x-kom hosting

Laptop dlugo sie wczytuje

daro99
utworzono
utworzono (edytowane)

Siemka mam laptopa fujitsu lifebook

 

Strasznie wolni mi sie wczytuje i juz powoli mnie to zaczyna wkur**ac :/

 

Oto ss msconfig->uruchamianie

 

http://imageshack.us/photo/my-images/845/11111naf.jpg/

 

Nie wiem co wiecej moge zrobic :/

 

Laptop zanim moge cokolwiek zrobic wczytuje mi 10-15 minu !! :/

 

Slyszalem tez o zablokowaniu uslug win 7, poblokowalem pare ale boje sie cos wiecej blokowac zeby nie spieprzyc czegos :/

 

Jesli mam cos jeszcze pokazac to piszcie

 

Help Me !! :)

 

 

Slyszalem tez, ze mozna usunac jakis plik systemowy ktory po usunieciu bedzie wczytywac o iles tam sekund szybciej

 

 

Jesli nie ten dzial to prosze o przeniesienie

Natsuki Kuga
komentarz
komentarz

Zaczniemy od sprawdzenia pod kątem wirusów: Zapoznaj się z przyklejonymi w Bezpieczeństwie i pokaż zestaw odpowiednich logów.

daro99
komentarz
komentarz (edytowane)

OTL

 

 

[log]OTL logfile created on: 1/12/2013 1:55:52 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dom\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3.91 Gb Total Physical Memory | 1.79 Gb Available Physical Memory | 45.68% Memory free
7.83 Gb Paging File | 5.53 Gb Available in Paging File | 70.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.00 Gb Total Space | 36.43 Gb Free Space | 36.43% Space Free | Partition Type: NTFS
Drive D: | 177.46 Gb Total Space | 59.85 Gb Free Space | 33.72% Space Free | Partition Type: NTFS
 
Computer Name: DOM-KOMPUTER | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days
 
========== Processes (All) ==========
 
PRC - [2013/01/12 01:53:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dom\Downloads\OTL.exe
PRC - [2013/01/10 23:04:29 | 000,917,552 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/01/10 23:04:25 | 000,017,456 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2012/12/12 19:43:30 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
PRC - [2012/11/27 16:18:35 | 011,489,280 | ---- | M] () -- C:\Users\Dom\Downloads\Special-Sro+Game+ver+196\Special-Sro Game\sro_client.exe
PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/23 17:23:24 | 004,031,368 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/02/23 17:23:21 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/01/04 13:22:40 | 000,822,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
PRC - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/02/01 22:24:40 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 22:24:38 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/11/03 20:01:34 | 000,983,104 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2010/11/03 20:01:20 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2010/11/03 19:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010/11/03 19:53:06 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
PRC - [2010/09/30 02:05:32 | 000,048,752 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
 
 
========== Modules (All) ==========
 
MOD - [2013/01/12 01:53:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dom\Downloads\OTL.exe
MOD - [2013/01/10 23:04:29 | 000,917,552 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MOD - [2013/01/10 23:04:29 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
MOD - [2013/01/10 23:04:28 | 002,850,864 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
MOD - [2013/01/10 23:04:28 | 000,277,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MOD - [2013/01/10 23:04:27 | 003,021,872 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/01/10 23:04:27 | 000,814,128 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
MOD - [2013/01/10 23:04:27 | 000,142,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
MOD - [2013/01/10 23:04:27 | 000,016,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MOD - [2013/01/10 23:04:26 | 000,642,096 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MOD - [2013/01/10 23:04:26 | 000,375,344 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MOD - [2013/01/10 23:04:26 | 000,172,080 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
MOD - [2013/01/10 23:04:26 | 000,104,496 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
MOD - [2013/01/10 23:04:26 | 000,091,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MOD - [2013/01/10 23:04:26 | 000,022,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll
MOD - [2013/01/10 23:04:26 | 000,021,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll
MOD - [2013/01/10 23:04:25 | 000,155,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
MOD - [2013/01/10 23:04:25 | 000,152,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MOD - [2013/01/10 23:04:25 | 000,092,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll
MOD - [2013/01/10 23:04:25 | 000,017,456 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
MOD - [2013/01/10 23:04:24 | 017,798,192 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll
MOD - [2013/01/10 23:04:24 | 000,019,504 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
MOD - [2013/01/03 11:42:08 | 000,042,840 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\13011101\uiext.dll
MOD - [2012/12/12 19:43:30 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
MOD - [2012/12/12 19:43:28 | 014,586,296 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
MOD - [2012/11/29 09:25:45 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCR100.dll
MOD - [2012/11/29 09:25:45 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCP100.dll
MOD - [2012/11/27 16:18:35 | 011,489,280 | ---- | M] () -- C:\Users\Dom\Downloads\Special-Sro+Game+ver+196\Special-Sro Game\sro_client.exe
MOD - [2012/11/22 22:02:33 | 000,458,752 | ---- | M] (Joymax) -- C:\Users\Dom\Downloads\Special-Sro+Game+ver+196\Special-Sro Game\GFXFileManager.dll
MOD - [2012/11/22 18:57:06 | 000,070,248 | ---- | M] (Initex) -- C:\Windows\SysWOW64\PrxerDrv.dll
MOD - [2012/11/22 18:57:06 | 000,056,424 | ---- | M] () -- C:\Windows\SysWOW64\PrxerNsp.dll
MOD - [2012/06/29 01:27:10 | 009,737,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012/06/29 01:09:32 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012/06/29 01:09:01 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012/06/29 01:06:35 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2012/06/29 01:01:33 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012/06/04 11:28:38 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2012/06/04 11:28:25 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012/06/04 11:28:25 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012/06/02 05:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2012/06/02 05:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2012/06/02 05:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2012/05/05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2012/04/24 05:36:42 | 001,158,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012/03/03 06:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012/03/01 06:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012/02/23 17:23:34 | 000,227,608 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll
MOD - [2012/02/23 17:23:34 | 000,095,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll
MOD - [2012/02/23 17:23:24 | 004,031,368 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2012/02/23 17:23:21 | 004,673,064 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2012/02/23 17:23:20 | 000,210,080 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2012/02/23 17:23:17 | 000,399,088 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2012/02/23 17:23:17 | 000,027,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2012/02/23 17:23:16 | 000,216,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2012/02/23 17:23:16 | 000,213,176 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2012/02/23 17:23:16 | 000,120,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MOD - [2012/02/23 17:23:15 | 002,111,448 | ---- | M] (AVAST! Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll
MOD - [2012/02/23 17:23:15 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2012/02/23 17:23:14 | 000,337,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2012/02/23 17:23:14 | 000,184,872 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2012/02/23 17:23:14 | 000,164,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2012/02/23 17:23:14 | 000,098,864 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2012/02/23 17:23:14 | 000,050,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2012/02/23 17:23:13 | 000,405,256 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2012/02/23 17:23:13 | 000,153,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2012/02/23 17:23:13 | 000,062,272 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2012/02/23 17:23:10 | 000,345,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2012/02/23 17:23:10 | 000,097,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2012/01/04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011/12/16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011/11/17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011/08/27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011/08/27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011/07/16 05:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011/07/16 05:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011/05/24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011/05/24 11:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011/05/24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011/04/15 03:01:50 | 006,278,656 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igdumd32.dll
MOD - [2011/04/15 02:58:12 | 000,577,024 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igdumdx32.dll
MOD - [2011/04/15 02:48:12 | 012,297,216 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igd10umd32.dll
MOD - [2011/04/12 02:40:48 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011/04/12 02:40:42 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2011/03/03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011/02/19 23:03:12 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp100.dll
MOD - [2011/02/19 00:40:50 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll
MOD - [2010/11/21 04:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010/11/21 04:24:51 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bthprops.cpl
MOD - [2010/11/21 04:24:50 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll
MOD - [2010/11/21 04:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010/11/21 04:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010/11/21 04:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010/11/21 04:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010/11/21 04:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010/11/21 04:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010/11/21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010/11/21 04:24:23 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010/11/21 04:24:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010/11/21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010/11/21 04:24:16 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010/11/21 04:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010/11/21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010/11/21 04:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010/11/21 04:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010/11/21 04:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010/11/21 04:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010/11/21 04:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010/11/21 04:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010/11/21 04:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010/11/21 04:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010/11/21 04:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010/11/21 04:24:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010/11/21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010/11/21 04:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010/11/21 04:24:08 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010/11/21 04:24:08 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010/11/21 04:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010/11/21 04:24:08 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010/11/21 04:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010/11/21 04:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010/11/21 04:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010/11/21 04:24:02 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010/11/21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010/11/21 04:24:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2010/11/21 04:24:01 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010/11/21 04:24:01 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010/11/21 04:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010/11/21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010/11/21 04:23:55 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010/11/21 04:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010/11/21 04:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010/11/21 04:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010/11/21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010/11/21 04:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010/11/21 04:23:51 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010/11/21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010/11/21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010/11/21 04:23:48 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010/11/21 04:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010/11/03 19:53:06 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
MOD - [2010/09/30 02:05:32 | 000,048,752 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
MOD - [2010/09/30 02:05:32 | 000,038,512 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\BrightMgr.dll
MOD - [2010/09/30 02:05:32 | 000,036,464 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\VFuj02b1.dll
MOD - [2010/09/30 02:05:32 | 000,020,080 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\fuj02b1.dll
MOD - [2010/09/21 22:03:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MOD - [2009/07/14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009/07/14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009/07/14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009/07/14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009/07/14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009/07/14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009/07/14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009/07/14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009/07/14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009/07/14 02:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009/07/14 02:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009/07/14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009/07/14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009/07/14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009/07/14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009/07/14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009/07/14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009/07/14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009/07/14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009/07/14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009/07/14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009/07/14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009/07/14 02:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009/07/14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009/07/14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009/07/14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009/07/14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009/07/14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009/07/14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009/07/14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009/07/14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009/07/14 02:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll
MOD - [2009/07/14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009/07/14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009/07/14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009/07/14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009/07/14 02:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009/07/14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll
MOD - [2009/07/14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009/07/14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009/07/14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009/07/14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009/07/14 02:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009/07/14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009/07/14 02:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009/07/14 02:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009/07/14 02:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009/07/14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009/07/14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009/07/14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009/07/14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009/07/14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009/07/14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009/07/14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 02:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWOW64\l3codeca.acm
MOD - [2009/07/14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009/07/14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009/07/14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009/07/14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2008/10/15 05:22:52 | 000,452,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3dx10_40.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013/01/10 23:04:27 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/12 19:43:31 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/10 17:29:46 | 002,465,712 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/11/14 14:04:49 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/23 10:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/18 08:44:21 | 000,654,944 | ---- | M] (Wellbia.com Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\xsherlock.xem -- (xsherlock)
SRV - [2012/07/08 23:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/06/11 11:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012/05/15 20:54:13 | 004,295,288 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012/04/13 09:17:10 | 002,143,552 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/06/17 18:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2011/02/01 22:24:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 22:24:38 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/03 20:01:34 | 000,983,104 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010/11/03 20:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010/11/03 19:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012/03/29 14:55:26 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.just-browse.info/
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=f789b49d-d7d0-4252-b1e6-e9222ac6740b&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKLM\..\SearchScopes\{44E64640-79DC-4EDB-A142-148282A6B88D}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.just-browse.info/?l=1&q={searchTerms}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.com/ig/redirectd [Binary data over 200 bytes]
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 23570767
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =  [binary data]
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=110824&tt=4712_5&babsrc=HP_ss&mntrId=ae31ac310000000000004c809354accd
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=f789b49d-d7d0-4252-b1e6-e9222ac6740b&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=f789b49d-d7d0-4252-b1e6-e9222ac6740b&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=f789b49d-d7d0-4252-b1e6-e9222ac6740b&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110824&tt=4712_5&babsrc=SP_ss&mntrId=ae31ac310000000000004c809354accd
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.just-browse.info/?l=1&q={searchTerms}
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 147.102.16.69:3128
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "WebSearch"
FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: "http://websearch.just-browse.info/?l=1&q="
FF - prefs.js..browser.search.order.1: "WebSearch"
FF - prefs.js..browser.search.order.1,S: S", "WebSearch"
FF - prefs.js..browser.search.selectedEngine: "WebSearch"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"
FF - prefs.js..browser.startup.homepage: "https://www.google.pl/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
FF - prefs.js..keyword.URL: "http://websearch.just-browse.info/?l=1&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "WebSearch"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "WebSearch"
FF - prefs.js..browser.startup.homepage: "http://websearch.just-browse.info/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://websearch.just-browse.info/?l=1&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dom\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dom\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/04 10:15:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ocr@babylon.com: C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com [2012/12/31 14:22:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/01/05 02:36:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/10 23:04:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/10 23:04:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/10 23:04:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/10 23:04:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Dom\AppData\Roaming\IDM\idmmzcc3
 
[2013/01/02 18:43:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\mozilla\Extensions
[2013/01/05 00:32:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\mozilla\Firefox\Profiles\xmwk5cuo.default\Extensions
[2013/01/05 00:32:48 | 000,000,000 | ---D | M] (Browse2save) -- C:\Users\Dom\AppData\Roaming\mozilla\Firefox\Profiles\xmwk5cuo.default\Extensions\50e76b2c4f976@50e76b2c4f9af.com
[2013/01/05 00:32:34 | 000,000,556 | ---- | M] () -- C:\Users\Dom\AppData\Roaming\mozilla\firefox\profiles\xmwk5cuo.default\searchplugins\WebSearch.xml
[2013/01/10 23:04:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013/01/10 23:04:29 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/29 11:00:09 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012/11/24 20:12:52 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/11/29 11:00:09 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012/11/29 11:00:09 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012/11/29 11:00:09 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012/11/29 11:00:09 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012/11/29 11:00:09 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
========== Chrome  ==========
 
CHR - homepage: http://websearch.just-browse.info/
CHR - default_search_provider: WebSearch (Enabled)
CHR - default_search_provider: search_url = http://websearch.just-browse.info/?l=1&q={searchTerms}
CHR - default_search_provider: suggest_url = http://websearch.just-browse.info/?l=1&q={searchTerms}
CHR - homepage: http://websearch.just-browse.info/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - Extension: Proxy Switchy! = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\caehdcpeofiiigpdhbabniblemipncjj\1.6.3_0\
CHR - Extension: Truck Simulator Games = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdkaapdgobfkddbmbagoehodkgbknlhc\1.8_0\
CHR - Extension: Truck Simulator Games = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdkaapdgobfkddbmbagoehodkgbknlhc\1.8_0\.bak
CHR - Extension: Browse2save = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbfhopckfgpnpegccojniaelnihenpm\1\
CHR - Extension: Don't Starve = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc\1.0.0.37_0\
CHR - Extension: avast! WebRep = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1407_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Clash of the Dragons = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmdphihkopbepogaialenmgoacnpmffo\1.1_0\
CHR - Extension: Adres IP = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcijdkkommbhnpohidhdpkhendgcpamf\0.4_0\
CHR - Extension: Simple Startup Password = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojoalkffommhmdmbohjphohoejjmgepc\1.0_0\
CHR - Extension: Fishing Champion = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcdplgchgghnahkmoeibomjpbikclka\2.0_0\
 
O1 HOSTS File: ([2010/09/11 16:19:05 | 000,000,732 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Dom\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (Trend Media Group)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Dom\AppData\Roaming\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk =  File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm ()
O8 - Extra context menu item: Download all videos by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallflvurl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm ()
O8 - Extra context menu item: Download current video by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetflvurl.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\SysWOW64\PrxerNsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2848B855-D0DD-43E7-BD1E-895ADA4300FF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5EE4F17-47DE-401E-AD42-715828982B42}: DhcpNameServer = 8.8.8.8
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\flashget3.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hamachi-2-ui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\steam.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\unite.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{41eb6bbb-f41d-11e1-bdca-de02d1722adf}\Shell - "" = AutoRun
O33 - MountPoints2\{41eb6bbb-f41d-11e1-bdca-de02d1722adf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.hta
O33 - MountPoints2\{ab24e615-ccbe-11e1-b9c4-5c9ad85e122e}\Shell - "" = AutoRun
O33 - MountPoints2\{ab24e615-ccbe-11e1-b9c4-5c9ad85e122e}\Shell\AutoRun\command - "" = F:\AidemMediaSplash.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within (All) ==========
 
