[code] OTS logfile created on: 2012-05-11 17:17:53 - Run 5 OTS by OldTimer - Version 3.1.47.2 Folder = C:\Users\Shiva\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 75,00% Memory free 16,00 Gb Paging File | 14,00 Gb Available in Paging File | 86,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 104,33 Gb Total Space | 16,39 Gb Free Space | 15,71% Space Free | Partition Type: NTFS Drive D: | 361,33 Gb Total Space | 305,48 Gb Free Space | 84,54% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 100,00 Mb Total Space | 37,88 Mb Free Space | 37,88% Space Free | Partition Type: NTFS I: Drive not present or media not loaded Computer Name: SHIVA-KOMPUTER Current User Name: Shiva Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Users\Shiva\Desktop\OTS.exe -> [2012-05-11 17:06:56 | 000,646,656 | ---- | M | MD5 = 700B66BC8B579C3CA00DC36E6E48714C] (OldTimer Tools) searchsettings.exe -> C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe -> [2012-04-23 20:48:00 | 000,983,904 | ---- | M | MD5 = DA44E6A49B96A5FC799F4413D83C8315] (Spigot, Inc.) applicationupdater.exe -> C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -> [2012-04-23 20:38:30 | 000,785,304 | ---- | M | MD5 = F4C5530D92FA7F9A41C19EDFC4C51BD4] (Spigot, Inc.) mounter.exe -> C:\Program Files (x86)\SpeedyDrive\mounter.exe -> [2012-02-11 22:52:00 | 000,014,848 | ---- | M | MD5 = 8C856E531A1170F53AC6844E89CD0B5F] () atitray.exe -> C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray.exe -> [2011-10-29 23:14:04 | 000,929,792 | ---- | M | MD5 = C1170D2A6150EA4844D7128BBC4EE682] (Ray Adams) dtshellhlp.exe -> C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe -> [2011-03-17 10:15:46 | 000,382,272 | ---- | M | MD5 = 02555AAE46B904A77A4E48E0FD11EA1B] (DT Soft Ltd) dtagent.exe -> C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe -> [2011-03-17 10:15:04 | 000,842,048 | ---- | M | MD5 = 6E4020D918F14049188E0D8B5BB27F27] (DT Soft Ltd) devsvc.exe -> C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe -> [2007-03-06 10:35:02 | 000,198,168 | ---- | M | MD5 = 1778EBA872274C1226D869CD9486847E] (InterVideo Inc.) [Modules - No Company Name] raphook.dll -> C:\Program Files (x86)\Ray Adams\ATI Tray Tools\raphook.dll -> [2011-10-29 23:12:56 | 000,187,392 | ---- | M | MD5 = 09FFA5D50CC55F9A386F65D38C36F386] () mg_intelcpu.dll -> C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\mg_intelcpu.dll -> [2008-04-11 18:33:18 | 000,020,480 | ---- | M | MD5 = 059A83E43F92A828DF60EC4895CF7402] () mg_amdcore.dll -> C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\mg_amdcore.dll -> [2008-04-09 18:08:46 | 000,016,896 | ---- | M | MD5 = 37A933188A8D7C17299B06A0B76E9E28] () mg_cpuload.dll -> C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\mg_cpuload.dll -> [2007-09-14 17:35:34 | 000,020,480 | ---- | M | MD5 = 393EBC2E78707D9C96B5005817F5ABC9] () support.dll -> C:\Program Files (x86)\Ray Adams\ATI Tray Tools\support.dll -> [2007-03-07 14:26:34 | 000,077,824 | ---- | M | MD5 = F0717CB42E43361A582AA9AF14D4EBAE] () kbdhook.dll -> C:\Program Files (x86)\Ray Adams\ATI Tray Tools\kbdhook.dll -> [2007-03-07 14:25:26 | 000,024,576 | ---- | M | MD5 = 2CCBB73650187134B7220055E28D33B3] () mg_xvlt.dll -> C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\mg_xvlt.dll -> [2007-01-03 22:09:46 | 000,017,408 | ---- | M | MD5 = 83449DA0E54AD8225BECB55B28E45249] () mg_hdddtemp.dll -> C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\mg_hdddtemp.dll -> [2006-12-26 19:53:28 | 000,019,456 | ---- | M | MD5 = 2DFB3B237AADC824BC6BCD8DC9FA945D] () mongraphsexample.dll -> C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\mongraphsexample.dll -> [2006-12-25 11:02:24 | 000,024,576 | ---- | M | MD5 = D2F4D70CD8D58E0E6EDE27B171F61E06] () hddtemp.dll -> C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\hddtemp.dll -> [2005-11-29 19:38:20 | 000,023,552 | ---- | M | MD5 = FF453D91C492AF6BC540C023C796219A] () pciset.dll -> C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\pciset.dll -> [2005-11-29 19:34:38 | 000,028,672 | ---- | M | MD5 = 6D63A13160D67A26B806EF56DB7CE5CD] () [Win32 Services - Safe List] 64bit-(avast! Antivirus) [Auto | Stopped] -> C:\Program Files\AVAST Software\Avast\AvastSvc.exe -> [2011-11-28 20:01:23 | 000,044,768 | ---- | M | MD5 = 996E6D052438E8D8DFD501F31560B2E0] (AVAST Software) 64bit-(AMD External Events Utility) [Auto | Running] -> C:\Windows\SysNative\atiesrxx.exe -> [2011-11-10 05:11:32 | 000,204,288 | ---- | M | MD5 = 5EC60409BD50953BD4F892B18840039E] (AMD) 64bit-(AMD FUEL Service) [Auto | Running] -> C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -> [2011-11-09 23:08:52 | 000,361,984 | ---- | M | MD5 = 847EA8DA18AFF7AD4DDE8745F591CE9F] (Advanced Micro Devices, Inc.) 64bit-(WinDefend) [Auto | Running] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009-07-14 03:41:27 | 001,011,712 | ---- | M | MD5 = CF318F60A84F15AF352439465A8D05F4] (Microsoft Corporation) 64bit-(AppMgmt) [On_Demand | Stopped] -> C:\Windows\SysNative\appmgmts.dll -> [2009-07-14 03:40:01 | 000,193,536 | ---- | M | MD5 = 4ABA3E75A76195A3E38ED2766C962899] (Microsoft Corporation) (Application Updater) Application Updater [Auto | Running] -> C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -> [2012-04-23 20:38:30 | 000,785,304 | ---- | M | MD5 = F4C5530D92FA7F9A41C19EDFC4C51BD4] (Spigot, Inc.) (SkypeUpdate) Skype Updater [Auto | Stopped] -> C:\Program Files (x86)\Skype\Updater\Updater.exe -> [2012-02-29 08:50:48 | 000,158,856 | R--- | M | MD5 = 6128E98EAAED364ED1A32708D2FD22CB] (Skype Technologies) (Hamachi2Svc) LogMeIn Hamachi Tunneling Engine [Auto | Running] -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -> [2012-02-28 18:38:54 | 002,343,816 | ---- | M | MD5 = D483DBAEF409E8AB7477C28615FCD853] (LogMeIn Inc.) (PnkBstrA) PnkBstrA [Auto | Stopped] -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2012-02-25 11:14:21 | 000,076,888 | ---- | M | MD5 = 205E1B699FD3F2F9B036EEA2EC30C620] () (Connectify) Connectify [Auto | Stopped] -> C:\Program Files (x86)\Connectify\ConnectifyService.exe -> [2012-02-25 01:16:40 | 000,069,632 | ---- | M | MD5 = 5A64518FD2339D4FDA7A419A9FD89F78] () (DokanMounter) DokanMounter [Auto | Running] -> C:\Program Files (x86)\SpeedyDrive\mounter.exe -> [2012-02-11 22:52:00 | 000,014,848 | ---- | M | MD5 = 8C856E531A1170F53AC6844E89CD0B5F] () (TunngleService) TunngleService [On_Demand | Stopped] -> D:\Gry\Tunngle\TnglCtrl.exe -> [2012-02-09 12:59:48 | 000,735,080 | ---- | M | MD5 = 9911A023BF2948EEF5C7394BC8EFBC6D] (Tunngle.net GmbH) (Steam Client Service) Steam Client Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Steam\SteamService.exe -> [2011-10-23 20:18:09 | 000,419,624 | ---- | M | MD5 = C479C986DB04E8CBA43BF2DB5ED96142] (Valve Corporation) (AODService) AODService [Disabled | Stopped] -> C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -> [2011-05-25 22:54:38 | 000,136,616 | ---- | M | MD5 = B6098C92A0B8F257FD15A3A1D71BCC4A] () (npggsvc) nProtect GameGuard Service [On_Demand | Stopped] -> C:\Windows\SysWow64\GameMon.des -> [2011-05-16 01:50:00 | 004,135,800 | ---- | M | MD5 = 98D7DAF21ABD96B8948940F6A4220691] (INCA Internet Co., Ltd.) (clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010-03-18 13:16:28 | 000,130,384 | ---- | M | MD5 = C5A75EB48E2344ABDC162BDA79E16841] (Microsoft Corporation) (BCUService) Browser Configuration Utility Service [Auto | Stopped] -> C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -> [2010-03-05 10:15:12 | 000,235,752 | ---- | M | MD5 = 328E794278CC30CA7C06E346A18B1ABC] (DeviceVM, Inc.) (clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009-06-10 23:23:09 | 000,066,384 | ---- | M | MD5 = D88040F816FDA31C3B466F0FA0918F29] (Microsoft Corporation) (Apache2.2) Apache2.2 [Auto | Stopped] -> c:\xampp\apache\bin\apache.exe -> [2008-06-14 19:02:12 | 000,017,408 | ---- | M | MD5 = 90B2413AC639CBADBD6CF166375E39C0] (Apache Software Foundation) (MySql) MySql [Auto | Stopped] -> C:/xampp/mysql/bin/mysqld-nt.exe -> [2008-04-17 19:13:44 | 005,750,784 | ---- | M | MD5 = 6D9C3B76768D5B2E72F0CB9E237A9D82] () (FileZilla Server) FileZilla Server FTP server [On_Demand | Stopped] -> c:\xampp\FileZillaFTP\FileZillaServer.exe -> [2007-12-25 23:25:50 | 000,586,240 | ---- | M | MD5 = 11CA3ED71545666AE58363F558DF5365] (FileZilla Project) (XAMPP) XAMPP Service [Auto | Stopped] -> C:\xampp\service.exe -> [2007-12-21 04:01:02 | 000,060,928 | ---- | M | MD5 = 16A004D355467E44D217DC4DF62EC1E4] () (Capture Device Service) Capture Device Service [Auto | Running] -> C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe -> [2007-03-06 10:35:02 | 000,198,168 | ---- | M | MD5 = 1778EBA872274C1226D869CD9486847E] (InterVideo Inc.) [Driver Services - Safe List] 64bit-(Dokan) Dokan [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\dokan.sys -> [2012-02-11 22:52:00 | 000,120,408 | ---- | M | MD5 = FA122BC1451B1B35B7814FBE1ACF1924] (Windows (R) Win 7 DDK provider) 64bit-(cnnctfy2) Connectify LightWeight Filter [Kernel | System | Running] -> C:\Windows\SysNative\drivers\cnnctfy2.sys -> [2011-12-16 18:45:26 | 000,031,344 | ---- | M | MD5 = 040FF3B09F26926A3792E047DB0F47DD] (Connectify) 64bit-(dtsoftbus01) DAEMON Tools Virtual Bus Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\dtsoftbus01.sys -> [2011-12-01 19:25:44 | 000,272,448 | ---- | M | MD5 = 1CECD1252261153C7873B5D9EB259D65] (DT Soft Ltd) 64bit-(sptd) sptd [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\sptd.sys -> [2011-12-01 19:03:37 | 000,526,392 | ---- | M | Unable to obtain MD5] () 64bit-(aswSnx) aswSnx [File_System | System | Running] -> C:\Windows\SysNative\drivers\aswSnx.sys -> [2011-11-28 19:54:06 | 000,591,192 | ---- | M | MD5 = DD383E2AC941C545A85AB72503DA6C12] (AVAST Software) 64bit-(aswSP) aswSP [Kernel | System | Running] -> C:\Windows\SysNative\drivers\aswSP.sys -> [2011-11-28 19:53:58 | 000,304,472 | ---- | M | MD5 = EF5403FB8B2DCB791EC365FDF6040A4A] (AVAST Software) 64bit-(aswRdr) aswRdr [Kernel | System | Running] -> C:\Windows\SysNative\drivers\aswRdr.sys -> [2011-11-28 19:52:22 | 000,042,328 | ---- | M | MD5 = 952EDC2E81F85D1781958D4128BF59F8] (AVAST Software) 64bit-(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\Windows\SysNative\drivers\aswTdi.sys -> [2011-11-28 19:52:20 | 000,058,712 | ---- | M | MD5 = 34165DA5C6B30C0F9D61246BF8A28040] (AVAST Software) 64bit-(aswMonFlt) aswMonFlt [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\aswMonFlt.sys -> [2011-11-28 19:52:11 | 000,066,904 | ---- | M | MD5 = 0DEBEB2E3FBD0BF5343125CCE617F105] (AVAST Software) 64bit-(aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\aswFsBlk.sys -> [2011-11-28 19:51:53 | 000,024,408 | ---- | M | MD5 = CE6D8BCC4787704EA4FEEB92B0D0CAF8] (AVAST Software) 64bit-(ESLvnic1) ESLvnic Virtual Network 64 Bit [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ESLvnic.sys -> [2011-11-28 14:20:28 | 000,025,528 | ---- | M | MD5 = C33ACB897AF927D1C1BD84F211FAE75B] (Turtle Entertainment GmbH) 64bit-(amdkmdag) amdkmdag [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2011-11-10 05:45:30 | 010,567,680 | ---- | M | MD5 = 322E5C178990F116F00E3D923F4E6B1C] (Advanced Micro Devices, Inc.) 64bit-(amdkmdap) amdkmdap [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\atikmpag.sys -> [2011-11-10 04:12:44 | 000,325,632 | ---- | M | MD5 = 961A81A84FDD700E361E8294528A37BA] (Advanced Micro Devices, Inc.) 64bit-(AtiHDAudioService) AMD Function Driver for HD Audio Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\AtihdW76.sys -> [2011-10-17 19:40:50 | 000,093,712 | ---- | M | MD5 = 230CF51113CD4B830B3BFD09B0D4C066] (Advanced Micro Devices) 64bit-(AODDriver4.01) AODDriver4.01 [Kernel | Auto | Running] -> C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -> [2011-06-24 07:31:02 | 000,055,424 | ---- | M | MD5 = F312FAD7DBD49ED21A194AC71B497832] (Advanced Micro Devices) 64bit-(RTL8167) Realtek 8167 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Rt64win7.sys -> [2011-06-10 06:34:52 | 000,539,240 | ---- | M | MD5 = EE082E06A82FF630351D1E0EBBD3D8D0] (Realtek ) 64bit-(cpuz135) cpuz135 [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\cpuz135_x64.sys -> [2010-11-09 15:35:24 | 000,021,992 | ---- | M | MD5 = 262969A3FAB32B9E17E63E2D17A57744] (CPUID) 64bit-(nusb3xhc) Renesas Electronics USB 3.0 Host Controller Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nusb3xhc.sys -> [2010-04-27 09:30:52 | 000,184,968 | ---- | M | MD5 = F6D625FF7B56BB6EA063F0D3A5BBC996] (Renesas Electronics Corporation) 64bit-(nusb3hub) Renesas Electronics USB 3.0 Hub Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nusb3hub.sys -> [2010-04-27 09:29:54 | 000,083,080 | ---- | M | MD5 = 285ACEC1B13A15BA520AAE06BACB9CFF] (Renesas Electronics Corporation) 64bit-(amdiox64) AMD IO Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\amdiox64.sys -> [2010-02-18 09:18:24 | 000,046,136 | ---- | M | MD5 = 6A2EEB0C4133B20773BB3DD0B7B377B4] (Advanced Micro Devices) 64bit-(tap0901t) TAP-Win32 Adapter V9 (Tunngle) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\tap0901t.sys -> [2009-09-16 08:02:42 | 000,031,232 | ---- | M | MD5 = B08740047145B9BCE15BF75CA0F9718A] (Tunngle.net) 64bit-(AtiPcie) AMD PCI Express (3GIO) Filter [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\AtiPcie.sys -> [2009-08-24 00:55:32 | 000,016,440 | ---- | M | MD5 = C07A040D6B5A42DD41EE386CF90974C8] (Advanced Micro Devices Inc.) 64bit-(MTsensor) ATK0110 ACPI UTILITY [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\ASACPI.sys -> [2009-07-16 05:38:40 | 000,015,416 | ---- | M | MD5 = 19B006B181E3875FD254F7B67ACF1E7C] () 64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2009-07-14 03:52:21 | 000,106,576 | ---- | M | MD5 = 7A4B413614C055935567CF88A9734D38] (Advanced Micro Devices) 64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2009-07-14 03:52:21 | 000,028,752 | ---- | M | MD5 = B4AD0CACBAB298671DD6F6EF7E20679D] (Advanced Micro Devices) 64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009-07-14 03:52:20 | 000,194,128 | ---- | M | MD5 = F67F933E79241ED32FF46A4F29B5120B] (AMD Technologies Inc.) 64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009-07-14 03:48:04 | 000,065,600 | ---- | M | MD5 = 30F5C0DE1EE8B5BC9306C1F0E4A75F93] (LSI Corporation) 64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2009-07-14 03:47:48 | 000,077,888 | ---- | M | MD5 = 0886D440058F203EBA0E1825E4355914] (Hewlett-Packard Company) 64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009-07-14 03:45:55 | 000,024,656 | ---- | M | MD5 = F3817967ED533D08327DC73BC4D5542A] (Promise Technology) 64bit-(RMCAST) Protokół niezawodnych multiemisji [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\rmcast.sys -> [2009-07-14 02:09:15 | 000,145,920 | ---- | M | MD5 = 77B3B747EB2413072B8E4306018D0C9B] (Microsoft Corporation) 64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009-06-10 22:34:33 | 003,286,016 | ---- | M | MD5 = DC5D737F51BE844D8C82C695EB17372F] (Broadcom Corporation) 64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009-06-10 22:34:28 | 000,468,480 | ---- | M | MD5 = 3E5B191307609F7514148C6832BB0842] (Broadcom Corporation) 64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009-06-10 22:34:23 | 000,270,848 | ---- | M | MD5 = B5ACE6968304A3900EEB1EBFD9622DF2] (Broadcom Corporation) 64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009-06-10 22:31:59 | 000,031,232 | ---- | M | MD5 = F2523EF6460FC42405B12248338AB2F0] (Hauppauge Computer Works, Inc.) 64bit-(hamachi) Hamachi Network Interface [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\hamachi.sys -> [2009-03-18 17:35:42 | 000,033,856 | -H-- | M | MD5 = 1E6438D4EA6E1174A3B3B1EDC4DE660B] (LogMeIn, Inc.) 64bit-(VCSVADHWSer) Avnex Virtual Audio Device (WDM) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\vcsvad.sys -> [2008-12-26 13:56:04 | 000,021,504 | ---- | M | MD5 = 3A4B01C2BDB07DFEF29B0B369487503A] (Avnex) 64bit-(athrusb) Atheros Wireless LAN USB device driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\athrxusb.sys -> [2007-08-17 16:15:22 | 001,061,888 | ---- | M | MD5 = 6C8AF84E846AECEACA3CC8C4431B806C] (Atheros Communications, Inc.) (Null) Null [Kernel | System | Running] -> C:\Windows\null -> [2012-02-06 00:26:19 | 000,000,000 | ---- | M | MD5 = D41D8CD98F00B204E9800998ECF8427E] () (speedfan) speedfan [Kernel | Boot | Running] -> C:\Windows\SysWOW64\speedfan.sys -> [2011-03-18 18:08:56 | 000,029,592 | ---- | M | MD5 = 12583AF6CBE0050651EAF2723B3AD7B3] (Almico Software) (WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009-07-14 03:19:10 | 000,019,008 | ---- | M | MD5 = 5CF95B35E59E2A38023836FFF31BE64C] (Microsoft Corporation) (NPPTNT2) NPPTNT2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysWOW64\npptNT2.sys -> [2005-01-03 08:43:08 | 000,004,682 | ---- | M | MD5 = 9131FE60ADFAB595C8DA53AD6A06AA31] (INCA Internet Co., Ltd.) (tvtool) tvtool [Kernel | System | Stopped] -> D:\TVTool\TVTOOL.SYS -> [1996-04-03 20:33:00 | 000,005,248 | ---- | M | MD5 = 77EBF3E9386DAA51551AF429052D88D0] () [Registry - Safe List] < 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://home.sweetim.com -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\] > -> -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\: Main\\"Default_Page_URL" -> pl.v9.com/idg/idg_1332105147_425699 -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\: Main\\"Start Page" -> http://search.babylon.com/?babsrc=HP_Prot -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\: Main\\"Start Page Restore" -> http://search.splashtop.com/asusexpressgate/mb/searchAPI.php?SE=yahoo&QS=http%3A%2F%2Fuk.search.yahoo.com%2Fsearch%3Ffr%3Dfp-devicevm%26type%3DWEB01 -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\: URLSearchHooks\\"{F3FEE66E-E034-436a-86E4-9690573BEE8A}" [HKLM] -> C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll [YouTube Downloader Toolbar] -> [2012-04-23 20:47:56 | 001,124,704 | ---- | M | MD5 = B8E0015E2F62FB991F3C8D995283C6A2] (Spigot, Inc.) HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\: "ProxyServer" -> 222.236.24.41:8080 -> < FireFox Settings [Prefs.js] > -> C:\Users\Shiva\AppData\Roaming\Mozilla\FireFox\Profiles\55dnj1xf.default\prefs.js -> browser.search.order.1 -> "Search the web (Babylon)" -> browser.startup.homepage -> "pl.v9.com/idg/idg_1332105147_425699" -> browser.search.defaultenginename -> "Yahoo" -> browser.search.selectedEngine -> "Yahoo" -> keyword.URL -> "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=" -> browser.search.param.yahoo-fr -> "chr-greentree_ff&ilc=12&type=937811" -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com -> C:\Program Files\AVAST Software\Avast\WebRep\FF [C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF] -> [2012-01-15 22:23:12 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 8.0\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 8.0\extensions\\Components -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2011-11-10 22:58:48 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS -> < FireFox Extensions [User Folders] > -> -> C:\Users\Shiva\AppData\Roaming\mozilla\Extensions -> [2011-11-10 