

Do OTL wklej:
[spoiler]
:OTL
O4 - HKU\S-1-5-21-3687210550-4096669916-69700731-1000..\Run: [Moozryhar] C:\Users\Kuba\AppData\Roaming\Ygorom\doaw.exe (?????????? ??????????)

:Files
C:\Users\Kuba\AppData\Roaming\Ypun
C:\Users\Kuba\AppData\Roaming\Ymzuor
C:\Users\Kuba\AppData\Roaming\Ygorom
[/spoiler]
Wykonaj skrypt, pokaż raport.

Po tym pokaż nowe logi z OTL.

  • Dobra wypowiedź 1
Kuba516
komentarz
komentarz

Raport:

 

[log]========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-3687210550-4096669916-69700731-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Moozryhar deleted successfully.
C:\Users\Kuba\AppData\Roaming\Ygorom\doaw.exe moved successfully.
========== FILES ==========
C:\Users\Kuba\AppData\Roaming\Ypun folder moved successfully.
C:\Users\Kuba\AppData\Roaming\Ymzuor folder moved successfully.
Folder move failed. C:\Users\Kuba\AppData\Roaming\Ygorom scheduled to be moved on reboot.
 
OTL by OldTimer - Version 3.2.69.0 log created on 01132013_155852

Files\Folders moved on Reboot...
C:\Users\Kuba\AppData\Roaming\Ygorom folder moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[/log]

 

Logi:

 

[log]OTL logfile created on: 2013-01-13 16:18:24 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kuba\Desktop\OTL & RSIT
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,95 Gb Total Physical Memory | 5,82 Gb Available Physical Memory | 73,23% Memory free
15,90 Gb Paging File | 13,29 Gb Available in Paging File | 83,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 79,64 Gb Total Space | 42,58 Gb Free Space | 53,47% Space Free | Partition Type: NTFS
Drive D: | 97,56 Gb Total Space | 38,06 Gb Free Space | 39,01% Space Free | Partition Type: NTFS
Drive E: | 195,31 Gb Total Space | 68,94 Gb Free Space | 35,30% Space Free | Partition Type: NTFS
 
Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days
 
[color=#E56717]========== Processes (All) ==========[/color]
 
PRC - [2013-01-11 13:17:32 | 000,917,552 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013-01-09 18:39:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL & RSIT\OTL.exe
PRC - [2012-12-31 15:40:00 | 008,866,816 | ---- | M] (AQQ Sp. z o.o.) -- C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe
PRC - [2012-12-20 19:23:00 | 000,541,760 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-12-03 20:19:31 | 001,354,736 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\Steam.exe
PRC - [2012-11-16 23:02:32 | 000,443,760 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2012-11-15 20:59:44 | 000,527,728 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
PRC - [2012-11-15 04:03:24 | 000,389,488 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2012-10-22 14:23:04 | 000,364,832 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012-10-22 14:23:02 | 000,277,792 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012-10-19 15:18:36 | 017,875,120 | R--- | M] (Skype Technologies S.A.) -- E:\Programy\Skype\Phone\Skype.exe
PRC - [2012-08-23 17:16:22 | 000,165,664 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2012-05-25 13:19:26 | 001,540,120 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
PRC - [2012-05-25 06:36:32 | 001,618,456 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
PRC - [2012-05-24 04:23:02 | 000,985,624 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
PRC - [2012-04-03 19:45:36 | 002,121,216 | ---- | M] () -- E:\Programy\screenSHU\screenSHU.exe
PRC - [2012-03-29 03:42:28 | 000,470,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
PRC - [2012-01-27 10:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012-01-27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
PRC - [2012-01-27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
PRC - [2010-01-27 16:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2010-01-26 16:18:16 | 000,304,712 | ---- | M] (G Data Software) -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- E:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe
 
 
[color=#E56717]========== Modules (All) ==========[/color]
 