[2013/01/11 17:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
[2013/01/11 17:21:00 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TunnelBear
[2013/01/11 15:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013/01/10 23:04:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/01/08 10:06:06 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Podatnik.info
[2013/01/08 09:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Program PIT 2012-2013
[2013/01/08 09:58:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Podatnik.info Sp z o.o
[2013/01/05 20:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EGCabal Online
[2013/01/05 14:55:21 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Wise Disk Cleaner
[2013/01/05 14:54:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
[2013/01/05 14:54:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise
[2013/01/05 02:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/01/05 02:36:44 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2013/01/05 02:36:44 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/01/05 01:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SerenityGamerZ
[2013/01/05 01:44:12 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\Avg2013
[2013/01/05 00:32:37 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\SendSpace
[2013/01/05 00:32:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2013/01/05 00:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowseToSave
[2013/01/05 00:32:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Browse2save
[2013/01/05 00:31:43 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013/01/02 18:42:57 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Mozilla
[2013/01/02 18:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/01/02 18:38:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013/01/02 18:38:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013/01/02 10:50:14 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\Raiderz
[2013/01/02 10:25:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaiderZ
[2012/12/31 14:22:54 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\ObviousIdea
[2012/12/31 14:21:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Babylon
[2012/12/31 14:20:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ObviousIdea
[2012/12/30 23:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012/12/30 23:15:58 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\MFAData
[2012/12/30 23:15:58 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/12/30 21:42:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2012/12/30 18:08:47 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Skype
[2012/12/30 18:08:32 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/12/30 18:08:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/12/30 18:08:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/12/30 18:08:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/12/30 17:56:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
[2012/12/30 17:56:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.2
[2012/12/25 14:13:47 | 000,000,000 | ---D | C] -- C:\Downloads
[2012/12/20 17:05:43 | 000,000,000 | -HSD | C] -- C:\found.002
[2012/12/20 12:47:49 | 000,185,720 | ---- | C] (Корпорация Майкрософт) -- C:\Users\Dom\wgsdgsdgdsgsd.dll
[2012/12/19 09:15:39 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/12/19 09:15:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2012/12/18 14:05:57 | 000,126,336 | ---- | C] (Copyright (C) GameCap) -- C:\Windows\SysWow64\gamelsp.dll
[2012/12/18 13:46:08 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\FlashgetSetup
[2012/12/18 13:46:08 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlashGet3.7
[2012/12/18 13:46:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashGet3.7
[2012/12/18 13:46:08 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\BITS
[2012/12/18 13:45:56 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\FlashGetBHO
[2012/12/18 13:45:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashGet Network
[2012/12/18 13:45:52 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\FlashGet
[2012/12/16 14:46:23 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Proxifier
[2012/12/16 14:46:13 | 000,091,240 | ---- | C] (Initex) -- C:\Windows\SysWow64\ProxifierShellExt.dll
[2012/12/16 14:46:13 | 000,070,248 | ---- | C] (Initex) -- C:\Windows\SysWow64\PrxerDrv.dll
[2012/12/16 14:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxifier
[2012/12/16 14:46:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Proxifier
[2012/12/14 11:37:30 | 000,000,000 | ---D | C] -- C:\ProgramData\3DMGAME
[2012/12/13 18:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Connectify
[2012/12/12 00:34:23 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\YourFileDownloader
[2012/12/12 00:34:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YourFileDownloader
[2012/12/12 00:30:33 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\Microsoft Help
[2012/12/12 00:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/12/11 19:36:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012/12/11 19:36:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012/12/06 14:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2012/12/06 14:41:55 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\Programs
[2012/12/06 11:47:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012/11/30 14:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
[2012/11/30 14:22:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoIt3
[2012/11/29 17:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremiumSoft
[2012/11/28 17:25:10 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\bin
[2012/11/28 17:25:09 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\.snap
[2012/11/28 00:58:33 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\Metin2Tools
[2012/11/26 16:32:37 | 000,000,000 | ---D | C] -- C:\Users\Dom\Desktop\Nowy folder (2)
[2012/11/24 20:14:39 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\LogMeIn Hamachi
[2012/11/18 10:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AidemMedia
[2012/11/18 10:51:32 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Aidem Media
[2012/11/14 21:49:22 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\assembly
[2012/11/14 21:48:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCSoft
[2012/11/14 10:14:05 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nokia
[2012/11/14 10:13:59 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\Nokia
[2012/11/14 09:43:00 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\PC Suite
[2012/11/14 09:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2012/11/14 09:42:59 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Nokia
[2012/11/14 09:40:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2012/11/14 09:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2012/11/14 09:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2012/11/13 11:35:02 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NFS Most Wanted PL
[2012/11/13 11:29:19 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\NFS Most Wanted
[2012/11/10 10:47:02 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\Two Worlds Saves
[2012/11/07 17:21:26 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\Bioshock
[2012/11/07 02:40:35 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\NFS Undercover
[2012/11/05 19:46:34 | 000,000,000 | ---D | C] -- C:\Users\Dom\Desktop\Nowy folder
[2012/11/05 15:45:31 | 004,295,288 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2012/11/01 10:11:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2012/09/18 10:38:45 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\My Cheat Tables
[2012/09/17 08:47:19 | 000,000,000 | ---D | C] -- C:\Windows\4StoryEG
[2012/09/12 10:52:05 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\GTA San Andreas User Files
[2012/09/06 11:12:44 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\18 WoS Convoy
[2012/09/02 19:55:13 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\18 WoS Extreme Trucker 2
[2012/09/02 18:04:02 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\SCANIA Truck Driving Simulator
[2012/08/30 15:05:36 | 000,000,000 | ---D | C] -- C:\Users\Dom\Desktop\Nowy folder (3)
[2012/08/27 12:18:10 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\Diablo III
[2012/08/25 22:01:10 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\Two Worlds files
[2012/08/25 17:27:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Runic
[2012/08/25 15:11:02 | 000,000,000 | -HSD | C] -- C:\found.001
[2012/08/23 10:53:08 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\Downloads
[2012/08/20 18:52:04 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\Navicat
[2012/08/11 21:13:10 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/08/11 09:47:19 | 000,000,000 | R--D | C] -- C:\Users\Dom\Documents\Notes
[2012/08/10 10:36:29 | 000,000,000 | R--D | C] -- C:\Sandbox
[2012/08/09 09:13:48 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/08/08 15:40:55 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\skrillex-music-bangarang-ipad-iphone-hd-free-438685.jpg
[2012/08/02 13:04:42 | 000,000,000 | ---D | C] -- C:\Download
[2012/08/02 13:04:26 | 000,000,000 | ---D | C] -- C:\Nexon
[2012/08/02 13:04:25 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2012/07/18 11:48:00 | 000,000,000 | ---D | C] -- C:\gPotato.eu
[2012/07/18 08:44:19 | 000,654,944 | ---- | C] (Wellbia.com Co., Ltd.) -- C:\Windows\SysWow64\xsherlock.xem
[2012/07/18 08:43:56 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\C9
[2012/07/13 08:50:38 | 000,000,000 | ---D | C] -- C:\Users\Dom\Desktop\BOLEK I LOLEK LITERKI
[2012/07/09 14:06:48 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\My Games
[2012/06/28 20:38:54 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/06/07 08:14:21 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/06/05 07:16:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/06/04 16:56:25 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\Youcam
[2012/06/04 10:15:04 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/06/04 10:12:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/06/04 09:50:20 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/06/04 09:41:06 | 000,000,000 | -HSD | C] -- C:\Users\Dom\Documents\Moje wideo
[2012/06/04 09:41:06 | 000,000,000 | -HSD | C] -- C:\Users\Dom\Documents\Moje obrazy
[2012/06/04 09:41:06 | 000,000,000 | -HSD | C] -- C:\Users\Dom\Documents\Moja muzyka
[2012/05/31 22:56:02 | 000,662,016 | ---- | C] (Sonix) -- C:\Windows\vsnp2uvc.exe
[2012/05/31 22:56:02 | 000,306,176 | ---- | C] (Sonix Technology Co., Ltd.) -- C:\Windows\SysWow64\vsnp2uvc.dll
[2012/05/31 22:50:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/05/13 04:12:42 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/05/12 08:28:15 | 000,000,000 | ---D | C] -- C:\Windows\sk
[2011/05/12 08:28:12 | 000,000,000 | ---D | C] -- C:\Windows\pl
[2011/05/12 08:28:09 | 000,000,000 | ---D | C] -- C:\Windows\cs
[2011/05/12 08:28:06 | 000,000,000 | ---D | C] -- C:\Windows\es
[2011/05/12 08:28:02 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2011/05/12 08:28:00 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/05/12 08:26:15 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/05/12 08:05:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2011/05/12 08:01:45 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/05/12 07:59:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011/05/12 07:58:56 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2011/05/12 07:45:52 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2011/05/12 07:45:50 | 000,000,000 | ---D | C] -- C:\Intel
[2011/05/11 15:20:19 | 000,000,000 | ---D | C] -- C:\Fujitsu
[2011/04/12 18:19:19 | 000,000,000 | ---D | C] -- C:\Windows\pt-PT
[2011/04/12 18:07:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\pl-PL
[2011/04/12 18:07:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pl
[2011/04/12 18:07:06 | 000,000,000 | ---D | C] -- C:\Windows\pl-PL
[2011/04/12 17:55:50 | 000,000,000 | ---D | C] -- C:\Windows\fr-FR
[2011/04/12 17:44:07 | 000,000,000 | ---D | C] -- C:\Windows\es-ES
[2011/04/12 17:33:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2011/04/12 17:21:25 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/04/12 01:18:22 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011/02/10 02:45:48 | 000,107,816 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll
[2011/02/10 02:45:46 | 000,206,120 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll
[2011/02/10 02:45:46 | 000,173,352 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll
[2010/11/21 08:16:47 | 000,000,000 | ---D | C] -- C:\Windows\ShellNew
[2010/11/21 08:16:47 | 000,000,000 | ---D | C] -- C:\Windows\ehome
[2010/11/21 08:06:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\winrm
[2010/11/21 08:06:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WCN
[2010/11/21 08:06:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF
[2010/11/21 08:06:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sysprep
[2010/11/21 08:06:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\slmgr
[2010/11/21 08:06:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Printing_Admin_Scripts
[2010/11/21 08:06:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF\en-US
[2010/11/21 08:06:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\en-US
[2010/11/21 08:06:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en
[2010/11/21 08:06:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0409
[2010/11/21 04:24:33 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2009/07/14 06:37:46 | 000,000,000 | ---D | C] -- C:\Windows\en-US
[2009/07/14 06:37:46 | 000,000,000 | ---D | C] -- C:\Windows\DigitalLocker
[2009/07/14 06:32:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell
[2009/07/14 06:32:38 | 000,000,000 | ---D | C] -- C:\Windows\twain_32
[2009/07/14 06:32:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\restore
[2009/07/14 06:32:38 | 000,000,000 | ---D | C] -- C:\Windows\Performance
[2009/07/14 06:32:38 | 000,000,000 | ---D | C] -- C:\Windows\Offline Web Pages
[2009/07/14 06:32:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\LogFiles
[2009/07/14 06:32:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\FxsTmp
[2009/07/14 06:32:38 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Program Files
[2009/07/14 06:32:38 | 000,000,000 | ---D | C] -- C:\Windows\diagnostics
[2009/07/14 06:32:38 | 000,000,000 | ---D | C] -- C:\Windows\addins
[2009/07/14 06:08:56 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2009/07/14 06:08:56 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2009/07/14 06:08:56 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2009/07/14 06:08:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2009/07/14 05:45:54 | 000,000,000 | ---D | C] -- C:\Windows\debug
[2009/07/14 05:45:50 | 000,000,000 | ---D | C] -- C:\Windows\Setup
[2009/07/14 05:45:47 | 000,000,000 | ---D | C] -- C:\Windows\ServiceProfiles
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-TW
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-HK
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-CN
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\winsxs
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\Web
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\wdi
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\wbem
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\Vss
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\uk-UA
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\tr-TR
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\tracing
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\th-TH
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\Tasks
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Tasks
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\TAPI
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWOW64
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sv-SE
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sr-Latn-CS
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sppui
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spp
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Speech
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sl-SI
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sk-SK
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Setup
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ru-RU
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ro-RO
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Recovery
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ras
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pt-PT
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pt-BR
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pl-PL
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\oobe
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\nl-NL
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NetworkList
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NDF
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\nb-NO
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MUI
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Msdtc
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\migwiz
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\migration
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\manifeststore
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\lv-LV
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\lt-LT
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ko-KR
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ja-JP
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\it-IT
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\InstallShield
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\inetsrv
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\IME
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\icsxml
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\hu-HU
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\hr-HR
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\he-IL
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\GroupPolicyUsers
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\GroupPolicy
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr-FR
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fi-FI
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\et-EE
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\es-ES
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en-US
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\el-GR
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\DriverStore
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Dism
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de-DE
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\da-DK
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\cs-CZ
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\config
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\com
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\catroot2
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\catroot
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\bg-BG
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ar-SA
[2009/07/14 04:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AdvancedInstallers
[2009/07/14 04:20:10 | 000,000,000 | R-SD | C] -- C:\Windows\Media
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\System32
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\system
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\Speech
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\servicing
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\security
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\schemas
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\SchCache
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\Resources
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\rescache
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\Registration
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\PolicyDefinitions
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\PLA
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\ModemLogs
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft.NET
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\Logs
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\LiveKernelReports
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\L2Schemas
[2009/07/14 04:20:10 | 000,000,000 | ---D | C] -- C:\Windows\inf
[2009/07/14 04:20:09 | 000,000,000 | R-SD | C] -- C:\Windows\Fonts
[2009/07/14 04:20:09 | 000,000,000 | ---D | C] -- C:\Windows\IME
[2009/07/14 04:20:09 | 000,000,000 | ---D | C] -- C:\Windows\Help
[2009/07/14 04:20:09 | 000,000,000 | ---D | C] -- C:\Windows\Globalization
[2009/07/14 04:20:09 | 000,000,000 | ---D | C] -- C:\Windows\Cursors
[2009/07/14 04:20:09 | 000,000,000 | ---D | C] -- C:\Windows\Branding
[2009/07/14 04:20:09 | 000,000,000 | ---D | C] -- C:\Windows\Boot
[2009/07/14 04:20:08 | 000,000,000 | R-SD | C] -- C:\Windows\assembly
[2009/07/14 04:20:08 | 000,000,000 | R--D | C] -- C:\Users
[2009/07/14 04:20:08 | 000,000,000 | R--D | C] -- C:\Program Files
[2009/07/14 04:20:08 | 000,000,000 | R--D | C] -- C:\Program Files (x86)
[2009/07/14 04:20:08 | 000,000,000 | -H-D | C] -- C:\ProgramData
[2009/07/14 04:20:08 | 000,000,000 | ---D | C] -- C:\Windows
[2009/07/14 04:20:08 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2009/07/14 04:20:08 | 000,000,000 | ---D | C] -- C:\Windows\AppPatch
[2009/07/14 04:20:08 | 000,000,000 | ---D | C] -- C:\Windows\AppCompat
 
========== Files - Modified Within (All) ==========
 
[2013/01/12 01:58:43 | 005,767,168 | -HS- | M] () -- C:\Users\Dom\NTUSER.DAT
[2013/01/11 21:01:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2013/01/11 21:01:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/11 20:56:46 | 001,372,067 | -H-- | M] () -- C:\Users\Dom\AppData\Local\IconCache.db
[2013/01/11 17:21:03 | 000,001,008 | ---- | M] () -- C:\Users\Dom\Desktop\TunnelBear.lnk
[2013/01/11 15:15:50 | 000,222,409 | ---- | M] () -- C:\Users\Dom\Desktop\11111.jpg
[2013/01/08 09:58:33 | 000,002,651 | ---- | M] () -- C:\Users\Public\Desktop\Program PIT 2012-2013.lnk
[2013/01/06 17:55:10 | 000,377,600 | ---- | M] () -- C:\Users\Dom\Desktop\haha.jpg
[2013/01/05 14:54:52 | 000,001,210 | ---- | M] () -- C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
[2013/01/05 14:39:35 | 000,262,676 | ---- | M] () -- C:\Users\Dom\Desktop\pppppp.jpg
[2013/01/05 02:37:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/01/05 02:30:37 | 000,001,695 | ---- | M] () -- C:\Users\Dom\Desktop\SG Cabal Online — skrót.lnk
[2013/01/05 02:30:31 | 000,057,944 | ---- | M] () -- C:\Users\Dom\AppData\Local\GDIPFONTCACHEV1.DAT
[2013/01/02 18:42:50 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/01/02 10:25:33 | 000,000,937 | ---- | M] () -- C:\Users\Dom\Desktop\RaiderZ.lnk
[2012/12/31 14:37:17 | 000,135,686 | ---- | M] () -- C:\Users\Dom\Desktop\Raiderz_Artwork3.jpg
[2012/12/28 23:18:01 | 000,241,881 | ---- | M] () -- C:\Users\Dom\Desktop\p;p;p.jpg
[2012/12/20 17:07:08 | 000,006,896 | ---- | M] () -- C:\bootsqm.dat
[2012/12/20 12:57:01 | 095,023,320 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012/12/20 12:51:30 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/20 12:47:49 | 000,185,720 | ---- | M] (Корпорация Майкрософт) -- C:\Users\Dom\wgsdgsdgdsgsd.dll
[2012/12/20 12:43:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/20 12:21:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-323826620-2306945312-2335366591-1000UA.job
[2012/12/20 12:10:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/19 18:21:01 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-323826620-2306945312-2335366591-1000Core.job
[2012/12/18 14:14:07 | 000,000,380 | ---- | M] () -- C:\Windows\SysWow64\secustat.dat
[2012/12/18 14:05:57 | 000,126,336 | ---- | M] (Copyright (C) GameCap) -- C:\Windows\SysWow64\gamelsp.dll
[2012/12/18 14:03:37 | 000,001,184 | ---- | M] () -- C:\Windows\SysWow64\secushr.dat
[2012/12/18 13:49:54 | 000,000,025 | ---- | M] () -- C:\Windows\emcore.INI
[2012/12/16 14:46:13 | 000,001,025 | ---- | M] () -- C:\Users\Dom\Desktop\Proxifier.lnk
[2012/11/30 14:23:36 | 000,000,061 | ---- | M] () -- C:\Users\Dom\SciTEUser.properties
[2012/11/28 13:10:26 | 000,243,018 | ---- | M] () -- C:\Users\Dom\Desktop\ttt.jpg
[2012/11/22 18:57:06 | 000,091,240 | ---- | M] (Initex) -- C:\Windows\SysWow64\ProxifierShellExt.dll
[2012/11/22 18:57:06 | 000,070,248 | ---- | M] (Initex) -- C:\Windows\SysWow64\PrxerDrv.dll
[2012/11/22 18:57:06 | 000,056,424 | ---- | M] () -- C:\Windows\SysWow64\PrxerNsp.dll
[2012/11/20 16:13:30 | 048,179,170 | ---- | M] () -- C:\Users\Dom\game
[2012/11/13 10:42:20 | 000,183,112 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/11/07 02:40:21 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/10/26 18:15:23 | 001,640,270 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/15 15:15:17 | 000,000,320 | ---- | M] () -- C:\Users\Dom\SciTE.session
[2012/09/19 10:02:14 | 001,589,248 | ---- | M] () -- C:\Windows\SysWow64\libmysql_d.dll
[2012/08/29 05:17:49 | 001,048,576 | -HS- | M] () -- C:\Users\Dom\NTUSER.DAT{aa477174-cc34-11e1-b3c4-5c9ad85e122e}.TxR.2.regtrans-ms
[2012/08/29 05:17:49 | 001,048,576 | -HS- | M] () -- C:\Users\Dom\NTUSER.DAT{aa477174-cc34-11e1-b3c4-5c9ad85e122e}.TxR.1.regtrans-ms
[2012/08/29 05:17:49 | 001,048,576 | -HS- | M] () -- C:\Users\Dom\NTUSER.DAT{aa477174-cc34-11e1-b3c4-5c9ad85e122e}.TxR.0.regtrans-ms
[2012/08/29 05:17:49 | 000,065,536 | -HS- | M] () -- C:\Users\Dom\NTUSER.DAT{aa477174-cc34-11e1-b3c4-5c9ad85e122e}.TxR.blf
[2012/08/21 20:57:23 | 000,000,600 | ---- | M] () -- C:\Users\Dom\AppData\Local\PUTTY.RND
[2012/08/16 19:13:44 | 000,015,772 | RHS- | M] () -- C:\Users\Dom\tiuopu.exe
[2012/08/13 10:04:34 | 000,000,608 | ---- | M] () -- C:\user.js
[2012/08/10 12:46:14 | 000,001,638 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2012/08/09 12:42:20 | 000,000,219 | ---- | M] () -- C:\Windows\system.ini
[2012/08/08 15:50:45 | 000,041,309 | ---- | M] () -- C:\Users\Dom\Desktop\skrillex.jpg
[2012/08/08 15:32:26 | 000,176,017 | ---- | M] () -- C:\Users\Dom\Desktop\Skrillex-Bangarang-EP.jpg
[2012/08/02 13:45:55 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2012/08/02 13:45:55 | 000,000,235 | ---- | M] () -- C:\Windows\SysWow64\nxEuUninstall.bat
[2012/07/18 08:44:21 | 000,654,944 | ---- | M] (Wellbia.com Co., Ltd.) -- C:\Windows\SysWow64\xsherlock.xem
[2012/07/12 17:53:19 | 000,524,288 | -HS- | M] () -- C:\Users\Dom\NTUSER.DAT{aa477175-cc34-11e1-b3c4-5c9ad85e122e}.TMContainer00000000000000000002.regtrans-ms
[2012/07/12 17:53:19 | 000,524,288 | -HS- | M] () -- C:\Users\Dom\NTUSER.DAT{aa477175-cc34-11e1-b3c4-5c9ad85e122e}.TMContainer00000000000000000001.regtrans-ms
[2012/07/12 17:53:19 | 000,065,536 | -HS- | M] () -- C:\Users\Dom\NTUSER.DAT{aa477175-cc34-11e1-b3c4-5c9ad85e122e}.TM.blf
[2012/06/06 19:55:24 | 000,001,104 | ---- | M] () -- C:\Users\Dom\Desktop\TuneUp Konserwacja 1 kliknięciem.lnk
[2012/06/04 17:53:42 | 000,003,392 | ---- | M] () -- C:\WirelessDiagLog.csv
[2012/06/04 17:36:48 | 000,151,249 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/06/04 10:15:04 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/06/04 09:55:00 | 000,524,288 | -HS- | M] () -- C:\Users\Dom\NTUSER.DAT{a00e996f-7c64-11e0-97d8-e5d5d5fc43bc}.TMContainer00000000000000000002.regtrans-ms
[2012/06/04 09:55:00 | 000,524,288 | -HS- | M] () -- C:\Users\Dom\NTUSER.DAT{a00e996f-7c64-11e0-97d8-e5d5d5fc43bc}.TMContainer00000000000000000001.regtrans-ms
[2012/06/04 09:55:00 | 000,065,536 | -HS- | M] () -- C:\Users\Dom\NTUSER.DAT{a00e996f-7c64-11e0-97d8-e5d5d5fc43bc}.TM.blf
[2012/06/04 09:50:38 | 000,001,123 | ---- | M] () -- C:\Users\Dom\Desktop\CyberLink YouCam.lnk
[2012/06/04 09:48:44 | 000,000,012 | ---- | M] () -- C:\Windows\SysWow64\drivers\10CF_FUJITSU_FTS_LIFEBOOK AH531_PI_FUJITSU_FJNBB0F_Default System BIOS_FUJ - 1_1.27_Intel(R) HD Graphics Family.MRK
[2012/06/04 09:42:52 | 000,001,280 | ---- | M] () -- C:\Windows\SysWow64\TRACE.trace
[2012/05/15 20:54:13 | 004,295,288 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2012/02/23 17:23:26 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/02/23 17:23:21 | 000,201,352 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/02/17 16:14:06 | 000,000,038 | ---- | M] () -- C:\Users\Dom\abbrev.properties
[2012/02/17 15:02:02 | 000,000,000 | ---- | M] () -- C:\Users\Dom\au3.keywords.user.abbreviations.properties
[2012/02/14 21:52:12 | 000,000,027 | ---- | M] () -- C:\Users\Dom\au3UserAbbrev.properties
[2011/05/12 08:31:58 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/04/15 03:05:50 | 000,218,304 | ---- | M] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/04/15 03:05:50 | 000,145,804 | ---- | M] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/04/15 03:05:48 | 000,963,116 | ---- | M] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/04/15 02:59:48 | 000,056,832 | ---- | M] () -- C:\Windows\SysWow64\igdde32.dll
[2011/04/15 02:33:40 | 013,359,616 | ---- | M] () -- C:\Windows\SysWow64\ig4icd32.dll
[2010/12/23 19:09:18 | 000,053,248 | ---- | M] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2010/11/21 04:24:33 | 000,105,559 | ---- | M] () -- C:\Windows\SysWow64\RacRules.xml
[2010/11/21 04:24:33 | 000,093,696 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2010/11/21 04:23:59 | 000,001,041 | ---- | M] () -- C:\Windows\SysWow64\tcpbidi.xml
[2010/11/21 04:23:48 | 000,419,880 | ---- | M] () -- C:\Windows\SysWow64\locale.nls
[2010/11/21 03:50:53 | 000,000,020 | -HS- | M] () -- C:\Users\Dom\ntuser.ini
[2010/09/30 09:35:38 | 000,306,176 | ---- | M] (Sonix Technology Co., Ltd.) -- C:\Windows\SysWow64\vsnp2uvc.dll
[2010/07/22 08:48:26 | 000,074,064 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2010/03/27 16:22:54 | 000,014,905 | ---- | M] () -- C:\Users\Dom\au3abbrev.properties
[2010/01/02 22:16:12 | 000,000,111 | ---- | M] () -- C:\Users\Dom\au3.UserUdfs.properties
[2010/01/02 22:15:50 | 000,000,000 | ---- | M] () -- C:\Users\Dom\au3.user.calltips.api
[2009/11/19 13:42:50 | 000,107,816 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll
[2009/11/19 13:42:44 | 000,206,120 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll
[2009/11/19 13:42:42 | 000,173,352 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll
[2009/08/13 14:06:00 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe
[2009/08/11 21:18:28 | 000,497,664 | ---- | M] () -- C:\Windows\SysWow64\ac3filter.acm
[2009/07/22 11:08:00 | 000,013,021 | ---- | M] () -- C:\Windows\snp2uvc.src
[2009/07/14 06:09:22 | 000,000,403 | ---- | M] () -- C:\Windows\win.ini
[2009/07/14 05:55:01 | 000,000,535 | ---- | M] () -- C:\Windows\SysWow64\mapisvc.inf
[2009/07/14 05:54:24 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest
[2009/07/14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/14 02:15:00 | 000,064,000 | ---- | M] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 00:06:54 | 000,043,131 | ---- | M] () -- C:\Windows\mib.bin
[2009/07/14 00:06:14 | 000,004,453 | ---- | M] () -- C:\Windows\SysWow64\odbcconf.rsp
[2009/07/13 21:29:26 | 000,000,714 | ---- | M] () -- C:\Windows\SysWow64\RestartManager.mof
[2009/07/13 21:29:26 | 000,000,176 | ---- | M] () -- C:\Windows\SysWow64\RestartManagerUninstall.mof
[2009/06/10 22:48:27 | 000,009,958 | ---- | M] () -- C:\Windows\SysWow64\l_intl.nls
[2009/06/10 22:48:18 | 000,180,770 | ---- | M] () -- C:\Windows\SysWow64\C_20932.NLS
[2009/06/10 22:48:18 | 000,177,698 | ---- | M] () -- C:\Windows\SysWow64\C_20949.NLS
[2009/06/10 22:48:18 | 000,173,602 | ---- | M] () -- C:\Windows\SysWow64\C_20936.NLS
[2009/06/10 22:48:17 | 000,195,618 | ---- | M] () -- C:\Windows\SysWow64\C_10002.NLS
[2009/06/10 22:48:17 | 000,177,698 | ---- | M] () -- C:\Windows\SysWow64\C_10003.NLS
[2009/06/10 22:48:17 | 000,173,602 | ---- | M] () -- C:\Windows\SysWow64\C_10008.NLS
[2009/06/10 22:48:17 | 000,162,850 | ---- | M] () -- C:\Windows\SysWow64\C_10001.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_869.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_866.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_865.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_864.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_863.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_862.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_861.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_860.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_858.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_857.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_855.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_852.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_850.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_775.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_737.NLS
[2009/06/10 22:48:17 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_437.NLS
[2009/06/10 22:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_10082.NLS
[2009/06/10 22:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_10081.NLS
[2009/06/10 22:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_10079.NLS
[2009/06/10 22:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_10029.NLS
[2009/06/10 22:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_10021.NLS
[2009/06/10 22:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_10017.NLS
[2009/06/10 22:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_10010.NLS
[2009/06/10 22:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_10007.NLS
[2009/06/10 22:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_10006.NLS
[2009/06/10 22:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_10005.NLS
[2009/06/10 22:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_10004.NLS
[2009/06/10 22:48:17 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_10000.NLS
[2009/06/10 22:48:16 | 000,189,986 | ---- | M] () -- C:\Windows\SysWow64\C_1361.NLS
[2009/06/10 22:48:16 | 000,187,938 | ---- | M] () -- C:\Windows\SysWow64\C_20005.NLS
[2009/06/10 22:48:16 | 000,186,402 | ---- | M] () -- C:\Windows\SysWow64\C_20001.NLS
[2009/06/10 22:48:16 | 000,185,378 | ---- | M] () -- C:\Windows\SysWow64\C_20003.NLS
[2009/06/10 22:48:16 | 000,180,258 | ---- | M] () -- C:\Windows\SysWow64\C_20004.NLS
[2009/06/10 22:48:16 | 000,180,258 | ---- | M] () -- C:\Windows\SysWow64\C_20000.NLS
[2009/06/10 22:48:16 | 000,173,602 | ---- | M] () -- C:\Windows\SysWow64\C_20002.NLS
[2009/06/10 22:48:16 | 000,139,810 | ---- | M] () -- C:\Windows\SysWow64\C_20261.NLS
[2009/06/10 22:48:16 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_720.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_708.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_28605.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\c_28603.nls
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_28599.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_28598.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_28597.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_28596.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_28595.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_28594.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_28593.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_28592.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_28591.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_21866.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_21027.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20866.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20269.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20127.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20108.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20107.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20106.NLS
[2009/06/10 22:48:16 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20105.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_875.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_870.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_500.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_21025.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20924.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20905.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20880.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20871.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20838.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20833.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20424.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20423.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20420.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20297.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20290.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20285.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20284.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20280.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20278.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20277.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_20273.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1149.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1148.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1147.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1146.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1145.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1144.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1143.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1142.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1141.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1140.NLS
[2009/06/10 22:48:15 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1047.NLS
[2009/06/10 22:48:14 | 000,196,642 | ---- | M] () -- C:\Windows\SysWow64\C_950.NLS
[2009/06/10 22:48:14 | 000,196,642 | ---- | M] () -- C:\Windows\SysWow64\C_949.NLS
[2009/06/10 22:48:14 | 000,196,642 | ---- | M] () -- C:\Windows\SysWow64\C_936.NLS
[2009/06/10 22:48:14 | 000,162,850 | ---- | M] () -- C:\Windows\SysWow64\C_932.NLS
[2009/06/10 22:48:14 | 000,066,594 | ---- | M] () -- C:\Windows\SysWow64\C_874.NLS
[2009/06/10 22:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1258.NLS
[2009/06/10 22:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1257.NLS
[2009/06/10 22:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1256.NLS
[2009/06/10 22:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1255.NLS
[2009/06/10 22:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1254.NLS
[2009/06/10 22:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1253.NLS
[2009/06/10 22:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1252.NLS
[2009/06/10 22:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1251.NLS
[2009/06/10 22:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1250.NLS
[2009/06/10 22:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_1026.NLS
[2009/06/10 22:48:14 | 000,066,082 | ---- | M] () -- C:\Windows\SysWow64\C_037.NLS
[2009/06/10 22:47:11 | 000,047,679 | ---- | M] () -- C:\Windows\SysWow64\diskmgmt.msc
[2009/06/10 22:46:08 | 000,145,640 | ---- | M] () -- C:\Windows\SysWow64\devmgmt.msc
[2009/06/10 22:44:34 | 003,170,304 | ---- | M] () -- C:\Windows\SysWow64\boot.sdi
[2009/06/10 22:43:20 | 000,144,862 | ---- | M] () -- C:\Windows\SysWow64\tpm.msc
[2009/06/10 22:42:07 | 000,004,041 | ---- | M] () -- C:\Windows\SysWow64\xwizard.dtd
[2009/06/10 22:41:29 | 000,211,938 | ---- | M] () -- C:\Windows\SysWow64\lcphrase.tbl
[2009/06/10 22:41:29 | 000,024,114 | ---- | M] () -- C:\Windows\SysWow64\lcptr.tbl
[2009/06/10 22:40:47 | 000,201,034 | ---- | M] () -- C:\Windows\SysWow64\winrm.vbs
[2009/06/10 22:40:47 | 000,004,675 | ---- | M] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2009/06/10 22:40:47 | 000,002,426 | ---- | M] () -- C:\Windows\SysWow64\WsmTxt.xsl
[2009/06/10 22:40:47 | 000,001,559 | ---- | M] () -- C:\Windows\SysWow64\WsmPty.xsl
[2009/06/10 22:40:47 | 000,000,035 | ---- | M] () -- C:\Windows\SysWow64\winrm.cmd
[2009/06/10 22:39:54 | 000,003,577 | ---- | M] () -- C:\Windows\SysWow64\sysprtj.sep
[2009/06/10 22:39:54 | 000,003,214 | ---- | M] () -- C:\Windows\SysWow64\sysprint.sep
[2009/06/10 22:39:53 | 000,000,114 | ---- | M] () -- C:\Windows\SysWow64\pcl.sep
[2009/06/10 22:39:53 | 000,000,051 | ---- | M] () -- C:\Windows\SysWow64\pscript.sep
[2009/06/10 22:39:18 | 000,001,820 | ---- | M] () -- C:\Windows\SysWow64\rasctrnm.h
[2009/06/10 22:38:48 | 000,113,629 | ---- | M] () -- C:\Windows\SysWow64\slmgr.vbs
[2009/06/10 22:38:43 | 000,145,059 | ---- | M] () -- C:\Windows\SysWow64\taskschd.msc
[2009/06/10 22:38:33 | 000,145,127 | ---- | M] () -- C:\Windows\SysWow64\eventvwr.msc
[2009/06/10 22:38:10 | 000,017,935 | ---- | M] () -- C:\Windows\SysWow64\EventViewer_EventDetails.xsl
[2009/06/10 22:36:33 | 000,063,070 | ---- | M] () -- C:\Windows\SysWow64\certmgr.msc
[2009/06/10 22:34:45 | 000,215,943 | ---- | M] () -- C:\Windows\SysWow64\dssec.dat
[2009/06/10 22:32:47 | 000,000,741 | ---- | M] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/06/10 22:32:07 | 000,002,060 | ---- | M] () -- C:\Windows\SysWow64\noise.jpn
[2009/06/10 22:31:26 | 000,145,519 | ---- | M] () -- C:\Windows\SysWow64\perfmon.msc
[2009/06/10 22:30:15 | 000,093,702 | ---- | M] () -- C:\Windows\SysWow64\SubRange.uce
[2009/06/10 22:30:14 | 000,060,458 | ---- | M] () -- C:\Windows\SysWow64\ideograf.uce
[2009/06/10 22:30:14 | 000,024,006 | ---- | M] () -- C:\Windows\SysWow64\gb2312.uce
[2009/06/10 22:30:14 | 000,022,984 | ---- | M] () -- C:\Windows\SysWow64\bopomofo.uce
[2009/06/10 22:30:14 | 000,016,740 | ---- | M] () -- C:\Windows\SysWow64\ShiftJIS.uce
[2009/06/10 22:30:14 | 000,012,876 | ---- | M] () -- C:\Windows\SysWow64\korean.uce
[2009/06/10 22:30:14 | 000,008,484 | ---- | M] () -- C:\Windows\SysWow64\kanji_2.uce
[2009/06/10 22:30:14 | 000,006,948 | ---- | M] () -- C:\Windows\SysWow64\kanji_1.uce
[2009/06/10 22:29:34 | 000,000,697 | ---- | M] () -- C:\Windows\SysWow64\NOISE.THA
[2009/06/10 22:29:29 | 011,967,524 | ---- | M] () -- C:\Windows\SysWow64\korwbrkr.lex
[2009/06/10 22:29:29 | 000,001,486 | ---- | M] () -- C:\Windows\SysWow64\noise.kor
[2009/06/10 22:29:28 | 000,001,696 | ---- | M] () -- C:\Windows\SysWow64\NOISE.CHT
[2009/06/10 22:29:17 | 000,001,696 | ---- | M] () -- C:\Windows\SysWow64\NOISE.CHS
[2009/06/10 22:27:46 | 000,115,091 | ---- | M] () -- C:\Windows\SysWow64\WF.msc
[2009/06/10 22:26:15 | 000,144,998 | ---- | M] () -- C:\Windows\SysWow64\lusrmgr.msc
[2009/06/10 22:26:10 | 000,673,088 | ---- | M] () -- C:\Windows\SysWow64\mlang.dat
[2009/06/10 22:25:52 | 000,063,411 | ---- | M] () -- C:\Windows\SysWow64\NAPCLCFG.MSC
[2009/06/10 22:21:09 | 000,092,745 | ---- | M] () -- C:\Windows\SysWow64\services.msc
[2009/06/10 22:21:07 | 000,144,909 | ---- | M] () -- C:\Windows\SysWow64\fsmgmt.msc
[2009/06/10 22:21:06 | 000,113,256 | ---- | M] () -- C:\Windows\SysWow64\compmgmt.msc
[2009/06/10 22:21:06 | 000,041,587 | ---- | M] () -- C:\Windows\SysWow64\azman.msc
[2009/06/10 22:18:29 | 000,000,565 | ---- | M] () -- C:\Windows\SysWow64\NdfEventView.xml
[2009/06/10 22:17:44 | 000,124,118 | ---- | M] () -- C:\Windows\SysWow64\comexp.msc
[2009/06/10 22:16:56 | 000,002,233 | ---- | M] () -- C:\Windows\SysWow64\12520850.cpx
[2009/06/10 22:16:56 | 000,002,151 | ---- | M] () -- C:\Windows\SysWow64\12520437.cpx
[2009/06/10 22:16:38 | 000,002,727 | ---- | M] () -- C:\Windows\SysWow64\locationnotificationsview.xml
[2009/06/10 22:15:19 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
[2009/06/10 22:15:18 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
[2009/06/10 22:15:06 | 000,076,060 | ---- | M] () -- C:\Windows\SysWow64\xpsrchvw.xml
[2009/06/10 22:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\SysWow64\drivers\gm.dls
[2009/06/10 21:52:44 | 000,316,640 | ---- | M] () -- C:\Windows\WMSysPr9.prx
[2009/06/10 21:36:48 | 000,001,405 | ---- | M] () -- C:\Windows\msdfmap.ini
[2009/06/10 21:31:02 | 000,048,201 | ---- | M] () -- C:\Windows\Starter.xml
[2009/06/10 21:30:55 | 000,048,265 | ---- | M] () -- C:\Windows\HomePremium.xml
[2009/05/23 09:37:42 | 000,024,576 | ---- | M] () -- C:\Windows\snuvcdsm.exe
[2009/04/10 07:11:40 | 000,245,760 | ---- | M] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2006/05/21 01:39:58 | 000,015,497 | ---- | M] () -- C:\Windows\snp2uvc.ini
[2006/04/13 11:30:06 | 001,073,152 | ---- | M] () -- C:\Windows\SysWow64\libmysql_c.dll
[2005/03/05 03:01:10 | 000,014,134 | ---- | M] () -- C:\sample.bmp
[2004/11/14 18:28:30 | 001,056,768 | ---- | M] () -- C:\Windows\SysWow64\libmysql41.dll
[2004/11/14 18:28:30 | 000,280,576 | ---- | M] () -- C:\Windows\SysWow64\libmysql320.dll
[2004/11/14 18:28:30 | 000,245,760 | ---- | M] () -- C:\Windows\SysWow64\libmysql40.dll
[2004/11/14 18:28:30 | 000,217,088 | ---- | M] () -- C:\Windows\SysWow64\libmysql323.dll
[1997/06/25 14:24:16 | 000,040,448 | ---- | M] () -- C:\Windows\REGOBJ.DLL
 