22:59:17 | 000,000,000 | ---D | M] -> C:\Users\Shiva\AppData\Roaming\mozilla\Firefox\Profiles\55dnj1xf.default\extensions -> [2012-05-04 13:36:48 | 000,000,000 | ---D | M] < FireFox Extensions [Program Folders] > -> -> C:\Program Files (x86)\mozilla firefox\extensions -> [2012-05-11 10:31:19 | 000,000,000 | ---D | M] Skype Click to Call -> C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} -> [2012-05-11 10:31:20 | 000,000,000 | ---D | M] Java Console -> C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} -> [2012-01-09 16:03:07 | 000,000,000 | ---D | M] < HOSTS File > ([2009-06-10 23:00:26 | 000,000,824 | ---- | M | MD5 = 3688374325B992DEF12793500307566D] - 21 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> Reset Hosts < 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [avast! WebRep] -> [2011-11-28 20:01:12 | 000,963,064 | ---- | M | MD5 = F4C0412938AB94EA34D0FE8D3A73D142] (AVAST Software) < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {2EECD738-5844-4a99-B4B6-146BF802613B} [HKLM] -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [Babylon toolbar helper] -> [2011-08-14 14:24:26 | 000,270,960 | ---- | M | MD5 = C471B1EEF9DF1C55B5261006CE04E11F] (Babylon BHO) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2011-11-10 09:01:32 | 000,325,408 | ---- | M | MD5 = E810ACAFA8E6D80117414B7CA036D626] (Sun Microsystems, Inc.) {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [avast! WebRep] -> [2011-11-28 20:01:21 | 000,809,040 | ---- | M | MD5 = 328BC79BC53BA7A284C818DDE88945D7] (AVAST Software) {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype Browser Helper] -> [2012-01-17 11:43:46 | 003,855,520 | ---- | M | MD5 = 70CE1DA6684A7043B0008C2F2E286E27] (Skype Technologies S.A.) {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} [HKLM] -> C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL [IplexToALLPlayer] -> [2011-02-09 20:29:08 | 000,400,384 | ---- | M | MD5 = A23A207DE5D63E6C61F03D8905948E8A] (ALLCinema Ltd.) {F3FEE66E-E034-436a-86E4-9690573BEE8A} [HKLM] -> C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll [YouTube Downloader Toolbar] -> [2012-04-23 20:47:56 | 001,124,704 | ---- | M | MD5 = B8E0015E2F62FB991F3C8D995283C6A2] (Spigot, Inc.) < 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [avast! WebRep] -> [2011-11-28 20:01:12 | 000,963,064 | ---- | M | MD5 = F4C0412938AB94EA34D0FE8D3A73D142] (AVAST Software) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}" [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [avast! WebRep] -> [2011-11-28 20:01:21 | 000,809,040 | ---- | M | MD5 = 328BC79BC53BA7A284C818DDE88945D7] (AVAST Software) "{98889811-442D-49dd-99D7-DC866BE87DBC}" [HKLM] -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [Babylon Toolbar] -> [2011-08-14 14:23:52 | 000,237,680 | ---- | M | MD5 = 034C197E79D7233BD04BFAC1710CB988] (Babylon Ltd.) "{F3FEE66E-E034-436a-86E4-9690573BEE8A}" [HKLM] -> C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll [YouTube Downloader Toolbar] -> [2012-04-23 20:47:56 | 001,124,704 | ---- | M | MD5 = B8E0015E2F62FB991F3C8D995283C6A2] (Spigot, Inc.) < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\] > -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{EEE6C35B-6118-11DC-9C72-001320C79847}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "" -> [] -> File not found "BCU" -> C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe ["C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"] -> [2010-03-05 10:15:04 | 000,411,864 | ---- | M | MD5 = B9B24C1014195B1CEDD7A779C93E129B] (DeviceVM, Inc.) "LogMeIn Hamachi Ui" -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe ["C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start] -> [2012-02-28 18:38:56 | 001,987,976 | ---- | M | MD5 = E53B69271DCB7DFE3E1A03EA2A53F829] (LogMeIn Inc.) "SearchSettings" -> C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe ["C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"] -> [2012-04-23 20:48:00 | 000,983,904 | ---- | M | MD5 = DA44E6A49B96A5FC799F4413D83C8315] (Spigot, Inc.) "StartCCC" -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2011-11-09 23:45:54 | 000,343,168 | ---- | M | MD5 = E66A704AA07E9FD565D8C22253986666] (Advanced Micro Devices, Inc.) < Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009-07-14 03:14:38 | 001,173,504 | ---- | M | MD5 = EA6EADF6314E43783BA8EEE79F93F73C] (Microsoft Corporation) < RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> [C:\Windows\System32\mctadmin.exe] -> File not found < Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009-07-14 03:14:38 | 001,173,504 | ---- | M | MD5 = EA6EADF6314E43783BA8EEE79F93F73C] (Microsoft Corporation) < RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> [C:\Windows\System32\mctadmin.exe] -> File not found < Run [HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\] > -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "ALLUpdate" -> C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe ["C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep"] -> [2011-08-16 20:30:40 | 001,379,840 | ---- | M | MD5 = 34E496826326605719A8D2F81071F5F2] () "AtiTrayTools" -> C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray.exe ["C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray.exe"] -> [2011-10-29 23:14:04 | 000,929,792 | ---- | M | MD5 = C1170D2A6150EA4844D7128BBC4EE682] (Ray Adams) "Clownfish" -> C:\Program Files (x86)\Clownfish\Clownfish.exe ["C:\Program Files (x86)\Clownfish\Clownfish.exe"] -> [2012-02-13 12:16:24 | 001,055,992 | ---- | M | MD5 = 26FFF54EA747DA32A6AE0038FE0C31E1] () "Connectify" -> C:\Program Files (x86)\Connectify\Connectify.exe [C:\Program Files (x86)\Connectify\Connectify.exe] -> [2012-02-25 01:16:56 | 003,941,192 | ---- | M | MD5 = ECB76CF41825D376CB3A6991B9257F42] (Connectify) "DAEMON Tools Pro Agent" -> C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe ["C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun] -> [2011-03-17 10:15:04 | 000,842,048 | ---- | M | MD5 = 6E4020D918F14049188E0D8B5BB27F27] (DT Soft Ltd) "EPSON SX125 Series" -> [C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE /FU "C:\Users\Shiva\AppData\Local\Temp\E_S67DE.tmp" /EF "HKCU"] -> File not found "Facebook Update" -> C:\Users\Shiva\AppData\Local\Facebook\Update\FacebookUpdate.exe ["C:\Users\Shiva\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver] -> [2012-04-11 23:07:05 | 000,137,536 | ---- | M | MD5 = FCC7C432FBF465C38FD5D940580EF9B7] (Facebook Inc.) "NetService" -> C:\Users\Shiva\AppData\Roaming\mgr.exe [C:\Users\Shiva\AppData\Roaming\mgr.exe] -> [2012-05-10 21:38:41 | 000,084,480 | ---- | M | MD5 = 3DECCB908E76841E4820695EB6B5E462] () "uTorrent" -> C:\Program Files (x86)\uTorrent\uTorrent.exe ["C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED] -> [2011-09-17 12:38:34 | 000,640,888 | ---- | M | MD5 = 11E8A3D1F90A9827F4E6AD484E311EEE] (BitTorrent, Inc.) "vmreg" -> C:\Users\Shiva\AppData\Local\Temp\dumpre.exe [C:\Users\Shiva\AppData\Local\Temp\dumpre.exe] -> [2012-05-08 12:18:10 | 000,067,072 | ---- | M | MD5 = CB22DABDD9BEF65DB7BE4EE1A0AEC00D] () < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoActiveDesktop" -> [1] -> File not found \\"NoActiveDesktopChanges" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [0] -> File not found \\"ConsentPromptBehaviorUser" -> [3] -> File not found \\"EnableLUA" -> [0] -> File not found \\"PromptOnSecureDesktop" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000] > -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000] > -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to Google Photos Screensa&ver -> C:\Windows\SysWow64\GPhotos.scr [res://C:\Windows\system32\GPhotos.scr/200] -> [2012-03-22 21:12:12 | 004,435,968 | ---- | M | MD5 = 9799C6BE0DC68F8135575628A703C876] (Google Inc.) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to Google Photos Screensa&ver -> C:\Windows\SysWow64\GPhotos.scr [res://C:\Windows\system32\GPhotos.scr/200] -> [2012-03-22 21:12:12 | 004,435,968 | ---- | M | MD5 = 9799C6BE0DC68F8135575628A703C876] (Google Inc.) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\] > -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to Google Photos Screensa&ver -> C:\Windows\SysWow64\GPhotos.scr [res://C:\Windows\system32\GPhotos.scr/200] -> [2012-03-22 21:12:12 | 004,435,968 | ---- | M | MD5 = 9799C6BE0DC68F8135575628A703C876] (Google Inc.) Search the Web -> [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Button: Skype Click to Call] -> [2012-01-17 11:43:46 | 003,855,520 | ---- | M | MD5 = 70CE1DA6684A7043B0008C2F2E286E27] (Skype Technologies S.A.) {898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Menu: Skype Click to Call] -> [2012-01-17 11:43:46 | 003,855,520 | ---- | M | MD5 = 70CE1DA6684A7043B0008C2F2E286E27] (Skype Technologies S.A.) < 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\] > -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\] > -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < 64bit-Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab [Java Plug-in 1.6.0_29] -> {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab [Java Plug-in 1.6.0_29] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab [Reg Error: Key error.] -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab [Java Plug-in 1.6.0_30] -> {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab [Java Plug-in 1.6.0_30] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab [Java Plug-in 1.6.0_30] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {19FB31A3-37BF-46CD-AD9F-B6F9938C20CD}\\DhcpNameServer -> 7.254.254.254 () -> {57C71094-18B4-4C0F-B5E0-B67EAC67EEFE}\\DhcpNameServer -> 82.143.159.7 82.143.143.5 82.143.174.70 (Realtek PCIe GBE Family Controller) -> {D8868C10-1619-484B-9CF8-850FECB04D5D}\\NameServer -> 192.168.2.1 (Atheros AR5007UG Wireless Network Adapter) -> < 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2009-07-14 03:39:10 | 002,868,224 | ---- | M | MD5 = C235A51CB740E45FFA0EBFB9BAFCDA64] (Microsoft Corporation) *MultiFile Done* -> -> 64bit-*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\Windows\system32\userinit.exe -> C:\Windows\SysNative\userinit.exe -> [2009-07-14 03:39:48 | 000,030,208 | ---- | M | MD5 = 6F8F1376A13114CC10C0E69274F5A4DE] (Microsoft Corporation) *MultiFile Done* -> -> 64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009-07-14 03:39:47 | 000,082,432 | ---- | M | MD5 = 870726CDCC241A92785572628B89CC07] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009-07-14 03:14:20 | 002,613,248 | ---- | M | MD5 = 15BC38A7492BEFE831966ADB477CF76F] (Microsoft Corporation) *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> userinit.exe -> C:\Windows\SysWow64\userinit.exe -> [2009-07-14 03:14:43 | 000,026,112 | ---- | M | MD5 = 6DE80F60D7DE9CE6B8C2DDFDF79EF175] (Microsoft Corporation) *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> /pagefile -> -> File not found *MultiFile Done* -> -> < 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {0B843297-E842-4A5F-AD0C-83098E629AD3} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave | {0C45F289-F255-4E92-B969-067ECE595A02} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live communications platform (upnp) | {1FF65EAC-B0C7-42A3-9862-F1AD9C5DF567} -> lport=2987 | protocol=6 | dir=in | action=allow | name=connectify file sharing | app=c:\program files (x86)\connectify\connectify.exe | {3E4B2EFC-8FC3-422B-B878-7E4FA180DCFE} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {3F440CB8-042D-477D-B957-21B1154DE806} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system | {43146D48-8A90-4D4E-978B-A58B622DAABA} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {46C24871-8BC4-4909-B61E-C8AB1F302E7E} -> lport=808 | protocol=6 | dir=in | action=allow | name=@c:\windows\microsoft.net\framework64\v4.0.30319\\servicemodelevents.dll,-2000 | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | svc=nettcpactivator | {502D16E2-D17E-43FB-BF7D-95E53C753CD2} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system | {5665D7B2-07D7-4255-A7EA-BAAC7698D14C} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave | {65E171B7-845D-4F10-8B8F-05B91BF8DD23} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system | {6A1A480B-4F12-4364-9639-1F77B195706D} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system | {72D33B58-D86F-4A8C-BF06-E5DCD8D7E46C} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system | {7336B421-3A68-4F75-9CD8-9E26B9164EF1} -> lport=57347 | profile=private | protocol=17 | dir=in | action=allow | name=pando media booster | {880706C7-7500-45BF-B9BA-EB1BAABAC52E} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler | {8968A1CC-28F4-4A43-BE28-50E174381405} -> lport=57347 | profile=private | protocol=6 | dir=in | action=allow | name=pando media booster | {9D1C5926-7C1F-470A-BEAB-27661FA078F8} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system | {A7125B83-DC6A-4E0C-B198-E27B33695E5D} -> lport=57347 | profile=domain | protocol=6 | dir=in | action=allow | name=pando media booster | {BE3478C4-FDF5-4B7F-B6B7-AC6818E58D90} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system | {C0D28112-9BF4-4635-A880-DD1D909C4969} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system | {C7954ECF-ACFD-4EC1-A31F-7BB2DACA119D} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system | {C82B41BE-5309-4379-9272-B6DDD03BFE5C} -> lport=57347 | profile=domain | protocol=17 | dir=in | action=allow | name=pando media booster | {D3038247-B741-4EF0-A170-9809DBE05F21} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system | {DA40509C-803A-48B2-998A-C40095928A3F} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave | {DB36849C-63FB-4CD9-94B5-BE6CA0579236} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss | {DB6C3654-4FB4-4FC5-83D0-90EFB9330402} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {EFD38AF8-F16D-45DD-81A1-354A69A8C210} -> lport=4000 | profile=private | protocol=6 | dir=out | action=allow | name=dll-files.com fixer | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | {F08E455F-3761-4891-B119-CFD0A959D785} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system | {F4B552B7-BFE3-4087-B872-B6966D65A375} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {F86655C7-5E4F-461E-8FA3-CB5C01A4628B} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave | {F93D7784-71B9-4416-AECD-F4E8B1A71B42} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live communications platform (ssdp) | {FF044287-7AC2-43EA-868F-DA8A1AF59E19} -> lport=4000 | profile=public | protocol=6 | dir=out | action=allow | name=dll-files.com fixer | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | < Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {0242DD99-A678-4159-B03F-E96457D625D8} -> profile=public | protocol=6 | dir=in | action=block | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\java.exe | {067DF2B3-27AA-4054-8CC6-DD9EB3441C60} -> profile=public | protocol=6 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | {06A995B2-E3C9-4893-AAD5-39A3FBF5CC1B} -> profile=public | protocol=6 | dir=in | action=block | name=deadisland | app=d:\gry\dead island\deadislandgame.exe | {08CBBF11-B833-48E8-B647-9DFCE0160C5B} -> profile=public | protocol=17 | dir=in | action=block | name=deadisland | app=d:\gry\dead island\deadislandgame.exe | {13AB0E73-DAE9-43BE-ADEA-BA151C7B9728} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | {1504D41D-6832-4C0A-AA46-0CB561284906} -> profile=public | protocol=17 | dir=in | action=block | name=blizzard launcher | app=d:\gry\starcraft ii\starcraft ii.exe | {1D55F596-5B3A-411C-A725-F677231E66E0} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe | {1F684091-1F31-4697-8DC0-485B751DA205} -> profile=public | protocol=6 | dir=in | action=allow | name=tunngle client | app=d:\gry\tunngle\tunngle.exe | {2B27583E-BB7E-42F6-8CD5-070CBF6A7C35} -> profile=public | protocol=17 | dir=in | action=allow | name=tunngle client | app=d:\gry\tunngle\tunngle.exe | {2BF2D692-495B-4D5E-BB9B-3394F9E10648} -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | {2E59FBE7-348C-4A99-8456-F8655FE18C1A} -> dir=in | action=allow | name=windows live communications platform | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | {3205CC0F-FDCA-42FE-955E-96078C9BF54A} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe | {325CBFC1-19A7-4B13-AA7D-27BA9E8EB4FA} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe | {34BCF254-2469-4B00-AC88-73ABEB99C3EA} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 | {37107E4D-04A3-4E60-8A9F-00F7FE938760} -> profile=public | protocol=17 | dir=in | action=allow | name=battlefield 3 | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | {387638F0-2BF3-4F81-91C0-185692393527} -> profile=public | protocol=6 | dir=in | action=block | name=blizzard downloader | app=d:\gry\starcraft ii\support\blizzarddownloader.exe | {4239AFEA-515E-43DC-8C86-678A2C9A5778} -> profile=public | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\windows\system32\java.exe | {4555EA7F-F917-466D-928B-97E723179422} -> profile=public | protocol=6 | dir=in | action=allow | name=esn sonar host application | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | {483A27DC-4D09-4C76-92D6-1915C7E0F58A} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe | {48601522-70F5-434A-922D-9C4833858FD3} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | {4C109B88-D0A1-4881-9DBB-28BA167B63E5} -> profile=public | protocol=17 | dir=in | action=allow | name=steam | app=c:\program files (x86)\steam\steam.exe | {4D542529-7E80-4C3F-9AB4-736654777D98} -> profile=public | protocol=17 | dir=in | action=allow | name=opera internet browser | app=c:\program files (x86)\opera\opera.exe | {52E0C5C6-0289-48B3-8DEE-7DDEA5563EE1} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {54C36189-A52E-4660-BBD9-377FA62F06A5} -> profile=public | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\windows\system32\java.exe | {5B0B5EE6-7ABD-49CC-A6BD-C1FD19822B92} -> profile=public | protocol=17 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | {5D94F818-0E99-459A-9F30-22826B5B1A79} -> protocol=58 | dir=out | action=allow | name=@iphlpsvc.dll,-503 | {5EF3E917-A381-44D2-B9A6-5600BF1ADB46} -> profile=public | protocol=6 | dir=in | action=allow | name=battlefield 3 | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | {60DEAE60-7104-4A00-9CF0-AE299BD64AA3} -> profile=private | protocol=6 | dir=in | action=allow | name=dropbox | app=c:\users\shiva\appdata\roaming\dropbox\bin\dropbox.exe | {6187379C-C309-49F6-B680-6F5BCCC9B0B6} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe | {67B50130-37FA-4700-8E65-3F2FD4047493} -> dir=in | action=allow | name=facebook video calling plugin | app=c:\users\shiva\appdata\local\facebook\video\skype\facebookvideocalling.exe | {695A7494-5444-4643-B983-1E07B1CF2594} -> profile=public | protocol=17 | dir=in | action=allow | name=mass effect™ 3 | app=c:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe | {695AF93B-E76E-43D8-8431-39D9225DC586} -> profile=public | protocol=6 | dir=in | action=allow | name=steam | app=c:\program files (x86)\steam\steam.exe | {6C63C197-2051-442F-826E-C892E44318D7} -> profile=public | protocol=17 | dir=in | action=block | name=blizzard downloader | app=d:\gry\starcraft ii\support\blizzarddownloader.exe | {72F187C7-D71A-47A3-90A2-DAFEEB8D4380} -> profile=private | protocol=17 | dir=in | action=allow | name=tunngle service | app=d:\gry\tunngle\tnglctrl.exe | {75E7E9A1-E0E5-40A7-8B94-EAF1C7E68CEB} -> profile=domain | protocol=17 | dir=in | action=allow | name=pando media booster | app=c:\program files (x86)\pando networks\media booster\pmb.exe | {767F7DC4-D4F7-498A-9F0B-438FC025C0B7} -> profile=private | protocol=6 | dir=in | action=allow | name=tunngle client | app=d:\gry\tunngle\tunngle.exe | {7A8A1FFE-DC08-4F64-A4C1-95F2898DF53C} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {7DE0A7D3-9360-45F6-A2E4-2284C27CB29A} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe | {8946D2C4-928D-459C-B74A-A545CDC88DAC} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 | {8E50085B-4CDA-493D-8171-86DF568EC89F} -> profile=public | protocol=17 | dir=in | action=block | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\java.exe | {914EB9D5-6F05-4B63-BF93-0EBEE56101E8} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | {92F496D3-24FC-4322-8513-F0C05FF0B9C4} -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\javaw.exe | {96596346-E5BA-402F-AE78-6951975FD9F2} -> protocol=58 | dir=in | action=allow | name=@iphlpsvc.dll,-502 | app=system | {98A03BA9-15EB-4592-ABD9-82495B0B3538} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe | {99E4AF42-11D9-4B6D-B708-87F3DC1B4229} -> profile=domain | protocol=6 | dir=in | action=allow | name=pando media booster | app=c:\program files (x86)\pando networks\media booster\pmb.exe | {9EC6FAC3-3B13-4DD7-B5A0-193F66C27D05} -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\javaw.exe | {9FF883EF-3ECE-4150-B3A5-801502038F1A} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 | {A5F81A39-B6FD-422B-9588-ED75F340F48D} -> profile=private | protocol=17 | dir=in | action=allow | name=pando media booster | app=c:\program files (x86)\pando networks\media booster\pmb.exe | {AA95C080-0549-4600-93F2-59758790252C} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system | {B8940D5D-789E-4ABA-B454-F4D318320EA9} -> profile=public | protocol=6 | dir=in | action=block | name=blizzard launcher | app=d:\gry\starcraft ii\starcraft ii.exe | {BCEB1261-4F7D-4A2E-856F-452F6E02A1D6} -> protocol=6 | dir=in | action=allow | name=μtorrent (tcp-in) | app=c:\program files (x86)\utorrent\utorrent.exe | {BD257254-2FEC-4867-AA44-4AEE262B7967} -> profile=public | protocol=6 | dir=in | action=allow | name=tunngle service | app=d:\gry\tunngle\tnglctrl.exe | {C02B4336-8211-435E-99E4-51960427D1A0} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost | {C19CAEAD-77B3-4149-89EC-8614BC060B56} -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | {C4049CD2-DDBF-48A7-B92E-0F792AB3AC59} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 | {C747F023-3389-499C-A0B9-88B140E0321B} -> profile=public | protocol=17 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | {CE2981B0-C999-48D3-9A7F-5352F2B01F6B} -> profile=public | protocol=6 | dir=in | action=allow | name=opera internet browser | app=c:\program files (x86)\opera\opera.exe | {D2470A0D-9DDB-44FC-8391-BA6A00289EC2} -> profile=public | protocol=6 | dir=in | action=allow | name=mass effect™ 3 | app=c:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe | {D414EF3E-3EDD-44BF-9F01-7AE0FAAD58CD} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe | {D60F5052-E982-424D-93A8-8E71A2B1093F} -> profile=public | protocol=6 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | {D670FEC7-7DEF-496F-8689-B54EAE6DB3F4} -> profile=private | protocol=6 | dir=in | action=allow | name=pando media booster | app=c:\program files (x86)\pando networks\media booster\pmb.exe | {D8289623-31F6-4AF4-990E-30B69A86019A} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe | {DE336A6A-5021-4468-9F4E-CC8B6B907149} -> profile=private | protocol=17 | dir=in | action=allow | name=dropbox | app=c:\users\shiva\appdata\roaming\dropbox\bin\dropbox.exe | {DE9A6BC0-A38B-4EE5-B301-D518051D05A4} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {E458DCE7-3342-4EE1-9F32-743B0AAD10ED} -> profile=public | protocol=17 | dir=in | action=allow | name=dropbox | app=c:\users\shiva\appdata\roaming\dropbox\bin\dropbox.exe | {E5CA7C34-7BBB-4133-B1B8-CB0CEA9F86E4} -> profile=private | protocol=6 | dir=in | action=allow | name=tunngle service | app=d:\gry\tunngle\tnglctrl.exe | {E96A256A-E2F6-4BFE-A586-53C08C21F8A0} -> profile=public | protocol=17 | dir=in | action=allow | name=esn sonar host application | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | {ED177DEA-7B3C-4557-9129-CF603F6062C3} -> profile=public | protocol=6 | dir=in | action=allow | name=dropbox | app=c:\users\shiva\appdata\roaming\dropbox\bin\dropbox.exe | {F350F599-8193-470B-B4B3-8CDFB6C2B73B} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe | {F53B4D35-AEA2-440C-BF4E-F5DFF9BA612A} -> protocol=17 | dir=in | action=allow | name=μtorrent (udp-in) | app=c:\program files (x86)\utorrent\utorrent.exe | {F5670E28-9E27-406B-99EE-3F06F973937A} -> profile=public | protocol=17 | dir=in | action=allow | name=tunngle service | app=d:\gry\tunngle\tnglctrl.exe | {F7A4C419-FAF1-46CD-9418-28D5AD7D1CED} -> profile=private | protocol=17 | dir=in | action=allow | name=tunngle client | app=d:\gry\tunngle\tunngle.exe | {F7B6B812-6DDC-48AC-89EE-42F310FBE43A} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe | {FB935124-4214-4B77-95A1-DBA9A4A1AD09} -> dir=in | action=allow | name=pando media booster | app=c:\program files (x86)\pando networks\media booster\pmb.exe | {FC687E15-C910-42FE-9DAC-9168DD4BFB46} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | TCP Query User{038349DA-89E4-4210-93FE-D0C5760CCB29}D:\gry\starcraft ii\support\blizzarddownloader.exe -> profile=private | protocol=6 | dir=in | action=allow | name=blizzard downloader | app=d:\gry\starcraft ii\support\blizzarddownloader.exe | TCP Query User{332658EB-E87D-46F7-B7D9-00136AAA29B6}C:\program files (x86)\java\jre6\bin\java.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\java.exe | TCP Query User{3AE38303-3071-42CD-B6AE-4D0951EBBF0A}C:\program files (x86)\gadu-gadu 10\gg.exe -> profile=public | protocol=6 | dir=in | action=allow | name=gadu-gadu 10 | app=c:\program files (x86)\gadu-gadu 10\gg.exe | TCP Query User{4D277EE0-F77E-460D-B2DE-4448EE796A26}C:\program files (x86)\java\jre6\bin\javaw.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | TCP Query User{5C36A42C-5F8D-4D6B-8F3B-6AFF6EB00B18}C:\program files (x86)\gadu-gadu 10\gg.exe -> profile=private | protocol=6 | dir=in | action=allow | name=gadu-gadu 10 | app=c:\program files (x86)\gadu-gadu 10\gg.exe | TCP Query User{901405E7-FC86-4FDC-9B16-B2788930F72F}C:\program files\java\jre6\bin\javaw.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\javaw.exe | TCP Query User{97FC906B-158B-4815-AE55-1B18D454B161}D:\gry\dead island\deadislandgame.exe -> profile=private | protocol=6 | dir=in | action=allow | name=deadisland | app=d:\gry\dead island\deadislandgame.exe | TCP Query User{C5DC4B34-205F-4437-A6E4-95AEEE9FCD02}D:\gry\starcraft ii\starcraft ii.exe -> profile=private | protocol=6 | dir=in | action=allow | name=blizzard launcher | app=d:\gry\starcraft ii\starcraft ii.exe | TCP Query User{E08223EE-20EA-4738-A541-7CDBCB0CC717}C:\windows\system32\java.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\windows\system32\java.exe | TCP Query User{F19C637A-AED4-473F-85BF-1FC6E21FE70D}D:\gry\starcraft ii\versions\base19679\sc2.exe -> profile=private | protocol=6 | dir=in | action=block | name=starcraft ii | app=d:\gry\starcraft ii\versions\base19679\sc2.exe | UDP Query User{19369154-D00D-45CB-BC9F-B593187D6588}D:\gry\starcraft ii\starcraft ii.exe -> profile=private | protocol=17 | dir=in | action=allow | name=blizzard launcher | app=d:\gry\starcraft ii\starcraft ii.exe | UDP Query User{1938D6A3-9181-4D38-8581-D47C100B3641}D:\gry\dead island\deadislandgame.exe -> profile=private | protocol=17 | dir=in | action=allow | name=deadisland | app=d:\gry\dead island\deadislandgame.exe | UDP Query User{29444437-E7F4-4949-9C8D-D94C8B44AA15}D:\gry\starcraft ii\support\blizzarddownloader.exe -> profile=private | protocol=17 | dir=in | action=allow | name=blizzard downloader | app=d:\gry\starcraft ii\support\blizzarddownloader.exe | UDP Query User{37C2AFF4-FBF2-4550-AF95-041582E8A8C2}C:\program files (x86)\gadu-gadu 10\gg.exe -> profile=public | protocol=17 | dir=in | action=allow | name=gadu-gadu 10 | app=c:\program files (x86)\gadu-gadu 10\gg.exe | UDP Query User{4293D9FA-9574-4E75-A1C7-F18492561D3C}C:\windows\system32\java.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\windows\system32\java.exe | UDP Query User{71EBD939-2760-4390-8594-D11565DC30ED}C:\program files (x86)\java\jre6\bin\javaw.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | UDP Query User{79F87632-44D9-4D53-B6DC-545C48224C0C}D:\gry\starcraft ii\versions\base19679\sc2.exe -> profile=private | protocol=17 | dir=in | action=block | name=starcraft ii | app=d:\gry\starcraft ii\versions\base19679\sc2.exe | UDP Query User{D30ABCB3-A12F-4093-95C8-50CCA74307C0}C:\program files\java\jre6\bin\javaw.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\javaw.exe | UDP Query User{E09FA519-FD62-4929-B050-EF189C4FF6F1}C:\program files (x86)\java\jre6\bin\java.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\java.exe | UDP Query User{F1B1FB94-20A5-40EA-9438-B436F2D5D4D2}C:\program files (x86)\gadu-gadu 10\gg.exe -> profile=private | protocol=17 | dir=in | action=allow | name=gadu-gadu 10 | app=c:\program files (x86)\gadu-gadu 10\gg.exe | < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> Sterownik stacji dysków CD-ROM -> "ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009-07-14 01:19:54 | 000,147,456 | ---- | M | MD5 = 83D2D75E1EFB81B3450C18131443F7DB] (Microsoft Corporation) < Drives with AutoRun files > -> -> C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2009-06-10 23:42:20 | 000,000,024 | ---- | M | MD5 = D9EBEC6668A6092FCBD1713C347AA5E0] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{52ee3a87-27ea-11e1-9591-f46d04913b17} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52ee3a87-27ea-11e1-9591-f46d04913b17}\shell \{52ee3a87-27ea-11e1-9591-f46d04913b17}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52ee3a87-27ea-11e1-9591-f46d04913b17}\shell\AutoRun\command \{52ee3a87-27ea-11e1-9591-f46d04913b17}\shell\AutoRun\command\\"" -> [J:\Setup.exe] -> File not found \{91a6c109-1c3e-11e1-8391-f46d04913b17} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91a6c109-1c3e-11e1-8391-f46d04913b17}\shell \{91a6c109-1c3e-11e1-8391-f46d04913b17}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91a6c109-1c3e-11e1-8391-f46d04913b17}\shell\AutoRun\command \{91a6c109-1c3e-11e1-8391-f46d04913b17}\shell\AutoRun\command\\"" -> [I:\install.exe] -> File not found \{91a6c10a-1c3e-11e1-8391-f46d04913b17} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91a6c10a-1c3e-11e1-8391-f46d04913b17}\shell \{91a6c10a-1c3e-11e1-8391-f46d04913b17}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91a6c10a-1c3e-11e1-8391-f46d04913b17}\shell\AutoRun\command \{91a6c10a-1c3e-11e1-8391-f46d04913b17}\shell\AutoRun\command\\"" -> [E:\Setup.exe] -> File not found \{91a6c10d-1c3e-11e1-8391-f46d04913b17} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91a6c10d-1c3e-11e1-8391-f46d04913b17}\shell \{91a6c10d-1c3e-11e1-8391-f46d04913b17}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91a6c10d-1c3e-11e1-8391-f46d04913b17}\shell\AutoRun\command \{91a6c10d-1c3e-11e1-8391-f46d04913b17}\shell\AutoRun\command\\"" -> [F:\Setup.exe] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> 64bit-comfile [open] -> "%1" %* 64bit-exefile [open] -> "%1" %* comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Registry - Additional Scans - Safe List] < 64bit-ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608500} [KeyFileName] -> Reg Error: Value error. [(default): Java (Sun); IsInstalled: 1] -> File not found {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKLM] -> C:\Windows\SysNative\wmpdxm.dll [(default): Microsoft Windows Media Player 12.0; IsInstalled: 1] -> [2009-07-14 03:41:57 | 000,358,400 | ---- | M | MD5 = 0B7C8231FFCB5BE5E6804F57823AED71] (Microsoft Corporation) {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [StubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> {3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [StubPath] -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [(default): Microsoft Windows; IsInstalled: 1] -> {44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found {45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found {4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> File not found {5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found {630b1da0-b465-11d1-9948-00c04f98bbc9} [KeyFileName] -> Reg Error: Value error. [(default): Browsing Enhancements; IsInstalled: 1] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [StubPath] -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [(default): Microsoft Windows Media Player; IsInstalled: 1] -> {6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found {7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(default): Address Book 7; IsInstalled: 1] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [StubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4383} [StubPath] -> C:\Windows\System32\ie4uinit.exe -BaseSettings [(default): Web Platform Customizations; IsInstalled: 1] -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} [StubPath] -> C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> {9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found {C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found {de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found {E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 1] -> File not found {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {FEBEF00C-046D-438D-8A88-BF94A6C9E703} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [StubPath] -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> >{26923b43-4d38-484f-9b9e-de460746276c} [StubPath] -> C:\Windows\System32\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [StubPath] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> < ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608500} [KeyFileName] -> C:\Program Files (x86)\Java\jre6\bin\regutils.dll [(default): Java (Sun); IsInstalled: 1] -> [2011-11-10 08:52:06 | 000,278,528 | ---- | M | MD5 = 6225418AA5D5BCA0EC0F05A1016EF2BF] (Sun Microsystems, Inc.) {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKLM] -> C:\Windows\SysWOW64\wmpdxm.dll [(default): Microsoft Windows Media Player 12.0; IsInstalled: 1] -> [2009-07-14 03:16:19 | 000,299,520 | ---- | M | MD5 = 0227B2AC3718EFAF07C98AC7A87B3D4E] (Microsoft Corporation) {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [StubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> {3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [StubPath] -> "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [(default): Microsoft Windows; IsInstalled: 1] -> {44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found {45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found {4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> File not found {5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found {630b1da0-b465-11d1-9948-00c04f98bbc9} [KeyFileName] -> C:\Windows\SysWOW64\msieftp.dll [(default): Browsing Enhancements; IsInstalled: 1] -> [2009-07-14 03:15:44 | 000,301,568 | ---- | M | MD5 = 74D6F83718ACA2B99F91E7AA0A2F8053] (Microsoft Corporation) {6BF52A52-394A-11d3-B153-00C04F79FAA6} [StubPath] -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [(default): Microsoft Windows Media Player; IsInstalled: 1] -> {6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found {7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(default): Address Book 7; IsInstalled: 1] -> File not found {7C028AF8-F614-47B3-82DA-BA94E41B1089} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [StubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4383} [StubPath] -> C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings [(default): Web Platform Customizations; IsInstalled: 1] -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} [StubPath] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> {9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found {C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10w.ocx [(default): Macromedia Shockwave Flash; IsInstalled: 01 00 00 00 [binary data]] -> [2011-09-17 23:56:33 | 006,384,288 | R--- | M | MD5 = E46EA53D149113B9A513BFE0955968CE] (Adobe Systems, Inc.) {de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found {E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 1] -> File not found {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [StubPath] -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> >{26923b43-4d38-484f-9b9e-de460746276c} [StubPath] -> C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [StubPath] -> "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> < ActiveX StubPath [HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\] > -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [HKLM: Windows Media Player] -> [2009-07-14 03:16:19 | 011,406,336 | ---- | M | MD5 = 3D7DD3C29DAF738624DE918F666F70FA] (Microsoft Corporation) {89820200-ECBD-11cf-8B85-00AA005B4340} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4383} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89B4C1CD-B018-4511-B0A1-5476DBF70820} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{26923b43-4d38-484f-9b9e-de460746276c} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < 64bit-App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> AcroRd32.exe -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe [C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe] -> [2010-09-23 04:47:16 | 000,349,616 | ---- | M | MD5 = A6C1DADBDAFADEA484348636DC293A10] (Adobe Systems Incorporated) AvastUI.exe -> C:\Program Files\AVAST Software\Avast\AvastUI.exe [C:\Program Files\AVAST Software\Avast\AvastUI.exe] -> [2011-11-28 20:01:24 | 003,744,552 | ---- | M | MD5 = F7226AA410954185160067D5FA82F3F2] (AVAST Software) ccleaner.exe -> C:\Program Files\CCleaner\CCleaner64.exe [C:\Program Files\CCleaner\CCleaner64.exe] -> [2011-10-21 20:30:08 | 004,499,264 | ---- | M | MD5 = 28632A2E6F4433265EE377B114F6303E] (Piriform Ltd) chrome.exe -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] -> [2012-04-28 04:07:02 | 001,224,176 | ---- | M | MD5 = CF220DD7DA87336E697090A25A1B8C99] (Google Inc.) cmmgr32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found defraggler.exe -> C:\Program Files\Defraggler\Defraggler64.exe [C:\Program Files\Defraggler\Defraggler64.exe] -> [2011-11-08 11:12:20 | 004,081,472 | ---- | M | MD5 = 5F23D4ED135E9194AC964246B58E913A] (Piriform Ltd) dvdmaker.exe -> C:\Program Files\DVD Maker\DVDMaker.exe [%ProgramFiles%\DVD Maker\dvdmaker.exe] -> [2009-07-14 03:39:08 | 002,258,432 | ---- | M | MD5 = E83D2495D5867E224FBF42EF40D8856C] (Microsoft Corporation) eagle.exe -> C:\Program Files (x86)\EAGLE-6.1.0\bin\eagle.exe [C:\Program Files (x86)\EAGLE-6.1.0\bin\eagle.exe] -> [2012-01-12 17:17:48 | 012,423,168 | ---- | M | MD5 = A76E2B1D5A0332C61FB6C8EC03EADA6D] () Escndv.exe -> C:\Windows\twain_32\escndv\escndv.exe [C:\Windows\twain_32\escndv\Escndv.exe] -> [2009-01-10 00:00:00 | 000,155,648 | ---- | M | MD5 = B73F17DF5CA5A1C748C36CC63297C6E3] (SEIKO EPSON CORP.) firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] -> [2011-11-05 09:31:55 | 000,924,632 | ---- | M | MD5 = 4CB4054659ABEEEF925B153E2290E634] (Mozilla Corporation) FL.exe -> C:\Program Files (x86)\Image-Line\FL Studio 10\FL.exe [C:\Program Files (x86)\Image-Line\FL Studio 10\FL.exe] -> [2011-01-18 13:09:26 | 000,369,664 | ---- | M | MD5 = 585844520F0328BF9B51C989BCEB4263] (Image-Line) gimp-2.6.exe -> C:\Program Files (x86)\GIMP-2.0\bin\gimp-2.6.exe [C:\Program Files (x86)\GIMP-2.0\bin\gimp-2.6.exe] -> [2010-10-04 23:51:02 | 005,352,962 | ---- | M | MD5 = 24F72BF76C81B28BB8014AF4E337E157] () GOM.exe -> C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe [C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe] -> [2010-11-11 04:37:16 | 003,548,392 | ---- | M | MD5 = 2BA5EEB4B4793AC90BB1ED8A3B28E497] (Gretech Corp.) install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found javaws.exe -> C:\Windows\SysNative\javaws.exe [C:\Windows\system32\javaws.exe] -> [2011-11-20 15:20:26 | 000,190,752 | ---- | M | MD5 = 971F338CE8F2AB12D32F690246C01A1D] (Sun Microsystems, Inc.) Journal.exe -> C:\Program Files\Windows Journal\Journal.exe [%ProgramFiles%\Windows Journal\Journal.exe] -> [2009-07-14 03:39:14 | 002,164,224 | ---- | M | MD5 = 4A826F98E1B0860840FE227D1A4FFC05] (Microsoft Corporation) mpc-hc.exe -> C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe ["C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe"] -> [2011-11-23 20:00:00 | 005,529,088 | ---- | M | MD5 = DE46F8B571BA76BD3133668A5694A327] (MPC-HC Team) mplayer2.