MOD - [2013-01-11 13:17:32 | 003,021,872 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013-01-11 13:17:32 | 002,850,864 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
MOD - [2013-01-11 13:17:32 | 000,917,552 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MOD - [2013-01-11 13:17:32 | 000,814,128 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
MOD - [2013-01-11 13:17:32 | 000,642,096 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MOD - [2013-01-11 13:17:32 | 000,375,344 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MOD - [2013-01-11 13:17:32 | 000,277,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MOD - [2013-01-11 13:17:32 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
MOD - [2013-01-11 13:17:32 | 000,172,080 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
MOD - [2013-01-11 13:17:32 | 000,142,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
MOD - [2013-01-11 13:17:32 | 000,104,496 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
MOD - [2013-01-11 13:17:32 | 000,091,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MOD - [2013-01-11 13:17:32 | 000,016,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MOD - [2013-01-11 13:17:31 | 017,798,192 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll
MOD - [2013-01-11 13:17:31 | 000,155,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
MOD - [2013-01-11 13:17:31 | 000,152,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MOD - [2013-01-11 13:17:31 | 000,092,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll
MOD - [2013-01-11 13:17:31 | 000,022,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll
MOD - [2013-01-11 13:17:31 | 000,021,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll
MOD - [2013-01-11 13:17:31 | 000,019,504 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
MOD - [2013-01-09 18:39:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL & RSIT\OTL.exe
MOD - [2012-12-31 15:44:24 | 001,060,864 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\SMS.dll
MOD - [2012-12-31 15:40:00 | 008,866,816 | ---- | M] (AQQ Sp. z o.o.) -- C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe
MOD - [2012-12-30 23:42:20 | 001,375,232 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\GGNet.dll
MOD - [2012-12-30 08:09:22 | 000,054,784 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\Contact.dll
MOD - [2012-12-20 19:23:13 | 000,647,168 | ---- | M] () -- E:\Gry\Steam\sdl.dll
MOD - [2012-12-20 19:23:09 | 000,282,176 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\crashhandler.dll
MOD - [2012-12-20 19:23:06 | 007,020,608 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\steamclient.dll
MOD - [2012-12-20 19:23:06 | 000,242,240 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\tier0_s.dll
MOD - [2012-12-20 19:23:06 | 000,214,080 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\vstdlib_s.dll
MOD - [2012-12-20 19:23:04 | 000,122,864 | ---- | M] (Valve) -- E:\Gry\Steam\CSERHelper.dll
MOD - [2012-12-20 19:23:00 | 000,673,344 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\bin\vgui2_s.dll
MOD - [2012-12-20 19:22:59 | 001,782,336 | ---- | M] (Valve Corporation) -- e:\Gry\Steam\bin\ServerBrowser.dll
MOD - [2012-12-20 19:22:58 | 020,320,240 | ---- | M] () -- E:\Gry\Steam\bin\libcef.dll
MOD - [2012-12-20 19:22:56 | 009,955,112 | ---- | M] (The ICU Project) -- E:\Gry\Steam\bin\icudt.dll
MOD - [2012-12-20 19:22:56 | 002,378,304 | ---- | M] (Valve Corporation) -- e:\Gry\Steam\bin\friendsUI.dll
MOD - [2012-12-20 19:22:56 | 000,969,280 | ---- | M] () -- E:\Gry\Steam\bin\chromehtml.dll
MOD - [2012-12-20 19:22:56 | 000,170,048 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\bin\FileSystem_Steam.dll
MOD - [2012-12-20 19:22:54 | 000,124,416 | ---- | M] () -- E:\Gry\Steam\bin\avutil-51.dll
MOD - [2012-12-20 19:22:52 | 000,192,000 | ---- | M] () -- E:\Gry\Steam\bin\avformat-53.dll
MOD - [2012-12-20 19:22:50 | 001,100,800 | ---- | M] () -- E:\Gry\Steam\bin\avcodec-53.dll
MOD - [2012-12-20 19:22:49 | 002,895,424 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\Steam.dll
MOD - [2012-12-20 19:22:47 | 008,192,576 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\SteamUI.dll
MOD - [2012-12-20 19:22:47 | 001,039,192 | ---- | M] (Microsoft Corporation) -- E:\Gry\Steam\dbghelp.dll
MOD - [2012-12-07 13:20:43 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll
MOD - [2012-12-03 20:19:31 | 001,354,736 | ---- | M] (Valve Corporation) -- E:\Gry\Steam\Steam.exe
MOD - [2012-11-30 05:53:59 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2012-11-30 05:53:59 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2012-11-22 05:45:03 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2012-11-14 03:48:26 | 012,320,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012-11-14 03:14:59 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-11-14 03:09:22 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2012-11-14 02:57:44 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-11-14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-11-14 02:52:27 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2012-11-14 02:46:38 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-11-06 17:08:40 | 005,628,584 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdag.dll
MOD - [2012-11-06 16:29:34 | 000,959,488 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll
MOD - [2012-11-06 16:25:44 | 006,669,824 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2012-11-06 16:05:34 | 004,162,048 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdva.dll
MOD - [2012-11-06 15:54:52 | 000,109,568 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiuxpag.dll
MOD - [2012-11-06 15:54:38 | 000,083,968 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiu9pag.dll
MOD - [2012-10-19 15:18:36 | 017,875,120 | R--- | M] (Skype Technologies S.A.) -- E:\Programy\Skype\Phone\Skype.exe
MOD - [2012-10-11 02:04:04 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCR100.dll
MOD - [2012-10-11 02:04:04 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCP100.dll
MOD - [2012-10-09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2012-08-24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-07-27 10:26:30 | 001,198,080 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\Intel\iCLS Client\LIBEAY32.dll
MOD - [2012-07-27 10:26:30 | 000,303,104 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\Intel\iCLS Client\ssleay32.dll
MOD - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-06-02 05:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2012-06-02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012-06-02 05:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2012-05-25 03:42:00 | 000,699,928 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\ObjBrwse.dll
MOD - [2012-05-24 04:23:02 | 000,985,624 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
MOD - [2012-05-21 12:43:10 | 001,274,880 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\WapSter\WapSter AQQ\LIBEAY32.DLL
MOD - [2012-05-21 12:43:10 | 000,330,752 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\WapSter\WapSter AQQ\SSLEAY32.DLL
MOD - [2012-05-20 19:49:11 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
MOD - [2012-05-20 19:48:51 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-05-20 19:47:19 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2012-05-20 19:46:58 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-05-20 19:46:18 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2012-05-20 19:45:32 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2012-05-20 19:40:55 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2012-05-20 19:39:09 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2012-05-20 19:39:09 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2012-05-20 19:38:49 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2012-05-20 19:38:07 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2012-05-20 19:38:07 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2012-05-20 19:33:35 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2012-05-20 19:31:55 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2012-05-20 19:30:50 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2012-05-20 19:26:58 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2012-05-05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2012-04-05 10:17:06 | 001,618,440 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Common\AVKRes.dll
MOD - [2012-04-03 19:45:36 | 002,121,216 | ---- | M] () -- E:\Programy\screenSHU\screenSHU.exe
MOD - [2012-02-02 18:27:54 | 002,843,136 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\QtCore4.dll
MOD - [2012-02-02 18:27:44 | 000,276,480 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\QtSql4.dll
MOD - [2012-02-02 18:27:34 | 001,289,728 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\QtNetwork4.dll
MOD - [2012-02-02 18:27:08 | 010,135,040 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\QtGui4.dll
MOD - [2012-02-02 18:26:54 | 000,527,360 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\sqldrivers\qsqlite4.dll
MOD - [2012-02-02 18:26:52 | 000,288,256 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- E:\Programy\screenSHU\imageformats\qjpeg4.dll
MOD - [2012-02-02 18:26:52 | 000,043,008 | ---- | M] () -- E:\Programy\screenSHU\libgcc_s_dw2-1.dll
MOD - [2012-02-02 18:26:52 | 000,011,362 | ---- | M] () -- E:\Programy\screenSHU\mingwm10.dll
MOD - [2012-01-27 14:41:04 | 000,250,872 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\Banksafe.dll
MOD - [2012-01-27 10:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
MOD - [2012-01-27 10:38:07 | 000,073,728 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
MOD - [2012-01-27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
MOD - [2012-01-13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010-11-21 04:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-21 04:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-21 04:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-21 04:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-21 04:24:32 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll
MOD - [2010-11-21 04:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-21 04:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-21 04:24:28 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2010-11-21 04:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010-11-21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-21 04:24:23 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010-11-21 04:24:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-21 04:24:16 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
MOD - [2010-11-21 04:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-21 04:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-21 04:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-21 04:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-21 04:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010-11-21 04:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-21 04:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-21 04:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-21 04:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-21 04:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010-11-21 04:24:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-21 04:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-21 04:24:08 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010-11-21 04:24:08 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010-11-21 04:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010-11-21 04:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-21 04:24:08 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pdh.dll