========== Files Created - No Company Name ==========
 
[2013/01/11 17:21:03 | 000,001,008 | ---- | C] () -- C:\Users\Dom\Desktop\TunnelBear.lnk
[2013/01/11 15:15:50 | 000,222,409 | ---- | C] () -- C:\Users\Dom\Desktop\11111.jpg
[2013/01/08 09:58:33 | 000,002,651 | ---- | C] () -- C:\Users\Public\Desktop\Program PIT 2012-2013.lnk
[2013/01/06 17:55:10 | 000,377,600 | ---- | C] () -- C:\Users\Dom\Desktop\haha.jpg
[2013/01/05 14:54:52 | 000,001,210 | ---- | C] () -- C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
[2013/01/05 14:39:35 | 000,262,676 | ---- | C] () -- C:\Users\Dom\Desktop\pppppp.jpg
[2013/01/05 02:30:37 | 000,001,695 | ---- | C] () -- C:\Users\Dom\Desktop\SG Cabal Online — skrót.lnk
[2013/01/02 18:42:50 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/01/02 18:42:49 | 000,001,165 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/02 10:25:34 | 000,000,937 | ---- | C] () -- C:\Users\Dom\Desktop\RaiderZ.lnk
[2012/12/31 14:11:37 | 000,135,686 | ---- | C] () -- C:\Users\Dom\Desktop\Raiderz_Artwork3.jpg
[2012/12/30 13:51:28 | 001,056,768 | ---- | C] () -- C:\Windows\SysWow64\libmysql41.dll
[2012/12/30 13:51:28 | 000,280,576 | ---- | C] () -- C:\Windows\SysWow64\libmysql320.dll
[2012/12/30 13:51:28 | 000,245,760 | ---- | C] () -- C:\Windows\SysWow64\libmysql40.dll
[2012/12/30 13:51:28 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\libmysql323.dll
[2012/12/28 23:18:01 | 000,241,881 | ---- | C] () -- C:\Users\Dom\Desktop\p;p;p.jpg
[2012/12/20 17:07:08 | 000,006,896 | ---- | C] () -- C:\bootsqm.dat
[2012/12/20 12:47:51 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012/12/18 14:14:07 | 000,000,380 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2012/12/18 13:50:33 | 000,001,184 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2012/12/18 13:49:54 | 000,000,025 | ---- | C] () -- C:\Windows\emcore.INI
[2012/12/16 14:46:13 | 000,056,424 | ---- | C] () -- C:\Windows\SysWow64\PrxerNsp.dll
[2012/12/16 14:46:13 | 000,001,025 | ---- | C] () -- C:\Users\Dom\Desktop\Proxifier.lnk
[2012/11/30 14:23:36 | 000,000,061 | ---- | C] () -- C:\Users\Dom\SciTEUser.properties
[2012/11/29 17:57:56 | 001,073,152 | ---- | C] () -- C:\Windows\SysWow64\libmysql_c.dll
[2012/11/28 13:08:37 | 000,243,018 | ---- | C] () -- C:\Users\Dom\Desktop\ttt.jpg
[2012/11/20 16:13:30 | 048,179,170 | ---- | C] () -- C:\Users\Dom\game
[2012/11/14 13:52:38 | 000,001,107 | ---- | C] () -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
[2012/11/07 02:40:22 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/11/07 02:40:16 | 000,183,112 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/10/10 09:17:24 | 000,000,320 | ---- | C] () -- C:\Users\Dom\SciTE.session
[2012/08/29 05:17:49 | 001,048,576 | -HS- | C] () -- C:\Users\Dom\NTUSER.DAT{aa477174-cc34-11e1-b3c4-5c9ad85e122e}.TxR.2.regtrans-ms
[2012/08/29 05:17:49 | 001,048,576 | -HS- | C] () -- C:\Users\Dom\NTUSER.DAT{aa477174-cc34-11e1-b3c4-5c9ad85e122e}.TxR.1.regtrans-ms
[2012/08/29 05:17:49 | 001,048,576 | -HS- | C] () -- C:\Users\Dom\NTUSER.DAT{aa477174-cc34-11e1-b3c4-5c9ad85e122e}.TxR.0.regtrans-ms
[2012/08/29 05:17:49 | 000,065,536 | -HS- | C] () -- C:\Users\Dom\NTUSER.DAT{aa477174-cc34-11e1-b3c4-5c9ad85e122e}.TxR.blf
[2012/08/21 17:50:54 | 000,000,600 | ---- | C] () -- C:\Users\Dom\AppData\Local\PUTTY.RND
[2012/08/20 18:46:36 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2012/08/16 19:13:35 | 000,015,772 | RHS- | C] () -- C:\Users\Dom\tiuopu.exe
[2012/08/10 10:35:27 | 000,001,638 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/08/08 15:49:09 | 000,041,309 | ---- | C] () -- C:\Users\Dom\Desktop\skrillex.jpg
[2012/08/08 15:41:23 | 000,000,608 | ---- | C] () -- C:\user.js
[2012/08/08 15:32:32 | 000,176,017 | ---- | C] () -- C:\Users\Dom\Desktop\Skrillex-Bangarang-EP.jpg
[2012/08/02 13:04:25 | 000,000,235 | ---- | C] () -- C:\Windows\SysWow64\nxEuUninstall.bat
[2012/07/17 15:05:51 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-323826620-2306945312-2335366591-1000UA.job
[2012/07/17 15:05:51 | 000,000,998 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-323826620-2306945312-2335366591-1000Core.job
[2012/07/12 16:17:45 | 000,524,288 | -HS- | C] () -- C:\Users\Dom\NTUSER.DAT{aa477175-cc34-11e1-b3c4-5c9ad85e122e}.TMContainer00000000000000000002.regtrans-ms
[2012/07/12 16:17:45 | 000,524,288 | -HS- | C] () -- C:\Users\Dom\NTUSER.DAT{aa477175-cc34-11e1-b3c4-5c9ad85e122e}.TMContainer00000000000000000001.regtrans-ms
[2012/07/12 16:17:45 | 000,065,536 | -HS- | C] () -- C:\Users\Dom\NTUSER.DAT{aa477175-cc34-11e1-b3c4-5c9ad85e122e}.TM.blf
[2012/06/28 18:09:28 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/06 19:55:24 | 000,001,104 | ---- | C] () -- C:\Users\Dom\Desktop\TuneUp Konserwacja 1 kliknięciem.lnk
[2012/06/04 17:53:20 | 000,003,392 | ---- | C] () -- C:\WirelessDiagLog.csv
[2012/06/04 10:24:35 | 001,372,067 | -H-- | C] () -- C:\Users\Dom\AppData\Local\IconCache.db
[2012/06/04 10:20:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/06/04 09:48:44 | 000,000,012 | ---- | C] () -- C:\Windows\SysWow64\drivers\10CF_FUJITSU_FTS_LIFEBOOK AH531_PI_FUJITSU_FJNBB0F_Default System BIOS_FUJ - 1_1.27_Intel(R) HD Graphics Family.MRK
[2012/06/04 09:47:46 | 000,001,123 | ---- | C] () -- C:\Users\Dom\Desktop\CyberLink YouCam.lnk
[2012/06/04 09:41:55 | 000,001,280 | ---- | C] () -- C:\Windows\SysWow64\TRACE.trace
[2012/06/04 09:41:06 | 000,524,288 | -HS- | C] () -- C:\Users\Dom\NTUSER.DAT{a00e996f-7c64-11e0-97d8-e5d5d5fc43bc}.TMContainer00000000000000000002.regtrans-ms
[2012/06/04 09:41:06 | 000,524,288 | -HS- | C] () -- C:\Users\Dom\NTUSER.DAT{a00e996f-7c64-11e0-97d8-e5d5d5fc43bc}.TMContainer00000000000000000001.regtrans-ms
[2012/06/04 09:41:06 | 000,065,536 | -HS- | C] () -- C:\Users\Dom\NTUSER.DAT{a00e996f-7c64-11e0-97d8-e5d5d5fc43bc}.TM.blf
[2012/06/04 09:41:06 | 000,057,944 | ---- | C] () -- C:\Users\Dom\AppData\Local\GDIPFONTCACHEV1.DAT
[2012/06/04 09:41:03 | 005,767,168 | -HS- | C] () -- C:\Users\Dom\NTUSER.DAT
[2012/06/04 09:41:03 | 000,000,020 | -HS- | C] () -- C:\Users\Dom\ntuser.ini
[2012/06/04 09:40:33 | 000,001,048 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/04 09:40:32 | 000,001,044 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/31 22:56:03 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2012/05/31 22:56:02 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012/05/31 22:56:02 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2012/05/31 22:56:02 | 000,013,021 | ---- | C] () -- C:\Windows\snp2uvc.src
[2012/02/17 16:14:06 | 000,000,038 | ---- | C] () -- C:\Users\Dom\abbrev.properties
[2012/02/17 15:02:02 | 000,000,000 | ---- | C] () -- C:\Users\Dom\au3.keywords.user.abbreviations.properties
[2012/02/14 21:52:12 | 000,000,027 | ---- | C] () -- C:\Users\Dom\au3UserAbbrev.properties
[2011/05/12 08:31:58 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/05/12 08:11:47 | 001,640,270 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/02 01:21:18 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/05/02 01:21:15 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/05/02 01:21:12 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/05/02 01:21:09 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/05/02 01:21:06 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2010/11/25 05:43:32 | 000,040,448 | ---- | C] () -- C:\Windows\REGOBJ.DLL
[2010/11/21 08:17:39 | 000,048,265 | ---- | C] () -- C:\Windows\HomePremium.xml
[2010/11/21 04:24:33 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2010/11/21 04:23:59 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2010/11/21 04:23:48 | 000,419,880 | ---- | C] () -- C:\Windows\SysWow64\locale.nls
[2010/03/27 16:22:54 | 000,014,905 | ---- | C] () -- C:\Users\Dom\au3abbrev.properties
[2010/01/02 22:16:12 | 000,000,111 | ---- | C] () -- C:\Users\Dom\au3.UserUdfs.properties
[2010/01/02 22:15:50 | 000,000,000 | ---- | C] () -- C:\Users\Dom\au3.user.calltips.api
[2009/08/11 21:18:28 | 000,497,664 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.acm
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 06:28:38 | 000,048,201 | ---- | C] () -- C:\Windows\Starter.xml
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\tasks\SA.DAT
[2009/07/14 06:01:34 | 000,151,249 | ---- | C] () -- C:\Windows\SysWow64\license.rtf
[2009/07/14 05:55:01 | 000,000,535 | ---- | C] () -- C:\Windows\SysWow64\mapisvc.inf
[2009/07/14 05:54:24 | 000,000,749 | RH-- | C] () -- C:\Windows\WindowsShell.Manifest
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:35:51 | 000,000,697 | ---- | C] () -- C:\Windows\SysWow64\NOISE.THA
[2009/07/14 03:35:50 | 011,967,524 | ---- | C] () -- C:\Windows\SysWow64\korwbrkr.lex
[2009/07/14 03:35:50 | 000,001,696 | ---- | C] () -- C:\Windows\SysWow64\NOISE.CHT
[2009/07/14 03:35:50 | 000,001,486 | ---- | C] () -- C:\Windows\SysWow64\noise.kor
[2009/07/14 03:35:49 | 000,001,696 | ---- | C] () -- C:\Windows\SysWow64\NOISE.CHS
[2009/07/14 03:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2009/07/14 03:34:57 | 000,000,403 | ---- | C] () -- C:\Windows\win.ini
[2009/07/14 03:34:57 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 03:34:28 | 000,008,798 | ---- | C] () -- C:\Windows\SysWow64\icrav03.rat
[2009/07/14 03:34:28 | 000,001,988 | ---- | C] () -- C:\Windows\SysWow64\ticrf.rat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 00:41:24 | 000,093,702 | ---- | C] () -- C:\Windows\SysWow64\SubRange.uce
[2009/07/14 00:41:24 | 000,060,458 | ---- | C] () -- C:\Windows\SysWow64\ideograf.uce
[2009/07/14 00:41:24 | 000,024,006 | ---- | C] () -- C:\Windows\SysWow64\gb2312.uce
[2009/07/14 00:41:24 | 000,016,740 | ---- | C] () -- C:\Windows\SysWow64\ShiftJIS.uce
[2009/07/14 00:41:24 | 000,012,876 | ---- | C] () -- C:\Windows\SysWow64\korean.uce
[2009/07/14 00:41:24 | 000,008,484 | ---- | C] () -- C:\Windows\SysWow64\kanji_2.uce
[2009/07/14 00:41:24 | 000,006,948 | ---- | C] () -- C:\Windows\SysWow64\kanji_1.uce
[2009/07/14 00:08:01 | 000,003,577 | ---- | C] () -- C:\Windows\SysWow64\sysprtj.sep
[2009/07/14 00:08:01 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\pcl.sep
[2009/07/14 00:08:01 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\pscript.sep
[2009/07/14 00:06:14 | 000,004,453 | ---- | C] () -- C:\Windows\SysWow64\odbcconf.rsp
[2009/07/13 23:41:10 | 000,002,233 | ---- | C] () -- C:\Windows\SysWow64\12520850.cpx
[2009/07/13 23:12:16 | 000,063,411 | ---- | C] () -- C:\Windows\SysWow64\NAPCLCFG.MSC
[2009/07/13 23:11:17 | 000,115,091 | ---- | C] () -- C:\Windows\SysWow64\WF.msc
[2009/07/13 23:06:29 | 000,201,034 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2009/07/13 23:06:29 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2009/07/13 23:06:29 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl
[2009/07/13 23:06:29 | 000,001,559 | ---- | C] () -- C:\Windows\SysWow64\WsmPty.xsl
[2009/07/13 23:01:40 | 000,124,118 | ---- | C] () -- C:\Windows\SysWow64\comexp.msc
[2009/07/13 22:55:47 | 000,144,998 | ---- | C] () -- C:\Windows\SysWow64\lusrmgr.msc
[2009/07/13 22:47:53 | 000,063,070 | ---- | C] () -- C:\Windows\SysWow64\certmgr.msc
[2009/07/13 22:46:10 | 000,145,127 | ---- | C] () -- C:\Windows\SysWow64\eventvwr.msc
[2009/07/13 22:46:10 | 000,017,935 | ---- | C] () -- C:\Windows\SysWow64\EventViewer_EventDetails.xsl
[2009/07/13 22:46:09 | 000,145,059 | ---- | C] () -- C:\Windows\SysWow64\taskschd.msc
[2009/07/13 22:44:22 | 000,144,909 | ---- | C] () -- C:\Windows\SysWow64\fsmgmt.msc
[2009/07/13 22:44:22 | 000,113,256 | ---- | C] () -- C:\Windows\SysWow64\compmgmt.msc
[2009/07/13 22:44:22 | 000,092,745 | ---- | C] () -- C:\Windows\SysWow64\services.msc
[2009/07/13 22:44:22 | 000,041,587 | ---- | C] () -- C:\Windows\SysWow64\azman.msc
[2009/07/13 22:38:38 | 000,024,114 | ---- | C] () -- C:\Windows\SysWow64\lcptr.tbl
[2009/07/13 22:34:35 | 000,047,679 | ---- | C] () -- C:\Windows\SysWow64\diskmgmt.msc
[2009/07/13 22:33:45 | 000,000,714 | ---- | C] () -- C:\Windows\SysWow64\RestartManager.mof
[2009/07/13 22:33:45 | 000,000,176 | ---- | C] () -- C:\Windows\SysWow64\RestartManagerUninstall.mof
[2009/07/13 22:28:41 | 000,145,519 | ---- | C] () -- C:\Windows\SysWow64\perfmon.msc
[2009/07/13 22:23:44 | 000,145,640 | ---- | C] () -- C:\Windows\SysWow64\devmgmt.msc
[2009/07/13 22:20:44 | 000,144,862 | ---- | C] () -- C:\Windows\SysWow64\tpm.msc
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/13 21:22:42 | 000,195,618 | ---- | C] () -- C:\Windows\SysWow64\C_10002.NLS
[2009/07/13 21:22:42 | 000,189,986 | ---- | C] () -- C:\Windows\SysWow64\C_1361.NLS
[2009/07/13 21:22:42 | 000,187,938 | ---- | C] () -- C:\Windows\SysWow64\C_20005.NLS
[2009/07/13 21:22:42 | 000,186,402 | ---- | C] () -- C:\Windows\SysWow64\C_20001.NLS
[2009/07/13 21:22:42 | 000,185,378 | ---- | C] () -- C:\Windows\SysWow64\C_20003.NLS
[2009/07/13 21:22:42 | 000,180,258 | ---- | C] () -- C:\Windows\SysWow64\C_20004.NLS
[2009/07/13 21:22:42 | 000,180,258 | ---- | C] () -- C:\Windows\SysWow64\C_20000.NLS
[2009/07/13 21:22:42 | 000,177,698 | ---- | C] () -- C:\Windows\SysWow64\C_10003.NLS
[2009/07/13 21:22:42 | 000,173,602 | ---- | C] () -- C:\Windows\SysWow64\C_20002.NLS
[2009/07/13 21:22:42 | 000,173,602 | ---- | C] () -- C:\Windows\SysWow64\C_10008.NLS
[2009/07/13 21:22:42 | 000,162,850 | ---- | C] () -- C:\Windows\SysWow64\C_10001.NLS
[2009/07/13 21:22:42 | 000,139,810 | ---- | C] () -- C:\Windows\SysWow64\C_20261.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_869.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_866.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_865.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_864.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_863.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_862.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_861.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_860.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_858.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_857.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_855.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_852.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_850.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_775.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_737.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_720.NLS
[2009/07/13 21:22:42 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_437.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_875.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_870.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_708.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_500.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_28605.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\c_28603.nls
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_28599.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_28598.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_28597.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_28596.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_28595.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_28594.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_28593.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_28592.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_28591.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_21866.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_21027.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_21025.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20924.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20905.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20880.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20871.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20866.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20838.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20833.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20424.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20423.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20420.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20297.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20290.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20269.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20127.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20108.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20107.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20106.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20105.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_10082.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_10081.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_10079.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_10029.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_10021.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_10017.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_10010.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_10007.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_10006.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_10005.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_10004.NLS
[2009/07/13 21:22:42 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_10000.NLS
[2009/07/13 21:22:41 | 000,196,642 | ---- | C] () -- C:\Windows\SysWow64\C_950.NLS
[2009/07/13 21:22:41 | 000,196,642 | ---- | C] () -- C:\Windows\SysWow64\C_949.NLS
[2009/07/13 21:22:41 | 000,196,642 | ---- | C] () -- C:\Windows\SysWow64\C_936.NLS
[2009/07/13 21:22:41 | 000,180,770 | ---- | C] () -- C:\Windows\SysWow64\C_20932.NLS
[2009/07/13 21:22:41 | 000,177,698 | ---- | C] () -- C:\Windows\SysWow64\C_20949.NLS
[2009/07/13 21:22:41 | 000,173,602 | ---- | C] () -- C:\Windows\SysWow64\C_20936.NLS
[2009/07/13 21:22:41 | 000,162,850 | ---- | C] () -- C:\Windows\SysWow64\C_932.NLS
[2009/07/13 21:22:41 | 000,066,594 | ---- | C] () -- C:\Windows\SysWow64\C_874.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20285.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20284.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20280.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20278.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20277.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_20273.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1258.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1257.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1256.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1255.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1254.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1253.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1252.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1251.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1149.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1148.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1147.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1146.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1145.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1144.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1143.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1142.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1141.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1140.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1047.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1026.NLS
[2009/07/13 21:22:41 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_037.NLS
[2009/06/10 22:48:27 | 000,009,958 | ---- | C] () -- C:\Windows\SysWow64\l_intl.nls
[2009/06/10 22:48:14 | 000,066,082 | ---- | C] () -- C:\Windows\SysWow64\C_1250.NLS
[2009/06/10 22:44:34 | 003,170,304 | ---- | C] () -- C:\Windows\SysWow64\boot.sdi
[2009/06/10 22:42:07 | 000,004,041 | ---- | C] () -- C:\Windows\SysWow64\xwizard.dtd
[2009/06/10 22:41:29 | 000,211,938 | ---- | C] () -- C:\Windows\SysWow64\lcphrase.tbl
[2009/06/10 22:40:47 | 000,000,035 | ---- | C] () -- C:\Windows\SysWow64\winrm.cmd
[2009/06/10 22:39:54 | 000,003,214 | ---- | C] () -- C:\Windows\SysWow64\sysprint.sep
[2009/06/10 22:39:18 | 000,001,820 | ---- | C] () -- C:\Windows\SysWow64\rasctrnm.h
[2009/06/10 22:38:48 | 000,113,629 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
[2009/06/10 22:32:07 | 000,002,060 | ---- | C] () -- C:\Windows\SysWow64\noise.jpn
[2009/06/10 22:30:14 | 000,022,984 | ---- | C] () -- C:\Windows\SysWow64\bopomofo.uce
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/06/10 22:18:29 | 000,000,565 | ---- | C] () -- C:\Windows\SysWow64\NdfEventView.xml
[2009/06/10 22:16:56 | 000,002,151 | ---- | C] () -- C:\Windows\SysWow64\12520437.cpx
[2009/06/10 22:16:38 | 000,002,727 | ---- | C] () -- C:\Windows\SysWow64\locationnotificationsview.xml
[2009/06/10 22:15:06 | 000,076,060 | ---- | C] () -- C:\Windows\SysWow64\xpsrchvw.xml
[2009/06/10 22:14:28 | 003,440,660 | ---- | C] () -- C:\Windows\SysWow64\drivers\gm.dls
[2009/06/10 21:52:44 | 000,316,640 | ---- | C] () -- C:\Windows\WMSysPr9.prx
[2005/03/05 03:01:10 | 000,014,134 | ---- | C] () -- C:\sample.bmp
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2011/05/12 08:54:37 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Fujitsu
[2011/05/12 08:54:37 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Fujitsu
[2012/11/18 10:51:32 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Aidem Media
[2012/11/08 12:44:41 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Bioshock
[2013/01/11 12:38:55 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\BITS
[2012/11/30 19:45:23 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\CoreFTP
[2012/07/13 09:05:38 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\DAEMON Tools Lite
[2012/11/02 21:31:18 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\DMCache
[2012/08/24 12:58:05 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\ESET
[2012/10/15 11:17:16 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\FarmHelper
[2012/11/27 20:34:20 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\FileZilla
[2012/12/19 10:51:59 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\FlashGet
[2012/12/18 13:45:56 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\FlashGetBHO
[2012/12/18 13:46:08 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\FlashgetSetup
[2011/05/12 08:54:37 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Fujitsu
[2012/06/04 09:51:06 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Fujitsu Launch Center
[2012/08/11 09:57:55 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Gadu-Gadu
[2012/08/11 10:04:13 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Gadu-Gadu 10
[2012/12/20 12:53:22 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\GG
[2012/11/27 21:03:31 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\GHISLER
[2012/11/07 02:35:25 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Leadertech
[2012/10/23 13:16:50 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\marcinc
[2012/09/17 18:19:24 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\mp3DirectCut
[2012/09/16 12:25:49 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Need for Speed World
[2012/11/14 09:47:33 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Nokia
[2012/06/27 19:32:54 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Notepad++
[2013/01/05 01:12:08 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\ObviousIdea
[2012/07/13 09:01:29 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\OpenCandy
[2012/11/14 09:44:48 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\PC Suite
[2013/01/08 10:06:06 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Podatnik.info
[2012/12/16 14:46:23 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Proxifier
[2012/08/14 05:53:52 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\RegistryKeys
[2012/08/27 11:51:24 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\runic games
[2013/01/05 00:32:37 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\SendSpace
[2012/10/15 10:51:49 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\SFBot
[2012/12/16 17:25:41 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\SoftGrid Client
[2012/09/05 00:11:05 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TeamViewer
[2012/06/04 10:31:26 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TP
[2013/01/04 18:13:16 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TS3Client
[2012/06/06 19:55:44 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TuneUp Software
[2013/01/11 15:34:00 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\uTorrent
[2012/07/21 14:42:35 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Windows Live Writer
[2013/01/05 17:25:01 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Wise Disk Cleaner
[2012/10/11 11:05:15 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\WNR
[2012/12/12 00:34:23 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\YourFileDownloader
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2012/10/23 06:12:52 | 000,000,000 | ---D | M](C:\Users\Dom\AppData\Local\?) -- C:\Users\Dom\AppData\Local\Ⴈ
[2012/10/23 06:12:52 | 000,000,000 | ---D | M](C:\Users\Dom\AppData\Local\?) -- C:\Users\Dom\AppData\Local\Ⴈ
(C:\Users\Dom\AppData\Local\?) -- C:\Users\Dom\AppData\Local\Ⴈ