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009-07-14 03:14:47 | 000,164,864 | ---- | M | MD5 = 1F0F6AB1808781D2A2C2CA02E712ED8C] (Microsoft Corporation) MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found pbrush.exe -> C:\Windows\SysNative\mspaint.exe [%SystemRoot%\System32\mspaint.exe] -> [2009-07-14 03:39:24 | 006,676,480 | ---- | M | MD5 = 458F4590F80563EB2A0A72709BFC2BD9] (Microsoft Corporation) PowerShell.exe -> C:\Windows\SysNative\WindowsPowerShell\v1.0\powershell.exe [%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe] -> [2009-07-14 03:39:20 | 000,473,600 | ---- | M | MD5 = 852D67A27E454BD389FA7F02A8CBE23F] (Microsoft Corporation) setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found SnippingTool.exe -> C:\Windows\SysNative\SnippingTool.exe [%SystemRoot%\system32\SnippingTool.exe] -> [2009-07-14 03:39:41 | 000,431,104 | ---- | M | MD5 = 7633F554EEAFDE7F144B41C2FCAF5F63] (Microsoft Corporation) Speccy.exe -> C:\Program Files\Speccy\Speccy64.exe [C:\Program Files\Speccy\Speccy64.exe] -> [2011-11-21 21:43:32 | 007,627,072 | ---- | M | MD5 = 2DE545E54598F4C9AFFB3E70BEC27A3D] (Piriform Ltd) table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found wab.exe -> C:\Program Files\Windows Mail\wab.exe [%ProgramFiles%\Windows Mail\wab.exe] -> [2009-07-14 03:39:50 | 000,516,608 | ---- | M | MD5 = 0557ACEE37D91DE85DFCBB98A7672E03] (Microsoft Corporation) wabmig.exe -> C:\Program Files\Windows Mail\wabmig.exe [%ProgramFiles%\Windows Mail\wabmig.exe] -> [2009-07-14 03:39:50 | 000,067,584 | ---- | M | MD5 = 1B60731B2D3B638777E6AF630CB01B17] (Microsoft Corporation) WinRAR.exe -> C:\Program Files\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2011-06-01 01:00:04 | 001,169,920 | ---- | M | MD5 = D91E5796E4C21EC074CDCF2D903F5ED7] (Alexander Roshal) Winword.exe -> C:\PROGRA~2\MICROS~3\Office12\WINWORD.EXE [C:\PROGRA~2\MICROS~3\Office12\WINWORD.EXE] -> [2006-10-27 15:23:04 | 000,347,432 | ---- | M | MD5 = CEAA5817A65E914AA178B28F12359A46] (Microsoft Corporation) wmplayer.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009-07-14 03:14:47 | 000,164,864 | ---- | M | MD5 = 1F0F6AB1808781D2A2C2CA02E712ED8C] (Microsoft Corporation) WORDPAD.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009-07-14 03:39:57 | 004,580,352 | ---- | M | MD5 = 6430F1A35DDD6C5311AB6B39961E7BBA] (Microsoft Corporation) WRITE.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009-07-14 03:39:57 | 004,580,352 | ---- | M | MD5 = 6430F1A35DDD6C5311AB6B39961E7BBA] (Microsoft Corporation) < App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> AcroRd32.exe -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe [C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe] -> [2010-09-23 04:47:16 | 000,349,616 | ---- | M | MD5 = A6C1DADBDAFADEA484348636DC293A10] (Adobe Systems Incorporated) AvastUI.exe -> C:\Program Files\AVAST Software\Avast\AvastUI.exe [C:\Program Files\AVAST Software\Avast\AvastUI.exe] -> [2011-11-28 20:01:24 | 003,744,552 | ---- | M | MD5 = F7226AA410954185160067D5FA82F3F2] (AVAST Software) ccleaner.exe -> C:\Program Files\CCleaner\CCleaner64.exe [C:\Program Files\CCleaner\CCleaner64.exe] -> [2011-10-21 20:30:08 | 004,499,264 | ---- | M | MD5 = 28632A2E6F4433265EE377B114F6303E] (Piriform Ltd) chrome.exe -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] -> [2012-04-28 04:07:02 | 001,224,176 | ---- | M | MD5 = CF220DD7DA87336E697090A25A1B8C99] (Google Inc.) cmmgr32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found defraggler.exe -> C:\Program Files\Defraggler\Defraggler64.exe [C:\Program Files\Defraggler\Defraggler64.exe] -> [2011-11-08 11:12:20 | 004,081,472 | ---- | M | MD5 = 5F23D4ED135E9194AC964246B58E913A] (Piriform Ltd) dvdmaker.exe -> [%ProgramFiles%\DVD Maker\dvdmaker.exe] -> File not found eagle.exe -> C:\Program Files (x86)\EAGLE-6.1.0\bin\eagle.exe [C:\Program Files (x86)\EAGLE-6.1.0\bin\eagle.exe] -> [2012-01-12 17:17:48 | 012,423,168 | ---- | M | MD5 = A76E2B1D5A0332C61FB6C8EC03EADA6D] () Escndv.exe -> C:\Windows\twain_32\escndv\escndv.exe [C:\Windows\twain_32\escndv\Escndv.exe] -> [2009-01-10 00:00:00 | 000,155,648 | ---- | M | MD5 = B73F17DF5CA5A1C748C36CC63297C6E3] (SEIKO EPSON CORP.) firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] -> [2011-11-05 09:31:55 | 000,924,632 | ---- | M | MD5 = 4CB4054659ABEEEF925B153E2290E634] (Mozilla Corporation) FL.exe -> C:\Program Files (x86)\Image-Line\FL Studio 10\FL.exe [C:\Program Files (x86)\Image-Line\FL Studio 10\FL.exe] -> [2011-01-18 13:09:26 | 000,369,664 | ---- | M | MD5 = 585844520F0328BF9B51C989BCEB4263] (Image-Line) gimp-2.6.exe -> C:\Program Files (x86)\GIMP-2.0\bin\gimp-2.6.exe [C:\Program Files (x86)\GIMP-2.0\bin\gimp-2.6.exe] -> [2010-10-04 23:51:02 | 005,352,962 | ---- | M | MD5 = 24F72BF76C81B28BB8014AF4E337E157] () GOM.exe -> C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe [C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe] -> [2010-11-11 04:37:16 | 003,548,392 | ---- | M | MD5 = 2BA5EEB4B4793AC90BB1ED8A3B28E497] (Gretech Corp.) install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found javaws.exe -> C:\Windows\SysWOW64\javaws.exe [C:\Windows\system32\javaws.exe] -> [2011-11-10 06:54:28 | 000,157,472 | ---- | M | MD5 = 7030C9615C98953C481553671DD7B9E5] (Sun Microsystems, Inc.) Journal.exe -> [%ProgramFiles%\Windows Journal\Journal.exe] -> File not found mpc-hc.exe -> C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe ["C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe"] -> [2011-11-23 20:00:00 | 005,529,088 | ---- | M | MD5 = DE46F8B571BA76BD3133668A5694A327] (MPC-HC Team) mplayer2.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009-07-14 03:14:47 | 000,164,864 | ---- | M | MD5 = 1F0F6AB1808781D2A2C2CA02E712ED8C] (Microsoft Corporation) MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found pbrush.exe -> C:\Windows\SysWOW64\mspaint.exe [%SystemRoot%\System32\mspaint.exe] -> [2009-07-14 03:14:26 | 006,376,960 | ---- | M | MD5 = E97295DE2A9FDE547FEAB4FE41DF16CA] (Microsoft Corporation) PowerShell.exe -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe [%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe] -> [2009-07-14 03:14:24 | 000,452,608 | ---- | M | MD5 = 92F44E405DB16AC55D97E3BFE3B132FA] (Microsoft Corporation) setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found sidebar.exe -> C:\Program Files (x86)\Windows Sidebar\sidebar.exe ["%ProgramFiles%\Windows Sidebar\sidebar.exe"] -> [2009-07-14 03:14:38 | 001,173,504 | ---- | M | MD5 = EA6EADF6314E43783BA8EEE79F93F73C] (Microsoft Corporation) SnippingTool.exe -> [%SystemRoot%\system32\SnippingTool.exe] -> File not found Speccy.exe -> C:\Program Files\Speccy\Speccy64.exe [C:\Program Files\Speccy\Speccy64.exe] -> [2011-11-21 21:43:32 | 007,627,072 | ---- | M | MD5 = 2DE545E54598F4C9AFFB3E70BEC27A3D] (Piriform Ltd) table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found TabTip.exe -> [%CommonProgramFiles%\microsoft shared\ink\TabTip.exe] -> File not found wab.exe -> C:\Program Files (x86)\Windows Mail\wab.exe [%ProgramFiles%\Windows Mail\wab.exe] -> [2009-07-14 03:14:44 | 000,516,096 | ---- | M | MD5 = 8665275D0AB685C4DD4E45E622DE9989] (Microsoft Corporation) wabmig.exe -> C:\Program Files (x86)\Windows Mail\wabmig.exe [%ProgramFiles%\Windows Mail\wabmig.exe] -> [2009-07-14 03:14:44 | 000,065,536 | ---- | M | MD5 = 53A5EAFAAB88D5DBB24E6EEB5D9E0E12] (Microsoft Corporation) WinRAR.exe -> C:\Program Files\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2011-06-01 01:00:04 | 001,169,920 | ---- | M | MD5 = D91E5796E4C21EC074CDCF2D903F5ED7] (Alexander Roshal) Winword.exe -> C:\PROGRA~2\MICROS~3\Office12\WINWORD.EXE [C:\PROGRA~2\MICROS~3\Office12\WINWORD.EXE] -> [2006-10-27 15:23:04 | 000,347,432 | ---- | M | MD5 = CEAA5817A65E914AA178B28F12359A46] (Microsoft Corporation) wmplayer.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009-07-14 03:14:47 | 000,164,864 | ---- | M | MD5 = 1F0F6AB1808781D2A2C2CA02E712ED8C] (Microsoft Corporation) WORDPAD.EXE -> C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009-07-14 03:14:49 | 004,243,968 | ---- | M | MD5 = E745BC62FE98CE4DA12D7B18F5DDBA3F] (Microsoft Corporation) WRITE.EXE -> C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009-07-14 03:14:49 | 004,243,968 | ---- | M | MD5 = E745BC62FE98CE4DA12D7B18F5DDBA3F] (Microsoft Corporation) < 64bit-Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> "{00C6D95F-329C-409a-81D7-C46C66EA7F33}" [HKLM] -> C:\Windows\SysNative\shdocvw.dll [] -> [2009-07-14 03:41:54 | 000,196,096 | ---- | M | MD5 = FBE8EBF528DC49B3DEB186CA9545D97E] (Microsoft Corporation) "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}" [HKLM] -> C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [Image Catalog] -> [2011-03-17 10:15:00 | 000,700,736 | ---- | M | MD5 = EE5072041736A239A095BDE52A599A64] (DT Soft Ltd) "{4380C993-0C43-4E02-9A7A-0D40B6EA7590}" [HKLM] -> C:\Program Files\Defraggler\DefragglerShell64.dll [DefragglerShellExtension] -> [2011-11-08 11:12:24 | 000,121,152 | ---- | M | MD5 = DA18FB9CCE4746F92E705E6E43B887F6] (Piriform Ltd) "{472083B0-C522-11CF-8763-00608CC02F24}" [HKLM] -> C:\Program Files\AVAST Software\Avast\ashShA64.dll [avast] -> [2011-11-28 20:01:11 | 000,134,384 | ---- | M | MD5 = 0FB2130038B64F3EA23C6D8104E3E2C2] (AVAST Software) "{5E2121EE-0300-11D4-8D3B-444553540000}" [HKLM] -> Reg Error: Key error. [Catalyst Context Menu extension] -> File not found "{80009818-f38f-4af1-87b5-eadab9433e58}" [HKLM] -> C:\Windows\SysNative\mf.dll [MF ADTS Property Handler] -> [2010-05-23 10:35:41 | 004,068,864 | ---- | M | MD5 = 7FD58BA8562948EE374E2513C6771EF9] (Microsoft Corporation) "{872A9397-E0D6-4e28-B64D-52B8D0A7EA35}" [HKLM] -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiama64.dll [Display CPL Extension] -> [2011-11-09 23:06:24 | 000,571,392 | ---- | M | MD5 = 51A58C219AAA0202371F86D5E0CB7B79] (Advanced Micro Devices, Inc.) "{B41DB860-64E4-11D2-9906-E49FADC173CA}" [HKLM] -> C:\Program Files\WinRAR\RarExt.dll [WinRAR shell extension] -> [2011-05-31 23:37:06 | 000,164,864 | ---- | M | MD5 = E3DFBDB730F51B5D5AA40F7479D6812F] (Alexander Roshal) "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" [HKLM] -> Reg Error: Key error. [WinRAR shell extension] -> File not found "{B575C697-9107-437A-ABEF-74C291FBF0BF}" [HKLM] -> C:\Program Files (x86)\SpeedyDrive\menu64.dll [Speedy Drive Shell Extension] -> [2012-04-04 20:36:38 | 000,228,352 | ---- | M | MD5 = 451D1888D293F4E014A05E64D5CADC79] (Duc Le) < Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}" [HKLM] -> C:\Program Files (x86)\DAEMON Tools Pro\DTShl32.dll [Image Catalog] -> [2011-03-17 10:14:36 | 000,572,224 | ---- | M | MD5 = 67B8EF20BE43DF53F426A4CA1F6FF7FE] (DT Soft Ltd) "{472083B0-C522-11CF-8763-00608CC02F24}" [HKLM] -> C:\Program Files\AVAST Software\Avast\ashShell.dll [avast] -> [2011-11-28 20:01:17 | 000,122,512 | ---- | M | MD5 = 7A4A6056B53F36DB50BCB8A334BAD2B6] (AVAST Software) "{5E2121EE-0300-11D4-8D3B-444553540000}" [HKLM] -> Reg Error: Key error. [Catalyst Context Menu extension] -> File not found "{80009818-f38f-4af1-87b5-eadab9433e58}" [HKLM] -> C:\Windows\SysWOW64\mf.dll [MF ADTS Property Handler] -> [2010-05-23 12:11:48 | 003,181,568 | ---- | M | MD5 = 0F0EE7DE3436E6F8F0E19DACAC7B5730] (Microsoft Corporation) "{B575C697-9107-437A-ABEF-74C291FBF0BF}" [HKLM] -> C:\Program Files (x86)\SpeedyDrive\menu32.dll [Speedy Drive Shell Extension] -> [2012-04-04 20:36:30 | 000,064,512 | ---- | M | MD5 = F4921D8BE22C19EF6F754D597A5DA288] (Duc Le) < 64bit-Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ -> C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Virtual Router Manager.lnk -> -> File not found C:^Users^Shiva^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk -> -> File not found < 64bit-Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ -> Adobe ARM hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe -> [2010-09-20 23:07:44 | 000,932,288 | R--- | M | MD5 = BAD6BEA0DE1F69C82BDB74378CE0C20A] (Adobe Systems Incorporated) Adobe Reader Speed Launcher hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe -> [2010-09-23 04:47:04 | 000,035,760 | ---- | M | MD5 = 12673BCF7B32087DF63F0CFF550EA40B] (Adobe Systems Incorporated) amd_dc_opt hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe -> [2008-07-22 14:53:10 | 000,077,824 | ---- | M | MD5 = EBC0E8C0A4DDA2C32A7D5863462A321A] (AMD) ATICustomerCare hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> -> File not found AutoEJCD_0ACE20FF hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE -> [2011-12-16 18:45:52 | 000,040,960 | ---- | M | MD5 = 3EE80B8CB22C5DB62773FF5237FD1460] () avast hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\AVAST Software\Avast\avastUI.exe -> [2011-11-28 20:01:24 | 003,744,552 | ---- | M | MD5 = F7226AA410954185160067D5FA82F3F2] (AVAST Software) BCU hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe -> [2010-03-05 10:15:04 | 000,411,864 | ---- | M | MD5 = B9B24C1014195B1CEDD7A779C93E129B] (DeviceVM, Inc.) Connectify hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Connectify\Connectify.exe -> [2012-02-25 01:16:56 | 003,941,192 | ---- | M | MD5 = ECB76CF41825D376CB3A6991B9257F42] (Connectify) DAEMON Tools Lite hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found DAEMON Tools Pro Agent hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe -> [2011-03-17 10:15:04 | 000,842,048 | ---- | M | MD5 = 6E4020D918F14049188E0D8B5BB27F27] (DT Soft Ltd) EADM hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Origin\Origin.exe -> [2012-03-29 09:34:42 | 003,402,376 | ---- | M | MD5 = 9A018FAFE23F601CBAF74E835F5F645D] (Electronic Arts) EPSON SX125 Series hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Windows\SysNative\spool\DRIVERS\x64\3\E_IATIGGE.EXE -> [2009-09-14 07:00:00 | 000,224,768 | ---- | M | MD5 = 42E974C4428C22980B17547D0AE32A83] (SEIKO EPSON CORPORATION) Facebook Update hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Users\Shiva\AppData\Local\Facebook\Update\FacebookUpdate.exe -> [2012-04-11 23:07:05 | 000,137,536 | ---- | M | MD5 = FCC7C432FBF465C38FD5D940580EF9B7] (Facebook Inc.) Gadu-Gadu 10 hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Gadu-Gadu 10\gg.exe -> [2011-07-04 19:45:30 | 013,374,048 | ---- | M | MD5 = 4229BE049B0E58786B774C84D27CF9F1] (GG Network S.A.) Google Update hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found LogMeIn Hamachi Ui hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe -> [2012-02-28 18:38:56 | 001,987,976 | ---- | M | MD5 = E53B69271DCB7DFE3E1A03EA2A53F829] (LogMeIn Inc.) NUSB3MON hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe -> [2010-04-27 10:09:52 | 000,113,288 | ---- | M | MD5 = 51C8885B6A00904C0252704C9FB0F43A] (Renesas Electronics Corporation) RtHDVCpl hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -> [2010-07-06 12:31:18 | 011,057,768 | ---- | M | MD5 = 7EADC0C9225D6F802AB975475D71320C] (Realtek Semiconductor) Sidebar hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Windows Sidebar\sidebar.exe -> [2009-07-14 03:39:41 | 001,475,072 | ---- | M | Unable to obtain MD5] (Microsoft Corporation) Skype hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Skype\Phone\Skype.exe -> [2012-02-29 08:55:08 | 017,148,552 | R--- | M | MD5 = B6080F3A1CA495190D1583C2202CAA61] (Skype Technologies S.A.) StartCCC hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe -> [2011-11-09 23:45:54 | 000,343,168 | ---- | M | MD5 = E66A704AA07E9FD565D8C22253986666] (Advanced Micro Devices, Inc.) Steam hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Steam\steam.exe -> [2011-09-23 21:56:35 | 001,242,448 | ---- | M | MD5 = 67384147DD005E54D2C0A20408E28579] (Valve Corporation) SunJavaUpdateSched hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe -> [2011-06-09 13:06:06 | 000,254,696 | ---- | M | MD5 = 6E3245DF783E58375B3465F03274743E] (Sun Microsystems, Inc.) SweetIM hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> -> File not found uTorrent hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\uTorrent\uTorrent.exe -> [2011-09-17 12:38:34 | 000,640,888 | ---- | M | MD5 = 11E8A3D1F90A9827F4E6AD484E311EEE] (BitTorrent, Inc.) UVS11 Preload hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> -> File not found < 64bit-Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state -> "startup" -> 1 -> < 64bit-Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "msacm.l3acm" -> C:\Windows\SysNative\l3codeca.acm [C:\Windows\System32\l3codeca.acm] -> [2009-07-14 03:38:53 | 000,081,408 | ---- | M | MD5 = 5046E55184021406C27E8D48A1B2C9D2] (Fraunhofer Institut Integrierte Schaltungen IIS) "VIDC.FPS1" -> C:\Windows\SysNative\frapsv64.dll [frapsv64.dll] -> [2009-11-21 11:30:04 | 000,084,992 | ---- | M | MD5 = A7450386B26344369A54F6B855F4B122] (Beepa P/L) < Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "msacm.ac3acm" -> C:\Windows\SysWow64\ac3acm.acm [ac3acm.acm] -> [2011-07-16 