MOD - [2010-11-21 04:24:08 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-21 04:24:08 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mapi32.dll
MOD - [2010-11-21 04:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-21 04:24:03 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll
MOD - [2010-11-21 04:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-21 04:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-21 04:24:02 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010-11-21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-21 04:24:01 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-21 04:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-21 04:23:55 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-21 04:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-21 04:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010-11-21 04:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-21 04:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-21 04:23:48 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010-11-21 04:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2009-08-18 11:29:22 | 000,134,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 02:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 02:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 02:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 02:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 02:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 02:16:12 | 000,791,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\opengl32.dll
MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 02:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PeerDist.dll
MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 02:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 02:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 02:15:27 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\idndl.dll
MOD - [2009-07-14 02:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hid.dll
MOD - [2009-07-14 02:15:22 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\glu32.dll
MOD - [2009-07-14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll
MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 02:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsrole.dll
MOD - [2009-07-14 02:15:11 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dinput8.dll
MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 02:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009-07-14 02:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009-07-14 02:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009-07-14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009-07-14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009-07-14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 02:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 02:09:53 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\security.dll
MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2007-04-04 18:53:42 | 000,081,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xinput1_3.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012-11-06 16:19:14 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2012-07-27 10:54:18 | 000,636,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2010-04-06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013-01-11 13:17:32 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-01-09 17:54:31 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-12-20 19:23:00 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-11-16 23:02:32 | 000,443,760 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2012-11-15 20:59:44 | 000,527,728 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2012-11-15 04:03:24 | 000,389,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2012-11-15 02:40:58 | 000,078,072 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE -- (HssTrayService)
SRV - [2012-10-25 10:27:45 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012-10-22 14:23:04 | 000,364,832 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-10-22 14:23:02 | 000,277,792 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-10-19 15:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- E:\Programy\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-08-23 17:16:22 | 000,165,664 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-05-25 13:19:26 | 001,540,120 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2012-05-25 06:36:32 | 001,618,456 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe -- (GDBackupSvc)
SRV - [2012-05-25 04:11:06 | 001,766,976 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2012-05-14 04:26:48 | 001,218,552 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe -- (GDTunerSvc)
SRV - [2012-03-29 03:42:28 | 000,470,008 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2012-01-27 05:01:08 | 002,006,872 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2012-01-27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe -- (AVKService)
SRV - [2012-01-05 16:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- E:\Programy\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2011-12-09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011-08-30 14:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-01-27 16:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010-01-26 16:18:16 | 000,304,712 | ---- | M] (G Data Software) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe -- (TSNxGService)
SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- E:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012-12-27 13:05:54 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2012-12-27 13:05:54 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2012-12-25 18:16:15 | 000,021,832 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:[b]64bit:[/b] - [2012-12-19 06:40:58 | 000,118,504 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2012-11-15 02:38:20 | 000,040,712 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:[b]64bit:[/b] - [2012-11-15 02:33:20 | 000,042,248 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:[b]64bit:[/b] - [2012-11-06 17:06:46 | 011,269,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2012-11-06 15:56:36 | 000,550,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2012-10-27 11:12:36 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:[b]64bit:[/b] - [2012-10-25 10:33:12 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2012-10-24 21:53:07 | 000,098,760 | ---- | M] (G Data Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TS4nt.sys -- (TS4NT)
DRV:[b]64bit:[/b] - [2012-10-24 21:53:03 | 000,059,768 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:[b]64bit:[/b] - [2012-10-24 21:52:55 | 000,122,744 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:[b]64bit:[/b] - [2012-10-24 21:52:55 | 000,064,376 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:[b]64bit:[/b] - [2012-10-24 21:52:55 | 000,054,136 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:[b]64bit:[/b] - [2012-10-24 21:52:54 | 000,065,912 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:[b]64bit:[/b] - [2012-07-12 19:56:32 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012-06-05 13:45:16 | 000,237,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:[b]64bit:[/b] - [2012-05-20 19:46:58 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-05-20 19:29:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2012-05-20 19:29:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2012-01-27 10:39:33 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012-01-27 10:39:33 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012-01-27 10:39:33 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012-01-18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:[b]64bit:[/b] - [2011-11-02 09:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2009-12-30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008-08-14 13:48:34 | 000,024,064 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\skfiltv.sys -- (skfiltv)
DRV - [2012-10-24 21:29:00 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-3687210550-4096669916-69700731-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3687210550-4096669916-69700731-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
IE - HKU\S-1-5-21-3687210550-4096669916-69700731-1000\..\SearchScopes\{59B5EF52-1A08-44ac-A278-D89419214A9D}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
IE - HKU\S-1-5-21-3687210550-4096669916-69700731-1000\..\SearchScopes\{88302EF8-E6A1-49ba-B959-9A59E9A30F95}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
IE - HKU\S-1-5-21-3687210550-4096669916-69700731-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.5
FF - prefs.js..extensions.enabledAddons: %7B906305f7-aafc-45e9-8bbd-941950a84dad%7D:1.1.11215.1124
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-11 13:17:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-11 13:17:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012-10-24 21:35:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Extensions
[2012-12-15 14:35:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\3hev22t6.default\extensions
[2012-12-15 14:35:15 | 000,243,496 | ---- | M] () (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\firefox\profiles\3hev22t6.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013-01-11 13:17:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013-01-11 13:17:29 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\mozilla firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2013-01-11 13:17:32 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-10-11 03:58:06 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-10-11 03:58:06 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-10-11 03:58:06 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-10-11 03:58:06 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-10-11 03:58:06 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-10-11 03:58:06 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2013-01-10 16:25:06 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3687210550-4096669916-69700731-1000..\Run: [AlcoholAutomount] E:\Programy\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-3687210550-4096669916-69700731-1000..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe (AQQ Sp. z o.o.)
O4 - HKU\S-1-5-21-3687210550-4096669916-69700731-1000..\Run: [screenSHU] E:\Programy\screenSHU\screenSHU.exe ()
O4 - HKU\S-1-5-21-3687210550-4096669916-69700731-1000..\Run: [Steam] E:\Gry\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B084D405-98AE-4C21-BFE5-B665FFE91326}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6c41285c-1e8c-11e2-8bca-902b3461527a}\Shell - "" = AutoRun
O33 - MountPoints2\{6c41285c-1e8c-11e2-8bca-902b3461527a}\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
 
SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]
 
[2013-01-13 15:58:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-01-11 13:17:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013-01-10 20:15:14 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013-01-10 19:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013-01-10 19:16:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013-01-10 19:13:59 | 000,550,912 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013-01-10 19:13:59 | 000,240,640 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013-01-10 19:13:59 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013-01-10 19:13:59 | 000,070,144 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_9.01.dll
[2013-01-10 19:13:59 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013-01-10 19:11:31 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64H.dll
[2013-01-10 19:11:31 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64H.dll
[2013-01-10 19:11:31 | 000,372,056 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll
[2013-01-10 19:11:31 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll
[2013-01-10 19:11:31 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll
[2013-01-10 19:11:31 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll
[2013-01-10 19:11:31 | 000,141,152 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64H.dll
[2013-01-10 19:11:31 | 000,123,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64H.dll
[2013-01-10 19:11:31 | 000,097,624 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll
[2013-01-10 19:11:31 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll
[2013-01-10 19:11:31 | 000,074,592 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64H.dll
[2013-01-10 19:00:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013-01-10 19:00:00 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2013-01-10 18:59:59 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013-01-10 18:59:59 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013-01-10 18:59:59 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013-01-10 18:59:59 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013-01-10 18:59:56 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013-01-10 18:59:56 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013-01-10 18:59:56 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013-01-10 18:59:56 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013-01-10 18:59:55 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013-01-10 18:59:55 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013-01-10 18:59:38 | 002,028,920 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2013-01-10 18:59:35 | 000,869,752 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2013-01-10 18:59:33 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013-01-10 18:59:13 | 002,714,720 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013-01-10 18:59:05 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2013-01-10 16:51:56 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\OTL & RSIT
[2013-01-09 20:01:06 | 000,000,000 | ---D | C] -- C:\rsit
[2013-01-05 15:35:33 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\FLT
[2013-01-04 17:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
[2013-01-04 17:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Hotspot Shield
[2013-01-04 17:00:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotspot Shield
[2012-12-31 10:39:05 | 000,118,504 | ---- | C] (Qualcomm Atheros Co., Ltd.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2012-12-30 02:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2012-12-28 15:39:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012-12-28 13:19:43 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\XRay Engine
[2012-12-27 12:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
[2012-12-27 12:49:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\STALKER-STCS
[2012-12-25 18:16:57 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Hamachi
[2012-12-25 18:16:15 | 000,021,832 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2012-12-25 13:12:48 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
[2012-12-25 12:50:52 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT
[2012-12-25 12:50:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT
[2012-12-25 02:34:18 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\3DMark 11
[2012-12-25 02:32:57 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\IsolatedStorage
[2012-12-25 02:32:54 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Futuremark_Corporation
[2012-12-25 02:31:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2012-12-25 02:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
[2012-12-25 02:16:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012-12-23 20:26:58 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\Serwer
[2012-12-22 17:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012-12-22 17:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2012-12-15 15:16:49 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012-12-15 15:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012-12-15 15:16:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2012-12-02 16:15:36 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-12-02 14:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
[2012-11-29 15:33:23 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Apps
[2012-11-24 16:00:49 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012-11-17 20:05:04 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Rockstar Games
[2012-11-17 19:48:31 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Rockstar Games
[2012-11-17 19:48:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2012-11-17 19:47:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012-11-17 19:42:01 | 000,000,000 | RH-D | C] -- C:\Users\Kuba\AppData\Roaming\SecuROM
[2012-11-17 19:37:18 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012-11-17 19:35:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012-11-17 19:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012-11-17 19:21:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012-11-17 12:58:49 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\BioWare
[2012-11-17 12:54:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age II
[2012-11-17 12:46:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2012-11-17 11:37:07 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\storage
[2012-11-16 17:26:20 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Ubisoft Game Launcher
[2012-11-16 17:25:34 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\SKIDROW
[2012-11-16 17:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012-11-16 17:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012-11-16 17:22:09 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Ubisoft
[2012-11-16 17:22:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2012-11-16 16:46:13 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2012-11-16 12:40:12 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Skyrim
[2012-11-16 12:40:12 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\My Games
[2012-11-16 12:23:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012-11-16 12:18:53 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\2K Games
[2012-11-16 09:03:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012-11-16 08:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda
[2012-11-16 08:54:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
[2012-11-16 08:23:41 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Alcohol 120%
[2012-11-15 02:38:20 | 000,040,712 | ---- | C] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys
[2012-11-15 02:33:20 | 000,042,248 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
 
[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]
 