< End of report >

[/log]

 

Extras :

 

[log]OTL Extras logfile created on: 1/12/2013 1:55:52 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dom\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3.91 Gb Total Physical Memory | 1.79 Gb Available Physical Memory | 45.68% Memory free
7.83 Gb Paging File | 5.53 Gb Available in Paging File | 70.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.00 Gb Total Space | 36.43 Gb Free Space | 36.43% Space Free | Partition Type: NTFS
Drive D: | 177.46 Gb Total Space | 59.85 Gb Free Space | 33.72% Space Free | Partition Type: NTFS
 
Computer Name: DOM-KOMPUTER | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [compress] -- C:\Program Files (x86)\KGB Archiver\kgb_arch_compress.exe "%1\"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UacDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D3C7444-1C69-4E59-916B-3BB637F4E1A1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{1FDBB5DE-77A4-4BA7-BC1D-F516C4149DB1}" = lport=445 | protocol=6 | dir=in | app=system |
"{5A2ABC3B-B983-4F2F-858B-4F9EEF7507B9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5ABD13BD-EBB8-4544-AA23-8E1E4C19F8F7}" = rport=139 | protocol=6 | dir=out | app=system |
"{651DA4E3-D290-42D8-9ECF-B1483DB6A527}" = lport=137 | protocol=17 | dir=in | app=system |
"{76660C80-5B13-428B-A251-1F9A49B4ABD1}" = rport=445 | protocol=6 | dir=out | app=system |
"{A049EC57-EBE1-47F6-88A2-82989EDBB2AE}" = rport=137 | protocol=17 | dir=out | app=system |
"{C3642F39-5605-4E86-A500-DE31032DF621}" = lport=138 | protocol=17 | dir=in | app=system |
"{C5E8D838-E07E-48EB-A5F9-147C047555DD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C789ABC1-1764-4ACA-ADAB-251C5AA9AC1D}" = lport=139 | protocol=6 | dir=in | app=system |
"{CC4F8A4B-119A-4038-B22E-6130FBF55D3F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E92427A7-1A1E-4439-AE68-5A9408CEB32B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FE217E2B-0876-4358-998C-B2EDA8CF1E6F}" = rport=138 | protocol=17 | dir=out | app=system |
"{FFF96442-F3C4-4DC5-9906-6EDA5BA31E71}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0757317E-8F17-427B-8063-778D1D198787}" = protocol=58 | dir=in | app=system |
"{09C6EE5F-EDAA-4ABE-82DE-05837D1B453E}" = dir=in | app=d:\program files (x86)\cdp.pl\farming simulator 2013\farmingsimulator2013game.exe |
"{0D59CE62-131E-4B8F-9A71-C0C128AE88AD}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{2C9426FE-8493-4A8C-81A1-959C92C6F68D}" = dir=out | app=d:\program files (x86)\reality pump\two worlds ii\twoworlds2.exe |
"{331BA8FD-73E9-4BD3-A7A9-D95235CA706D}" = dir=in | app=d:\program files (x86)\cdp.pl\farming simulator 2013\farmingsimulator2013.exe |
"{3422F8DD-4E43-4DB7-BC2F-7F68F07CB55B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{352961E2-0D49-4035-BBE4-2C68EF87222E}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{501FBF96-934B-4A3F-A5B1-EF047D6123C9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6D878FD3-5359-4F75-9203-30D7AEAED574}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{79B919AC-1015-4621-A074-582B23E57719}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7AF432BC-7176-4CBB-9FAB-7767FE303046}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{7F15B47E-5BF9-491A-9201-196133556063}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{83F92B75-C9FB-4732-9CDB-CC75FE92C42D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{8D838E4A-48B5-4087-A4F4-B600F347EC11}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{90F52B9F-782D-4239-9103-25F0AC00D585}" = dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe |
"{9791E3C3-06B2-46D5-A7CD-47D3E0C35386}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A1D6C9CA-B51B-425B-AF68-4F2E6EDBF09D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\pinkibezmozga\counter-strike\hl.exe |
"{AD576577-7128-4F84-A1CF-E69DFFD4E14E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B1367F91-6C8E-418C-BF42-5984073A9DED}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{BBA329D2-460B-43BF-9EA9-357AB9F4C311}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{CDCA1244-187A-433B-8948-1D139F247F41}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D01BAFF6-C002-42A5-B7AA-154264ED81FD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D3C24ED2-5C2C-4C39-B13F-EC9B9C52D67F}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{DA61EE37-43B9-4126-9EDE-50DA17C27C82}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{F25119B5-239F-41E7-BAD8-226BB8C8145C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\pinkibezmozga\counter-strike\hl.exe |
"{FB5A1E4D-C6C5-4B26-AA8D-43B0AFB4948D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{0518DDFB-2FB0-4039-AD2C-FC0943CB5136}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{238E77E6-ADBB-4EA3-A813-7ACB2A4B298E}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |
"TCP Query User{5971BC82-8C99-48E3-90FA-D3B77602D6B3}D:\downloads\software\yt2wz_lsnc_20100423\倚天2外传\metin2.bin" = protocol=6 | dir=in | app=d:\downloads\software\yt2wz_lsnc_20100423\倚天2外传\metin2.bin |
"TCP Query User{6B341D32-27F3-4410-A00B-4B9A836FA085}C:\program files (x86)\mcafee security scan\3.0.207\ssscheduler.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee security scan\3.0.207\ssscheduler.exe |
"UDP Query User{15658E78-0492-4C71-9DB5-8ECA9BFE3D9A}D:\downloads\software\yt2wz_lsnc_20100423\倚天2外传\metin2.bin" = protocol=17 | dir=in | app=d:\downloads\software\yt2wz_lsnc_20100423\倚天2外传\metin2.bin |
"UDP Query User{1A1AF71B-B5BE-4003-8068-B23E03D5668A}C:\program files (x86)\mcafee security scan\3.0.207\ssscheduler.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee security scan\3.0.207\ssscheduler.exe |
"UDP Query User{6A9FF406-086D-495D-BDD6-452659A3B94B}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{CACC6D91-0A33-4F70-BBBF-533F704955F2}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{25680C01-6753-4FE9-A891-7857F26457C1}" = Intel(R) WiDi
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37993A79-5D36-4227-B8E8-9BDE95B2CE45}" = Bolek i Lolek - Alfabet i nauka czytania
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{49A588CF-5FD4-4774-BFBF-0764287DE82B}" = Power Saving Utility
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{52644103-70EE-47F6-9BBB-AA4514B59615}_is1" = Farming Simulator 2013
"{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}" = Anytime USB Charge Utility
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{606E1B88-065A-41C6-B996-287A0E756FB0}_is1" = EGCabal Online version 2.1.0
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{887868A2-D6DE-3255-AA92-AA0B5A59B874}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0415-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Polski
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2F166A0-F031-4E27-A057-C69733219435}_is1" = RaiderZ
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Polish
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{BE739BC7-030F-4CAA-A6F9-EA59405B7E32}" = Program PIT 2012-2013
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"ASCII Art Generator_is1" = ASCII Art Generator 3.2.2
"AutoItv3" = AutoIt v3.3.8.1
"avast" = avast! Free Antivirus
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"DAEMON Tools Lite" = DAEMON Tools Lite
"DeskUpdate_is1" = DeskUpdate 4.11
"FlashGet3.7" = FlashGet3.7
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"InstallShield_{AFFC0877-D62C-4A7D-A11F-1E73B5800D13}" = Bioshock
"InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"KGB Archiver_is1" = KGB Archiver 1.2.1.24
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.4.4
"LogMeIn Hamachi" = LogMeIn Hamachi
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 18.0 (x86 pl)" = Mozilla Firefox 18.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"PremiumSoft Navicat 8.0 for MySQL_is1" = PremiumSoft Navicat 8.0 for MySQL
"Proxifier_is1" = Proxifier version 3.21
"QuicktimeAlt_is1" = QuickTime Alternative 2.9.2
"RealPlayer 15.0" = RealPlayer
"SciTE4AutoIt3" = SciTE4AutoIt3 6/10/2012
"Serenity GamerZ Revolution Client Revolution" = Serenity GamerZ Revolution Client Revolution
"Steam App 10" = Counter-Strike
"SubEdit-Player_is1" = SubEdit-Player
"TeamViewer 7" = TeamViewer 7
"TuneUp Utilities 2012_is1" = TuneUp Utilities 2012 wersja 12.0.3500.29
"TunnelBear" = TunnelBear 1.0.36
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-bitowy)
"Wise Disk Cleaner_is1" = Wise Disk Cleaner 7.73
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DDFinal" = DDFinal
"GG" = GG
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 1/10/2013 7:26:31 AM | Computer Name = Dom-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CabalMain.exe, wersja: 1.0.0.482,
 sygnatura czasowa: 0x47c76c12  Nazwa modułu powodującego błąd: CabalMain.exe, wersja:
 1.0.0.482, sygnatura czasowa: 0x47c76c12  Kod wyjątku: 0xc0000005  Przesunięcie błędu:
 0x0002e10b  Identyfikator procesu powodującego błąd: 0x1214  Godzina uruchomienia aplikacji
 powodującej błąd: 0x01cdef153ead16d3  Ścieżka aplikacji powodującej błąd: D:\Program
 Files (x86)\EGCabal Online\CabalMain.exe  Ścieżka modułu powodującego błąd: D:\Program
 Files (x86)\EGCabal Online\CabalMain.exe  Identyfikator raportu: 945c57ae-5b18-11e2-bd65-4c809354acd0
 
Error - 1/10/2013 8:51:51 AM | Computer Name = Dom-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CabalMain.exe, wersja: 1.0.0.482,
 sygnatura czasowa: 0x47c76c12  Nazwa modułu powodującego błąd: CabalMain.exe, wersja:
 1.0.0.482, sygnatura czasowa: 0x47c76c12  Kod wyjątku: 0xc0000005  Przesunięcie błędu:
 0x0002e10b  Identyfikator procesu powodującego błąd: 0x12ac  Godzina uruchomienia aplikacji
 powodującej błąd: 0x01cdef25616a7a5c  Ścieżka aplikacji powodującej błąd: D:\Program
 Files (x86)\EGCabal Online\CabalMain.exe  Ścieżka modułu powodującego błąd: D:\Program
 Files (x86)\EGCabal Online\CabalMain.exe  Identyfikator raportu: 806df981-5b24-11e2-bd65-4c809354acd0
 
Error - 1/10/2013 4:24:43 PM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 1/10/2013 5:47:00 PM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 1/11/2013 4:23:58 AM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 1/11/2013 10:36:22 AM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 1/11/2013 11:56:18 AM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 1/11/2013 4:01:39 PM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 1/11/2013 6:41:09 PM | Computer Name = Dom-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CabalMain.exe, wersja: 1.0.0.482,
 sygnatura czasowa: 0x47c76c12  Nazwa modułu powodującego błąd: CabalMain.exe, wersja:
 1.0.0.482, sygnatura czasowa: 0x47c76c12  Kod wyjątku: 0xc0000005  Przesunięcie błędu:
 0x0002e10b  Identyfikator procesu powodującego błąd: 0x1358  Godzina uruchomienia aplikacji
 powodującej błąd: 0x01cdf0375ce966fc  Ścieżka aplikacji powodującej błąd: D:\Program
 Files (x86)\EGCabal Online\CabalMain.exe  Ścieżka modułu powodującego błąd: D:\Program
 Files (x86)\EGCabal Online\CabalMain.exe  Identyfikator raportu: fd95085e-5c3f-11e2-874a-4c809354acd0
 
Error - 1/11/2013 8:47:17 PM | Computer Name = Dom-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: sro_client.exe, wersja: 0.0.0.0,
 sygnatura czasowa: 0x4e311cb6  Nazwa modułu powodującego błąd: ntdll.dll, wersja:
 6.1.7601.17725, sygnatura czasowa: 0x4ec49b8f  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x0003331f  Identyfikator procesu powodującego błąd: 0x11d8  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01cdf05e497c7d3f  Ścieżka aplikacji powodującej błąd:
 C:\Users\Dom\Downloads\Special-Sro+Game+ver+196\Special-Sro Game\sro_client.exe
Ścieżka
 modułu powodującego błąd: C:\Windows\SysWOW64\ntdll.dll  Identyfikator raportu: 9c6f9293-5c51-11e2-874a-4c809354acd0
 
[ System Events ]
Error - 1/11/2013 8:13:01 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/11/2013 8:13:31 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/11/2013 8:14:01 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/11/2013 8:14:31 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/11/2013 8:15:01 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/11/2013 8:15:31 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/11/2013 8:16:01 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/11/2013 8:16:31 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/11/2013 8:17:01 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/11/2013 8:18:49 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
 
< End of report >

[/log]

 

Dobrze zrobilem?