17:17:06 | 000,151,552 | ---- | M | MD5 = A269ED7ECD8971D29F45C02CB9F7DEED] (fccHandler) "msacm.divxa32" -> C:\Windows\SysWow64\msaud32_divx.acm [msaud32_divx.acm] -> [2003-02-03 08:01:02 | 000,186,368 | ---- | M | MD5 = 71EA3DCE8B998B6730A942469D15ED44] (Microsoft Corporation) "msacm.l3acm" -> C:\Windows\SysWOW64\l3codeca.acm [C:\Windows\SysWOW64\l3codeca.acm] -> [2009-07-14 03:14:10 | 000,064,000 | ---- | M | MD5 = 1C7F1C3EA5894995E6C563E9AE9F029F] (Fraunhofer Institut Integrierte Schaltungen IIS) "msacm.l3fhg" -> C:\Windows\SysWow64\mp3fhg.acm [mp3fhg.acm] -> [2006-10-18 21:05:16 | 000,232,448 | ---- | M | MD5 = 23D4907D662E248E09872E5A32E71570] (Fraunhofer Institut Integrierte Schaltungen IIS) "msacm.vorbis" -> C:\Windows\SysWow64\vorbis.acm [vorbis.acm] -> [2009-09-15 11:14:18 | 001,554,944 | ---- | M | MD5 = 9033DAF3277F0498BC86C8D4566C25CE] (HMS http://hp.vector.co.jp/authors/VA012897/) "vidc.cvid" -> C:\Windows\SysWow64\iccvid.dll [iccvid.dll] -> [2009-07-14 03:15:26 | 000,082,944 | ---- | M | MD5 = FFC7EEE106E6D7BA87DF82ED58518F6C] (Radius Inc.) "VIDC.FFDS" -> C:\Windows\SysWow64\ff_vfw.dll [ff_vfw.dll] -> [2011-11-23 20:00:00 | 000,074,752 | ---- | M | MD5 = DC6413DEF33D241747D4EB3B8E359E9E] () "VIDC.FPS1" -> C:\Windows\SysWow64\frapsvid.dll [frapsvid.dll] -> [2009-11-21 11:30:06 | 000,086,016 | ---- | M | MD5 = E69F8C0323399067C8EA6718C0D1CD7F] (Beepa P/L) "VIDC.XVID" -> C:\Windows\SysWow64\xvidvfw.dll [xvidvfw.dll] -> [2011-06-24 17:44:30 | 000,243,200 | ---- | M | MD5 = 56552C7C36B6237704CE3BA9DF49FECF] () "VIDC.YV12" -> C:\Windows\SysWow64\xvidvfw.dll [xvidvfw.dll] -> [2011-06-24 17:44:30 | 000,243,200 | ---- | M | MD5 = 56552C7C36B6237704CE3BA9DF49FECF] () < 64bit-Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysNative\icardie.dll [InformationCardSigninHelper Class] -> [2009-07-14 03:41:05 | 000,084,480 | ---- | M | MD5 = 66E0A5B0C9B43678F721F44BDBC9437A] (Microsoft Corporation) {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3050F819-98B5-11CF-BB82-00AA00BDCE0B} [HKLM] -> C:\Windows\SysNative\mshtmled.dll [HtmlDlgSafeHelper Class] -> [2009-07-14 03:41:28 | 000,097,280 | ---- | M | MD5 = 6C706FE9D161ED56D670ACB94798CA2A] (Microsoft Corporation) {333C7BC4-460F-11D0-BC04-0080C7055A83} [HKLM] -> C:\Windows\SysNative\tdc.ocx [Tabular Data Control] -> [2009-07-14 03:38:53 | 000,078,336 | ---- | M | MD5 = 1B595F3040543488729A9DACB9366432] (Microsoft Corporation) {3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [oleprn Class] -> [2009-07-14 03:41:53 | 000,129,536 | ---- | M | MD5 = 667AFCD7E3800DFEEA7FD056DBF43498] (Microsoft Corporation) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {435899C9-44AB-11D1-AF00-080036234103} [HKLM] -> C:\Windows\SysNative\oleprn.dll [DSPrintQueue Class] -> [2009-07-14 03:41:53 | 000,129,536 | ---- | M | MD5 = 667AFCD7E3800DFEEA7FD056DBF43498] (Microsoft Corporation) {4F664F91-FF01-11D0-8AED-00C04FD7B597} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleSNMP Class] -> [2009-07-14 03:41:53 | 000,129,536 | ---- | M | MD5 = 667AFCD7E3800DFEEA7FD056DBF43498] (Microsoft Corporation) {5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2011-11-20 15:20:28 | 000,126,240 | ---- | M | MD5 = 2EF7D07099928029657F939CBC8DF257] (Sun Microsystems, Inc.) {65303443-AD66-11D1-9D65-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleCvt Class] -> [2009-07-14 03:41:53 | 000,129,536 | ---- | M | MD5 = 667AFCD7E3800DFEEA7FD056DBF43498] (Microsoft Corporation) {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysNative\wmp.dll [Windows Media Player] -> [2009-07-14 03:41:57 | 014,628,352 | ---- | M | MD5 = 48FB4DC45A3D6A1D9DA1D81D224BF6F5] (Microsoft Corporation) {760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\SysNative\msnetobj.dll [Windows Media Services DRM Storage object] -> [2009-07-14 03:41:30 | 000,325,632 | ---- | M | MD5 = 424745D652D6928EEFD47C41CA51AEE0] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {884e2049-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysNative\CertEnrollCtrl.exe [X509 Enrollment WebClassFactory] -> [2009-07-14 03:38:58 | 000,070,144 | ---- | M | MD5 = 467450EA47887D0C095C88442FD1047A] (Microsoft Corporation) {884e2051-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysNative\CertEnroll.dll [X509 Machine Enrollment Factory] -> [2009-07-14 03:40:14 | 001,975,296 | ---- | M | MD5 = C178E912A4C491864D78E4F56EC3E27A] (Microsoft Corporation) {88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_29] -> [2011-11-20 15:20:27 | 000,112,928 | ---- | M | MD5 = F2833E64F5D2E3F9BE849DD85D4D2C90] () {8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\SysNative\RegCtrl.dll [Registration Control] -> [2009-07-14 03:41:53 | 000,049,152 | ---- | M | MD5 = 810CB1920DFB1FBD6C5436458B0A86E3] (Microsoft Corporation) {92337A8C-E11D-11D0-BE48-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [prturl Class] -> [2009-07-14 03:41:53 | 000,129,536 | ---- | M | MD5 = 667AFCD7E3800DFEEA7FD056DBF43498] (Microsoft Corporation) {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\SysNative\msnetobj.dll [RMGetLicense Class] -> [2009-07-14 03:41:30 | 000,325,632 | ---- | M | MD5 = 424745D652D6928EEFD47C41CA51AEE0] (Microsoft Corporation) {C3701884-B39B-11D1-9D68-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleInstall Class] -> [2009-07-14 03:41:53 | 000,129,536 | ---- | M | MD5 = 667AFCD7E3800DFEEA7FD056DBF43498] (Microsoft Corporation) {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_29] -> [2011-11-20 15:20:27 | 000,112,928 | ---- | M | MD5 = F2833E64F5D2E3F9BE849DD85D4D2C90] () {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_29] -> [2011-11-20 15:20:27 | 000,112,928 | ---- | M | MD5 = F2833E64F5D2E3F9BE849DD85D4D2C90] () {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_29] -> [2011-11-20 15:20:27 | 000,112,928 | ---- | M | MD5 = F2833E64F5D2E3F9BE849DD85D4D2C90] () {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysNative\deployJava1.dll [Deployment Toolkit] -> [2011-11-20 15:20:26 | 000,525,544 | ---- | M | MD5 = 18F1952983C7F4F4B912369BDF6259E5] (Sun Microsystems, Inc.) {CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysNative\deployJava1.dll [Deployment Toolkit] -> [2011-11-20 15:20:26 | 000,525,544 | ---- | M | MD5 = 18F1952983C7F4F4B912369BDF6259E5] (Sun Microsystems, Inc.) {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EE09B103-97E0-11CF-978F-00A02463E06F} [HKLM] -> C:\Windows\SysNative\scrrun.dll [Scripting.Dictionary] -> [2009-07-14 03:41:53 | 000,202,752 | ---- | M | MD5 = 8771BEDEAD950014EEDF6EEFE4A68066] (Microsoft Corporation) < Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> C:\PROGRA~2\MICROS~3\Office12\IEAWSDC.DLL [Microsoft Office Template and Media Control] -> [2006-10-26 20:12:52 | 000,173,328 | ---- | M | MD5 = CC76C38D1995A716AC072D470D4A1345] () {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysWOW64\icardie.dll [InformationCardSigninHelper Class] -> [2009-07-14 03:15:26 | 000,061,952 | ---- | M | MD5 = 78D3A29EBB8B419E0E0594481E1C12BC] (Microsoft Corporation) {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3050F819-98B5-11CF-BB82-00AA00BDCE0B} [HKLM] -> C:\Windows\SysWOW64\mshtmled.dll [HtmlDlgSafeHelper Class] -> [2009-07-14 03:15:44 | 000,067,072 | ---- | M | MD5 = 8BB5BC9D82704C4DDD2A5B473344E0D1] (Microsoft Corporation) {31261F21-2B16-45EE-BEAB-07C4CFA18B65} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {333C7BC4-460F-11D0-BC04-0080C7055A83} [HKLM] -> C:\Windows\SysWOW64\tdc.ocx [Tabular Data Control] -> [2009-07-14 03:14:10 | 000,066,560 | ---- | M | MD5 = 23694B532D8124F1E53BD1D80082E015] (Microsoft Corporation) {3760D689-C63B-4422-9A1D-31CA856CD5C1} [HKLM] -> C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.4.dll [GGClass Class] -> [2011-07-04 19:45:30 | 000,406,112 | ---- | M | MD5 = 41CEAFCA1D9BC0C84DC3F11D6F7EDBDA] (GG Network S.A.) {3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [oleprn Class] -> [2009-07-14 03:16:12 | 000,107,008 | ---- | M | MD5 = 153480DBE57BAF0E23D747E98627DB37] (Microsoft Corporation) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {435899C9-44AB-11D1-AF00-080036234103} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [DSPrintQueue Class] -> [2009-07-14 03:16:12 | 000,107,008 | ---- | M | MD5 = 153480DBE57BAF0E23D747E98627DB37] (Microsoft Corporation) {4F664F91-FF01-11D0-8AED-00C04FD7B597} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleSNMP Class] -> [2009-07-14 03:16:12 | 000,107,008 | ---- | M | MD5 = 153480DBE57BAF0E23D747E98627DB37] (Microsoft Corporation) {5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2011-11-10 06:54:18 | 000,112,416 | ---- | M | MD5 = 9D1DBFCEB76D19ADCE73847A2B98C8EF] (Sun Microsystems, Inc.) {65303443-AD66-11D1-9D65-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleCvt Class] -> [2009-07-14 03:16:12 | 000,107,008 | ---- | M | MD5 = 153480DBE57BAF0E23D747E98627DB37] (Microsoft Corporation) {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [Windows Media Player] -> [2009-07-14 03:16:19 | 011,406,336 | ---- | M | MD5 = 3D7DD3C29DAF738624DE918F666F70FA] (Microsoft Corporation) {760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\SysWOW64\msnetobj.dll [Windows Media Services DRM Storage object] -> [2009-07-14 03:15:46 | 000,265,216 | ---- | M | MD5 = 7910D55A7835444B0A4BF64E8F0D9D6B] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2011-11-10 09:01:32 | 000,325,408 | ---- | M | MD5 = E810ACAFA8E6D80117414B7CA036D626] (Sun Microsystems, Inc.) {7AEFE841-DCA1-4A95-80CB-BE935D016800} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {7AEFE841-DCA1-4A95-80CB-BE935D017400} [HKLM] -> C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\ESNLaunchAx.ocx [ESNLaunchAx Control] -> [2012-02-13 14:54:04 | 007,002,040 | ---- | M | MD5 = 3D29204F3536DAC9D4494C32B21BB9E9] (ESN AB) {7AEFE841-DCA1-4A95-80CB-BE935D017600} [HKLM] -> C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\ESNLaunchAx.ocx [ESNLaunchAx Control] -> [2012-03-20 13:18:24 | 007,002,040 | ---- | M | MD5 = A484E375A47E30A885ECD87B978D40E3] (ESN AB) {884e2049-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysWOW64\CertEnrollCtrl.exe [X509 Enrollment WebClassFactory] -> [2009-07-14 03:14:13 | 000,067,072 | ---- | M | MD5 = 016DE9029CA532E6BE11E12AD37AFC1E] (Microsoft Corporation) {884e2051-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysWOW64\CertEnroll.dll [X509 Machine Enrollment Factory] -> [2009-07-14 03:15:01 | 001,320,960 | ---- | M | MD5 = 431BF8D33C8933D76FD4ED6098806A56] (Microsoft Corporation) {88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_30] -> [2011-11-10 06:54:18 | 000,104,224 | ---- | M | MD5 = BBBD59066C5A61D28DCCE8A037B39DFD] () {8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\SysWOW64\RegCtrl.dll [Registration Control] -> [2009-07-14 03:16:13 | 000,041,472 | ---- | M | MD5 = 9249A6C6949CB68A3CD1C4889372F65D] (Microsoft Corporation) {92337A8C-E11D-11D0-BE48-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [prturl Class] -> [2009-07-14 03:16:12 | 000,107,008 | ---- | M | MD5 = 153480DBE57BAF0E23D747E98627DB37] (Microsoft Corporation) {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\SysWOW64\msnetobj.dll [RMGetLicense Class] -> [2009-07-14 03:15:46 | 000,265,216 | ---- | M | MD5 = 7910D55A7835444B0A4BF64E8F0D9D6B] (Microsoft Corporation) {C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} [HKLM] -> C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll [Google Update Plugin] -> [2012-03-21 08:46:17 | 000,562,600 | ---- | M | MD5 = 1E6B52ABDF4082374DE9D43CBD2F7E08] (Google Inc.) {C3701884-B39B-11D1-9D68-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleInstall Class] -> [2009-07-14 03:16:12 | 000,107,008 | ---- | M | MD5 = 153480DBE57BAF0E23D747E98627DB37] (Microsoft Corporation) {C442AC41-9200-4770-8CC0-7CDB4F245C55} [HKLM] -> C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll [Google Update Plugin] -> [2012-03-21 08:46:17 | 000,562,600 | ---- | M | MD5 = 1E6B52ABDF4082374DE9D43CBD2F7E08] (Google Inc.) {C9712B19-838B-45A5-ABF2-9A315DDDED50} [HKLM] -> C:\PROGRA~2\MICROS~3\Office12\AUTHZAX.DLL [Microsoft Office 12 Authorization Control] -> [2006-10-26 20:12:26 | 000,053,576 | ---- | M | MD5 = 525697973DC89B8BEC539C8E4568B7FF] (Microsoft Corporation) {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2010-09-22 18:04:24 | 000,660,912 | ---- | M | MD5 = D8A75074736208F07354FACBA580B4AB] (Adobe Systems, Inc.) {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_30] -> [2011-11-10 06:54:18 | 000,104,224 | ---- | M | MD5 = BBBD59066C5A61D28DCCE8A037B39DFD] () {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_30] -> [2011-11-10 06:54:18 | 000,104,224 | ---- | M | MD5 = BBBD59066C5A61D28DCCE8A037B39DFD] () {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_30] -> [2011-11-10 06:54:18 | 000,104,224 | ---- | M | MD5 = BBBD59066C5A61D28DCCE8A037B39DFD] () {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysWOW64\deployJava1.dll [Deployment Toolkit] -> [2011-11-10 06:54:13 | 000,472,808 | ---- | M | MD5 = CCB1CD9C87E247A52248A6B0E16EDE6B] (Sun Microsystems, Inc.) {CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysWOW64\deployJava1.dll [Deployment Toolkit] -> [2011-11-10 06:54:13 | 000,472,808 | ---- | M | MD5 = CCB1CD9C87E247A52248A6B0E16EDE6B] (Sun Microsystems, Inc.) {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CBE9C57E-FFA9-4123-8354-AD360D6DD3CC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10w.ocx [Shockwave Flash Object] -> [2011-09-17 23:56:33 | 006,384,288 | R--- | M | MD5 = E46EA53D149113B9A513BFE0955968CE] (Adobe Systems, Inc.) {E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5} [HKLM] -> C:\PROGRA~2\COMMON~1\MICROS~1\Portal\PORTAL~1.DLL [PersonalSite Class] -> [2006-10-26 21:30:44 | 000,482,088 | ---- | M | MD5 = 799A0E1244038B3FC2E1833D74FFA564] () {EBA7A1E6-E69D-4BA5-B291-95782A004600} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EBA7A1E6-E69D-4BA5-B291-95782A004603} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EBA7A1E6-E69D-4BA5-B291-95782A004604} [HKLM] -> C:\PROGRA~2\BATTLE~1\Sonar\070~1.4\SonarAx.ocx [SonarAx Control] -> [2011-11-03 16:08:54 | 000,227,688 | ---- | M | MD5 = 9D04D07F7C6F8D8D13DA6515FA7E1D52] (ESN Social Software AB) {EE09B103-97E0-11CF-978F-00A02463E06F} [HKLM] -> C:\Windows\SysWOW64\scrrun.dll [Scripting.Dictionary] -> [2009-07-14 03:16:13 | 000,163,840 | ---- | M | MD5 = 69A1D7C29CFF256BECBD4E39E2159636] (Microsoft Corporation) {F9152AEC-3462-4632-8087-EEE3C3CDDA24} [HKLM] -> C:\Program Files (x86)\Google\Google Earth\plugin\ie\6.1.0.5001\plugin_ax.dll [GEPluginCoClass Object] -> [2011-10-17 20:04:54 | 002,370,048 | ---- | M | MD5 = 5AD9BCA37FFED12287B245D37A874D61] (Google) < Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ -> {2EECD738-5844-4A99-B4B6-146BF802613B} [HKLM] -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [Babylon toolbar helper] -> [2011-08-14 14:24:26 | 000,270,960 | ---- | M | MD5 = C471B1EEF9DF1C55B5261006CE04E11F] (Babylon BHO) 64bit-{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [avast! WebRep] -> [2011-11-28 20:01:12 | 000,963,064 | ---- | M | MD5 = F4C0412938AB94EA34D0FE8D3A73D142] (AVAST Software) {318A227B-5E9F-45BD-8999-7F8F10CA4CF5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2011-11-10 09:01:32 | 000,325,408 | ---- | M | MD5 = E810ACAFA8E6D80117414B7CA036D626] (Sun Microsystems, Inc.) {7D9463CD-BBD8-42F4-AB72-D7B1191D9F3D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8E5E2654-AD2D-48BF-AC2D-D17F00898D06} [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [avast! WebRep] -> [2011-11-28 20:01:21 | 000,809,040 | ---- | M | MD5 = 328BC79BC53BA7A284C818DDE88945D7] (AVAST Software) {98889811-442D-49DD-99D7-DC866BE87DBC} [HKLM] -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [Babylon Toolbar] -> [2011-08-14 14:23:52 | 000,237,680 | ---- | M | MD5 = 034C197E79D7233BD04BFAC1710CB988] (Babylon Ltd.) {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype Browser Helper] -> [2012-01-17 11:43:46 | 003,855,520 | ---- | M | MD5 = 70CE1DA6684A7043B0008C2F2E286E27] (Skype Technologies S.A.) {BDE58274-7A2A-4682-8C47-A379DD9E36CB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10w.ocx [Shockwave Flash Object] -> [2011-09-17 23:56:33 | 006,384,288 | R--- | M | MD5 = E46EA53D149113B9A513BFE0955968CE] (Adobe Systems, Inc.) {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} [HKLM] -> C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL [IplexToALLPlayer] -> [2011-02-09 20:29:08 | 000,400,384 | ---- | M | MD5 = A23A207DE5D63E6C61F03D8905948E8A] (ALLCinema Ltd.) {EEE6C35B-6118-11DC-9C72-001320C79847} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EEE6C35C-6118-11DC-9C72-001320C79847} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {F3FEE66E-E034-436A-86E4-9690573BEE8A} [HKLM] -> C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll [YouTube Downloader Toolbar] -> [2012-04-23 20:47:56 | 001,124,704 | ---- | M | MD5 = B8E0015E2F62FB991F3C8D995283C6A2] (Spigot, Inc.) < Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ -> {04FE3112-DB93-424D-B958-5E709395693F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {2EECD738-5844-4A99-B4B6-146BF802613B} [HKLM] -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [Babylon toolbar helper] -> [2011-08-14 14:24:26 | 000,270,960 | ---- | M | MD5 = C471B1EEF9DF1C55B5261006CE04E11F] (Babylon BHO) 64bit-{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [avast! WebRep] -> [2011-11-28 20:01:12 | 000,963,064 | ---- | M | MD5 = F4C0412938AB94EA34D0FE8D3A73D142] (AVAST Software) {318A227B-5E9F-45BD-8999-7F8F10CA4CF5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3760D689-C63B-4422-9A1D-31CA856CD5C1} [HKLM] -> C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.4.dll [GGClass Class] -> [2011-07-04 19:45:30 | 000,406,112 | ---- | M | MD5 = 41CEAFCA1D9BC0C84DC3F11D6F7EDBDA] (GG Network S.A.) {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 64bit-{6BF52A52-394A-11D3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysNative\wmp.dll [Windows Media Player] -> [2009-07-14 03:41:57 | 014,628,352 | ---- | M | MD5 = 48FB4DC45A3D6A1D9DA1D81D224BF6F5] (Microsoft Corporation) {6BF52A52-394A-11D3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [Windows Media Player] -> [2009-07-14 03:16:19 | 011,406,336 | ---- | M | MD5 = 3D7DD3C29DAF738624DE918F666F70FA] (Microsoft Corporation) {6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2011-11-10 09:01:32 | 000,325,408 | ---- | M | MD5 = E810ACAFA8E6D80117414B7CA036D626] (Sun Microsystems, Inc.) {7AEFE841-DCA1-4A95-80CB-BE935D005000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {7AEFE841-DCA1-4A95-80CB-BE935D016000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {7AEFE841-DCA1-4A95-80CB-BE935D016600} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {7AEFE841-DCA1-4A95-80CB-BE935D016800} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {7AEFE841-DCA1-4A95-80CB-BE935D016E00} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {7AEFE841-DCA1-4A95-80CB-BE935D017400} [HKLM] -> C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\ESNLaunchAx.ocx [ESNLaunchAx Control] -> [2012-02-13 14:54:04 | 007,002,040 | ---- | M | MD5 = 3D29204F3536DAC9D4494C32B21BB9E9] (ESN AB) {7AEFE841-DCA1-4A95-80CB-BE935D017600} [HKLM] -> C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\ESNLaunchAx.ocx [ESNLaunchAx Control] -> [2012-03-20 13:18:24 | 007,002,040 | ---- | M | MD5 = A484E375A47E30A885ECD87B978D40E3] (ESN AB) {7D9463CD-BBD8-42F4-AB72-D7B1191D9F3D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype Browser Helper] -> [2012-01-17 11:43:46 | 003,855,520 | ---- | M | MD5 = 70CE1DA6684A7043B0008C2F2E286E27] (Skype Technologies S.A.) {8E5E2654-AD2D-48BF-AC2D-D17F00898D06} [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [avast! WebRep] -> [2011-11-28 20:01:21 | 000,809,040 | ---- | M | MD5 = 328BC79BC53BA7A284C818DDE88945D7] (AVAST Software) {98889811-442D-49DD-99D7-DC866BE87DBC} [HKLM] -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [Babylon Toolbar] -> [2011-08-14 14:23:52 | 000,237,680 | ---- | M | MD5 = 034C197E79D7233BD04BFAC1710CB988] (Babylon Ltd.) {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype Browser Helper] -> [2012-01-17 11:43:46 | 003,855,520 | ---- | M | MD5 = 70CE1DA6684A7043B0008C2F2E286E27] (Skype Technologies S.A.) 64bit-{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} [HKLM] -> C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll [SearchHook Class] -> [2010-03-05 10:15:02 | 000,153,336 | ---- | M | MD5 = D60DE33A6AF6ED457A687317FB93D231] (DeviceVM, Inc.) {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} [HKLM] -> C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll [SearchHook Class] -> [2010-03-05 10:14:58 | 000,133,368 | ---- | M | MD5 = E3B1EFD1225529542BDE9D3FD4A589E3] (DeviceVM, Inc.) {BDE58274-7A2A-4682-8C47-A379DD9E36CB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10w.ocx [Shockwave Flash Object] -> [2011-09-17 23:56:33 | 006,384,288 | R--- | M | MD5 = E46EA53D149113B9A513BFE0955968CE] (Adobe Systems, Inc.) {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} [HKLM] -> C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL [IplexToALLPlayer] -> [2011-02-09 20:29:08 | 000,400,384 | ---- | M | MD5 = A23A207DE5D63E6C61F03D8905948E8A] (ALLCinema Ltd.) {EBA7A1E6-E69D-4BA5-B291-95782A004600} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EBA7A1E6-E69D-4BA5-B291-95782A004603} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EBA7A1E6-E69D-4BA5-B291-95782A004604} [HKLM] -> C:\PROGRA~2\BATTLE~1\Sonar\070~1.4\SonarAx.ocx [SonarAx Control] -> [2011-11-03 16:08:54 | 000,227,688 | ---- | M | MD5 = 9D04D07F7C6F8D8D13DA6515FA7E1D52] (ESN Social Software AB) {EEE6C35B-6118-11DC-9C72-001320C79847} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EEE6C35C-6118-11DC-9C72-001320C79847} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {F3FEE66E-E034-436A-86E4-9690573BEE8A} [HKLM] -> C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll [YouTube Downloader Toolbar] -> [2012-04-23 20:47:56 | 001,124,704 | ---- | M | MD5 = B8E0015E2F62FB991F3C8D995283C6A2] (Spigot, Inc.) < 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> .html [@ = Opera.HTML] -> C:\Program Files (x86)\Opera\Opera.exe -> [2012-03-26 20:31:19 | 000,949,104 | ---- | M | MD5 = CC7001E619906A0FF78C162A0A39D5B7] (Opera Software) .url [@ = InternetShortcut] -> C:\Windows\SysNative\rundll32.exe -> [2009-07-14 03:39:31 | 000,045,568 | ---- | M | MD5 = DD81D91FF3B0763C392422865C9AC12E] (Microsoft Corporation) .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = comfile] -> "%1" %* -> .cpl [@ = cplfile] -> C:\Windows\SysWow64\control.exe -> [2009-07-14 03:14:15 | 000,113,152 | ---- | M | MD5 = 9130377F87A2153FEAB900A00EA1EBFF] (Microsoft Corporation) .exe [@ = exefile] -> "%1" %* -> .html [@ = Opera.HTML] -> C:\Program Files (x86)\Opera\Opera.exe -> [2012-03-26 20:31:19 | 000,949,104 | ---- | M | MD5 = CC7001E619906A0FF78C162A0A39D5B7] (Opera Software) .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> < File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\SOFTWARE\Classes\\ -> .html [@ = ChromeHTML] -> Reg Error: Key error. -> File not found < 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> AppMgmt -> C:\Windows\SysNative\appmgmts.dll -> [2009-07-14 03:40:01 | 000,193,536 | ---- | M | MD5 = 4ABA3E75A76195A3E38ED2766C962899] (Microsoft Corporation) *MultiFile Done* -> -> < Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ -> text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2006-10-26 21:41:48 | 000,044,344 | ---- | M | MD5 = 1264F787E46DC572FA274CA09B446E01] (Microsoft Corporation) < 64bit-Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found skype-ie-addon-data:{91774881-D725-4E58-B298-07617B9B86A8} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found wlpg:{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL[IEProtocolHandler Class] -> [2011-11-03 13:48:40 | 002,156,192 | R--- | M | MD5 = 6E04C50CA4A3FA2CC812CD7AB84EB6D7] (Skype Technologies) skype-ie-addon-data:{91774881-D725-4E58-B298-07617B9B86A8} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll[Skype IE add-on Pluggable Protocol] -> [2012-01-17 11:43:46 | 003,855,520 | ---- | M | MD5 = 70CE1DA6684A7043B0008C2F2E286E27] (Skype Technologies S.A.) < 64bit-SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AppMgmt -> C:\Windows\SysNative\appmgmts.dll -> [2009-07-14 03:40:01 | 000,193,536 | ---- | M | MD5 = 4ABA3E75A76195A3E38ED2766C962899] (Microsoft Corporation) Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group HelpSvc -> Service NTDS -> 32bit -> File not found PCI Configuration -> Driver Group PEVSystemStart -> Service PNP Filter -> Driver Group Primary disk -> Driver Group procexp90.Sys -> Driver sacsvr -> Service SCSI Class -> Driver Group System Bus Extender -> Driver Group TrustedInstaller -> 32bit -> File not found vmms -> Service WinDefend -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009-07-14 03:41:27 | 001,011,712 | ---- | M | MD5 = CF318F60A84F15AF352439465A8D05F4] (Microsoft Corporation) < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AppInfo -> 64bit -> File not found Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group DcomLaunch -> 64bit -> File not found EFS -> 64bit -> File not found EventLog -> 64bit -> File not found File system -> Driver Group Filter -> Driver Group HelpSvc -> Service KeyIso -> 64bit -> File not found Netlogon -> 64bit -> File not found NTDS -> 64bit -> File not found PCI Configuration -> Driver Group PEVSystemStart -> Service PlugPlay -> 64bit -> File not found PNP Filter -> Driver Group Power -> 64bit -> File not found Primary disk -> Driver Group procexp90.Sys -> Driver ProfSvc -> 64bit -> File not found RpcEptMapper -> 64bit -> File not found RpcSs -> 64bit -> File not found sacsvr -> Service SCSI Class -> Driver Group sermouse.sys -> 64bit -> File not found SWPRV -> 64bit -> File not found System Bus Extender -> Driver Group TabletInputService -> 64bit -> File not found TBS -> 64bit -> File not found VDS -> 64bit -> File not found vga.sys -> 64bit -> File not found vgasave.sys -> 64bit -> File not found vmms -> Service volmgr.sys -> 64bit -> File not found volmgrx.sys -> 64bit -> File not found WinDefend -> 64bit -> File not found WinMgmt -> 64bit -> File not found WudfPf -> 64bit -> File not found WudfRd -> 64bit -> File not found WudfSvc -> 64bit -> File not found < 64bit-SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AppMgmt -> C:\Windows\SysNative\appmgmts.dll -> [2009-07-14 03:40:01 | 000,193,536 | ---- | M | MD5 = 4ABA3E75A76195A3E38ED2766C962899] (Microsoft Corporation) Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group Hamachi2Svc -> 32bit -> File not found HelpSvc -> Service Messenger -> Service NDIS Wrapper -> Driver Group NetBIOSGroup -> Driver Group NetDDEGroup -> Driver Group Network -> Driver Group NetworkProvider -> Driver Group NTDS -> 32bit -> File not found PCI Configuration -> Driver Group PEVSystemStart -> Service PNP Filter -> Driver Group PNP_TDI -> Driver Group Primary disk -> Driver Group procexp90.Sys -> Driver rdsessmgr -> Service sacsvr -> Service SCSI Class -> Driver Group Streams Drivers -> Driver Group System Bus Extender -> Driver Group TDI -> Driver Group TrustedInstaller -> 32bit -> File not found vmms -> Service WinDefend -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009-07-14 03:41:27 | 001,011,712 | ---- | M | MD5 = CF318F60A84F15AF352439465A8D05F4] (Microsoft Corporation) WudfUsbccidDriver -> Driver < SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AFD -> 64bit -> File not found AppInfo -> 64bit -> File not found Base -> Driver Group BFE -> 64bit -> File not found Boot Bus Extender -> Driver Group Boot file system -> Driver Group bowser -> 64bit -> File not found Browser -> 64bit -> File not found DcomLaunch -> 64bit -> File not found dfsc -> 64bit -> File not found DnsCache -> 64bit -> File not found Dot3Svc -> 64bit -> File not found Eaphost -> 64bit -> File not found EFS -> 64bit -> File not found EventLog -> 64bit -> File not found File system -> Driver Group Filter -> Driver Group Hamachi2Svc -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -> [2012-02-28 18:38:54 | 002,343,816 | ---- | M | MD5 = D483DBAEF409E8AB7477C28615FCD853] (LogMeIn Inc.) HelpSvc -> Service IKEEXT -> 64bit -> File not found ipnat.sys -> 64bit -> File not found KeyIso -> 64bit -> File not found LanmanServer -> 64bit -> File not found LanmanWorkstation -> 64bit -> File not found LmHosts -> 64bit -> File not found Messenger -> Service MPSDrv -> 64bit -> File not found MPSSvc -> 64bit -> File not found mrxsmb -> 64bit -> File not found mrxsmb10 -> 64bit -> File not found mrxsmb20 -> 64bit -> File not found NativeWifiP -> 64bit -> File not found NDIS -> 64bit -> File not found NDIS Wrapper -> Driver Group ndiscap -> 64bit -> File not found Ndisuio -> 64bit -> File not found NetBIOS -> 64bit -> File not found NetBIOSGroup -> Driver Group NetBT -> 64bit -> File not found NetDDEGroup -> Driver Group Netlogon -> 64bit -> File not found NetMan -> 64bit -> File not found Network -> Driver Group NetworkProvider -> Driver Group NlaSvc -> 64bit -> File not found Nsi -> 64bit -> File not found nsiproxy.sys -> 64bit -> File not found NTDS -> 64bit -> File not found PCI Configuration -> Driver Group PEVSystemStart -> Service PlugPlay -> 64bit -> File not found PNP Filter -> Driver Group PNP_TDI -> Driver Group PolicyAgent -> 64bit -> File not found Power -> 64bit -> File not found Primary disk -> Driver Group procexp90.Sys -> Driver ProfSvc -> 64bit -> File not found rdbss -> 64bit -> File not found rdpencdd.sys -> 64bit -> File not found rdsessmgr -> Service RpcEptMapper -> 64bit -> File not found RpcSs -> 64bit -> File not found sacsvr -> Service SCardSvr -> 64bit -> File not found SCSI Class -> Driver Group sermouse.sys -> 64bit -> File not found SharedAccess -> 64bit -> File not found Streams Drivers -> Driver Group SWPRV -> 64bit -> File not found System Bus Extender -> Driver Group TabletInputService -> 64bit -> File not found TBS -> 64bit -> File not found Tcpip -> 64bit -> File not found TDI -> Driver Group VaultSvc -> 64bit -> File not found VDS -> 64bit -> File not found vga.sys -> 64bit -> File not found vgasave.sys -> 64bit -> File not found vmms -> Service volmgr.sys -> 64bit -> File not found volmgrx.sys -> 64bit -> File not found WinDefend -> 64bit -> File not found WinMgmt -> 64bit -> File not found Wlansvc -> 64bit -> File not found WudfPf -> 64bit -> File not found WudfRd -> 64bit -> File not found WudfSvc -> 64bit -> File not found WudfUsbccidDriver -> Driver < 64bit-Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center \\"cval" -> [1] -> File not found 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc \Svc\\"VistaSp1" -> [28 4D B2 76 41 04 CA 01 [binary data]] -> File not found \Svc\\"AntiVirusOverride" -> [0] -> File not found \Svc\\"AntiSpywareOverride" -> [0] -> File not found \Svc\\"FirewallOverride" -> [0] -> File not found 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> -> < Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> < System Restore User Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore -> "DisableSR" -> 0 -> < Windows DomainProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile \\"DisableNotifications" -> [0] -> File not found \\"EnableFirewall" -> [1] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging\ -> -> < Windows StandardProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile \\"DisableNotifications" -> [0] -> File not found \\"EnableFirewall" -> [0] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> -> < Session Manager Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager -> *BootExecute* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\BootExecute -> autocheck autochk * -> -> File not found *MultiFile Done* -> -> "ExcludeFromKnownDlls" -> [binary data] -> 64bit-*ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\ObjectDirectories -> \Windows -> \Windows -> [2012-05-11 17:10:27 | 000,000,000 | ---D | M] \RPC Control -> -> File not found *MultiFile Done* -> -> *ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\ObjectDirectories -> \Windows -> \Windows -> [2012-05-11 17:10:27 | 000,000,000 | ---D | M] \RPC Control -> -> File not found *MultiFile Done* -> -> 64bit-*PendingFileRenameOperations* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\PendingFileRenameOperations -> \??\C:\Users\Shiva\Desktop\OTS.exe [\??\C:\Users\Shiva\Desktop\OTS.exe] -> C:\Users\Shiva\Desktop\OTS.exe [C:\Users\Shiva\Desktop\OTS.exe] -> [2012-05-11 17:06:56 | 000,646,656 | ---- | M | MD5 = 700B66BC8B579C3CA00DC36E6E48714C] (OldTimer Tools) *MultiFile Done* -> -> *PendingFileRenameOperations* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\PendingFileRenameOperations -> \??\C:\Users\Shiva\Desktop\OTS.exe [\??\C:\Users\Shiva\Desktop\OTS.exe] -> C:\Users\Shiva\Desktop\OTS.exe [C:\Users\Shiva\Desktop\OTS.exe] -> [2012-05-11 17:06:56 | 000,646,656 | ---- | M | MD5 = 700B66BC8B579C3CA00DC36E6E48714C] (OldTimer Tools) *MultiFile Done* -> -> < Session Manager Environment Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment -> 64bit-"ComSpec" -> C:\Windows\SysNative\cmd.exe -> [2009-07-14 03:39:01 | 000,344,576 | ---- | M | MD5 = 6960D29ABE74341FAB8300DB3E6F883D] (Microsoft Corporation) "ComSpec" -> C:\Windows\SysWOW64\cmd.exe -> [2009-07-14 03:14:15 | 000,301,568 | ---- | M | MD5 = 8AE6DD9A6D246004DA047F704F0CC487] (Microsoft Corporation) "TEMP" -> C:\Windows\Temp -> [2012-05-11 17:17:59 | 000,000,000 | ---D | M] "TMP" -> C:\Windows\Temp -> [2012-05-11 17:17:59 | 000,000,000 | ---D | M] "windir" -> C:\Windows -> [2012-05-11 17:10:27 | 000,000,000 | ---D | M] 64bit-*Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> [2012-03-06 19:51:39 | 000,000,000 | ---D | M] C:\Program Files (x86)\AMD APP\bin\x86_64 -> C:\Program Files (x86)\AMD APP\bin\x86_64 -> [2011-12-30 23:06:05 | 000,000,000 | ---D | M] C:\Program Files (x86)\AMD APP\bin\x86 -> -> File not found C:\Program Files\Common Files\Microsoft Shared\Windows Live -> C:\Program Files\Common Files\Microsoft Shared\Windows Live -> [2011-09-29 17:43:35 | 000,000,000 | ---D | M] C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live -> [2011-09-29 17:43:35 | 000,000,000 | ---D | M] %SystemRoot%\system32 -> C:\Windows\SysNative -> File not found %SystemRoot% -> C:\Windows -> [2012-05-11 17:10:27 | 000,000,000 | ---D | M] %SystemRoot%\System32\Wbem -> C:\Windows\SysNative\wbem -> [2012-05-11 16:27:47 | 000,000,000 | ---D | M] %SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ -> C:\Windows\SysNative\WindowsPowerShell\v1.0\ -> [2009-07-14 19:55:33 | 000,000,000 | ---D | M] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static -> [2012-02-01 21:51:45 | 000,000,000 | ---D | M] C:\Program Files (x86)\Windows Live\Shared -> C:\Program Files (x86)\Windows Live\Shared -> [2011-09-29 17:45:36 | 000,000,000 | ---D | M] C:\Program Files (x86)\Common Files\Ulead Systems\MPEG -> -> File not found *MultiFile Done* -> -> *Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> [2012-03-06 19:51:39 | 000,000,000 | ---D | M] C:\Program Files (x86)\AMD APP\bin\x86_64 -> C:\Program Files (x86)\AMD APP\bin\x86_64 -> [2011-12-30 23:06:05 | 000,000,000 | ---D | M] C:\Program Files (x86)\AMD APP\bin\x86 -> -> File not found C:\Program Files\Common Files\Microsoft Shared\Windows Live -> C:\Program Files\Common Files\Microsoft Shared\Windows Live -> [2011-09-29 17:43:35 | 000,000,000 | ---D | M] C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live -> [2011-09-29 17:43:35 | 000,000,000 | ---D | M] %SystemRoot%\system32 -> C:\Windows\SysWOW64 -> [2012-05-11 16:03:22 | 000,000,000 | ---D | M] %SystemRoot% -> C:\Windows -> [2012-05-11 17:10:27 | 000,000,000 | ---D | M] %SystemRoot%\System32\Wbem -> C:\Windows\SysWOW64\wbem -> [2009-07-14 20:09:10 | 000,000,000 | ---D | M] %SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ -> C:\Windows\SysWow64\WindowsPowerShell\v1.0\ -> [2009-07-14 19:55:34 | 000,000,000 | ---D | M] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static -> [2012-02-01 21:51:45 | 000,000,000 | ---D | M] C:\Program Files (x86)\Windows Live\Shared -> C:\Program Files (x86)\Windows Live\Shared -> [2011-09-29 17:45:36 | 000,000,000 | ---D | M] C:\Program Files (x86)\Common Files\Ulead Systems\MPEG -> -> File not found *MultiFile Done* -> -> *PATHEXT* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\PATHEXT -> .COM -> -> File not found .EXE -> -> File not found .BAT -> -> File not found .CMD -> -> File not found .VBS -> -> File not found .VBE -> -> File not found .JS -> -> File not found .JSE -> -> File not found .WSF -> -> File not found .WSH -> -> File not found .MSC -> -> File not found *MultiFile Done* -> -> < Session Manager FileRenameOperations Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\FileRenameOperations -> < Session Manager KnownDlls Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDlls -> 64bit-"advapi32" -> C:\Windows\SysNative\advapi32.dll -> [2009-07-14 03:40:01 | 000,877,056 | ---- | M | MD5 = 6DF46D2BD74E3DA1B45F08F10D172732] (Microsoft Corporation) 64bit-"clbcatq" -> C:\Windows\SysNative\clbcatq.dll -> [2009-07-14 03:40:15 | 000,607,744 | ---- | M | MD5 = 25983DE69B57142039AC8D95E71CD9C9] (Microsoft Corporation) 64bit-"COMDLG32" -> C:\Windows\SysNative\comdlg32.dll -> [2009-07-14 03:40:22 | 000,595,456 | ---- | M | MD5 = F94B8644F3AFE040EC6E1B6FBC9EFAA9] (Microsoft Corporation) 64bit-"DifxApi" -> C:\Windows\SysNative\difxapi.dll -> [2009-07-14 03:40:30 | 000,504,320 | ---- | M | MD5 = F7CE0C81C545364020ED8203CF0A633E] (Microsoft Corporation) 64bit-"DllDirectory" -> C:\Windows\SysNative -> File not found 64bit-"DllDirectory32" -> C:\Windows\SysWOW64 -> [2012-05-11 16:03:22 | 000,000,000 | ---D | M] 64bit-"gdi32" -> C:\Windows\SysNative\gdi32.dll -> [2009-07-14 03:40:56 | 000,404,480 | ---- | M | MD5 = E1B1255D3A4B3367FE4E9C71E62E3B5A] (Microsoft Corporation) 64bit-"IERTUTIL" -> C:\Windows\SysNative\iertutil.dll -> [2009-07-14 03:41:06 | 002,440,704 | ---- | M | MD5 = 39570395292A4702FDE94C345DF0C39E] (Microsoft