[2013-01-13 16:07:28 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-01-13 16:07:28 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-01-13 15:59:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-01-13 15:59:46 | 2106,269,695 | -HS- | M] () -- C:\hiberfil.sys
[2013-01-13 15:54:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-01-12 22:51:55 | 004,295,168 | ---- | M] () -- C:\Users\Kuba\Desktop\hamachi.msi
[2013-01-11 19:30:38 | 000,582,227 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\technic-launcher.jar
[2013-01-10 18:31:15 | 000,007,597 | ---- | M] () -- C:\Users\Kuba\AppData\Local\Resmon.ResmonCfg
[2013-01-10 16:25:06 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013-01-10 13:29:55 | 000,276,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-01-05 15:33:06 | 000,000,912 | ---- | M] () -- C:\Users\Kuba\Desktop\Don't Starve Beta (18 November).lnk
[2013-01-04 17:01:45 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2012-12-30 23:25:23 | 000,000,857 | ---- | M] () -- C:\Users\Kuba\Documents\ax_files.xml
[2012-12-30 02:25:04 | 000,000,604 | ---- | M] () -- C:\Users\Kuba\Desktop\HD Tune.lnk
[2012-12-27 14:12:14 | 000,001,750 | ---- | M] () -- C:\Users\Kuba\Documents\cc_20121227_141208.reg
[2012-12-27 13:05:54 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2012-12-27 13:05:54 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2012-12-27 12:50:27 | 000,000,892 | ---- | M] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Clear Sky.lnk
[2012-12-25 18:16:15 | 000,021,832 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2012-12-25 12:50:55 | 000,000,629 | ---- | M] () -- C:\Users\Kuba\Desktop\OCCT.lnk
[2012-12-25 02:30:44 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2012-12-25 02:16:09 | 000,000,622 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012-12-19 06:40:58 | 000,118,504 | ---- | M] (Qualcomm Atheros Co., Ltd.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2012-12-15 15:16:49 | 000,001,007 | ---- | M] () -- C:\Users\Kuba\Desktop\SpeedFan.lnk
[2012-12-15 15:16:48 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-12-15 11:15:32 | 000,581,642 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\technic-launcher.jar.bak
[2012-12-09 16:50:10 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-12-09 16:50:10 | 000,697,674 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-12-09 16:50:10 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-12-09 16:50:10 | 000,134,784 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-12-09 16:50:10 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-12-02 14:28:24 | 000,000,639 | ---- | M] () -- C:\Users\Kuba\Desktop\Resource Hacker.lnk
[2012-11-28 02:30:22 | 000,381,365 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012-11-24 16:36:11 | 000,000,203 | ---- | M] () -- C:\Users\Kuba\Desktop\Team Fortress 2.url
[2012-11-24 16:28:19 | 000,000,202 | ---- | M] () -- C:\Users\Kuba\Desktop\Counter-Strike.url
[2012-11-24 16:00:49 | 000,000,203 | ---- | M] () -- C:\Users\Kuba\Desktop\Dota 2.url
[2012-11-22 21:37:36 | 000,885,503 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2012-11-22 21:37:36 | 000,046,790 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2012-11-20 01:18:06 | 002,714,720 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012-11-18 17:06:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-11-17 19:37:18 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012-11-17 19:35:15 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2012-11-17 12:54:46 | 000,000,676 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Age II.lnk
[2012-11-17 11:38:49 | 000,001,158 | ---- | M] () -- C:\Users\Kuba\Desktop\AssassinsCreed II.lnk
[2012-11-16 08:59:41 | 000,000,726 | ---- | M] () -- C:\Users\Public\Desktop\The Elder Scrolls V - Skyrim.lnk
[2012-11-16 08:54:14 | 000,000,749 | ---- | M] () -- C:\Users\Public\Desktop\Mafia II.lnk
[2012-11-15 02:38:20 | 000,040,712 | ---- | M] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys
[2012-11-15 02:33:20 | 000,042,248 | ---- | M] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-01-12 22:51:57 | 004,295,168 | ---- | C] () -- C:\Users\Kuba\Desktop\hamachi.msi
[2013-01-10 19:13:59 | 003,084,672 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013-01-10 19:13:59 | 003,053,056 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013-01-10 19:13:59 | 000,662,787 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013-01-10 19:13:59 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013-01-10 19:13:59 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013-01-10 19:13:59 | 000,076,660 | ---- | C] () -- C:\Windows\SysNative\ativce02.dat
[2013-01-10 19:13:59 | 000,042,347 | ---- | C] () -- C:\Windows\atiogl.xml
[2013-01-10 19:13:58 | 000,324,664 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013-01-10 19:13:58 | 000,324,664 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013-01-10 18:59:55 | 000,381,365 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2013-01-05 15:33:06 | 000,000,912 | ---- | C] () -- C:\Users\Kuba\Desktop\Don't Starve Beta (18 November).lnk
[2013-01-04 17:01:45 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2012-12-30 02:25:04 | 000,000,604 | ---- | C] () -- C:\Users\Kuba\Desktop\HD Tune.lnk
[2012-12-27 14:12:11 | 000,001,750 | ---- | C] () -- C:\Users\Kuba\Documents\cc_20121227_141208.reg
[2012-12-27 13:05:54 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2012-12-27 13:05:54 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2012-12-27 12:50:27 | 000,000,892 | ---- | C] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Clear Sky.lnk
[2012-12-25 12:50:55 | 000,000,629 | ---- | C] () -- C:\Users\Kuba\Desktop\OCCT.lnk
[2012-12-25 02:30:44 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2012-12-25 02:16:09 | 000,000,622 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012-12-15 15:16:49 | 000,001,007 | ---- | C] () -- C:\Users\Kuba\Desktop\SpeedFan.lnk
[2012-12-15 15:16:48 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-12-02 14:28:24 | 000,000,639 | ---- | C] () -- C:\Users\Kuba\Desktop\Resource Hacker.lnk
[2012-11-24 16:36:11 | 000,000,203 | ---- | C] () -- C:\Users\Kuba\Desktop\Team Fortress 2.url
[2012-11-24 16:28:19 | 000,000,202 | ---- | C] () -- C:\Users\Kuba\Desktop\Counter-Strike.url
[2012-11-24 16:00:49 | 000,000,203 | ---- | C] () -- C:\Users\Kuba\Desktop\Dota 2.url
[2012-11-18 17:06:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-11-17 19:47:16 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012-11-17 19:35:15 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2012-11-17 12:54:46 | 000,000,676 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Age II.lnk
[2012-11-17 11:38:52 | 000,001,158 | ---- | C] () -- C:\Users\Kuba\Desktop\AssassinsCreed II.lnk
[2012-11-16 08:59:41 | 000,000,726 | ---- | C] () -- C:\Users\Public\Desktop\The Elder Scrolls V - Skyrim.lnk
[2012-11-16 08:54:14 | 000,000,749 | ---- | C] () -- C:\Users\Public\Desktop\Mafia II.lnk
[2012-11-16 07:04:23 | 000,007,597 | ---- | C] () -- C:\Users\Kuba\AppData\Local\Resmon.ResmonCfg
[2012-11-14 20:30:42 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012-11-14 20:25:06 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012-10-25 12:29:28 | 000,582,227 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\technic-launcher.jar
[2012-10-25 12:29:28 | 000,581,642 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\technic-launcher.jar.bak
[2012-10-25 10:27:07 | 000,001,209 | ---- | C] () -- C:\Windows\skSPcfg.ini
[2012-10-25 10:27:07 | 000,000,381 | ---- | C] () -- C:\Windows\skMCcfg.ini
[2012-10-25 10:27:06 | 000,128,512 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012-10-25 10:27:06 | 000,069,120 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012-10-25 08:58:49 | 000,885,503 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2012-10-24 21:42:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-10-24 21:40:55 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-10-24 21:40:55 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-10-24 21:40:55 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012-10-24 21:24:52 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012-10-24 21:18:53 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011-12-08 15:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2012-10-25 22:15:26 | 000,000,642 | ---- | M] () -- C:\Users\Kuba\AppData\Local\Temp\Rar$DRa0.025\reifnsk\minimap\n.png
[2012-10-25 22:15:26 | 000,000,268 | ---- | M] () -- C:\Users\Kuba\AppData\Local\Temp\Rar$DRa0.025\reifnsk\minimap\zantextures\n.png
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013-01-13 11:49:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.minecraft
[2013-01-11 19:31:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.techniclauncher
[2012-10-30 14:55:53 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Easeware
[2012-12-01 19:38:42 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\EurekaLog
[2012-10-27 10:07:14 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\FileZilla
[2013-01-11 19:30:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\logs
[2012-10-27 10:25:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Notepad++
[2012-10-25 09:39:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Splashtop
[2012-10-25 20:01:17 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Teeworlds
[2013-01-13 16:09:21 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\TS3Client
[2012-11-16 17:22:09 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ubisoft
[2012-12-28 13:19:43 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\XRay Engine
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2013-01-10 16:38:30 | 000,002,965 | ---- | M] () -- C:\AdwCleaner[S2].txt
[2012-10-24 21:24:58 | 000,000,180 | ---- | M] () -- C:\csb.log
[2013-01-13 15:59:46 | 2106,269,695 | -HS- | M] () -- C:\hiberfil.sys
[2012-10-24 21:22:19 | 000,000,206 | ---- | M] () -- C:\Install.log
[2013-01-13 15:59:47 | 4240,015,359 | -HS- | M] () -- C:\pagefile.sys
[2012-10-24 21:22:19 | 000,003,235 | ---- | M] () -- C:\RHDSetup.log
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
[color=#A23BEC]< MD5 for: BEEP.SYS  >[/color]
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2012-08-22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010-11-21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< End of report >