 

Czy mamzrobic z 360 dni? Bo zrobilem tylko z 60

 

A to z 2 programu

 

info

 

[log]info.txt logfile of random's system information tool 1.09 2013-01-12 02:22:58

======Uninstall list======

-->"D:\Program Files (x86)\cdp.pl\Farming Simulator 2013\unins000.exe"
-->MsiExec /X{DEA314C4-0929-4250-BC92-98E4C105F28D}
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_Plugin.exe -maintain plugin
Adobe Reader X (10.1.4) - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-AA1000000001}
ALLPlayer V4.X-->"C:\Program Files (x86)\ALLPlayer\unins000.exe"
Anytime USB Charge Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}\setup.exe" -runfromtemp -l0x0409  -removeonly
ASCII Art Generator 3.2.2-->"C:\Program Files (x86)\ASCII Art Generator\unins000.exe"
AutoIt v3.3.8.1-->C:\Program Files (x86)\AutoIt3\Uninstall.exe
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Bioshock-->C:\Program Files (x86)\InstallShield Installation Information\{AFFC0877-D62C-4A7D-A11F-1E73B5800D13}\setup.exe -runfromtemp -l0x0419
Bolek i Lolek - Alfabet i nauka czytania-->MsiExec.exe /I{37993A79-5D36-4227-B8E8-9BDE95B2CE45}
Cheat Engine 6.2-->"C:\Program Files (x86)\Cheat Engine 6.2\unins000.exe"
Control ActiveX de Windows Live Mesh para conexiones remotas-->MsiExec.exe /I{04668DF2-D32F-4555-9C7E-35523DCD6544}
Contrôle ActiveX Windows Live Mesh pour connexions à distance-->MsiExec.exe /I{55D003F4-9599-44BF-BA9E-95D060730DD3}
Controlo ActiveX do Windows Live Mesh para Ligações Remotas-->MsiExec.exe /I{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}
Counter-Strike-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10
CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
DeskUpdate 4.11-->"c:\Fujitsu\Programs\DeskUpdate\unins000.exe"
EGCabal Online version 2.1.0-->"D:\Program Files (x86)\EGCabal Online\unins000.exe"
Farming Simulator 2013-->"D:\Program Files (x86)\cdp.pl\Farming Simulator 2013\unins000.exe"
FJ Camera-->C:\Program Files (x86)\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x0009 -removeonly
FlashGet3.7-->C:\Program Files (x86)\FlashGet Network\FlashGet 3\uninst.exe
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych-->MsiExec.exe /I{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}
Fujitsu Display Manager-->C:\Program Files (x86)\InstallShield Installation Information\{4108974B-DE87-4AD4-9167-930C62C45691}\setup.exe -runfromtemp -l0x0409
Fujitsu Hotkey Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{C8E4B31D-337C-483D-822D-16F11441669B}\setup.exe" -runfromtemp -l0x0409  -removeonly
Fujitsu Hotkey Utility-->MsiExec.exe /X{C8E4B31D-337C-483D-822D-16F11441669B}
Fujitsu MobilityCenter Extension Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{EC314CDF-3521-482B-A21C-65AC95664814}\setup.exe" -runfromtemp -l0x0409  -removeonly
Fujitsu System Extension Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}\setup.exe" -runfromtemp -l0x0409  -removeonly
Galeria de Fotografias do Windows Live-->MsiExec.exe /X{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}
Galería fotográfica de Windows Live-->MsiExec.exe /X{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}
Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}
Galerie de photos Windows Live-->MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) WiDi-->MsiExec.exe /X{25680C01-6753-4FE9-A891-7857F26457C1}
Java 7 Update 9-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217007FF}
Java(TM) 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216024FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
KGB Archiver 1.2.1.24-->"C:\Program Files (x86)\KGB Archiver\unins000.exe"
K-Lite Mega Codec Pack 5.4.4-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
LifeBook Application Panel-->"C:\Program Files (x86)\InstallShield Installation Information\{6226477E-444F-4DFE-BA19-9F4F7D4565BC}\setup.exe" -runfromtemp -l0x0409  -removeonly
LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {106B4413-ACBB-4CDE-8707-587DB9BD77EC} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{106B4413-ACBB-4CDE-8707-587DB9BD77EC}
McAfee Security Scan Plus-->"C:\Program Files (x86)\McAfee Security Scan\uninstall.exe"
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Office Starter 2010 - Polski-->C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-0415-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{887868A2-D6DE-3255-AA92-AA0B5A59B874}
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Moduł Szybka instalacja pakietu Microsoft Office 2010-->"C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall
Mozilla Firefox 18.0 (x86 pl)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
Need For Speed™ World-->"D:\Program Files (x86)\Electronic Arts\Need For Speed World\unins000.exe"
Nokia Connectivity Cable Driver-->MsiExec.exe /I{A57025CC-5F2E-4D01-B387-06DB10500D43}
Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe
NVIDIA PhysX-->MsiExec.exe /X{DEA314C4-0929-4250-BC92-98E4C105F28D}
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení-->MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706}
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia-->MsiExec.exe /I{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}
PC Connectivity Solution-->MsiExec.exe /I{644F4910-E812-49AD-93EC-86828CB81A0D}
Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1}
Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383}
Power Saving Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{49A588CF-5FD4-4774-BFBF-0764287DE82B}\setup.exe" -runfromtemp -l0x0409  -removeonly
PremiumSoft Navicat 8.0 for MySQL-->"C:\Program Files (x86)\PremiumSoft\Navicat 8.0 MySQL\unins000.exe"
Program PIT 2012-2013-->MsiExec.exe /I{BE739BC7-030F-4CAA-A6F9-EA59405B7E32}
Proxifier version 3.21-->"C:\Program Files (x86)\Proxifier\unins000.exe"
QuickTime Alternative 2.9.2-->"C:\Program Files (x86)\QuickTime Alternative\unins000.exe"
RaiderZ-->"D:\Program Files (x86)\RaiderZOnline\unins000.exe"
RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
RealPlayer-->C:\Program Files (x86)\Real\RealPlayer\Update\r1puninst.exe RealNetworks|RealPlayer|15.0
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -removeonly
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
SciTE4AutoIt3 6/10/2012-->C:\Program Files (x86)\AutoIt3\SciTE\uninst.exe
Security Update for Microsoft .NET Framework 4.5 (KB2729460)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {E7013CF5-8910-3109-93B6-7447D0371F4E}
Security Update for Microsoft .NET Framework 4.5 (KB2737083)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {00909A54-CC11-3F00-9279-3CE090432A91}
Serenity GamerZ Revolution Client Revolution-->C:\Program Files (x86)\SerenityGamerZ\Cabal\Uninstall.exe
Skype™ 6.0-->MsiExec.exe /X{EA17F4FC-FDBF-4CF8-A529-2D983132D053}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SubEdit-Player-->"C:\Program Files (x86)\SubEdit-Player\unins000.exe"
TeamViewer 7-->C:\Program Files (x86)\TeamViewer\Version7\uninstall.exe
TuneUp Utilities 2012 wersja 12.0.3500.29-->"C:\Program Files (x86)\TuneUp Utilities 2012\unins000.exe"
TunnelBear 1.0.36-->C:\Program Files (x86)\TunnelBear\uninst.exe
Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Essentials-->MsiExec.exe /I{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}
Windows Live Essentials-->MsiExec.exe /I{B618C3BF-5142-4630-81DD-F96864F97C7E}
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{0D261C88-454B-46FE-B43B-640E621BDA11}
Windows Live Mail-->MsiExec.exe /I{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17}
Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
Windows Live Mesh-->MsiExec.exe /I{78DAE910-CA72-450E-AD22-772CB1A00678}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}
Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Mesh-->MsiExec.exe /I{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}
Windows Live Messenger-->MsiExec.exe /X{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}
Windows Live Messenger-->MsiExec.exe /X{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}
Windows Live Messenger-->MsiExec.exe /X{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}
Windows Live Messenger-->MsiExec.exe /X{4A275FD1-2F24-4274-8C01-813F5AD1A92D}
Windows Live Messenger-->MsiExec.exe /X{50300123-F8FC-4B50-B449-E847D04F1BA2}
Windows Live Messenger-->MsiExec.exe /X{6057E21C-ABE9-4059-AE3E-3BEB9925E660}
Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}
Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}
Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}
Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81}
Windows Live Photo Common-->MsiExec.exe /X{370F888E-42A7-4911-9E34-7D74632E17EB}
Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{A41A708E-3BE6-4561-855D-44027C1CF0F8}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{C893D8C0-1BA0-4517-B11C-E89B65E72F70}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{05E379CC-F626-4E7D-8354-463865B303BF}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{506FC723-8E6C-4417-9CFF-351F99130425}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{77477AEA-5757-47D8-8B33-939F43D82218}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16}
Windows Live Writer Resources-->MsiExec.exe /X{62687B11-58B5-4A18-9BC3-9DF4CE03F194}
Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer Resources-->MsiExec.exe /X{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}
Windows Live Writer Resources-->MsiExec.exe /X{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}
Windows Live Writer-->MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5}
Windows Live Writer-->MsiExec.exe /X{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}
Windows Live Writer-->MsiExec.exe /X{3B9A92DA-6374-4872-B646-253F18624D5F}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{48C0DC5E-820A-44F2-890E-29B68EDD3C78}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80}
Windows Live-->MsiExec.exe /I{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR 4.11 (32-bitowy)-->C:\Program Files (x86)\WinRAR\uninstall.exe
Wise Disk Cleaner 7.73-->"C:\Program Files (x86)\Wise\Wise Disk Cleaner\unins000.exe"

======System event log======

Computer Name: Dom-Komputer
Event Code: 7023
Message: Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił następujący błąd:
Nie można odnaleźć określonego modułu.
Record Number: 378752
Source Name: Service Control Manager
Time Written: 20121225130359.959697-000
Event Type: Błędy
User:

Computer Name: Dom-Komputer
Event Code: 7036
Message: Usługa Instalator modułów systemu Windows weszła w stan zatrzymania.
Record Number: 378751
Source Name: Service Control Manager
Time Written: 20121225130359.959697-000
Event Type: Informacje
User:

Computer Name: Dom-Komputer
Event Code: 7023
Message: Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił następujący błąd:
Nie można odnaleźć określonego modułu.
Record Number: 378750
Source Name: Service Control Manager
Time Written: 20121225130330.129917-000
Event Type: Błędy
User:

Computer Name: Dom-Komputer
Event Code: 7036
Message: Usługa Instalator modułów systemu Windows weszła w stan zatrzymania.
Record Number: 378749
Source Name: Service Control Manager
Time Written: 20121225130330.129917-000
Event Type: Informacje
User:

Computer Name: Dom-Komputer
Event Code: 7023
Message: Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił następujący błąd:
Nie można odnaleźć określonego modułu.
Record Number: 378748
Source Name: Service Control Manager
Time Written: 20121225130300.468924-000
Event Type: Błędy
User:

=====Application event log=====

Computer Name: LIFEBOOK
Event Code: 35
Message:
Record Number: 5
Source Name: NIS
Time Written: 20120531214808.000000-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: LIFEBOOK
Event Code: 34
Message:
Record Number: 4
Source Name: NIS
Time Written: 20120531214807.000000-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: LIFEBOOK
Event Code: 0
Message:
Record Number: 3
Source Name: Bluetooth Device Monitor
Time Written: 20120531214806.000000-000
Event Type: Informacje
User:

Computer Name: LIFEBOOK
Event Code: 1531
Message: Usługa profilów użytkowników została uruchomiona pomyślnie.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120531214758.372522-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: LIFEBOOK
Event Code: 4625
Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20120531214758.000000-000
Event Type: Informacje
User:

=====Security event log=====

Computer Name: Dom-Komputer
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
    Identyfikator zabezpieczeń:        S-1-5-18
    Nazwa konta:        DOM-KOMPUTER$
    Domena konta:        WORKGROUP
    Identyfikator logowania:        0x3e7

Typ logowania:            5

Nowe logowanie:
    Identyfikator zabezpieczeń:        S-1-5-18
    Nazwa konta:        SYSTEM
    Domena konta:        ZARZĄDZANIE NT
    Identyfikator logowania:        0x3e7
    Identyfikator GUID logowania:        {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
    Identyfikator procesu:        0x358
    Nazwa procesu:        C:\Windows\System32\services.exe

Informacje o sieci:
    Nazwa stacji roboczej:    
    Adres źródłowy sieci:    -
    Port źródłowy:        -

Szczegółowe informacje o uwierzytelnianiu:
    Proces logowania:        Advapi  
    Pakiet uwierzytelniania:    Negotiate
    Usługi przejściowe:    -
    Nazwa pakietu (tylko NTLM):    -
    Długość klucza:        0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
    - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
    - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
    - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
    - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 319978
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130102180224.045027-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Dom-Komputer
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:
    Identyfikator zabezpieczeń:        S-1-5-18
    Nazwa konta:        SYSTEM
    Domena konta:        ZARZĄDZANIE NT
    Identyfikator logowania:        0x3e7

Uprawnienia:        SeAssignPrimaryTokenPrivilege
            SeTcbPrivilege
            SeSecurityPrivilege
            SeTakeOwnershipPrivilege
            SeLoadDriverPrivilege
            SeBackupPrivilege
            SeRestorePrivilege
            SeDebugPrivilege
            SeAuditPrivilege
            SeSystemEnvironmentPrivilege
            SeImpersonatePrivilege
Record Number: 319977
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130102180154.014974-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Dom-Komputer
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
    Identyfikator zabezpieczeń:        S-1-5-18
    Nazwa konta:        DOM-KOMPUTER$
    Domena konta:        WORKGROUP
    Identyfikator logowania:        0x3e7

Typ logowania:            5

Nowe logowanie:
    Identyfikator zabezpieczeń:        S-1-5-18
    Nazwa konta:        SYSTEM
    Domena konta:        ZARZĄDZANIE NT
    Identyfikator logowania:        0x3e7
    Identyfikator GUID logowania:        {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
    Identyfikator procesu:        0x358
    Nazwa procesu:        C:\Windows\System32\services.exe

Informacje o sieci:
    Nazwa stacji roboczej:    
    Adres źródłowy sieci:    -
    Port źródłowy:        -

Szczegółowe informacje o uwierzytelnianiu:
    Proces logowania:        Advapi  
    Pakiet uwierzytelniania:    Negotiate
    Usługi przejściowe:    -
    Nazwa pakietu (tylko NTLM):    -
    Długość klucza:        0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
    - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
    - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
    - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
    - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 319976
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130102180154.014974-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Dom-Komputer
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:
    Identyfikator zabezpieczeń:        S-1-5-18
    Nazwa konta:        SYSTEM
    Domena konta:        ZARZĄDZANIE NT
    Identyfikator logowania:        0x3e7

Uprawnienia:        SeAssignPrimaryTokenPrivilege
            SeTcbPrivilege
            SeSecurityPrivilege
            SeTakeOwnershipPrivilege
            SeLoadDriverPrivilege
            SeBackupPrivilege
            SeRestorePrivilege
            SeDebugPrivilege
            SeAuditPrivilege
            SeSystemEnvironmentPrivilege
            SeImpersonatePrivilege
Record Number: 319975
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130102180123.984922-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Dom-Komputer
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
    Identyfikator zabezpieczeń:        S-1-5-18
    Nazwa konta:        DOM-KOMPUTER$
    Domena konta:        WORKGROUP
    Identyfikator logowania:        0x3e7

Typ logowania:            5

Nowe logowanie:
    Identyfikator zabezpieczeń:        S-1-5-18
    Nazwa konta:        SYSTEM
    Domena konta:        ZARZĄDZANIE NT
    Identyfikator logowania:        0x3e7
    Identyfikator GUID logowania:        {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
    Identyfikator procesu:        0x358
    Nazwa procesu:        C:\Windows\System32\services.exe

Informacje o sieci:
    Nazwa stacji roboczej:    
    Adres źródłowy sieci:    -
    Port źródłowy:        -

Szczegółowe informacje o uwierzytelnianiu:
    Proces logowania:        Advapi  
    Pakiet uwierzytelniania:    Negotiate
    Usługi przejściowe:    -
    Nazwa pakietu (tylko NTLM):    -
    Długość klucza:        0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
    - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
    - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
    - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
    - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 319974
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130102180123.984922-000
Event Type: Sukcesy inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Users\Dom\AppData\Local\Smartbar\Application\;C:\Users\Dom\AppData\Local\Smartbar\Application\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3

-----------------EOF-----------------

[/log]

 

i log

 

[log]Logfile of random's system information tool 1.09 (written by random/random)
Run by Dom at 2013-01-12 02:22:22
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 37 GB (36%) free of 102 GB
Total RAM: 4009 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 02:22:48, on 2013-01-12
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Users\Dom\Downloads\OTL.exe
C:\Users\Dom\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Dom.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=110824&tt=4712_5&babsrc=HP_ss&mntrId=ae31ac310000000000004c809354accd
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.just-browse.info/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=f789b49d-d7d0-4252-b1e6-e9222ac6740b&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=f789b49d-d7d0-4252-b1e6-e9222ac6740b&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 147.102.16.69:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Dom\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Dom\AppData\Roaming\Gadu-Gadu 10\_userdata\ggbho.2.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IndicatorUtility] "C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O4 - .DEFAULT User Startup: LaunchCenter.lnk = C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (User 'Default user')
O4 - .DEFAULT User Startup: newreminderdialog.lnk = C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (User 'Default user')
O8 - Extra context menu item: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm
O8 - Extra context menu item: Download all videos by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallflvurl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm
O8 - Extra context menu item: Download current video by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetflvurl.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PFNService - FUJITSU LIMITED - C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
O23 - Service: PowerSavingUtilityService - FUJITSU LIMITED - C:\Program Files\Fujitsu\PSUtility\PSUService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: xsherlock - Wellbia.com Co., Ltd. - C:\Windows\system32\xsherlock.xem

--
End of file - 12447 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-323826620-2306945312-2335366591-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-323826620-2306945312-2335366591-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\xmwk5cuo.default

prefs.js - "browser.startup.homepage" -  "https://www.google.pl/"
prefs.js - "keyword.URL" -  "http://websearch.just-browse.info/?l=1&q="

"{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"ocr@babylon.com"=C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.135 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
allegro-pl.xml
babylon.xml
fbc-pl.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml

C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\xmwk5cuo.default\extensions\
50e76b2c4f976@50e76b2c4f9af.com