Corporation) 64bit-"IMAGEHLP" -> C:\Windows\SysNative\imagehlp.dll -> [2009-07-14 03:41:08 | 000,076,288 | ---- | M | MD5 = A655878D5E5F1D14B006313CBB58A041] (Microsoft Corporation) 64bit-"IMM32" -> C:\Windows\SysNative\imm32.dll -> [2009-07-14 03:41:09 | 000,167,424 | ---- | M | MD5 = AA2C08CE85653B1A0D2E4AB407FA176C] (Microsoft Corporation) 64bit-"kernel32" -> C:\Windows\SysNative\kernel32.dll -> [2009-07-14 03:41:13 | 001,162,240 | ---- | M | MD5 = 5B4B379AD10DEDA4EDA01B8C6961B193] (Microsoft Corporation) 64bit-"LPK" -> C:\Windows\SysNative\lpk.dll -> [2009-07-14 03:41:19 | 000,041,984 | ---- | M | MD5 = D202223587518B13D72D68937B7E3F70] (Microsoft Corporation) 64bit-"MSCTF" -> C:\Windows\SysNative\msctf.dll -> [2009-07-14 03:41:28 | 001,067,008 | ---- | M | MD5 = C431EAF5CAA1C82CAC2534A2EAB348A3] (Microsoft Corporation) 64bit-"MSVCRT" -> C:\Windows\SysNative\msvcrt.dll -> [2009-07-14 03:41:32 | 000,634,880 | ---- | M | MD5 = 7319BB10FA1F86E49E3DCF4136F6C957] (Microsoft Corporation) 64bit-"NORMALIZ" -> C:\Windows\SysNative\normaliz.dll -> [2009-07-14 03:31:40 | 000,002,560 | ---- | M | MD5 = 28C0B5024F5C5A438E78B188CFC81B7F] (Microsoft Corporation) 64bit-"NSI" -> C:\Windows\SysNative\nsi.dll -> [2009-07-14 03:41:53 | 000,013,824 | ---- | M | MD5 = 044FE45FFD6AD40E3BBBE60B7F41BABE] (Microsoft Corporation) 64bit-"ole32" -> C:\Windows\SysNative\ole32.dll -> [2009-07-14 03:41:53 | 002,084,352 | ---- | M | MD5 = 4B25DDE615AC2CABAB73169CA7DA96E6] (Microsoft Corporation) 64bit-"OLEAUT32" -> C:\Windows\SysNative\oleaut32.dll -> [2009-07-14 03:41:53 | 000,861,184 | ---- | M | MD5 = 2EC1645863B2C0598227D99C13E231DB] (Microsoft Corporation) 64bit-"PSAPI" -> C:\Windows\SysNative\psapi.dll -> [2009-07-14 03:41:53 | 000,009,216 | ---- | M | MD5 = D87E1E59C73C1F98D5DED5B3850C40F5] (Microsoft Corporation) 64bit-"rpcrt4" -> C:\Windows\SysNative\rpcrt4.dll -> [2009-07-14 03:41:53 | 001,221,632 | ---- | M | MD5 = 48C903068B6BDAB5EF650B9CBEE85295] (Microsoft Corporation) 64bit-"sechost" -> C:\Windows\SysNative\sechost.dll -> [2009-07-14 03:41:53 | 000,113,664 | ---- | M | MD5 = 83404DCBCE4925B6A5A77C5170F46D86] (Microsoft Corporation) 64bit-"Setupapi" -> C:\Windows\SysNative\setupapi.dll -> [2009-07-14 03:41:54 | 001,899,520 | ---- | M | MD5 = 6A4EA4C29FBF78112AE20013FB71E9C1] (Microsoft Corporation) 64bit-"SHELL32" -> C:\Windows\SysNative\shell32.dll -> [2009-07-14 03:41:54 | 014,161,920 | ---- | M | MD5 = 4EE609BFBD4D5316F662832680828FA6] (Microsoft Corporation) 64bit-"SHLWAPI" -> C:\Windows\SysNative\shlwapi.dll -> [2009-07-14 03:41:54 | 000,449,536 | ---- | M | MD5 = 15BDC173EB5FA4F92B67D9FFB269A6EA] (Microsoft Corporation) 64bit-"URLMON" -> C:\Windows\SysNative\urlmon.dll -> [2009-07-14 03:41:56 | 001,492,480 | ---- | M | MD5 = 690637129A0DD2DB8DED8B6B17EED0AB] (Microsoft Corporation) 64bit-"user32" -> C:\Windows\SysNative\user32.dll -> [2009-07-14 03:41:56 | 001,008,640 | ---- | M | MD5 = 72D7B3EA16946E8F0CF7458150031CC6] (Microsoft Corporation) 64bit-"USP10" -> C:\Windows\SysNative\usp10.dll -> [2009-07-14 03:41:56 | 000,801,280 | ---- | M | MD5 = 5F2BDCA5FA0F20A6F452CF0EE2A2B18C] (Microsoft Corporation) 64bit-"WININET" -> C:\Windows\SysNative\wininet.dll -> [2009-07-14 03:41:56 | 001,193,472 | ---- | M | MD5 = B1037F0131C9A010D611F6914E03CD92] (Microsoft Corporation) 64bit-"WLDAP32" -> C:\Windows\SysNative\Wldap32.dll -> [2009-07-14 03:41:56 | 000,311,808 | ---- | M | MD5 = E5CBF5F8623BBD1DB7B8148A66F6EBA4] (Microsoft Corporation) 64bit-"WS2_32" -> C:\Windows\SysNative\ws2_32.dll -> [2009-07-14 03:41:58 | 000,296,448 | ---- | M | MD5 = 7083F463788CB34FCC42F565D56F89E8] (Microsoft Corporation) "advapi32" -> C:\Windows\SysWow64\advapi32.dll -> [2009-07-14 03:14:53 | 000,640,000 | ---- | M | MD5 = 0C65FA8214D6F8378D1D3BA1CA46AF0A] (Microsoft Corporation) "clbcatq" -> C:\Windows\SysWow64\clbcatq.dll -> [2009-07-14 03:15:03 | 000,522,240 | ---- | M | MD5 = FF5688D309347F2720911D8796912834] (Microsoft Corporation) "COMDLG32" -> C:\Windows\SysWow64\comdlg32.dll -> [2009-07-14 03:15:07 | 000,486,912 | ---- | M | MD5 = A223CF703E28CBD7E9E7982141FA403C] (Microsoft Corporation) "DifxApi" -> C:\Windows\SysWow64\difxapi.dll -> [2009-07-14 03:15:11 | 000,315,904 | ---- | M | MD5 = 070C5B9D3006602A07757179D9B56F5D] (Microsoft Corporation) "DllDirectory" -> C:\Windows\SysWOW64 -> [2012-05-11 16:03:22 | 000,000,000 | ---D | M] "DllDirectory32" -> C:\Windows\SysWOW64 -> [2012-05-11 16:03:22 | 000,000,000 | ---D | M] "gdi32" -> C:\Windows\SysWow64\gdi32.dll -> [2009-07-14 03:11:21 | 000,310,784 | ---- | M | MD5 = FBE1E0B9EF53B5BB7C36763AA6A685CF] (Microsoft Corporation) "IERTUTIL" -> C:\Windows\SysWow64\iertutil.dll -> [2009-07-14 03:15:28 | 002,058,240 | ---- | M | MD5 = 13D1F490AF6C7649F51BA29F9CCBB778] (Microsoft Corporation) "IMAGEHLP" -> C:\Windows\SysWow64\imagehlp.dll -> [2009-07-14 03:15:31 | 000,154,624 | ---- | M | MD5 = 61DA1DD85F7A9A8F8DEA8771931FAAF6] (Microsoft Corporation) "IMM32" -> C:\Windows\SysWow64\imm32.dll -> [2009-07-14 03:11:21 | 000,119,808 | ---- | M | MD5 = 0DE3069D6E09BA262856EF31C941BEFE] (Microsoft Corporation) "kernel32" -> C:\Windows\SysWow64\kernel32.dll -> [2009-07-14 03:11:23 | 000,836,608 | ---- | M | MD5 = 606ECB76A424CC535407E7A24E2A34BC] (Microsoft Corporation) "LPK" -> C:\Windows\SysWow64\lpk.dll -> [2009-07-14 03:11:23 | 000,025,600 | ---- | M | MD5 = 384721EF4024890092625E20CADFAF85] (Microsoft Corporation) "MSCTF" -> C:\Windows\SysWow64\msctf.dll -> [2009-07-14 03:15:43 | 000,828,928 | ---- | M | MD5 = C9618BC9B2B0FD7C1138D8774795A79B] (Microsoft Corporation) "MSVCRT" -> C:\Windows\SysWow64\msvcrt.dll -> [2009-07-14 03:15:50 | 000,690,688 | ---- | M | MD5 = E46D48A7FE961401F1CBF85531CDF05D] (Microsoft Corporation) "NORMALIZ" -> C:\Windows\SysWow64\normaliz.dll -> [2009-07-14 03:09:00 | 000,002,048 | ---- | M | MD5 = 9C278785347BCC991F8EA2999D90F58D] (Microsoft Corporation) "NSI" -> C:\Windows\SysWow64\nsi.dll -> [2009-07-14 03:16:11 | 000,008,704 | ---- | M | MD5 = 6377051C63D5552A311935C67E9FDFDC] (Microsoft Corporation) "ole32" -> C:\Windows\SysWow64\ole32.dll -> [2009-07-14 03:16:12 | 001,412,608 | ---- | M | MD5 = 4ACB903AD1693858A918907358CBD9E4] (Microsoft Corporation) "OLEAUT32" -> C:\Windows\SysWow64\oleaut32.dll -> [2009-07-14 03:16:12 | 000,571,904 | ---- | M | MD5 = FADBB267FE9846233ED486DE6EEAAEB9] (Microsoft Corporation) "PSAPI" -> C:\Windows\SysWow64\psapi.dll -> [2009-07-14 03:16:12 | 000,006,144 | ---- | M | MD5 = A543AC1F7138376D778D630A35FCBC4C] (Microsoft Corporation) "rpcrt4" -> C:\Windows\SysWow64\rpcrt4.dll -> [2009-07-14 03:11:23 | 000,662,528 | ---- | M | MD5 = 90385551B6B3793E949DF310A11D64E7] (Microsoft Corporation) "sechost" -> C:\Windows\SysWow64\sechost.dll -> [2009-07-14 03:16:13 | 000,092,160 | ---- | M | MD5 = CFC97F07904067A1E5FAE195D534DA3A] (Microsoft Corporation) "Setupapi" -> C:\Windows\SysWow64\setupapi.dll -> [2009-07-14 03:16:14 | 001,668,608 | ---- | M | MD5 = 41323AB614A2B66AD77B1121D24AC895] (Microsoft Corporation) "SHELL32" -> C:\Windows\SysWow64\shell32.dll -> [2009-07-14 03:16:14 | 012,866,560 | ---- | M | MD5 = 518C6116079414E7074E726925D07A41] (Microsoft Corporation) "SHLWAPI" -> C:\Windows\SysWow64\shlwapi.dll -> [2009-07-14 03:16:14 | 000,350,208 | ---- | M | MD5 = F037DB14CF6165C62F4A64D12A25B07C] (Microsoft Corporation) "URLMON" -> C:\Windows\SysWow64\urlmon.dll -> [2009-07-14 03:16:17 | 001,224,704 | ---- | M | MD5 = 4AF9FD44342A024B867E1950EE46FCB8] (Microsoft Corporation) "user32" -> C:\Windows\SysWow64\user32.dll -> [2009-07-14 03:11:24 | 000,833,024 | ---- | M | MD5 = E8B0FFC209E504CB7E79FC24E6C085F0] (Microsoft Corporation) "USP10" -> C:\Windows\SysWow64\usp10.dll -> [2009-07-14 03:16:17 | 000,627,200 | ---- | M | MD5 = 0BA19F3198C40AC4E8CC66EE02EDA6C6] (Microsoft Corporation) "WININET" -> C:\Windows\SysWow64\wininet.dll -> [2009-07-14 03:16:19 | 000,977,920 | ---- | M | MD5 = 0D874F3BC751CC2198AF2E6783FB8B35] (Microsoft Corporation) "WLDAP32" -> C:\Windows\SysWow64\Wldap32.dll -> [2009-07-14 03:16:19 | 000,268,800 | ---- | M | MD5 = BFA70A99AD1434263F2DFBBA103BDEF8] (Microsoft Corporation) "WS2_32" -> C:\Windows\SysWow64\ws2_32.dll -> [2012-05-11 15:50:46 | 000,206,848 | ---- | M | MD5 = F487C775BA7C3FC2BA175F3E0A191DB0] (Microsoft Corporation) < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> 64bit-batfile [open] -> "%1" %* 64bit-cmdfile [open] -> "%1" %* 64bit-comfile [open] -> "%1" %* 64bit-exefile [open] -> "%1" %* 64bit-http [open] -> "C:\Program Files (x86)\Opera\Opera.exe" "%1" -> [2012-03-26 20:31:19 | 000,949,104 | ---- | M | MD5 = CC7001E619906A0FF78C162A0A39D5B7] (Opera Software) 64bit-https [open] -> "C:\Program Files (x86)\Opera\Opera.exe" "%1" -> [2012-03-26 20:31:19 | 000,949,104 | ---- | M | MD5 = CC7001E619906A0FF78C162A0A39D5B7] (Opera Software) 64bit-inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009-07-14 03:39:13 | 000,010,240 | ---- | M | MD5 = 7F5924AF8B6338C8C7913D4C2482150B] (Microsoft Corporation) 64bit-InternetShortcut [open] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l -> [2009-07-14 03:39:31 | 000,045,568 | ---- | M | MD5 = DD81D91FF3B0763C392422865C9AC12E] (Microsoft Corporation) 64bit-InternetShortcut [print] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" -> [2009-07-14 03:39:31 | 000,045,568 | ---- | M | MD5 = DD81D91FF3B0763C392422865C9AC12E] (Microsoft Corporation) 64bit-piffile [open] -> "%1" %* 64bit-scrfile [config] -> "%1" 64bit-scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l 64bit-scrfile [open] -> "%1" /S 64bit-Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 64bit-Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009-07-14 03:39:01 | 000,344,576 | ---- | M | MD5 = 6960D29ABE74341FAB8300DB3E6F883D] (Microsoft Corporation) 64bit-Directory [find] -> %SystemRoot%\Explorer.exe -> [2009-07-14 03:39:10 | 002,868,224 | ---- | M | MD5 = C235A51CB740E45FFA0EBFB9BAFCDA64] (Microsoft Corporation) 64bit-Directory [napiprojekt] -> "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -> [2011-12-14 19:31:56 | 006,194,176 | ---- | M | MD5 = 459B34AB00F25357AD616334804CAFEE] () 64bit-Directory [napiprojekt0] -> "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang -> [2011-12-14 19:31:56 | 006,194,176 | ---- | M | MD5 = 459B34AB00F25357AD616334804CAFEE] () 64bit-Folder [open] -> %SystemRoot%\Explorer.exe -> [2009-07-14 03:39:10 | 002,868,224 | ---- | M | MD5 = C235A51CB740E45FFA0EBFB9BAFCDA64] (Microsoft Corporation) 64bit-Drive [find] -> %SystemRoot%\Explorer.exe -> [2009-07-14 03:39:10 | 002,868,224 | ---- | M | MD5 = C235A51CB740E45FFA0EBFB9BAFCDA64] (Microsoft Corporation) batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> cplfile [cplopen] -> %SystemRoot%\System32\control.exe "%1",%* -> [2009-07-14 03:14:15 | 000,113,152 | ---- | M | MD5 = 9130377F87A2153FEAB900A00EA1EBFF] (Microsoft Corporation) exefile [open] -> "%1" %* -> http [open] -> "C:\Program Files (x86)\Opera\Opera.exe" "%1" -> [2012-03-26 20:31:19 | 000,949,104 | ---- | M | MD5 = CC7001E619906A0FF78C162A0A39D5B7] (Opera Software) https [open] -> "C:\Program Files (x86)\Opera\Opera.exe" "%1" -> [2012-03-26 20:31:19 | 000,949,104 | ---- | M | MD5 = CC7001E619906A0FF78C162A0A39D5B7] (Opera Software) inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009-07-14 03:14:21 | 000,009,216 | ---- | M | MD5 = C48DF234AE4338374D729C2D2B6171C8] (Microsoft Corporation) piffile [open] -> "%1" %* -> scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> scrfile [open] -> "%1" /S -> Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009-07-14 03:14:15 | 000,301,568 | ---- | M | MD5 = 8AE6DD9A6D246004DA047F704F0CC487] (Microsoft Corporation) Directory [find] -> %SystemRoot%\Explorer.exe -> [2009-07-14 03:39:10 | 002,868,224 | ---- | M | MD5 = C235A51CB740E45FFA0EBFB9BAFCDA64] (Microsoft Corporation) Directory [napiprojekt] -> "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -> [2011-12-14 19:31:56 | 006,194,176 | ---- | M | MD5 = 459B34AB00F25357AD616334804CAFEE] () Directory [napiprojekt0] -> "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang -> [2011-12-14 19:31:56 | 006,194,176 | ---- | M | MD5 = 459B34AB00F25357AD616334804CAFEE] () Folder [open] -> %SystemRoot%\Explorer.exe -> [2009-07-14 03:39:10 | 002,868,224 | ---- | M | MD5 = C235A51CB740E45FFA0EBFB9BAFCDA64] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2009-07-14 03:39:10 | 002,868,224 | ---- | M | MD5 = C235A51CB740E45FFA0EBFB9BAFCDA64] (Microsoft Corporation) < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> Protocol_Catalog9\Catalog_Entries\000000000001 -> C:\Program Files (x86)\FlyVPN\FlyVPNBind.dll -> [2012-02-02 09:50:42 | 000,172,376 | ---- | M | MD5 = B1E2A547F1577CFF00A3686A4A1C3440] (www.flyvpn.com) Protocol_Catalog9\Catalog_Entries\000000000002 -> C:\Program Files (x86)\FlyVPN\FlyVPNBind.dll -> [2012-02-02 09:50:42 | 000,172,376 | ---- | M | MD5 = B1E2A547F1577CFF00A3686A4A1C3440] (www.flyvpn.com) Protocol_Catalog9\Catalog_Entries\000000000003 -> C:\Program Files (x86)\FlyVPN\FlyVPNBind.dll -> [2012-02-02 09:50:42 | 000,172,376 | ---- | M | MD5 = B1E2A547F1577CFF00A3686A4A1C3440] (www.flyvpn.com) < Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> ldap -> 4 = Restricted sites (Not a Default Protocol) -> news -> 4 = Restricted sites (Not a Default Protocol) -> nntp -> 4 = Restricted sites (Not a Default Protocol) -> oecmd -> 4 = Restricted sites (Not a Default Protocol) -> snews -> 4 = Restricted sites (Not a Default Protocol) -> < Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> @ivt -> @ivt protocol not assigned -> file -> file protocol not assigned -> ftp -> ftp protocol not assigned -> http -> http protocol not assigned -> https -> https protocol not assigned -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> @ivt -> @ivt protocol not assigned -> file -> file protocol not assigned -> ftp -> ftp protocol not assigned -> http -> http protocol not assigned -> https -> https protocol not assigned -> shell -> shell protocol not assigned -> < 64bit-Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {0BD776F3-057D-4C11-020C-4FA9B13D04F9} -> AMD Catalyst Install Manager {180C8888-50F1-426B-A9DC-AB83A1989C65} -> Windows Live Language Selector {1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698} -> Windows Live ID Sign-in Assistant {26A24AE4-039D-4CA4-87B4-2F86416029FF} -> Java(TM) 6 Update 29 (64-bit) {463FB535-67FB-17C9-6FD6-164BC60462F6} -> ccc-utility64 {4B6C7001-C7D6-3710-913E-5BC23FCE91E6} -> Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 {503F672D-6C84-448A-8F8F-4BC35AC83441} -> AMD APP SDK Runtime {69FDD045-DA24-CA41-8FD2-6B3A91F4EDEE} -> AMD Fuel {8220EEFE-38CD-377E-8595-13398D740ACE} -> Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 {8E34682C-8118-31F1-BC4C-98CD9675E1C2} -> Microsoft .NET Framework 4 Extended {90120000-002A-0000-1000-0000000FF1CE} -> Microsoft Office Office 64-bit Components 2007 {90120000-002A-0415-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit MUI (Polish) 2007 {95120000-00B9-0409-1000-0000000FF1CE} -> Microsoft Application Error Reporting {A6FE29A0-622B-2763-88AA-D1E084F77CD9} -> AMD Media Foundation Decoders {CFA5BA6D-D6BB-AE1B-E61E-5B1ACFC8F0BB} -> AMD Drag and Drop Transcoding {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E} -> Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} -> Microsoft .NET Framework 4 Client Profile CCleaner -> CCleaner Connectify -> Connectify CPUID CPU-Z_is1 -> CPUID CPU-Z 1.58 Defraggler -> Defraggler EPSON SX125 Series -> Odinstaluj drukarkę EPSON SX125 Series Microsoft .NET Framework 4 Client Profile -> Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended -> Microsoft .NET Framework 4 Extended Speccy -> Speccy WinRAR archiver -> WinRAR 4.01 (64-bitowy) < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {048298C9-A4D3-490B-9FF9-AB023A9238F3} -> Steam {0654EA5D-308A-4196-882B-5C09744A5D81} -> Windows Live Photo Common {0B0F231F-CE6A-483D-AA23-77B364F75917} -> Windows Live Installer {0C1931EB-8339-4837-8BEC-75029BF42734} -> Windows Live UX Platform Language Pack {11083C7A-D0D6-4DA4-8C3A-74B8389EC07B} -> ATI Catalyst Registration {1a413f37-ed88-4fec-9666-5c48dc4b7bb7} -> YouTube Downloader 3.5 {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 {200FEC62-3C34-4D60-9CE8-EC372E01C08F} -> Windows Live SOXE Definitions {26A24AE4-039D-4CA4-87B4-2F83216027FF} -> Java(TM) 6 Update 30 {2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E} -> Google Earth Plug-in {2ECA81CA-D932-4AD3-AD59-BF5CCF099C83} -> Catalyst Control Center - Branding {3336F667-9049-4D46-98B6-4C743EEBC5B1} -> Windows Live Photo Gallery {347151C4-7F16-B275-8865-CC6B64056D3F} -> Catalyst Control Center Graphics Previews Common {4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater {4CB0307C-565E-4441-86BE-0DF2E4FB828C} -> Microsoft Games for Windows Marketplace {521AAD14-5030-44BB-8B0E-5CE65FCE57E0} -> InterVideo DeviceService {5442DAB8-7177-49E1-8B22-09A049EA5996} -> Renesas Electronics USB 3.0 Host Controller Driver {5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1 -> Driver Sweeper wersja 3.2.0 {62AEBBB6-8314-7902-B3DA-1690F97DFA74} -> CCC Help English {64029508-2587-4D39-AB83-2AC722FBFCC2} -> XSplit {64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC} -> Battlefield 3™ {682B3E4F-696A-42DE-A41C-4C07EA1678B4} -> Windows Live SOXE {6A9D1594-7791-48f5-9CAA-DE9BCB968320} -> Mass Effect™ 3 {7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable {7A9D47BA-6D50-4087-866F-0800D8B89383} -> Podstawowe programy Windows Live {7CAC6A44-C3DE-4153-ACA6-7524602C789E} -> Facebook Video Calling 1.2.0.159 {837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable {83C292B7-38A5-440B-A731-07070E81A64F} -> Windows Live PIMT Platform {8833FFB6-5B0C-4764-81AA-06DFEED9A476} -> Realtek Ethernet Controller Driver For Windows 7 {8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3} -> The Lord of the Rings FREE Trial {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} -> MSVCRT {90120000-0015-0415-0000-0000000FF1CE} -> Microsoft Office Access MUI (Polish) 2007 {90120000-0016-0415-0000-0000000FF1CE} -> Microsoft Office Excel MUI (Polish) 2007 {90120000-0018-0415-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (Polish) 2007 {90120000-0019-0415-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (Polish) 2007 {90120000-001A-0415-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (Polish) 2007 {90120000-001B-0415-0000-0000000FF1CE} -> Microsoft Office Word MUI (Polish) 2007 {90120000-001F-0407-0000-0000000FF1CE} -> Microsoft Office Proof (German) 2007 {90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007 {90120000-001F-0415-0000-0000000FF1CE} -> Microsoft Office Proof (Polish) 2007 {90120000-002C-0415-0000-0000000FF1CE} -> Microsoft Office Proofing (Polish) 2007 {90120000-0030-0000-0000-0000000FF1CE} -> Microsoft Office Enterprise 2007 {90120000-0044-0415-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (Polish) 2007 {90120000-006E-0415-0000-0000000FF1CE} -> Microsoft Office Shared MUI (Polish) 2007 {90120000-00A1-0415-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (Polish) 