[/log]

 

[log]OTL Extras logfile created on: 2013-01-13 16:18:24 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kuba\Desktop\OTL & RSIT
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,95 Gb Total Physical Memory | 5,82 Gb Available Physical Memory | 73,23% Memory free
15,90 Gb Paging File | 13,29 Gb Available in Paging File | 83,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 79,64 Gb Total Space | 42,58 Gb Free Space | 53,47% Space Free | Partition Type: NTFS
Drive D: | 97,56 Gb Total Space | 38,06 Gb Free Space | 39,01% Space Free | Partition Type: NTFS
Drive E: | 195,31 Gb Total Space | 68,94 Gb Free Space | 35,30% Space Free | Partition Type: NTFS
 
Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3687210550-4096669916-69700731-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0402F9F3-436E-469A-A985-044B3AD38A88}" = lport=139 | protocol=6 | dir=in | app=system |
"{0C469EA9-3F5D-4194-ACAA-415E1D4246FD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1B2C321A-2466-4EBA-AAC2-7DC7EF30E69C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1BA37879-583C-4F10-8B30-0ED6F74AAC7B}" = rport=445 | protocol=6 | dir=out | app=system |
"{27D14CF6-52E1-490A-B398-AD4F18227262}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3FF1312F-B611-46D0-86A9-93C7407A95AE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41C5074B-6F52-4445-BDE8-3EFB8989A4A3}" = rport=139 | protocol=6 | dir=out | app=system |
"{4BA28922-FBB2-4345-9CA8-A68BD3DC5DB6}" = rport=137 | protocol=17 | dir=out | app=system |
"{4BF9BAA8-F400-46BA-A256-D484498F74DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4E6A3C61-95C6-4806-95CF-D1206CBEB9B7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5DADFA2D-B035-4B32-AF19-C29DC4AF812A}" = lport=138 | protocol=17 | dir=in | app=system |
"{7FD0CBF1-369C-4135-ACAC-44DB052FC8E2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{865C67CD-98B9-4C2B-ACD9-CF44AFC4F596}" = rport=138 | protocol=17 | dir=out | app=system |
"{8D5391BC-2405-4137-B723-45247A652815}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8F618A4B-4561-42BE-83CF-0DF107DC6772}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9E568D1A-78EF-47A2-AA77-4448FC58EC62}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A24C93E1-AE30-42D7-ABBE-C2C6180071E0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A3731A21-3569-45AB-89AB-28C0332CD29C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AC205059-5EFD-4819-A5A0-ED84991D9030}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B2FC61DB-40F6-43C7-99ED-ACED5A27FC96}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BC167094-9E5C-41D3-AC79-FC3FE4051A9C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C5B9255A-BF3E-4C56-AB0A-6F414554BF7A}" = lport=445 | protocol=6 | dir=in | app=system |
"{E6162F77-C333-4460-B232-B6D815DE47E3}" = lport=137 | protocol=17 | dir=in | app=system |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AC3F0C-8246-4E43-BCDB-A30F44F85CF4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{01E5BD26-6276-43AE-AC80-190B9781B892}" = protocol=17 | dir=in | app=e:\gry\assassin's creed ii\uplaybrowser.exe |
"{06CA03F5-6AC7-41F8-9F9C-294F0DB51372}" = protocol=6 | dir=in | app=e:\gry\assassin's creed ii\assassinscreedii.exe |
"{0B32CB88-BE07-4EC0-B543-720A7FD07CBD}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{0E4565EB-D503-4EA8-A7A1-36ADC0DBF883}" = protocol=17 | dir=in | app=e:\gry\assassin's creed ii\assassinscreediigame.exe |
"{1693391B-A07A-4AF6-9CE2-9CAA73CB39C5}" = protocol=6 | dir=in | app=e:\gry\steam\steamapps\kuba_516\counter-strike\hl.exe |
"{1BA64C07-A51E-48A0-B570-5869DB2E120A}" = protocol=17 | dir=in | app=e:\gry\assassin's creed ii\assassinscreedii.exe |
"{1E765833-4DC6-458A-965F-0411C7B69586}" = protocol=17 | dir=in | app=e:\gry\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe |
"{1FFA03F5-35BA-4AE3-BC7C-B6F45996BD57}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{27D675BA-4A82-427C-BF77-B9CB3A67A965}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3565FDA4-18B6-43EF-8A4E-DF717063C027}" = protocol=17 | dir=in | app=e:\gry\steam\steamapps\kuba_516\counter-strike\hl.exe |
"{35B8646E-BF12-45A3-A004-A7F0E3F38615}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3967E8AB-8FB4-4CAE-92A6-302EB6651472}" = protocol=6 | dir=out | app=system |
"{40EA44BE-7873-40D7-AE37-564A8B49ED8D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4893FC5A-DD90-4A00-8F96-56C98CF402F6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4E5E6FBD-1CD1-405A-92C0-F25A9FEF9456}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{59C803F8-936D-44EC-BCEB-5F2F3CAC73B9}" = protocol=6 | dir=in | app=e:\gry\steam\steam.exe |
"{60D104FD-8A76-4ECA-8844-DDEE317F6C16}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{668530D9-8923-4A27-A6A5-D0A96880B468}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{68FA6A6B-4437-431F-B217-35C56E548AC1}" = protocol=17 | dir=in | app=e:\gry\dragon age 2\dragonage2launcher.exe |
"{73BFD577-7C1F-4E63-BF3F-89C2CF6EE9AC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{74A36A72-C4E4-4850-92C6-7317EA5C681D}" = protocol=6 | dir=in | app=e:\gry\dragon age 2\dragonage2launcher.exe |
"{8579DBAD-0B00-48DD-870D-66876F929AAC}" = protocol=17 | dir=in | app=e:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
"{891A1DB5-0D7B-488A-B0DA-C996F9D66310}" = protocol=6 | dir=in | app=e:\gry\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe |
"{8CD9E530-8569-4B5C-BD49-39B22FE142C8}" = protocol=6 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{8EA2CC40-1705-45C1-BA36-B0752078912A}" = protocol=6 | dir=in | app=e:\gry\dragon age 2\bin_ship\dragonage2.exe |
"{96F80B77-7148-46C2-A17B-7D777CF9F7C1}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{9FE8FCEA-219A-4CEC-B3B5-07B7CCED103E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A48BECCF-CB18-42DA-9CF0-4903F65C2404}" = protocol=6 | dir=in | app=e:\gry\assassin's creed ii\uplaybrowser.exe |
"{A74120AC-D850-4FEC-9D1D-B20B9BF65727}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AD59D626-D43F-45DF-B674-DF5EA8DDB124}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AE4C480D-827D-4BB8-9550-6DE602EAEC72}" = dir=in | app=e:\programy\skype\phone\skype.exe |
"{B4D65F48-3DB8-4FF1-8773-5D4B286705C1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B7F618AB-AF27-45E3-A20C-7662799FEE43}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BA0FA441-E99A-4421-B21F-A46DEF06F86C}" = protocol=17 | dir=in | app=e:\gry\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe |
"{C51CAD0E-2141-4686-9373-E0E6C9DE0148}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{CE96531A-66A5-4864-B9B7-D99964CC9B04}" = protocol=17 | dir=in | app=e:\gry\steam\steam.exe |