C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\xmwk5cuo.default\searchplugins\
WebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-06-04 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-24 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-02-23 998560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Users\Dom\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll [2012-11-07 149168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-24 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\Users\Dom\AppData\Roaming\Gadu-Gadu 10\_userdata\ggbho.2.dll [2009-11-23 37376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113}
{98889811-442D-49dd-99D7-DC866BE87DBC}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-02-23 998560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IndicatorUtility"=C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [2010-09-30 48752]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-02-23 4031368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\flashget3.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hamachi-2-ui.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\steam.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\teamviewer.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninst.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unite.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"msacm.ac3filter"=ac3filter.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2013-01-12 02:22:22 ----D---- C:\rsit
2013-01-12 02:22:22 ----D---- C:\Program Files (x86)\trend micro
2013-01-11 15:04:29 ----D---- C:\ProgramData\Electronic Arts
2013-01-10 23:04:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-01-08 17:12:20 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2013-01-08 17:12:20 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-01-08 17:12:19 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2013-01-08 17:12:17 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-01-08 17:12:16 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2013-01-08 17:12:15 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2013-01-08 17:12:14 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2013-01-08 17:12:13 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2013-01-08 17:12:12 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-01-08 17:12:11 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll
2013-01-08 17:12:11 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2013-01-08 17:12:10 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-01-08 17:12:09 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll
2013-01-08 17:12:07 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-01-08 17:12:05 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll
2013-01-08 17:12:04 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll
2013-01-08 17:12:02 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2013-01-08 17:11:57 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll
2013-01-08 17:11:56 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2013-01-08 17:11:55 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2013-01-08 17:11:55 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2013-01-08 17:11:53 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-01-08 17:11:51 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2013-01-08 17:11:49 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2013-01-08 17:11:49 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-01-08 17:11:48 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2013-01-08 17:11:48 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-01-08 17:11:46 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2013-01-08 17:11:46 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-01-08 17:11:45 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2013-01-08 17:11:44 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2013-01-08 17:11:44 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-01-08 17:11:42 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
2013-01-08 17:11:41 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2013-01-08 17:11:41 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2013-01-08 17:11:40 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2013-01-08 17:11:39 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2013-01-08 17:11:38 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2013-01-08 17:11:38 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2013-01-08 17:11:36 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2013-01-08 10:06:06 ----D---- C:\Users\Dom\AppData\Roaming\Podatnik.info
2013-01-08 09:58:32 ----D---- C:\Program Files (x86)\Podatnik.info Sp z o.o
2013-01-05 14:55:21 ----D---- C:\Users\Dom\AppData\Roaming\Wise Disk Cleaner
2013-01-05 14:54:51 ----D---- C:\Program Files (x86)\Wise
2013-01-05 02:36:44 ----A---- C:\Windows\SysWOW64\aswBoot.exe
2013-01-05 02:36:44 ----A---- C:\Windows\avastSS.scr
2013-01-05 01:54:35 ----D---- C:\Program Files (x86)\SerenityGamerZ
2013-01-05 00:32:37 ----D---- C:\Users\Dom\AppData\Roaming\SendSpace
2013-01-05 00:32:20 ----D---- C:\Program Files (x86)\Optimizer Pro
2013-01-05 00:32:07 ----D---- C:\Program Files (x86)\BrowseToSave
2013-01-05 00:32:02 ----D---- C:\ProgramData\Browse2save
2013-01-05 00:31:43 ----D---- C:\ProgramData\InstallMate
2013-01-02 18:42:57 ----D---- C:\Users\Dom\AppData\Roaming\Mozilla
2013-01-02 18:42:45 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-01-02 18:38:18 ----D---- C:\Windows\SysWOW64\searchplugins
2013-01-02 18:38:18 ----D---- C:\Windows\SysWOW64\Extensions
2012-12-31 14:22:54 ----D---- C:\Users\Dom\AppData\Roaming\ObviousIdea
2012-12-31 14:21:54 ----D---- C:\Program Files (x86)\Babylon
2012-12-31 14:20:46 ----D---- C:\Program Files (x86)\ObviousIdea
2012-12-30 23:19:49 ----D---- C:\ProgramData\AVG2013
2012-12-30 23:15:58 ----D---- C:\ProgramData\MFAData
2012-12-30 21:42:15 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2012-12-30 18:08:47 ----D---- C:\Users\Dom\AppData\Roaming\Skype
2012-12-30 18:08:32 ----RD---- C:\Program Files (x86)\Skype
2012-12-30 18:08:32 ----D---- C:\Program Files (x86)\Common Files\Skype
2012-12-30 18:08:05 ----D---- C:\ProgramData\Skype
2012-12-30 17:56:15 ----D---- C:\Program Files (x86)\Cheat Engine 6.2
2012-12-30 13:51:28 ----A---- C:\Windows\SysWOW64\libmysql41.dll
2012-12-30 13:51:28 ----A---- C:\Windows\SysWOW64\libmysql40.dll
2012-12-30 13:51:28 ----A---- C:\Windows\SysWOW64\libmysql323.dll
2012-12-30 13:51:28 ----A---- C:\Windows\SysWOW64\libmysql320.dll
2012-12-25 14:13:47 ----D---- C:\Downloads
2012-12-20 17:07:08 ----N---- C:\bootsqm.dat
2012-12-20 17:05:43 ----SHD---- C:\found.002
2012-12-19 09:15:39 ----D---- C:\ProgramData\IObit
2012-12-19 09:15:38 ----D---- C:\Program Files (x86)\IObit
2012-12-18 14:14:07 ----A---- C:\Windows\SysWOW64\secustat.dat
2012-12-18 14:05:57 ----A---- C:\Windows\SysWOW64\gamelsp.dll
2012-12-18 13:50:33 ----A---- C:\Windows\SysWOW64\secushr.dat
2012-12-18 13:49:54 ----A---- C:\Windows\emcore.INI
2012-12-18 13:46:08 ----D---- C:\Users\Dom\AppData\Roaming\FlashgetSetup
2012-12-18 13:46:08 ----D---- C:\Users\Dom\AppData\Roaming\BITS
2012-12-18 13:45:56 ----D---- C:\Users\Dom\AppData\Roaming\FlashGetBHO
2012-12-18 13:45:52 ----D---- C:\Users\Dom\AppData\Roaming\FlashGet
2012-12-18 13:45:52 ----D---- C:\Program Files (x86)\FlashGet Network
2012-12-16 14:46:23 ----D---- C:\Users\Dom\AppData\Roaming\Proxifier
2012-12-16 14:46:13 ----A---- C:\Windows\SysWOW64\SPORDER.DLL
2012-12-16 14:46:13 ----A---- C:\Windows\SysWOW64\PrxerNsp.dll
2012-12-16 14:46:13 ----A---- C:\Windows\SysWOW64\PrxerDrv.dll
2012-12-16 14:46:13 ----A---- C:\Windows\SysWOW64\ProxifierShellExt.dll
2012-12-16 14:46:12 ----D---- C:\Program Files (x86)\Proxifier
2012-12-14 11:37:30 ----D---- C:\ProgramData\3DMGAME
2012-12-13 18:35:09 ----D---- C:\ProgramData\Connectify
2012-12-12 00:34:23 ----D---- C:\Users\Dom\AppData\Roaming\YourFileDownloader
2012-12-12 00:34:23 ----D---- C:\Program Files (x86)\YourFileDownloader
2012-12-12 00:30:33 ----D---- C:\ProgramData\Microsoft Help
2012-12-11 19:36:12 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-12-06 14:51:45 ----D---- C:\ProgramData\RELOADED
2012-12-06 11:47:11 ----D---- C:\Windows\SysWOW64\directx
2012-11-30 14:22:45 ----D---- C:\Program Files (x86)\AutoIt3
2012-11-29 17:57:56 ----A---- C:\Windows\SysWOW64\libmysql_c.dll
2012-11-18 10:51:32 ----D---- C:\Users\Dom\AppData\Roaming\Aidem Media
2012-11-14 21:48:42 ----D---- C:\Program Files (x86)\NCSoft
2012-11-14 09:43:00 ----D---- C:\Users\Dom\AppData\Roaming\PC Suite
2012-11-14 09:42:59 ----D---- C:\Users\Dom\AppData\Roaming\Nokia
2012-11-14 09:42:59 ----D---- C:\ProgramData\PC Suite
2012-11-14 09:40:41 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2012-11-14 09:40:10 ----D---- C:\Program Files (x86)\Nokia
2012-11-14 09:39:11 ----D---- C:\ProgramData\Installations
2012-11-07 17:21:26 ----D---- C:\Users\Dom\AppData\Roaming\Bioshock
2012-11-07 17:21:21 ----RHD---- C:\Users\Dom\AppData\Roaming\SecuROM
2012-11-07 02:40:22 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe
2012-11-07 02:40:16 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe
2012-11-07 02:35:25 ----D---- C:\Users\Dom\AppData\Roaming\Leadertech
2012-11-07 02:26:07 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2012-11-07 02:26:07 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2012-11-07 02:26:06 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2012-11-07 02:26:05 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2012-11-07 02:26:05 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2012-11-07 02:26:02 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2012-11-07 02:26:01 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2012-11-07 02:25:59 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2012-11-07 02:25:59 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2012-11-07 02:25:56 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2012-11-07 02:25:56 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2012-11-07 02:25:54 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2012-11-07 02:25:54 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2012-11-07 02:25:51 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2012-11-07 02:25:50 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2012-11-07 02:25:50 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2012-11-07 02:25:49 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2012-11-07 02:25:48 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2012-11-07 02:25:46 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2012-11-07 02:25:46 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2012-11-07 02:25:45 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2012-11-07 02:25:43 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2012-11-07 02:25:43 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2012-11-07 02:25:40 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2012-11-07 02:25:39 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2012-11-07 02:25:39 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2012-11-07 02:25:38 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2012-11-07 02:25:35 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2012-11-07 02:25:35 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2012-11-07 02:25:33 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2012-11-07 02:25:32 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2012-11-07 02:25:31 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2012-11-07 02:25:30 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2012-11-07 02:25:30 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2012-11-07 02:25:29 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2012-11-07 02:25:22 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2012-11-07 02:25:20 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2012-11-07 02:25:20 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2012-11-07 02:25:19 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2012-11-07 02:25:16 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2012-11-07 02:25:14 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2012-11-07 02:25:12 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2012-11-07 02:25:11 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2012-11-07 02:25:09 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2012-11-05 14:17:37 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-11-01 10:13:49 ----D---- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2012-10-23 13:16:50 ----D---- C:\Users\Dom\AppData\Roaming\marcinc
2012-10-23 13:12:56 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-10-23 13:12:56 ----A---- C:\Windows\SysWOW64\javaw.exe
2012-10-23 13:12:56 ----A---- C:\Windows\SysWOW64\java.exe
2012-10-22 23:05:16 ----D---- C:\Program Files (x86)\PHP
2012-10-15 11:17:14 ----D---- C:\Users\Dom\AppData\Roaming\FarmHelper
2012-10-15 10:51:49 ----D---- C:\Users\Dom\AppData\Roaming\SFBot

======List of files/folders modified in the last 3 months======

2013-01-12 02:22:34 ----D---- C:\Windows\Temp
2013-01-12 02:22:22 ----RD---- C:\Program Files (x86)
2013-01-12 01:22:36 ----D---- C:\Program Files (x86)\TunnelBear
2013-01-11 23:41:49 ----D---- C:\Windows\SysWOW64\drivers
2013-01-11 21:04:17 ----A---- C:\Windows\SysWOW64\log.txt
2013-01-11 21:02:45 ----D---- C:\Windows
2013-01-11 17:21:42 ----D---- C:\Windows\inf
2013-01-11 16:07:09 ----SHD---- C:\System Volume Information
2013-01-11 15:34:00 ----D---- C:\Users\Dom\AppData\Roaming\uTorrent
2013-01-11 15:04:29 ----HD---- C:\ProgramData
2013-01-11 14:58:16 ----D---- C:\Windows\Prefetch
2013-01-10 10:25:58 ----D---- C:\Windows\Tasks
2013-01-10 08:56:43 ----D---- C:\Windows\System32
2013-01-08 17:12:20 ----D---- C:\Windows\SysWOW64
2013-01-08 17:11:03 ----RSD---- C:\Windows\assembly
2013-01-08 17:09:16 ----D---- C:\Windows\Logs
2013-01-08 09:58:57 ----SHD---- C:\Windows\Installer
2013-01-08 09:58:57 ----SHD---- C:\Config.Msi
2013-01-05 15:19:49 ----D---- C:\Windows\SoftwareDistribution
2013-01-05 15:15:30 ----D---- C:\Windows\debug
2013-01-05 14:57:41 ----SHD---- C:\found.001
2013-01-05 14:57:41 ----SHD---- C:\found.000
2013-01-05 14:57:40 ----D---- C:\Program Files (x86)\DDFinal
2013-01-05 14:56:39 ----D---- C:\Windows\Panther
2013-01-05 14:56:39 ----D---- C:\Windows\ModemLogs
2013-01-05 14:56:39 ----D---- C:\Windows\Downloaded Program Files
2013-01-05 02:40:43 ----RD---- C:\Program Files
2013-01-05 02:36:27 ----D---- C:\ProgramData\AVAST Software
2013-01-05 01:49:11 ----SD---- C:\Users\Dom\AppData\Roaming\Microsoft
2013-01-05 01:11:39 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-01-04 18:13:16 ----D---- C:\Users\Dom\AppData\Roaming\TS3Client
2012-12-30 23:35:55 ----D---- C:\Windows\Minidump
2012-12-30 18:08:32 ----D---- C:\Program Files (x86)\Common Files
2012-12-25 16:07:01 ----RSD---- C:\Windows\Fonts
2012-12-20 13:21:44 ----D---- C:\Program Files (x86)\RelevantKnowledge
2012-12-20 12:53:22 ----D---- C:\Users\Dom\AppData\Roaming\GG
2012-12-20 12:51:12 ----D---- C:\Program Files (x86)\SpeedyDrive
2012-12-16 17:25:41 ----D---- C:\Users\Dom\AppData\Roaming\SoftGrid Client
2012-12-13 18:30:38 ----D---- C:\Program Files (x86)\uTorrent
2012-12-12 19:43:30 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-11-30 19:45:23 ----D---- C:\Users\Dom\AppData\Roaming\CoreFTP
2012-11-30 14:22:51 ----D---- C:\Windows\ShellNew
2012-11-29 17:57:53 ----D---- C:\Program Files (x86)\PremiumSoft
2012-11-27 21:03:31 ----D---- C:\Users\Dom\AppData\Roaming\GHISLER
2012-11-27 20:34:20 ----D---- C:\Users\Dom\AppData\Roaming\FileZilla
2012-11-17 20:28:03 ----D---- C:\Windows\Microsoft.NET
2012-11-14 14:09:31 ----D---- C:\Program Files (x86)\Steam
2012-11-14 14:06:34 ----D---- C:\Program Files (x86)\Common Files\Steam
2012-11-14 13:54:49 ----D---- C:\Program Files (x86)\Gadu-Gadu 10
2012-11-02 21:31:18 ----D---- C:\Users\Dom\AppData\Roaming\DMCache
2012-11-01 09:20:34 ----D---- C:\Program Files (x86)\Electronic Arts
2012-11-01 09:20:09 ----D---- C:\Program Files (x86)\Metin2pl
2012-11-01 09:20:03 ----D---- C:\Program Files (x86)\Metin2 Singapore
2012-10-27 16:43:43 ----D---- C:\ProgramData\Real
2012-10-27 16:43:36 ----D---- C:\Users\Dom\AppData\Roaming\Real
2012-10-26 18:15:23 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2012-10-26 18:13:27 ----D---- C:\Windows\SysWOW64\en-US
2012-10-23 13:12:56 ----D---- C:\Program Files (x86)\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 FBIOSDRV;Fujitsu BIOS Driver; C:\Windows\System32\Drivers\FBIOSDRV.sys []
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys []
R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys []
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys []
R3 FUJ02B1;Fujitsu FUJ02B1 Device Driver; C:\Windows\system32\DRIVERS\FUJ02B1.sys []
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver; C:\Windows\system32\drivers\FUJ02E3.sys []
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
R3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys []
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys []
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys []
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys []
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys []
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
R3 wdkmd;Intel WiDi KMD; C:\Windows\system32\DRIVERS\WDKMD.sys []
S3 ATP;Comodo Unite Miniport Driver; C:\Windows\system32\DRIVERS\cmdatp.sys []
S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys []
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-03-29 11856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys []
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys []
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys []
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-02-23 44768]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-03 897088]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-03 983104]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-05 1515792]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 PFNService;PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2010-10-07 331776]
R2 PowerSavingUtilityService;PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [2010-06-17 63336]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-05 836880]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-04-13 2143552]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-03 1298496]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-04 136176]
S2 RelevantKnowledge;RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe /service []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-12 250808]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-04 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-10 115760]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 340240]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2012-05-15 4295288]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-11-14 529744]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
S4 NetMsmqActivator;@C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-10-23 2848168]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

[/log]

Natsuki Kuga
komentarz
komentarz

Wylistowanie plików z ostatnich 60 dni wystarczy.

1. Zaktualizuj wymienione pozycje do najnowszych wersji:

Java™ 6 Update 24
Mozilla Firefox 18.0 (x86 pl)


2. Odinstaluj McAfee Security Scan.

3. Do OTL wklej:
[spoiler]
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.just-browse.info/
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperba...q={searchTerms}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.jus...q={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.com/ig/redirectd [Binary data over 200 bytes]
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylo...0004c809354accd
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperba...q={searchTerms}
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperba...q={searchTerms}
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperba...q={searchTerms}
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0004c809354accd
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.jus...q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "WebSearch"
FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"
FF - prefs.js..browser.search.defaulturl: "http://websearch.jus...se.info/?l=1&q="
FF - prefs.js..browser.search.order.1: "WebSearch"
FF - prefs.js..browser.search.order.1,S: S", "WebSearch"
FF - prefs.js..browser.search.selectedEngine: "WebSearch"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
FF - prefs.js..keyword.URL: "http://websearch.jus...se.info/?l=1&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "WebSearch"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "WebSearch"
FF - prefs.js..browser.startup.homepage: "http://websearch.just-browse.info/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://websearch.jus...se.info/?l=1&q="
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ocr@babylon.com: C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com [2012/12/31 14:22:00 | 000,000,000 | ---D | M]
[2013/01/05 00:32:48 | 000,000,000 | ---D | M] (Browse2save) -- C:\Users\Dom\AppData\Roaming\mozilla\Firefox\Profiles\xmwk5cuo.default\Extensions\50e76b2c4f976@50e76b2c4f9af.com
[2013/01/05 00:32:34 | 000,000,556 | ---- | M] () -- C:\Users\Dom\AppData\Roaming\mozilla\firefox\profiles\xmwk5cuo.default\searchplugins\WebSearch.xml
[2012/11/24 20:12:52 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
CHR - homepage: http://websearch.just-browse.info/
CHR - default_search_provider: WebSearch (Enabled)
CHR - default_search_provider: search_url = http://websearch.jus...q={searchTerms}
CHR - default_search_provider: suggest_url = http://websearch.jus...q={searchTerms}
CHR - homepage: http://websearch.just-browse.info/
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk =  File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk =  File not found
O33 - MountPoints2\{41eb6bbb-f41d-11e1-bdca-de02d1722adf}\Shell - "" = AutoRun
O33 - MountPoints2\{41eb6bbb-f41d-11e1-bdca-de02d1722adf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.hta

:Files
C:\Program Files (x86)\Babylon
C:\ProgramData\Browse2save
C:\Program Files (x86)\BrowseToSave
C:\Users\Dom\wgsdgsdgdsgsd.dll
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\Users\Dom\tiuopu.exe
C:\Program Files (x86)\RelevantKnowledge
[/spoiler]
Wykonaj skrypt, pokaż raport.

4. Użyj AdwCleaner z opcji Delete. Pokaż raport.

5. Podepnij wszystkie pamięci przenośne jakie posiadasz i użyj USBFix z opcji Deletion. Pokaż raport.

6. Po zrobieniu wszystkiego wykonaj nowy zestaw logów.

 

daro99
komentarz
komentarz (edytowane)

Przeszedlem do 3 punktu i :

 

http://imageshack.us/f/688/trojanotl.png/

 

+ do tego wkleilem skrypt ktory ty mi dales to po zrestartowaniu kompa mam czarny ekran, musze wlaczac menardzer zadan i wylaczac jakies cos, bo bym mial caly czas czarny ekran

 

po wklejeniu skryptu :

 

[log]========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_USERS\S-1-5-21-323826620-2306945312-2335366591-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-323826620-2306945312-2335366591-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-323826620-2306945312-2335366591-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_USERS\S-1-5-21-323826620-2306945312-2335366591-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-323826620-2306945312-2335366591-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
Prefs.js: "WebSearch" removed from browser.search.defaultenginename
Prefs.js: S", "WebSearch" removed from browser.search.defaultenginename,S
Prefs.js: "http://websearch.jus...se.info/?l=1&q=" removed from browser.search.defaulturl
Prefs.js: "WebSearch" removed from browser.search.order.1
Prefs.js: S", "WebSearch" removed from browser.search.order.1,S
Prefs.js: "WebSearch" removed from browser.search.selectedEngine
Prefs.js: S", "WebSearch" removed from browser.search.selectedEngine,S
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0 removed from extensions.enabledAddons
Prefs.js: "http://websearch.jus...se.info/?l=1&q=" removed from keyword.URL
Prefs.js: "WebSearch" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "WebSearch" removed from sweetim.toolbar.previous.browser.search.selectedEngine
Prefs.js: "http://websearch.just-browse.info/" removed from browser.startup.homepage
Prefs.js: "http://websearch.jus...se.info/?l=1&q=" removed from sweetim.toolbar.previous.keyword.URL
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ocr@babylon.com not found.
File C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com not found.
Folder C:\Users\Dom\AppData\Roaming\mozilla\Firefox\Profiles\xmwk5cuo.default\Extensions\50e76b2c4f976@50e76b2c4f9af.com\ not found.
File C:\Users\Dom\AppData\Roaming\mozilla\firefox\profiles\xmwk5cuo.default\searchplugins\WebSearch.xml not found.
File C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml not found.
Use Chrome's Settings page to change the HomePage.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to change the HomePage.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_USERS\S-1-5-21-323826620-2306945312-2335366591-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
File move failed. C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk scheduled to be moved on reboot.
File move failed. C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk scheduled to be moved on reboot.
File move failed. C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk scheduled to be moved on reboot.
File move failed. C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{41eb6bbb-f41d-11e1-bdca-de02d1722adf}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41eb6bbb-f41d-11e1-bdca-de02d1722adf}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{41eb6bbb-f41d-11e1-bdca-de02d1722adf}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41eb6bbb-f41d-11e1-bdca-de02d1722adf}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.hta not found.
========== FILES ==========
File\Folder C:\Program Files (x86)\Babylon not found.
File\Folder C:\ProgramData\Browse2save not found.
File\Folder C:\Program Files (x86)\BrowseToSave not found.
File\Folder C:\Users\Dom\wgsdgsdgdsgsd.dll not found.
File\Folder C:\ProgramData\dsgsdgdsgdsgw.pad not found.
File\Folder C:\Users\Dom\tiuopu.exe not found.
File\Folder C:\Program Files (x86)\RelevantKnowledge not found.
 
OTL by OldTimer - Version 3.2.69.0 log created on 01132013_005614

Files\Folders moved on Reboot...
File\Folder C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk not found!
File\Folder C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk not found!
File\Folder C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk not found!
File\Folder C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[/log]

 

A to z Adw :

 

[log]# AdwCleaner v2.105 - Log utworzony 13/01/2013 o 00:35:59
# Aktualizacja 08/01/2013 przez Xplode
# System operacyjny : Windows 7 Home Premium Service Pack 1 (64 bits)
# Użytkownik : Dom - DOM-KOMPUTER
# Tryb uruchomienia : Normalny
# Ścieżka : C:\Users\Dom\Downloads\adwcleaner_www.INSTALKI.pl.exe
# Opcja [Usuń]

***** [Usługi] *****

Zatrzymano & Usunięto : RelevantKnowledge

***** [Pliki / Foldery] *****

Folder Usunięto : C:\Program Files (x86)\Babylon
Folder Usunięto : C:\Program Files (x86)\Conduit
Folder Usunięto : C:\Program Files (x86)\RelevantKnowledge
Folder Usunięto : C:\Program Files (x86)\yourfiledownloader
Folder Usunięto : C:\Program Files\Babylon
Folder Usunięto : C:\ProgramData\InstallMate
Folder Usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Folder Usunięto : C:\ProgramData\Partner
Folder Usunięto : C:\ProgramData\Tarma Installer
Folder Usunięto : C:\Users\Dom\AppData\Local\Conduit
Folder Usunięto : C:\Users\Dom\AppData\LocalLow\Conduit
Folder Usunięto : C:\Users\Dom\AppData\LocalLow\Toolbar4
Folder Usunięto : C:\Users\Dom\AppData\Roaming\OpenCandy
Folder Usunięto : C:\Users\Dom\AppData\Roaming\yourfiledownloader
Plik Usunięto : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Plik Usunięto : C:\user.js
Plik Usunięto : C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\xmwk5cuo.default\searchplugins\WebSearch.xml

***** [Rejestr] *****

Klucz Usunięto : HKCU\Software\AppDataLow\Software\Smart Suggestor
Klucz Usunięto : HKCU\Software\AppDataLow\Software\SmartBar
Klucz Usunięto : HKCU\Software\AppDataLow\SProtector
Klucz Usunięto : HKCU\Software\Conduit
Klucz Usunięto : HKCU\Software\DataMngr
Klucz Usunięto : HKCU\Software\DataMngr_Toolbar
Klucz Usunięto : HKCU\Software\InstallCore
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Klucz Usunięto : HKCU\Software\Softonic
Klucz Usunięto : HKCU\Software\a53ddd8e56fef40
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
Klucz Usunięto : HKLM\SOFTWARE\Classes\Prod.cap
Klucz Usunięto : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Klucz Usunięto : HKLM\Software\Conduit
Klucz Usunięto : HKLM\Software\DataMngr
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Klucz Usunięto : HKLM\Software\SP Global
Klucz Usunięto : HKLM\Software\SProtector
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\a53ddd8e56fef40
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\demmlacpnijjgliknaehpamnnbncnodb
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klucz Usunięto : HKLM\SOFTWARE\Tarma Installer
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wartość Usunięto : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wartość Usunięto : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Przeglądarki Internetowe] *****

-\\ Internet Explorer v9.0.8112.16448

Podmieniono : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=110824&tt=4712_5&babsrc=HP_ss&mntrId=ae31ac310000000000004c809354accd --> hxxp://www.google.com
Podmieniono : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=f789b49d-d7d0-4252-b1e6-e9222ac6740b&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} --> hxxp://www.google.com
Podmieniono : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=f789b49d-d7d0-4252-b1e6-e9222ac6740b&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} --> hxxp://www.google.com
Podmieniono : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.just-browse.info/ --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0 (pl)

Plik : C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\xmwk5cuo.default\prefs.js