"{D30266DC-B828-4F3E-99A4-243E3514572E}" = protocol=6 | dir=in | app=e:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
"{D5D97ADE-0579-4AA8-87D3-A1F6D8635C10}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D6A3FB9D-9469-470E-B1AD-92FFB58D10FB}" = protocol=6 | dir=in | app=e:\gry\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe |
"{D753B1BA-5A12-4AF8-BD93-5E87BEA80565}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DDBD42A6-1C20-4838-88CA-DECB97300E6B}" = protocol=17 | dir=in | app=e:\gry\dragon age 2\bin_ship\dragonage2.exe |
"{DF96CB38-2749-432E-8AE6-3E3874EF2C12}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E3F15E8A-B34E-4B9F-8259-69BD5F3C9A16}" = protocol=17 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{E44F8A62-4C38-4596-818D-418EFCAE6896}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E5E2E4B3-7C16-49C3-B060-2C806C799DDE}" = protocol=6 | dir=in | app=e:\gry\assassin's creed ii\assassinscreediigame.exe |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08CFAEF6-7D08-9A9B-2089-FC25350C5FF4}" = ccc-utility64
"{18A5D014-E9AD-DEFE-FAFE-A409612F51B4}" = AMD Media Foundation Decoders
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{2D58E228-ACD8-0B8A-E1FF-D3F7020DA30F}" = AMD Media Foundation Decoders
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50BD00DC-127E-BF00-FDD5-E1A93AB3507C}" = ccc-utility64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.9
"{7AB8C73F-03FE-48AE-990C-CCB8D6C4FAB8}" = Intel® Trusted Connect Service Client
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{A71060CF-81D0-EC17-2252-78CA0E96CCCF}" = AMD Drag and Drop Transcoding
"{BB009B20-0BA0-ABDF-1947-4D56639214C7}" = AMD Accelerated Video Transcoding
"{E85D1C80-28C4-76B8-5A5A-2C8D8B38D5D9}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.62.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-bitowy)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03AEAB60-A7B3-A8DB-468B-EB30FB4B40B0}" = CCC Help German
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0841A593-C7D8-E4EF-9F26-CA0EE369033C}" = Catalyst Control Center
"{1432AA8A-09CC-E585-7FFB-4DC255456A57}" = CCC Help English
"{162ABED6-E60C-6CFF-100E-43C16ABBC5BE}" = CCC Help Chinese Standard
"{1CB724FF-D18C-8FFB-E7C9-0A09CF8EC066}" = CCC Help Japanese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20C14CC3-5E3B-D39A-5B37-B15E59785063}" = CCC Help Chinese Traditional
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2632A2C0-ECF4-7F79-7136-9FEA4C253A4C}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{30F712DA-64FE-5DBE-AE76-3F8EA3F8223C}" = CCC Help French
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3C39B3CC-4EC8-C756-AF4B-72366504FCA5}" = CCC Help Hungarian
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CC9D761-A9B6-D8EA-D2A9-B74B5A90B108}" = CCC Help Norwegian
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{54B227A6-BDBE-69FA-D450-B99609063044}" = CCC Help Greek
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5C56EB7A-A016-E031-525F-C967EF9749B9}" = CCC Help French
"{5DA69605-2A7F-6028-8A10-0549F924174E}" = CCC Help Italian
"{5F7308C0-56FF-415A-B34C-44A90A892A95}" = Catalyst Control Center - Branding
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6D62F011-4303-8BCC-398D-AE61684880FF}" = CCC Help German
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73F9192E-A60B-47BA-809A-AE07AF507EA7}" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"{7C587778-C433-980E-F3C1-203890DC4FBE}" = CCC Help Polish
"{7DC3EABF-66A2-6D79-B485-6328525CA387}" = CCC Help Swedish
"{7F2D87D4-5152-31B5-D7CF-67E329F6FB94}" = CCC Help Chinese Traditional
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83BE5026-D306-FE60-73D7-C9BCEE0E55E5}" = CCC Help Russian
"{843603C6-75B7-BAB5-80DE-E76FB28DEEF2}" = CCC Help Finnish
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8B758A3B-0966-A84F-9D2D-42D8025D04B2}" = CCC Help Spanish
"{8BBC66FD-0195-29B4-5A58-E0B0554E8F42}" = Catalyst Control Center
"{8D9EEAC7-42D5-3951-612A-EAA7B684C592}" = CCC Help Italian
"{9791DAED-B734-2835-988B-157BDA087496}" = CCC Help Dutch
"{98B740C3-FAA4-C523-7478-4DBCAB7B27D1}" = Catalyst Control Center Graphics Previews Common
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F0CAC6D-9B0D-A95F-CF61-6E88952D6181}" = CCC Help Thai
"{A625DB70-98D5-16FD-C49D-4B8B1B2304A4}" = CCC Help Spanish
"{A90214C3-3A0C-2F05-6083-E1A4BAD9E30D}" = CCC Help Danish
"{AA123216-6DE0-E57C-DC57-4FECEACB482F}" = CCC Help Russian
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.01)
"{B2F6521E-0207-036B-C0C3-2013BF182F86}" = CCC Help Japanese
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{CE6217F3-6072-40E2-9157-A4695C334F8E}" = G Data TotalProtection 2013
"{D0837A59-83E6-3392-1BD9-86D3445676DB}" = CCC Help Korean
"{D0D79D77-2A6C-B156-76AB-C0F93D0A40EB}" = CCC Help Chinese Standard
"{D33626D5-3D55-C79B-C372-F1D1734D8025}" = Catalyst Control Center InstallProxy
"{D70AB273-113B-D7DE-5C8D-82CABA7CB0AF}" = Catalyst Control Center Localization All
"{D72FF5C1-0DE5-17C3-F0B8-7C1CBF98C5D5}" = CCC Help Korean
"{DC8772D4-C75F-5235-63E2-BBC73F909B7A}" = CCC Help Czech
"{DED7FD3C-DDD2-43BB-B0F5-B07F9D0430D3}" = CCC Help Portuguese
"{E157F2EB-E06F-B57F-9105-68F348DB2EAD}" = CCC Help English
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E976B61A-251E-396A-9724-675C1DDE2C6F}" = Catalyst Control Center Localization All
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EBC8C5A1-7745-419F-B6C6-B0DD87F24D52}" = LogMeIn Hamachi
"{EF036F44-A287-BC23-3F6E-AAE6FDEF47EF}" = Catalyst Control Center InstallProxy
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AQQ" = WapSter AQQ
"AudioCS" = Creative Audio Control Panel
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"FileZilla Client" = FileZilla Client 3.5.3
"Fraps" = Fraps (remove only)
"HD Tune_is1" = HD Tune 2.55
"Host OpenAL" = Host OpenAL
"HotspotShield" = Hotspot Shield 2.78
"Łatka polonizacyjna GTA IV v1.0" = Łatka polonizacyjna GTA IV v1.0
"Mafia II_is1" = Mafia II
"Mozilla Firefox 18.0 (x86 pl)" = Mozilla Firefox 18.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"OCCT" = OCCT 4.3.2
"ResourceHacker_is1" = Resource Hacker Version 3.6.0
"S.T.A.L.K.E.R. - Clear Sky_is1" = S.T.A.L.K.E.R. - Clear Sky
"screenSHU" = screenSHU - the fastest screen capture ever.
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"Steam App 440" = Team Fortress 2
"Steam App 570" = Dota 2
"The Elder Scrolls V - Skyrim_is1" = The Elder Scrolls V - Skyrim
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 2013-01-12 22:00:34 | Computer Name = Kuba-Komputer | Source = MsiInstaller | ID = 11723
Description =
 
Error - 2013-01-12 22:00:34 | Computer Name = Kuba-Komputer | Source = MsiInstaller | ID = 1023
Description =
 
Error - 2013-01-12 22:16:51 | Computer Name = Kuba-Komputer | Source = MsiInstaller | ID = 11723
Description =
 
Error - 2013-01-12 22:16:51 | Computer Name = Kuba-Komputer | Source = MsiInstaller | ID = 1023
Description =
 
Error - 2013-01-12 22:16:58 | Computer Name = Kuba-Komputer | Source = MsiInstaller | ID = 11723
Description =
 
Error - 2013-01-12 22:16:58 | Computer Name = Kuba-Komputer | Source = MsiInstaller | ID = 1023
Description =
 
Error - 2013-01-13 05:59:29 | Computer Name = Kuba-Komputer | Source = TSNxGService | ID = 131074
Description = G Data TopSecret Inicjalizacja modułu ochrony plików (AFP) nie powiodła
 się Kod błędu: 1
 
Error - 2013-01-13 06:00:45 | Computer Name = Kuba-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-01-13 11:00:04 | Computer Name = Kuba-Komputer | Source = TSNxGService | ID = 131074
Description = G Data TopSecret Inicjalizacja modułu ochrony plików (AFP) nie powiodła
 się Kod błędu: 1
 
Error - 2013-01-13 11:01:41 | Computer Name = Kuba-Komputer | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 2013-01-13 05:59:07 | Computer Name = Kuba-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi LogMeIn Hamachi Tunneling Engine z powodu
 następującego błędu:   %%2
 
Error - 2013-01-13 05:59:38 | Computer Name = Kuba-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   GLogin
 
Error - 2013-01-13 06:00:07 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
Error - 2013-01-13 06:00:07 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
Error - 2013-01-13 06:00:07 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
Error - 2013-01-13 11:00:00 | Computer Name = Kuba-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi LogMeIn Hamachi Tunneling Engine z powodu
 następującego błędu:   %%2
 
Error - 2013-01-13 11:00:08 | Computer Name = Kuba-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   GLogin
 
Error - 2013-01-13 11:00:28 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
Error - 2013-01-13 11:00:28 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
Error - 2013-01-13 11:00:28 | Computer Name = Kuba-Komputer | Source = VDS Basic Provider | ID = 33554433
Description =
 
 
< End of report >

[/log]

Natsuki Kuga
komentarz
komentarz

W logach brak infekcji.

 

Na koniec:

 

1. Odinstaluj OTL poprzez opcję Sprzątanie, AdwCleaner przez Uninstall.

 

2. Wyłącz i włącz Przywracanie systemu: Klik

 

To wszystko.

  • Dobra wypowiedź 1
Kuba516
komentarz
komentarz

Slicznie dziekuję :3

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.