Usunięto : user_pref("aol_toolbar.default.homepage.check", false);
Usunięto : user_pref("aol_toolbar.default.search.check", false);
Usunięto : user_pref("browser.search.defaultenginename", "WebSearch");
Usunięto : user_pref("browser.search.defaultenginename,S", "WebSearch");
Usunięto : user_pref("browser.search.defaulturl", "hxxp://websearch.just-browse.info/?l=1&q=");
Usunięto : user_pref("browser.search.order.1", "WebSearch");
Usunięto : user_pref("browser.search.order.1,S", "WebSearch");
Usunięto : user_pref("browser.search.selectedEngine", "WebSearch");
Usunięto : user_pref("browser.search.selectedEngine,S", "WebSearch");
Usunięto : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Usunięto : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Usunięto : user_pref("keyword.URL", "hxxp://websearch.just-browse.info/?l=1&q=");
Usunięto : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "WebSearch");
Usunięto : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "WebSearch");
Usunięto : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://websearch.just-browse.info/")[...]
Usunięto : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://websearch.just-browse.info/?l=1&q=");
Usunięto : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
Usunięto : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
Usunięto : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
Usunięto : user_pref("sweetim.toolbar.searchguard.enable", "false");

-\\ Google Chrome v23.0.1271.97

Plik : C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Preferences

Usunięto [l.13] : homepage = "hxxp://websearch.just-browse.info/",
Usunięto [l.17] : urls_to_restore_on_startup = [ "hxxp://websearch.just-browse.info/" ]
Usunięto [l.53] : icon_url = "hxxp://websearch.just-browse.info/favicon.ico",
Usunięto [l.56] : keyword = "websearch",
Usunięto [l.59] : search_url = "hxxp://websearch.just-browse.info/?l=1&q={searchTerms}",
Usunięto [l.60] : suggest_url = "hxxp://websearch.just-browse.info/?l=1&q={searchTerms}"
Usunięto [l.1936] : homepage = "hxxp://websearch.just-browse.info/",
Usunięto [l.2212] : urls_to_restore_on_startup = [ "hxxp://websearch.just-browse.info/" ]

*************************

AdwCleaner[S1].txt - [9229 octets] - [13/01/2013 00:35:59]

########## EOF - C:\AdwCleaner[S1].txt - [9289 octets] ##########

[/log]

 

Nie mam pamieci usb

 

Nowy zestaw logow :

 

OTL:

[log]OTL logfile created on: 1/13/2013 1:03:47 AM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dom\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3.91 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 57.55% Memory free
7.83 Gb Paging File | 6.15 Gb Available in Paging File | 78.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.00 Gb Total Space | 37.23 Gb Free Space | 37.23% Space Free | Partition Type: NTFS
Drive D: | 177.46 Gb Total Space | 53.30 Gb Free Space | 30.03% Space Free | Partition Type: NTFS
 
Computer Name: DOM-KOMPUTER | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days
 
[color=#E56717]========== Processes (All) ==========[/color]
 
PRC - [2013/01/12 01:53:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dom\Downloads\OTL.exe
PRC - [2013/01/10 23:04:29 | 000,917,552 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/01/10 23:04:25 | 000,017,456 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2012/12/12 19:43:30 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2012/02/23 17:23:24 | 004,031,368 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/02/23 17:23:21 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/01/04 13:22:40 | 000,822,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
PRC - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/02/01 22:24:40 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 22:24:38 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/11/03 20:01:34 | 000,983,104 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2010/11/03 20:01:20 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2010/11/03 19:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010/11/03 19:53:06 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
PRC - [2010/09/30 02:05:32 | 000,048,752 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
 
 
[color=#E56717]========== Modules (All) ==========[/color]
 
MOD - [2013/01/12 01:53:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dom\Downloads\OTL.exe
MOD - [2013/01/10 23:04:29 | 000,917,552 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MOD - [2013/01/10 23:04:29 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
MOD - [2013/01/10 23:04:28 | 002,850,864 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
MOD - [2013/01/10 23:04:28 | 000,277,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MOD - [2013/01/10 23:04:27 | 003,021,872 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/01/10 23:04:27 | 000,814,128 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
MOD - [2013/01/10 23:04:27 | 000,142,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
MOD - [2013/01/10 23:04:27 | 000,016,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MOD - [2013/01/10 23:04:26 | 000,642,096 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MOD - [2013/01/10 23:04:26 | 000,375,344 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MOD - [2013/01/10 23:04:26 | 000,172,080 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
MOD - [2013/01/10 23:04:26 | 000,104,496 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
MOD - [2013/01/10 23:04:26 | 000,091,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MOD - [2013/01/10 23:04:26 | 000,022,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll
MOD - [2013/01/10 23:04:26 | 000,021,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll
MOD - [2013/01/10 23:04:25 | 000,155,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
MOD - [2013/01/10 23:04:25 | 000,152,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MOD - [2013/01/10 23:04:25 | 000,092,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll
MOD - [2013/01/10 23:04:25 | 000,017,456 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
MOD - [2013/01/10 23:04:24 | 017,798,192 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll
MOD - [2013/01/10 23:04:24 | 000,019,504 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
MOD - [2013/01/03 11:42:08 | 000,042,840 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\13011201\uiext.dll
MOD - [2012/12/12 19:43:30 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
MOD - [2012/12/12 19:43:28 | 014,586,296 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
MOD - [2012/11/29 09:25:45 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCR100.dll
MOD - [2012/11/29 09:25:45 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCP100.dll
MOD - [2012/11/22 18:57:06 | 000,070,248 | ---- | M] (Initex) -- C:\Windows\SysWOW64\PrxerDrv.dll
MOD - [2012/11/22 18:57:06 | 000,056,424 | ---- | M] () -- C:\Windows\SysWOW64\PrxerNsp.dll
MOD - [2012/07/03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2012/06/29 01:27:10 | 009,737,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012/06/29 01:09:32 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012/06/29 01:09:01 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012/06/29 01:01:33 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012/06/04 11:28:38 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2012/06/04 11:28:25 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012/06/04 11:28:25 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012/06/02 05:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2012/06/02 05:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2012/06/02 05:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2012/05/05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2012/04/24 05:36:42 | 001,158,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012/03/03 06:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012/03/01 06:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012/02/23 17:23:34 | 000,227,608 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll
MOD - [2012/02/23 17:23:34 | 000,095,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll
MOD - [2012/02/23 17:23:24 | 004,031,368 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2012/02/23 17:23:21 | 004,673,064 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2012/02/23 17:23:20 | 000,210,080 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2012/02/23 17:23:17 | 000,399,088 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2012/02/23 17:23:17 | 000,027,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2012/02/23 17:23:16 | 000,216,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2012/02/23 17:23:16 | 000,213,176 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2012/02/23 17:23:16 | 000,120,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MOD - [2012/02/23 17:23:15 | 002,111,448 | ---- | M] (AVAST! Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll
MOD - [2012/02/23 17:23:15 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2012/02/23 17:23:14 | 000,337,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2012/02/23 17:23:14 | 000,184,872 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2012/02/23 17:23:14 | 000,164,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2012/02/23 17:23:14 | 000,098,864 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2012/02/23 17:23:14 | 000,050,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2012/02/23 17:23:13 | 000,405,256 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2012/02/23 17:23:13 | 000,153,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2012/02/23 17:23:13 | 000,062,272 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2012/02/23 17:23:10 | 000,345,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2012/02/23 17:23:10 | 000,097,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2012/01/04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011/12/16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011/11/17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011/08/27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011/08/27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011/07/16 05:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011/07/16 05:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011/05/24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011/05/24 11:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011/05/24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011/04/15 02:48:12 | 012,297,216 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igd10umd32.dll
MOD - [2011/04/12 02:40:48 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011/04/12 02:40:42 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2011/03/03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011/02/19 23:03:12 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp100.dll
MOD - [2011/02/19 00:40:50 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll
MOD - [2010/11/21 04:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010/11/21 04:24:51 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bthprops.cpl
MOD - [2010/11/21 04:24:50 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll
MOD - [2010/11/21 04:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010/11/21 04:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010/11/21 04:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010/11/21 04:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010/11/21 04:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010/11/21 04:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010/11/21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010/11/21 04:24:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010/11/21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010/11/21 04:24:16 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010/11/21 04:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010/11/21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010/11/21 04:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010/11/21 04:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010/11/21 04:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010/11/21 04:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010/11/21 04:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010/11/21 04:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010/11/21 04:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010/11/21 04:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010/11/21 04:24:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010/11/21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010/11/21 04:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010/11/21 04:24:08 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010/11/21 04:24:08 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010/11/21 04:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010/11/21 04:24:08 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010/11/21 04:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010/11/21 04:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010/11/21 04:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010/11/21 04:24:02 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010/11/21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010/11/21 04:24:01 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010/11/21 04:24:01 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010/11/21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010/11/21 04:23:55 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010/11/21 04:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010/11/21 04:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010/11/21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010/11/21 04:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010/11/21 04:23:51 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010/11/21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010/11/21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010/11/21 04:23:48 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010/11/21 04:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010/11/03 19:53:06 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
MOD - [2010/09/30 02:05:32 | 000,048,752 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
MOD - [2010/09/30 02:05:32 | 000,038,512 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\BrightMgr.dll
MOD - [2010/09/30 02:05:32 | 000,036,464 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\VFuj02b1.dll
MOD - [2010/09/30 02:05:32 | 000,020,080 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\fuj02b1.dll
MOD - [2010/09/21 22:03:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MOD - [2009/07/14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009/07/14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009/07/14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009/07/14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009/07/14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009/07/14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009/07/14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009/07/14 02:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009/07/14 02:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009/07/14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009/07/14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009/07/14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009/07/14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009/07/14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009/07/14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009/07/14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009/07/14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009/07/14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009/07/14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009/07/14 02:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009/07/14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009/07/14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009/07/14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009/07/14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009/07/14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009/07/14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009/07/14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009/07/14 02:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009/07/14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll
MOD - [2009/07/14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009/07/14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009/07/14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009/07/14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009/07/14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009/07/14 02:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009/07/14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009/07/14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009/07/14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009/07/14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009/07/14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009/07/14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009/07/14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2008/10/15 05:22:52 | 000,452,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3dx10_40.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012/02/23 17:23:21 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2011/01/05 21:41:38 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:[b]64bit:[/b] - [2011/01/05 21:28:50 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:[b]64bit:[/b] - [2011/01/05 21:26:56 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:[b]64bit:[/b] - [2010/10/07 23:58:14 | 000,331,776 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService)
SRV:[b]64bit:[/b] - [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010/06/17 23:47:12 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/01/10 23:04:27 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/12 19:43:31 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/10 17:29:46 | 002,465,712 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/11/14 14:04:49 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/23 10:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/18 08:44:21 | 000,654,944 | ---- | M] (Wellbia.com Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\xsherlock.xem -- (xsherlock)
SRV - [2012/07/08 23:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/06/11 11:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012/05/15 20:54:13 | 004,295,288 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012/04/13 09:17:10 | 002,143,552 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/02/01 22:24:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 22:24:38 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/03 20:01:34 | 000,983,104 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010/11/03 20:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010/11/03 19:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012/10/26 19:00:50 | 000,131,416 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2012/07/13 09:01:47 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2012/06/11 11:33:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/02/23 17:12:43 | 000,817,496 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2012/02/23 17:12:42 | 000,335,704 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2012/02/23 17:11:04 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2012/02/23 17:10:43 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2012/02/23 17:10:38 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2012/02/23 17:10:19 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2012/01/09 17:28:20 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:[b]64bit:[/b] - [2012/01/09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:[b]64bit:[/b] - [2012/01/09 17:28:20 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:[b]64bit:[/b] - [2012/01/09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:[b]64bit:[/b] - [2012/01/09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:[b]64bit:[/b] - [2012/01/09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:[b]64bit:[/b] - [2011/12/15 19:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:[b]64bit:[/b] - [2011/10/01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011/10/01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011/10/01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011/10/01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011/04/15 03:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2011/03/24 05:47:04 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:[b]64bit:[/b] - [2011/03/24 05:47:02 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2011/03/24 05:47:02 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/02/18 00:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011/01/04 03:29:46 | 008,507,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:[b]64bit:[/b] - [2010/12/28 19:45:54 | 000,412,776 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010/11/04 13:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:[b]64bit:[/b] - [2010/11/04 11:31:44 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:[b]64bit:[/b] - [2010/10/20 02:12:58 | 000,274,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:[b]64bit:[/b] - [2010/10/20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2010/10/14 17:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2010/10/09 13:35:38 | 001,801,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:[b]64bit:[/b] - [2010/05/07 03:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2009/11/19 13:45:08 | 000,299,568 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/24 06:31:30 | 000,021,104 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\FBIOSDRV.sys -- (FBIOSDRV)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:[b]64bit:[/b] - [2006/11/01 11:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3)
DRV:[b]64bit:[/b] - [2006/11/01 11:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1)
DRV - [2012/03/29 14:55:26 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{44E64640-79DC-4EDB-A142-148282A6B88D}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{44E64640-79DC-4EDB-A142-148282A6B88D}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 23570767
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =  [binary data]
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 147.102.16.69:3128
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.startup.homepage: "https://www.google.pl/"
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dom\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dom\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/04 10:15:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/01/05 02:36:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/10 23:04:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/10 23:04:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/10 23:04:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/10 23:04:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Dom\AppData\Roaming\IDM\idmmzcc3
 
[2013/01/02 18:43:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\mozilla\Extensions
[2013/01/13 00:43:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\mozilla\Firefox\Profiles\xmwk5cuo.default\Extensions
[2013/01/10 23:04:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013/01/10 23:04:29 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/29 11:00:09 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012/11/29 11:00:09 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012/11/29 11:00:09 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012/11/29 11:00:09 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012/11/29 11:00:09 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012/11/29 11:00:09 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.google.com/
CHR - default_search_provider: WebSearch (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - Extension: Proxy Switchy! = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\caehdcpeofiiigpdhbabniblemipncjj\1.6.3_0\
CHR - Extension: Truck Simulator Games = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdkaapdgobfkddbmbagoehodkgbknlhc\1.8_0\
CHR - Extension: Truck Simulator Games = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdkaapdgobfkddbmbagoehodkgbknlhc\1.8_0\.bak
CHR - Extension: Browse2save = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbfhopckfgpnpegccojniaelnihenpm\1\
CHR - Extension: Don't Starve = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc\1.0.0.37_0\
CHR - Extension: avast! WebRep = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1407_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Clash of the Dragons = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmdphihkopbepogaialenmgoacnpmffo\1.1_0\
CHR - Extension: Adres IP = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcijdkkommbhnpohidhdpkhendgcpamf\0.4_0\
CHR - Extension: Simple Startup Password = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojoalkffommhmdmbohjphohoejjmgepc\1.0_0\
CHR - Extension: Fishing Champion = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcdplgchgghnahkmoeibomjpbikclka\2.0_0\
 
O1 HOSTS File: ([2010/09/11 16:19:05 | 000,000,732 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Dom\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (Trend Media Group)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Dom\AppData\Roaming\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Download all videos by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallflvurl.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Download by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Download current video by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetflvurl.htm ()
O8 - Extra context menu item: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm ()
O8 - Extra context menu item: Download all videos by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallflvurl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm ()
O8 - Extra context menu item: Download current video by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetflvurl.htm ()
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Windows\SysNative\PrxerNsp.dll ()
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\SysWOW64\PrxerNsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.10.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2848B855-D0DD-43E7-BD1E-895ADA4300FF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5EE4F17-47DE-401E-AD42-715828982B42}: DhcpNameServer = 8.8.8.8
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll) -  File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:[b]64bit:[/b] - HKLM IFEO\flashget3.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\hamachi-2-ui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\steam.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\unite.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\flashget3.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hamachi-2-ui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\steam.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\unite.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{ab24e615-ccbe-11e1-b9c4-5c9ad85e122e}\Shell - "" = AutoRun
O33 - MountPoints2\{ab24e615-ccbe-11e1-b9c4-5c9ad85e122e}\Shell\AutoRun\command - "" = F:\AidemMediaSplash.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]
 
[2013/01/13 00:43:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/01/13 00:34:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/01/12 02:22:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2013/01/12 02:22:22 | 000,000,000 | ---D | C] -- C:\rsit
[2013/01/11 17:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
[2013/01/11 17:21:00 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TunnelBear
[2013/01/11 15:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013/01/10 23:04:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/01/08 10:06:06 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Podatnik.info
[2013/01/08 09:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Program PIT 2012-2013
[2013/01/08 09:58:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Podatnik.info Sp z o.o
[2013/01/05 20:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EGCabal Online
[2013/01/05 14:55:21 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Wise Disk Cleaner
[2013/01/05 14:54:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
[2013/01/05 14:54:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise
[2013/01/05 02:37:17 | 000,335,704 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/01/05 02:37:17 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013/01/05 02:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/01/05 02:37:14 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013/01/05 02:37:11 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013/01/05 02:37:08 | 000,817,496 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/01/05 02:37:07 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/01/05 02:36:44 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2013/01/05 02:36:44 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/01/05 02:36:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/01/05 01:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SerenityGamerZ
[2013/01/05 01:44:12 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\Avg2013
[2013/01/05 00:32:37 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\SendSpace
[2013/01/05 00:32:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2013/01/02 18:42:57 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Mozilla
[2013/01/02 18:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/01/02 18:38:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013/01/02 18:38:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013/01/02 10:50:14 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\Raiderz
[2013/01/02 10:25:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaiderZ
[2012/12/31 14:22:54 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\ObviousIdea
[2012/12/31 14:20:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ObviousIdea
[2012/12/30 23:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012/12/30 23:15:58 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\MFAData
[2012/12/30 23:15:58 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/12/30 21:42:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2012/12/30 18:08:47 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Skype
[2012/12/30 18:08:32 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/12/30 18:08:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/12/30 18:08:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/12/30 18:08:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/12/30 17:56:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
[2012/12/30 17:56:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.2
[2012/12/25 16:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Asiasoft
[2012/12/25 14:13:47 | 000,000,000 | ---D | C] -- C:\Downloads
[2012/12/20 17:05:43 | 000,000,000 | -HSD | C] -- C:\found.002
[2012/12/19 09:15:39 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/12/19 09:15:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2012/12/18 14:05:57 | 000,126,336 | ---- | C] (Copyright (C) GameCap) -- C:\Windows\SysWow64\gamelsp.dll
[2012/12/18 13:46:08 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\FlashgetSetup
[2012/12/18 13:46:08 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlashGet3.7
[2012/12/18 13:46:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashGet3.7
[2012/12/18 13:46:08 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\BITS
[2012/12/18 13:45:56 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\FlashGetBHO
[2012/12/18 13:45:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashGet Network
[2012/12/18 13:45:52 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\FlashGet
[2012/12/16 14:46:23 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Proxifier
[2012/12/16 14:46:13 | 000,103,016 | ---- | C] (Initex) -- C:\Windows\SysNative\ProxifierShellExt.dll
[2012/12/16 14:46:13 | 000,091,240 | ---- | C] (Initex) -- C:\Windows\SysWow64\ProxifierShellExt.dll
[2012/12/16 14:46:13 | 000,076,392 | ---- | C] (Initex) -- C:\Windows\SysNative\PrxerDrv.dll
[2012/12/16 14:46:13 | 000,070,248 | ---- | C] (Initex) -- C:\Windows\SysWow64\PrxerDrv.dll
[2012/12/16 14:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxifier
[2012/12/16 14:46:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Proxifier
[2012/12/14 11:37:30 | 000,000,000 | ---D | C] -- C:\ProgramData\3DMGAME
[2012/12/13 18:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Connectify
[2012/12/13 18:33:35 | 000,031,344 | ---- | C] (Connectify) -- C:\Windows\SysNative\drivers\cnnctfy2.sys
[2012/12/12 00:30:33 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\Microsoft Help
[2012/12/12 00:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/12/11 19:36:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012/12/11 19:36:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012/12/06 14:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2012/12/06 14:41:55 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\Programs
[2012/12/06 11:47:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012/11/30 14:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
[2012/11/30 14:22:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoIt3
[2012/11/29 17:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremiumSoft
[2012/11/28 17:25:10 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\bin
[2012/11/28 17:25:09 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\.snap
[2012/11/28 00:58:33 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\Metin2Tools
[2012/11/26 16:32:37 | 000,000,000 | ---D | C] -- C:\Users\Dom\Desktop\Nowy folder (2)
[2012/11/24 20:14:39 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\LogMeIn Hamachi
[2012/11/18 10:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AidemMedia
[2012/11/18 10:51:32 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Aidem Media
[2012/11/14 21:49:22 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\assembly
[2012/11/14 21:48:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCSoft
[2012/11/14 10:14:05 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nokia
[2012/11/14 10:13:59 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\Nokia
[2012/11/14 09:43:00 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\PC Suite
[2012/11/14 09:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2012/11/14 09:42:59 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Nokia
[2012/11/14 09:41:04 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012/11/14 09:41:02 | 000,026,112 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2012/11/14 09:40:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2012/11/14 09:40:12 | 000,057,856 | ---- | C] (Nokia) -- C:\Windows\SysNative\nmwcdclsX64.dll
[2012/11/14 09:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2012/11/14 09:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
 
[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]
 
[2013/01/13 01:04:45 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/13 01:04:45 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/13 00:57:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/13 00:45:28 | 000,167,875 | ---- | M] () -- C:\Users\Dom\Desktop\trojan otl.png
[2013/01/11 17:21:03 | 000,001,008 | ---- | M] () -- C:\Users\Dom\Desktop\TunnelBear.lnk
[2013/01/11 15:15:50 | 000,222,409 | ---- | M] () -- C:\Users\Dom\Desktop\11111.jpg
[2013/01/10 08:56:43 | 001,667,664 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/10 08:56:43 | 000,739,664 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013/01/10 08:56:43 | 000,653,644 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/10 08:56:43 | 000,155,484 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013/01/10 08:56:43 | 000,121,788 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/08 09:58:33 | 000,002,651 | ---- | M] () -- C:\Users\Public\Desktop\Program PIT 2012-2013.lnk
[2013/01/06 17:55:10 | 000,377,600 | ---- | M] () -- C:\Users\Dom\Desktop\haha.jpg
[2013/01/05 14:54:52 | 000,001,210 | ---- | M] () -- C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
[2013/01/05 14:39:35 | 000,262,676 | ---- | M] () -- C:\Users\Dom\Desktop\pppppp.jpg
[2013/01/05 02:37:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/01/05 02:30:37 | 000,001,695 | ---- | M] () -- C:\Users\Dom\Desktop\SG Cabal Online — skrót.lnk
[2013/01/05 01:39:31 | 000,275,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/02 18:42:50 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/01/02 10:25:33 | 000,000,937 | ---- | M] () -- C:\Users\Dom\Desktop\RaiderZ.lnk
[2012/12/31 14:37:17 | 000,135,686 | ---- | M] () -- C:\Users\Dom\Desktop\Raiderz_Artwork3.jpg
[2012/12/28 23:18:01 | 000,241,881 | ---- | M] () -- C:\Users\Dom\Desktop\p;p;p.jpg
[2012/12/20 17:07:08 | 000,006,896 | ---- | M] () -- C:\bootsqm.dat
[2012/12/20 12:51:30 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/20 12:43:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/20 12:21:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-323826620-2306945312-2335366591-1000UA.job
[2012/12/20 12:10:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/19 18:21:01 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-323826620-2306945312-2335366591-1000Core.job
[2012/12/18 14:14:07 | 000,000,380 | ---- | M] () -- C:\Windows\SysWow64\secustat.dat
[2012/12/18 14:05:57 | 000,126,336 | ---- | M] (Copyright (C) GameCap) -- C:\Windows\SysWow64\gamelsp.dll
[2012/12/18 14:03:37 | 000,001,184 | ---- | M] () -- C:\Windows\SysWow64\secushr.dat
[2012/12/18 13:49:54 | 000,000,025 | ---- | M] () -- C:\Windows\emcore.INI
[2012/12/16 14:46:13 | 000,001,025 | ---- | M] () -- C:\Users\Dom\Desktop\Proxifier.lnk
[2012/12/13 18:33:35 | 000,031,344 | ---- | M] (Connectify) -- C:\Windows\SysNative\drivers\cnnctfy2.sys
[2012/11/30 14:23:36 | 000,000,061 | ---- | M] () -- C:\Users\Dom\SciTEUser.properties
[2012/11/28 13:10:26 | 000,243,018 | ---- | M] () -- C:\Users\Dom\Desktop\ttt.jpg
[2012/11/22 18:57:08 | 000,103,016 | ---- | M] (Initex) -- C:\Windows\SysNative\ProxifierShellExt.dll
[2012/11/22 18:57:08 | 000,076,392 | ---- | M] (Initex) -- C:\Windows\SysNative\PrxerDrv.dll
[2012/11/22 18:57:08 | 000,057,448 | ---- | M] () -- C:\Windows\SysNative\PrxerNsp.dll
[2012/11/22 18:57:06 | 000,091,240 | ---- | M] (Initex) -- C:\Windows\SysWow64\ProxifierShellExt.dll
[2012/11/22 18:57:06 | 000,070,248 | ---- | M] (Initex) -- C:\Windows\SysWow64\PrxerDrv.dll
[2012/11/22 18:57:06 | 000,056,424 | ---- | M] () -- C:\Windows\SysWow64\PrxerNsp.dll
[2012/11/20 16:13:30 | 048,179,170 | ---- | M] () -- C:\Users\Dom\game
[2012/11/14 09:44:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012/11/14 09:43:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2012/11/14 09:26:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/01/13 00:45:28 | 000,167,875 | ---- | C] () -- C:\Users\Dom\Desktop\trojan otl.png
[2013/01/11 17:21:03 | 000,001,008 | ---- | C] () -- C:\Users\Dom\Desktop\TunnelBear.lnk
[2013/01/11 15:15:50 | 000,222,409 | ---- | C] () -- C:\Users\Dom\Desktop\11111.jpg
[2013/01/08 09:58:33 | 000,002,651 | ---- | C] () -- C:\Users\Public\Desktop\Program PIT 2012-2013.lnk
[2013/01/06 17:55:10 | 000,377,600 | ---- | C] () -- C:\Users\Dom\Desktop\haha.jpg
[2013/01/05 14:54:52 | 000,001,210 | ---- | C] () -- C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
[2013/01/05 14:39:35 | 000,262,676 | ---- | C] () -- C:\Users\Dom\Desktop\pppppp.jpg
[2013/01/05 02:30:37 | 000,001,695 | ---- | C] () -- C:\Users\Dom\Desktop\SG Cabal Online — skrót.lnk
[2013/01/02 18:42:50 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/01/02 18:42:49 | 000,001,165 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/02 10:25:34 | 000,000,937 | ---- | C] () -- C:\Users\Dom\Desktop\RaiderZ.lnk
[2012/12/31 14:11:37 | 000,135,686 | ---- | C] () -- C:\Users\Dom\Desktop\Raiderz_Artwork3.jpg
[2012/12/30 13:51:37 | 001,056,768 | ---- | C] () -- C:\Windows\SysNative\libmysql41.dll
[2012/12/30 13:51:37 | 000,280,576 | ---- | C] () -- C:\Windows\SysNative\libmysql320.dll
[2012/12/30 13:51:37 | 000,245,760 | ---- | C] () -- C:\Windows\SysNative\libmysql40.dll
[2012/12/30 13:51:37 | 000,217,088 | ---- | C] () -- C:\Windows\SysNative\libmysql323.dll
[2012/12/30 13:51:28 | 001,056,768 | ---- | C] () -- C:\Windows\SysWow64\libmysql41.dll
[2012/12/30 13:51:28 | 000,280,576 | ---- | C] () -- C:\Windows\SysWow64\libmysql320.dll
[2012/12/30 13:51:28 | 000,245,760 | ---- | C] () -- C:\Windows\SysWow64\libmysql40.dll
[2012/12/30 13:51:28 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\libmysql323.dll
[2012/12/28 23:18:01 | 000,241,881 | ---- | C] () -- C:\Users\Dom\Desktop\p;p;p.jpg
[2012/12/20 17:07:08 | 000,006,896 | ---- | C] () -- C:\bootsqm.dat
[2012/12/18 14:14:07 | 000,000,380 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2012/12/18 13:50:33 | 000,001,184 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2012/12/18 13:49:54 | 000,000,025 | ---- | C] () -- C:\Windows\emcore.INI
[2012/12/16 14:46:13 | 000,057,448 | ---- | C] () -- C:\Windows\SysNative\PrxerNsp.dll
[2012/12/16 14:46:13 | 000,056,424 | ---- | C] () -- C:\Windows\SysWow64\PrxerNsp.dll
[2012/12/16 14:46:13 | 000,001,025 | ---- | C] () -- C:\Users\Dom\Desktop\Proxifier.lnk
[2012/11/30 14:23:36 | 000,000,061 | ---- | C] () -- C:\Users\Dom\SciTEUser.properties
[2012/11/29 17:57:56 | 001,073,152 | ---- | C] () -- C:\Windows\SysWow64\libmysql_c.dll
[2012/11/28 13:08:37 | 000,243,018 | ---- | C] () -- C:\Users\Dom\Desktop\ttt.jpg
[2012/11/20 16:13:30 | 048,179,170 | ---- | C] () -- C:\Users\Dom\game
[2012/11/14 13:52:38 | 000,001,107 | ---- | C] () -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
[2012/11/14 09:44:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012/11/14 09:43:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2012/11/14 09:26:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/11/07 02:40:22 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/11/07 02:40:16 | 000,183,112 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/10/10 09:17:24 | 000,000,320 | ---- | C] () -- C:\Users\Dom\SciTE.session
[2012/08/21 17:50:54 | 000,000,600 | ---- | C] () -- C:\Users\Dom\AppData\Local\PUTTY.RND
[2012/08/20 18:46:36 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2012/08/10 10:35:27 | 000,001,638 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/05/31 22:56:03 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2012/05/31 22:56:02 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012/05/31 22:56:02 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2012/02/17 16:14:06 | 000,000,038 | ---- | C] () -- C:\Users\Dom\abbrev.properties
[2012/02/17 15:02:02 | 000,000,000 | ---- | C] () -- C:\Users\Dom\au3.keywords.user.abbreviations.properties
[2012/02/14 21:52:12 | 000,000,027 | ---- | C] () -- C:\Users\Dom\au3UserAbbrev.properties
[2011/05/12 08:11:47 | 001,640,270 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/02 01:21:18 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/05/02 01:21:15 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/05/02 01:21:12 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/05/02 01:21:09 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/05/02 01:21:06 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2010/03/27 16:22:54 | 000,014,905 | ---- | C] () -- C:\Users\Dom\au3abbrev.properties
[2010/01/02 22:16:12 | 000,000,111 | ---- | C] () -- C:\Users\Dom\au3.UserUdfs.properties
[2010/01/02 22:15:50 | 000,000,000 | ---- | C] () -- C:\Users\Dom\au3.user.calltips.api
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/05/12 08:54:37 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Fujitsu
[2011/05/12 08:54:37 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Fujitsu
[2012/11/18 10:51:32 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Aidem Media
[2012/11/08 12:44:41 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Bioshock
[2013/01/11 12:38:55 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\BITS
[2012/11/30 19:45:23 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\CoreFTP
[2012/07/13 09:05:38 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\DAEMON Tools Lite
[2012/11/02 21:31:18 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\DMCache
[2012/08/24 12:58:05 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\ESET
[2012/10/15 11:17:16 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\FarmHelper
[2012/11/27 20:34:20 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\FileZilla
[2012/12/19 10:51:59 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\FlashGet
[2012/12/18 13:45:56 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\FlashGetBHO
[2012/12/18 13:46:08 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\FlashgetSetup
[2011/05/12 08:54:37 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Fujitsu
[2012/06/04 09:51:06 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Fujitsu Launch Center
[2012/08/11 09:57:55 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Gadu-Gadu
[2012/08/11 10:04:13 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Gadu-Gadu 10
[2013/01/12 11:27:06 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\GG
[2012/11/27 21:03:31 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\GHISLER
[2012/11/07 02:35:25 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Leadertech
[2012/10/23 13:16:50 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\marcinc
[2012/09/17 18:19:24 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\mp3DirectCut
[2012/09/16 12:25:49 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Need for Speed World
[2012/11/14 09:47:33 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Nokia
[2012/06/27 19:32:54 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Notepad++
[2013/01/05 01:12:08 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\ObviousIdea
[2012/11/14 09:44:48 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\PC Suite
[2013/01/08 10:06:06 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Podatnik.info
[2012/12/16 14:46:23 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Proxifier
[2012/08/14 05:53:52 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\RegistryKeys
[2012/08/27 11:51:24 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\runic games
[2013/01/05 00:32:37 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\SendSpace
[2012/10/15 10:51:49 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\SFBot
[2012/12/16 17:25:41 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\SoftGrid Client
[2012/09/05 00:11:05 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TeamViewer
[2012/06/04 10:31:26 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TP
[2013/01/04 18:13:16 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TS3Client
[2012/06/06 19:55:44 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TuneUp Software
[2013/01/12 18:53:25 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\uTorrent
[2012/07/21 14:42:35 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Windows Live Writer
[2013/01/05 17:25:01 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Wise Disk Cleaner
[2012/10/11 11:05:15 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\WNR
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2012/10/23 06:12:52 | 000,000,000 | ---D | M](C:\Users\Dom\AppData\Local\?) -- C:\Users\Dom\AppData\Local\Ⴈ
[2012/10/23 06:12:52 | 000,000,000 | ---D | M](C:\Users\Dom\AppData\Local\?) -- C:\Users\Dom\AppData\Local\Ⴈ
(C:\Users\Dom\AppData\Local\?) -- C:\Users\Dom\AppData\Local\Ⴈ

< End of report >

[/log]

 

Extras :

 

[log]OTL Extras logfile created on: 1/13/2013 1:03:47 AM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dom\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3.91 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 57.55% Memory free
7.83 Gb Paging File | 6.15 Gb Available in Paging File | 78.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.00 Gb Total Space | 37.23 Gb Free Space | 37.23% Space Free | Partition Type: NTFS
Drive D: | 177.46 Gb Total Space | 53.30 Gb Free Space | 30.03% Space Free | Partition Type: NTFS
 
Computer Name: DOM-KOMPUTER | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [compress] -- C:\Program Files (x86)\KGB Archiver\kgb_arch_compress.exe "%1\"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [compress] -- C:\Program Files (x86)\KGB Archiver\kgb_arch_compress.exe "%1\"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UacDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D3C7444-1C69-4E59-916B-3BB637F4E1A1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{1FDBB5DE-77A4-4BA7-BC1D-F516C4149DB1}" = lport=445 | protocol=6 | dir=in | app=system |
"{5A2ABC3B-B983-4F2F-858B-4F9EEF7507B9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5ABD13BD-EBB8-4544-AA23-8E1E4C19F8F7}" = rport=139 | protocol=6 | dir=out | app=system |
"{651DA4E3-D290-42D8-9ECF-B1483DB6A527}" = lport=137 | protocol=17 | dir=in | app=system |
"{76660C80-5B13-428B-A251-1F9A49B4ABD1}" = rport=445 | protocol=6 | dir=out | app=system |
"{A049EC57-EBE1-47F6-88A2-82989EDBB2AE}" = rport=137 | protocol=17 | dir=out | app=system |
"{C3642F39-5605-4E86-A500-DE31032DF621}" = lport=138 | protocol=17 | dir=in | app=system |
"{C5E8D838-E07E-48EB-A5F9-147C047555DD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C789ABC1-1764-4ACA-ADAB-251C5AA9AC1D}" = lport=139 | protocol=6 | dir=in | app=system |
"{CC4F8A4B-119A-4038-B22E-6130FBF55D3F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E92427A7-1A1E-4439-AE68-5A9408CEB32B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FE217E2B-0876-4358-998C-B2EDA8CF1E6F}" = rport=138 | protocol=17 | dir=out | app=system |
"{FFF96442-F3C4-4DC5-9906-6EDA5BA31E71}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09C6EE5F-EDAA-4ABE-82DE-05837D1B453E}" = dir=in | app=d:\program files (x86)\cdp.pl\farming simulator 2013\farmingsimulator2013game.exe |
"{0D59CE62-131E-4B8F-9A71-C0C128AE88AD}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{2C9426FE-8493-4A8C-81A1-959C92C6F68D}" = dir=out | app=d:\program files (x86)\reality pump\two worlds ii\twoworlds2.exe |
"{331BA8FD-73E9-4BD3-A7A9-D95235CA706D}" = dir=in | app=d:\program files (x86)\cdp.pl\farming simulator 2013\farmingsimulator2013.exe |
"{3422F8DD-4E43-4DB7-BC2F-7F68F07CB55B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{352961E2-0D49-4035-BBE4-2C68EF87222E}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{501FBF96-934B-4A3F-A5B1-EF047D6123C9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{79B919AC-1015-4621-A074-582B23E57719}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7AF432BC-7176-4CBB-9FAB-7767FE303046}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{7F15B47E-5BF9-491A-9201-196133556063}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{83F92B75-C9FB-4732-9CDB-CC75FE92C42D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{8D838E4A-48B5-4087-A4F4-B600F347EC11}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{90F52B9F-782D-4239-9103-25F0AC00D585}" = dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe |
"{9791E3C3-06B2-46D5-A7CD-47D3E0C35386}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A1D6C9CA-B51B-425B-AF68-4F2E6EDBF09D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\pinkibezmozga\counter-strike\hl.exe |
"{AD576577-7128-4F84-A1CF-E69DFFD4E14E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B1367F91-6C8E-418C-BF42-5984073A9DED}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{B90AC67C-7CB4-46FC-BE4E-3E02E8DE691E}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{BBA329D2-460B-43BF-9EA9-357AB9F4C311}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{CDCA1244-187A-433B-8948-1D139F247F41}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D01BAFF6-C002-42A5-B7AA-154264ED81FD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D3C24ED2-5C2C-4C39-B13F-EC9B9C52D67F}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{DA61EE37-43B9-4126-9EDE-50DA17C27C82}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{F25119B5-239F-41E7-BAD8-226BB8C8145C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\pinkibezmozga\counter-strike\hl.exe |
"{F83C19A8-2046-460E-98FB-941CE7A65F6F}" = protocol=58 | dir=in | app=system |
"{FB5A1E4D-C6C5-4B26-AA8D-43B0AFB4948D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{0518DDFB-2FB0-4039-AD2C-FC0943CB5136}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{238E77E6-ADBB-4EA3-A813-7ACB2A4B298E}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |
"TCP Query User{5971BC82-8C99-48E3-90FA-D3B77602D6B3}D:\downloads\software\yt2wz_lsnc_20100423\倚天2外传\metin2.bin" = protocol=6 | dir=in | app=d:\downloads\software\yt2wz_lsnc_20100423\倚天2外传\metin2.bin |
"TCP Query User{6B341D32-27F3-4410-A00B-4B9A836FA085}C:\program files (x86)\mcafee security scan\3.0.207\ssscheduler.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee security scan\3.0.207\ssscheduler.exe |
"UDP Query User{15658E78-0492-4C71-9DB5-8ECA9BFE3D9A}D:\downloads\software\yt2wz_lsnc_20100423\倚天2外传\metin2.bin" = protocol=17 | dir=in | app=d:\downloads\software\yt2wz_lsnc_20100423\倚天2外传\metin2.bin |
"UDP Query User{1A1AF71B-B5BE-4003-8068-B23E03D5668A}C:\program files (x86)\mcafee security scan\3.0.207\ssscheduler.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee security scan\3.0.207\ssscheduler.exe |
"UDP Query User{6A9FF406-086D-495D-BDD6-452659A3B94B}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{CACC6D91-0A33-4F70-BBBF-533F704955F2}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}" = Intel(R) PROSet/Wireless WiFi Software
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0415-1000-0000000FF1CE}" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A5FADEAC-B0A9-4C27-A8B5-05381A339F4E}" = Plugfree NETWORK
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TNod" = TNod User & Password Finder
"uTorrent" = µTorrent
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{25680C01-6753-4FE9-A891-7857F26457C1}" = Intel(R) WiDi
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37993A79-5D36-4227-B8E8-9BDE95B2CE45}" = Bolek i Lolek - Alfabet i nauka czytania
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{49A588CF-5FD4-4774-BFBF-0764287DE82B}" = Power Saving Utility
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{52644103-70EE-47F6-9BBB-AA4514B59615}_is1" = Farming Simulator 2013
"{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}" = Anytime USB Charge Utility
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{606E1B88-065A-41C6-B996-287A0E756FB0}_is1" = EGCabal Online version 2.1.0
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{887868A2-D6DE-3255-AA92-AA0B5A59B874}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0415-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Polski
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2F166A0-F031-4E27-A057-C69733219435}_is1" = RaiderZ
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Polish
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{BE739BC7-030F-4CAA-A6F9-EA59405B7E32}" = Program PIT 2012-2013
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"ASCII Art Generator_is1" = ASCII Art Generator 3.2.2
"AutoItv3" = AutoIt v3.3.8.1
"avast" = avast! Free Antivirus
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"DAEMON Tools Lite" = DAEMON Tools Lite
"DeskUpdate_is1" = DeskUpdate 4.11
"FlashGet3.7" = FlashGet3.7
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"InstallShield_{AFFC0877-D62C-4A7D-A11F-1E73B5800D13}" = Bioshock
"InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"KGB Archiver_is1" = KGB Archiver 1.2.1.24
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.4.4
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 18.0 (x86 pl)" = Mozilla Firefox 18.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"PremiumSoft Navicat 8.0 for MySQL_is1" = PremiumSoft Navicat 8.0 for MySQL
"Proxifier_is1" = Proxifier version 3.21
"QuicktimeAlt_is1" = QuickTime Alternative 2.9.2
"RealPlayer 15.0" = RealPlayer
"SciTE4AutoIt3" = SciTE4AutoIt3 6/10/2012
"Serenity GamerZ Revolution Client Revolution" = Serenity GamerZ Revolution Client Revolution
"Steam App 10" = Counter-Strike
"SubEdit-Player_is1" = SubEdit-Player
"TeamViewer 7" = TeamViewer 7
"TuneUp Utilities 2012_is1" = TuneUp Utilities 2012 wersja 12.0.3500.29
"TunnelBear" = TunnelBear 1.0.36
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-bitowy)
"Wise Disk Cleaner_is1" = Wise Disk Cleaner 7.73
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DDFinal" = DDFinal
"GG" = GG
"Google Chrome" = Google Chrome
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 1/12/2013 5:57:46 AM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 1/12/2013 8:39:42 AM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 1/12/2013 11:19:00 AM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 1/12/2013 1:37:55 PM | Computer Name = Dom-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CabalMain.exe, wersja: 1.0.0.482,
 sygnatura czasowa: 0x47c76c12  Nazwa modułu powodującego błąd: CabalMain.exe, wersja:
 1.0.0.482, sygnatura czasowa: 0x47c76c12  Kod wyjątku: 0xc0000005  Przesunięcie błędu:
 0x0002e10b  Identyfikator procesu powodującego błąd: 0x10fc  Godzina uruchomienia aplikacji
 powodującej błąd: 0x01cdf0df9e5cf72e  Ścieżka aplikacji powodującej błąd: D:\Program
 Files (x86)\EGCabal Online\CabalMain.exe  Ścieżka modułu powodującego błąd: D:\Program
 Files (x86)\EGCabal Online\CabalMain.exe  Identyfikator raportu: cbc97c46-5cde-11e2-85d8-4c809354acd0
 
Error - 1/12/2013 7:12:37 PM | Computer Name = Dom-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CabalMain.exe, wersja: 1.0.0.482,
 sygnatura czasowa: 0x47c76c12  Nazwa modułu powodującego błąd: CabalMain.exe, wersja:
 1.0.0.482, sygnatura czasowa: 0x47c76c12  Kod wyjątku: 0xc0000005  Przesunięcie błędu:
 0x0002e10b  Identyfikator procesu powodującego błąd: 0x175c  Godzina uruchomienia aplikacji
 powodującej błąd: 0x01cdf106faebda0f  Ścieżka aplikacji powodującej błąd: D:\Program
 Files (x86)\EGCabal Online\CabalMain.exe  Ścieżka modułu powodującego błąd: D:\Program
 Files (x86)\EGCabal Online\CabalMain.exe  Identyfikator raportu: 8d8083f6-5d0d-11e2-85d8-4c809354acd0
 
Error - 1/12/2013 7:38:15 PM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 1/12/2013 7:47:45 PM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 1/12/2013 7:54:35 PM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 1/12/2013 7:57:32 PM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 1/12/2013 8:03:14 PM | Computer Name = Dom-Komputer | Source = Application Hang | ID = 1002
Description = Program OTL.exe w wersji 3.2.69.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
 akcji.    Identyfikator procesu: 85c    Godzina rozpoczęcia: 01cdf120f7f68ab6    Godzina zakończenia:
 0    Ścieżka aplikacji: C:\Users\Dom\Downloads\OTL.exe    Identyfikator raportu:   
 
[ System Events ]
Error - 1/12/2013 8:12:55 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/12/2013 8:13:25 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/12/2013 8:13:55 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/12/2013 8:14:25 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/12/2013 8:14:55 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/12/2013 8:15:25 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/12/2013 8:15:55 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/12/2013 8:16:25 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/12/2013 8:16:55 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
Error - 1/12/2013 8:17:25 PM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
 następujący błąd:   %%126
 
 
< End of report >

[/log]

Natsuki Kuga
komentarz
komentarz

http://imageshack.us/f/688/trojanotl.png/

To resztki wirusa weelsof, który został uprzednio usunięty przez OTL.

 

 

+ do tego wkleilem skrypt ktory ty mi dales to po zrestartowaniu kompa mam czarny ekran, musze wlaczac menardzer zadan i wylaczac jakies cos, bo bym mial caly czas czarny ekran

 

Co musisz wyłączać?

 

 

Nie mam pamieci usb

 

W takim razie użyj USBFix "na sucho" z opcji Deletion i pokaż raport.

daro99
komentarz
komentarz
To resztki wirusa weelsof, który został uprzednio usunięty przez OTL.

 

 

 

Co musisz wyłączać?

 

 

 

W takim razie użyj USBFix "na sucho" z opcji Deletion i pokaż raport.

 

Wylaczac musialem menadzerem te pytanie czy wyrazam zgode na otwarcie pliku, bo ekran byl caly czas czarny, ale mniejsza.

 

 

Sciagnalem 4 sztuki USBfix z roznych stron i kazdy sie zawieszal na 78% i wyskakiwal blad



Nie wiem co zrobiles ale przalaczajac miedzy folderami tnie :/ i otwiera 1 folder prze pol minuty

 

Wole formata zrobic

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.