2007 {90120000-00BA-0415-0000-0000000FF1CE} -> Microsoft Office Groove MUI (Polish) 2007 {92EA4134-10D1-418A-91E1-5A0453131A38} -> Windows Live Movie Maker {9370105C-71BB-4FF9-A85B-36D79B95457A}_is1 -> ALLConverter PRO 1.1 {943A8D28-80D6-41DC-AE94-81FEB42041BF} -> System Requirements Lab CYRI {980A182F-E0A2-4A40-94C1-AE0C1235902E} -> Pando Media Booster {9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 {9FD6F1A8-5550-46AF-8509-271DF0E768B5} -> Dual-Core Optimizer {A10B9E4E-9C40-4491-A3E1-C2B53DAB03C1} -> Facebook Messenger 2.0.4478.0 {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper {A9BDCA6B-3653-467B-AC83-94367DA3BFE3} -> Windows Live Photo Common {AC76BA86-7AD7-1045-7B44-A94000000001} -> Adobe Reader 9.4.0 - Polish {B6CF2967-C81E-40C0-9815-C05774FEF120} -> Skype Click to Call {BA88EE67-8974-459D-A1DB-C8281D9AC6F6} -> Browser Configuration Utility {C01AE05C-3C8C-75B3-C9F0-1B525DD3697C} -> Catalyst Control Center InstallProxy {CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431} -> Galeria fotografii usługi Windows Live {CB5F1FBF-57DB-4E22-83B0-FEC53C389762} -> YouTube Downloader Toolbar v5.6 {CC8C451E-A820-48C8-AE92-A0FF088969D8} -> Stereoscopic Player {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} -> Windows Live UX Platform {D45240D3-B6B3-4FF9-B243-54ECE3E10066} -> Windows Live Communications Platform {DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9} -> NVIDIA PhysX {DAD5AC93-8518-4F46-A5FE-E63FEE791B6F} -> AMD OverDrive {E09C4DB7-630C-4F06-A631-8EA7239923AF} -> D3DX10 {E2494AD8-314D-44F8-B39C-4358A60DC184} -> LogMeIn Hamachi {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8} -> Skype™ 5.8 {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU] {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} -> Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver {F2508213-9989-4E85-A078-72BE483917EF} -> Microsoft Games for Windows - LIVE Redistributable {F80E5450-3EF3-4270-B26C-6AC53BEC5E76} -> Windows Live Movie Maker {F865B0B5-0D43-2704-0B22-35C5F721374B} -> AMD VISION Engine Control Center {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin Afterburner -> MSI Afterburner 2.1.0 ALLPlayer_is1 -> ALLPlayer V5.X ASIO4ALL -> ASIO4ALL ATC_is1 -> Advanced Tactical Center™ 1.0 AV Voice Changer Software DIAMOND 6.0 -> AV Voice Changer Software DIAMOND 6.0 avast -> avast! Free Antivirus BabylonToolbar -> Babylon toolbar on IE Battlelog Web Plugins -> Battlelog Web Plugins Clownfish -> Clownfish for Skype DAEMON Tools Pro -> DAEMON Tools Pro Dll-Files.com Fixer_is1 -> Dll-Files.com Fixer EAGLE 6.1.0 -> EAGLE 6.1.0 ENTERPRISE -> Microsoft Office Enterprise 2007 EPSON Scanner -> EPSON Scan ESN Sonar-0.70.0 -> ESN Sonar ESN Sonar-0.70.4 -> ESN Sonar FL Studio 10 -> FL Studio 10 FlyVPN -> FlyVPN Fraps -> Fraps (remove only) Gadu-Gadu 10 -> Gadu-Gadu 10 GOM Player -> GOM Player Google Chrome -> Google Chrome IL Download Manager -> IL Download Manager InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996} -> Renesas Electronics USB 3.0 Host Controller Driver KLiteCodecPack_is1 -> K-Lite Mega Codec Pack 8.0.0 LogMeIn Hamachi -> LogMeIn Hamachi Matura 2012 - Matematyka1.0 -> Matura 2012 - Matematyka Motherboard Monitor 5.3.7.0 Languages_is1 -> Motherboard Monitor 5 Languages Mozilla Firefox 8.0 (x86 pl) -> Mozilla Firefox 8.0 (x86 pl) NapiProjekt_is1 -> NapiProjekt 2.0.0 (build 2151) Opera 11.61.1250 -> Opera 11.61 Origin -> Origin pcsx2-r4600 -> PCSX2 - Playstation 2 Emulator Picasa 3 -> Picasa 3 Postal 2 PL -> Postal 2 PL PunkBusterSvc -> PunkBuster Services rayatitray -> Ray Adams ATI Tray Tools Skijumping 2007_0001 -> Skijumping 2007 Sniper Elite V2_is1 -> Sniper Elite V2 SpeedFan -> SpeedFan (remove only) SpeedyDrive -> Speedy Drive (remove only) Tekken 3 Online_is1 -> TK3Online v1 with ePSXe 1.5.2 Tibia_is1 -> Tibia TMIPC -> Tibia MULTI-ip changer Tunngle beta_is1 -> Tunngle beta TVTool -> TVTool uTorrent -> µTorrent WinGimp-2.0_is1 -> GIMP 2.6.11 WinLiveSuite -> Podstawowe programy Windows Live WorldUnlock Codes Calculator -> WorldUnlock Codes Calculator xampp -> XAMPP 1.6.7 < Uninstall List [HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\] > -> HKEY_USERS\S-1-5-21-3352663067-3283764409-785011562-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> Dropbox -> Dropbox FoxTab FLV Player -> FoxTab FLV Player TeamSpeak 3 Client -> TeamSpeak 3 Client < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! [Files/Folders - Created Within 30 Days] _OTS -> C:\_OTS -> [2012-05-11 17:10:33 | 000,000,000 | ---D | C] OTS.exe -> C:\Users\Shiva\Desktop\OTS.exe -> [2012-05-11 17:06:53 | 000,646,656 | ---- | C | MD5 = 700B66BC8B579C3CA00DC36E6E48714C] (OldTimer Tools) ws2-32.dll -> C:\Windows\ws2-32.dll -> [2012-05-11 16:48:51 | 000,206,848 | ---- | C | MD5 = 7FF15A4F092CD4A96055BA69F903E3E9] (Microsoft Corporation) Speedy Drive -> C:\Users\Shiva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Speedy Drive -> [2012-05-11 16:03:24 | 000,000,000 | ---D | C] SpeedyDrive -> C:\Program Files (x86)\SpeedyDrive -> [2012-05-11 16:03:22 | 000,000,000 | ---D | C] sqlitestudio -> C:\Users\Shiva\AppData\Roaming\sqlitestudio -> [2012-05-11 14:50:41 | 000,000,000 | ---D | C] Talaturen's IP Changer 3.9 -> C:\Users\Shiva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Talaturen's IP Changer 3.9 -> [2012-05-11 14:09:31 | 000,000,000 | ---D | C] Talaturen's IP Changer -> C:\Program Files (x86)\Talaturen's IP Changer -> [2012-05-11 14:09:30 | 000,000,000 | ---D | C] Apache Friends -> C:\Users\Shiva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends -> [2012-05-11 11:52:28 | 000,000,000 | ---D | C] xampp -> C:\xampp -> [2012-05-11 11:36:22 | 000,000,000 | ---D | C] OtLand -> C:\Users\Shiva\AppData\Local\OtLand -> [2012-05-11 11:11:14 | 000,000,000 | ---D | C] Skype -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype -> [2012-05-11 10:26:44 | 000,000,000 | ---D | C] Skype -> C:\Program Files (x86)\Common Files\Skype -> [2012-05-11 10:26:44 | 000,000,000 | ---D | C] Actenom -> C:\Program Files\Actenom -> [2012-05-10 22:48:15 | 000,000,000 | ---D | C] Asprate -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asprate -> [2012-05-10 22:31:28 | 000,000,000 | ---D | C] Asprate -> C:\Program Files (x86)\Asprate -> [2012-05-10 22:31:26 | 000,000,000 | ---D | C] htryha -> C:\Program Files\htryha -> [2012-05-10 22:22:40 | 000,000,000 | -H-D | C] mpr.dll -> C:\Windows\mpr.dll -> [2012-05-10 22:14:15 | 000,064,000 | ---- | C | MD5 = B9A8CBCFCD3EC9D2EA4740AF347BF108] (Microsoft Corporation) dll-files.com -> C:\Users\Shiva\AppData\Roaming\dll-files.com -> [2012-05-10 22:05:02 | 000,000,000 | ---D | C] Dll-Files.com Fixer -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files.com Fixer -> [2012-05-10 22:04:55 | 000,000,000 | ---D | C] Dll-Files.com Fixer -> C:\Program Files (x86)\Dll-Files.com Fixer -> [2012-05-10 22:04:54 | 000,000,000 | ---D | C] Files -> C:\Files -> [2012-05-10 22:03:58 | 000,000,000 | ---D | C] JEBANE OTS Z HACKAMI -> C:\Users\Shiva\Desktop\JEBANE OTS Z HACKAMI -> [2012-05-10 22:03:36 | 000,000,000 | ---D | C] Nowy folder (2) -> C:\Users\Shiva\Desktop\Nowy folder (2) -> [2012-05-10 22:03:27 | 000,000,000 | ---D | C] Tibia -> C:\Users\Shiva\AppData\Roaming\Tibia -> [2012-05-10 21:07:18 | 000,000,000 | ---D | C] Tibia -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia -> [2012-05-10 21:06:33 | 000,000,000 | ---D | C] ZIELNA -> C:\Users\Shiva\Desktop\ZIELNA -> [2012-05-09 14:12:25 | 000,000,000 | ---D | C] Rebellion -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rebellion -> [2012-05-07 16:38:10 | 000,000,000 | ---D | C] zdjecia dzialka -> C:\Users\Shiva\Desktop\zdjecia dzialka -> [2012-05-04 22:28:19 | 000,000,000 | ---D | C] Application Updater -> C:\Program Files (x86)\Application Updater -> [2012-05-04 13:36:44 | 000,000,000 | ---D | C] YouTube Downloader Toolbar -> C:\Program Files (x86)\YouTube Downloader Toolbar -> [2012-05-04 13:36:43 | 000,000,000 | ---D | C] Spigot -> C:\Program Files (x86)\Common Files\Spigot -> [2012-05-04 13:36:43 | 000,000,000 | ---D | C] SniperV2 -> C:\Users\Shiva\AppData\Local\SniperV2 -> [2012-05-03 18:59:03 | 000,000,000 | ---D | C] Witcher 2 -> C:\Users\Shiva\Documents\Witcher 2 -> [2012-04-30 22:37:27 | 000,000,000 | ---D | C] The Witcher 2 -> C:\Users\Shiva\AppData\Local\The Witcher 2 -> [2012-04-30 22:37:27 | 000,000,000 | ---D | C] Risen2 -> C:\Users\Shiva\AppData\Local\Risen2 -> [2012-04-30 18:35:13 | 000,000,000 | ---D | C] PresentationHostProxy.dll -> C:\Windows\SysWow64\PresentationHostProxy.dll -> [2012-04-30 16:59:58 | 000,099,176 | ---- | C | MD5 = DFF617498211FBB3D8D3FCC51A37B777] (Microsoft Corporation) PresentationHost.exe -> C:\Windows\SysWow64\PresentationHost.exe -> [2012-04-30 16:59:57 | 000,295,264 | ---- | C | MD5 = 302964DCAC79D618CC7B72C778DA9FD2] (Microsoft Corporation) dfshim.dll -> C:\Windows\SysWow64\dfshim.dll -> [2012-04-30 16:59:56 | 001,130,824 | ---- | C | MD5 = FA4B5940B31853ADE67A73026884C8C9] (Microsoft Corporation) netfxperf.dll -> C:\Windows\SysWow64\netfxperf.dll -> [2012-04-30 16:59:56 | 000,049,472 | ---- | C | MD5 = 15515AE1540B4EE2B75DF63FC15129DF] (Microsoft Corporation) PresentationHostProxy.dll -> C:\Windows\SysNative\PresentationHostProxy.dll -> [2012-04-30 16:59:55 | 000,109,912 | ---- | C | MD5 = C675076B247D97A427014D461CDA0039] (Microsoft Corporation) PresentationHost.exe -> C:\Windows\SysNative\PresentationHost.exe -> [2012-04-30 16:59:54 | 000,320,352 | ---- | C | MD5 = E60BB0CDC5EA153F6D24C51AAD4A73FD] (Microsoft Corporation) netfxperf.dll -> C:\Windows\SysNative\netfxperf.dll -> [2012-04-30 16:59:52 | 000,048,960 | ---- | C | MD5 = CF27F49978FB0B47E6DC0B81651F463C] (Microsoft Corporation) dfshim.dll -> C:\Windows\SysNative\dfshim.dll -> [2012-04-30 16:59:50 | 001,942,856 | ---- | C | MD5 = 767EE8126468D91C5119F25714D78DAF] (Microsoft Corporation) Sports Interactive -> C:\Users\Shiva\Documents\Sports Interactive -> [2012-04-30 11:31:05 | 000,000,000 | ---D | C] Sports Interactive -> C:\Users\Shiva\AppData\Roaming\Sports Interactive -> [2012-04-30 11:31:05 | 000,000,000 | ---D | C] Sports Interactive -> C:\Users\Shiva\AppData\Local\Sports Interactive -> [2012-04-30 11:31:05 | 000,000,000 | ---D | C] Sports Interactive -> C:\Users\Public\Documents\Sports Interactive -> [2012-04-30 11:31:05 | 000,000,000 | ---D | C] trussardi -> C:\Users\Shiva\Desktop\trussardi -> [2012-04-25 21:18:59 | 000,000,000 | ---D | C] XSplit -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit -> [2012-04-22 22:26:36 | 000,000,000 | ---D | C] SplitMediaLabs -> C:\Program Files (x86)\SplitMediaLabs -> [2012-04-22 22:26:36 | 000,000,000 | ---D | C] SplitMediaLabs -> C:\Users\Shiva\AppData\Local\SplitMediaLabs -> [2012-04-22 18:06:02 | 000,000,000 | ---D | C] SplitMediaLabs -> C:\ProgramData\SplitMediaLabs -> [2012-04-22 18:04:34 | 000,000,000 | ---D | C] SplitMediaLabs -> C:\Users\Shiva\AppData\Roaming\SplitMediaLabs -> [2012-04-22 18:03:47 | 000,000,000 | ---D | C] Diablo III -> C:\Users\Shiva\Documents\Diablo III -> [2012-04-20 15:16:09 | 000,000,000 | ---D | C] Battle.net -> C:\ProgramData\Battle.net -> [2012-04-20 14:57:02 | 000,000,000 | ---D | C] {0ECEEF92-B155-4656-971D-18B9BA1692F8} -> C:\Users\Shiva\AppData\Local\{0ECEEF92-B155-4656-971D-18B9BA1692F8} -> [2012-04-17 17:37:06 | 000,000,000 | ---D | C] Etech -> C:\Users\Shiva\Desktop\Etech -> [2012-04-16 18:43:48 | 000,000,000 | ---D | C] Nowy folder -> C:\Users\Shiva\Desktop\Nowy folder -> [2012-04-16 18:43:43 | 000,000,000 | ---D | C] Facebook -> C:\Users\Shiva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook -> [2012-04-11 23:07:17 | 000,000,000 | ---D | C] 3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> [Files/Folders - Modified Within 30 Days] FacebookUpdateTaskUserS-1-5-21-3352663067-3283764409-785011562-1000UA.job -> C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3352663067-3283764409-785011562-1000UA.job -> [2012-05-11 17:12:00 | 000,000,928 | ---- | M | MD5 = 72C47086A71852643C438FB28C2CC4C0] () OTS.exe -> C:\Users\Shiva\Desktop\OTS.exe -> [2012-05-11 17:06:56 | 000,646,656 | ---- | M | MD5 = 700B66BC8B579C3CA00DC36E6E48714C] (OldTimer Tools) 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2012-05-11 17:06:05 | 000,016,944 | -H-- | M | MD5 = F7FF0A2F239A97F63A823E2C937D2944] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2012-05-11 17:06:05 | 000,016,944 | -H-- | M | MD5 = F7FF0A2F239A97F63A823E2C937D2944] () ws2-32.dll -> C:\Windows\ws2-32.dll -> [2012-05-11 16:54:28 | 000,206,848 | ---- | M | MD5 = 7FF15A4F092CD4A96055BA69F903E3E9] (Microsoft Corporation) GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2012-05-11 16:51:00 | 000,001,046 | ---- | M | MD5 = 888DDC5BC466CDF7C98CCD689FB585D4] () GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2012-05-11 16:28:00 | 000,001,042 | ---- | M | MD5 = DD6099244B708B915610020E40AC8D9C] () bootstat.dat -> C:\Windows\bootstat.dat -> [2012-05-11 16:27:50 | 000,067,584 | --S- | M | MD5 = F60296B7994A54CD5BFEBC89B726D743] () hiberfil.sys -> C:\hiberfil.sys -> [2012-05-11 16:27:48 | 2146,832,383 | -HS- | M | Unable to obtain MD5] () DLL-files.com Fixer_UPDATES.job -> C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job -> [2012-05-11 16:07:08 | 000,000,292 | ---- | M | MD5 = C7F37F22F54598DA7A8C28FEC4777776] () Speedy Drive.lnk -> C:\Users\Shiva\Desktop\Speedy Drive.lnk -> [2012-05-11 16:03:24 | 000,001,029 | ---- | M | MD5 = D2E224E91F2AD32550CA8970EE6247CC] () Tibia.lnk -> C:\Users\Public\Desktop\Tibia.lnk -> [2012-05-11 15:03:49 | 000,000,645 | ---- | M | MD5 = 1DD6B17E78ACEB0DD5BED3DD98954D84] () Tibia MULTI-IP Changer.lnk -> C:\Users\Public\Desktop\Tibia MULTI-IP Changer.lnk -> [2012-05-11 14:08:05 | 000,002,206 | ---- | M | MD5 = 3125319A14784D1C9A86F4E13ACD7323] () my.ini -> C:\Windows\my.ini -> [2012-05-11 11:54:29 | 000,000,058 | ---- | M | MD5 = CBC0415C20E62F1E94B65D4BB2195570] () XAMPP Control Panel.lnk -> C:\Users\Shiva\Desktop\XAMPP Control Panel.lnk -> [2012-05-11 11:52:28 | 000,000,441 | ---- | M | MD5 = 9A5AB2741F3105C11CB49D4DB403E089] () FacebookUpdateTaskUserS-1-5-21-3352663067-3283764409-785011562-1000Core.job -> C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3352663067-3283764409-785011562-1000Core.job -> [2012-05-10 23:12:00 | 000,000,906 | ---- | M | MD5 = 49C250E76FF7DBD1EC40FB24BBA7A447] () lua5.1.dll -> C:\Windows\SysWow64\lua5.1.dll -> [2012-05-10 22:05:13 | 000,167,936 | ---- | M | MD5 = EE3043C17751C763E26D03F6EEBB1B8B] () DLL-Files.com FIXER.lnk -> C:\Users\Shiva\Desktop\DLL-Files.com FIXER.lnk -> [2012-05-10 22:04:55 | 000,002,028 | ---- | M | MD5 = 2B2CFE54505D2C76DF1A359D5E62C921] () mgr.exe -> C:\Users\Shiva\AppData\Roaming\mgr.exe -> [2012-05-10 21:38:41 | 000,084,480 | ---- | M | MD5 = 3DECCB908E76841E4820695EB6B5E462] () P4270212.JPG -> C:\Users\Shiva\Desktop\P4270212.JPG -> [2012-05-09 14:13:54 | 000,851,317 | ---- | M | MD5 = ED06876E83BBC6BB6E896B9D5C665096] () Access.dat -> C:\Windows\SysWow64\Access.dat -> [2012-05-08 19:14:25 | 000,000,000 | ---- | M | MD5 = D41D8CD98F00B204E9800998ECF8427E] () Sniper Elite V2.lnk -> C:\Users\Public\Desktop\Sniper Elite V2.lnk -> [2012-05-07 16:38:10 | 000,000,834 | ---- | M | MD5 = 6B4CC63B759E5D21BCA0B816EC630E99] () PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2012-05-06 22:50:49 | 001,661,232 | ---- | M | MD5 = C92D943AF5A2674C903A9074E34C15FA] () perfh015.dat -> C:\Windows\SysNative\perfh015.dat -> [2012-05-06 22:50:49 | 000,737,242 | ---- | M | MD5 = C2E2B6061A4CD12926499AEE48EB7210] () perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2012-05-06 22:50:49 | 000,651,450 | ---- | M | MD5 = 6968FAB61CE56EB5409A7CA8B79C2AC4] () perfc015.dat -> C:\Windows\SysNative\perfc015.dat -> [2012-05-06 22:50:49 | 000,153,930 | ---- | M | MD5 = 45ACCA8736D87F79CE9A4A9B0B938DCA] () perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2012-05-06 22:50:49 | 000,120,382 | ---- | M | MD5 = 15ED843F3032DECAA5CD3847EA097020] () PnkBstrB.xtr -> C:\Windows\SysWow64\PnkBstrB.xtr -> [2012-05-05 17:38:19 | 000,280,904 | ---- | M | MD5 = 1F438C2CB609CD58980CCF30355B97CD] () PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2012-05-05 17:38:19 | 000,280,904 | ---- | M | MD5 = 1F438C2CB609CD58980CCF30355B97CD] () Defraggler.lnk -> C:\Users\Public\Desktop\Defraggler.lnk -> [2012-05-05 01:02:29 | 000,001,768 | ---- | M | MD5 = AA98B99061EDB3D741634FDDB8672C75] () PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2012-04-30 22:29:26 | 001,636,610 | ---- | M | MD5 = EEA0B40FE498514D36B5A5FCD54E045E] () BARCA BUAHAHA.jpg -> C:\Users\Shiva\Desktop\BARCA BUAHAHA.jpg -> [2012-04-25 23:43:38 | 000,955,714 | ---- | M | MD5 = 9B73861BD6E7B9F85ED896169583C04A] () BARCA BUAHAHA.png -> C:\Users\Shiva\Desktop\BARCA BUAHAHA.png -> [2012-04-25 23:40:59 | 004,024,206 | ---- | M | MD5 = D63DDD3F8D4F93F6A5A1897EEA19594D] () TE10681.jpg -> C:\Users\Shiva\Desktop\TE10681.jpg -> [2012-04-24 20:29:38 | 000,027,582 | ---- | M | MD5 = CB6295CE9CD83105593CA66266963EA2] () TE10681.html -> C:\Users\Shiva\Desktop\TE10681.html -> [2012-04-24 20:28:54 | 000,009,636 | ---- | M | MD5 = D6C5DFF1A3430E02760F85BEE19EF158] () TE10681.jpg.crdownload -> C:\Users\Shiva\Desktop\TE10681.jpg.crdownload -> [2012-04-24 20:28:33 | 000,027,582 | ---- | M | MD5 = CB6295CE9CD83105593CA66266963EA2] () Bez tytułu.png -> C:\Users\Shiva\Desktop\Bez tytułu.png -> [2012-04-24 14:01:27 | 000,183,864 | ---- | M | MD5 = 724A28A7BF04EF8802CC58B5645EF4A5] () ss103-hires.jpg -> C:\Users\Shiva\Desktop\ss103-hires.jpg -> [2012-04-23 15:18:43 | 002,348,003 | ---- | M | MD5 = 53B986AB6412992C30071B59F847A3E1] () Starcraft-2-Zerg-Baneling.jpg -> C:\Users\Shiva\Desktop\Starcraft-2-Zerg-Baneling.jpg -> [2012-04-22 21:12:04 | 000,614,909 | ---- | M | MD5 = E15E276E0A774F61F3095B060D0A2608] () sc2.wlmp -> C:\Users\Shiva\Desktop\sc2.wlmp -> [2012-04-17 17:43:08 | 000,003,999 | ---- | M | MD5 = 2569D35CA7D3276A9EAE47AE43DE7B28] () 2012-04-13 19.52.54.jpg -> C:\Users\Shiva\Desktop\2012-04-13 19.52.54.jpg -> [2012-04-13 19:52:55 | 001,053,817 | ---- | M | MD5 = 4AA7BA03EDC267A2628AA25F5616585C] () Facebook Messenger.lnk -> C:\Users\Shiva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk -> [2012-04-11 23:07:17 | 000,001,338 | ---- | M | MD5 = 1E6FA0A5F3600BBC53A367685DC5E804] () Screenshot2012-04-11 22_47_33.jpg -> C:\Users\Shiva\Desktop\Screenshot2012-04-11 22_47_33.jpg -> [2012-04-11 22:47:33 | 000,553,001 | ---- | M | MD5 = 55370A8817646C55C71AFD466C36D5A3] () 3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> [Files - No Company Name] Speedy Drive.lnk -> C:\Users\Shiva\Desktop\Speedy Drive.lnk -> [2012-05-11 16:03:24 | 000,001,029 | ---- | C | MD5 = D2E224E91F2AD32550CA8970EE6247CC] () mgr.exe -> C:\Users\Shiva\AppData\Roaming\mgr.exe -> [2012-05-11 14:05:38 | 000,084,480 | ---- | C | MD5 = 3DECCB908E76841E4820695EB6B5E462] () my.ini -> C:\Windows\my.ini -> [2012-05-11 11:54:29 | 000,000,058 | ---- | C | MD5 = CBC0415C20E62F1E94B65D4BB2195570] () XAMPP Control Panel.lnk -> C:\Users\Shiva\Desktop\XAMPP Control Panel.lnk -> [2012-05-11 11:52:28 | 000,000,441 | ---- | C | MD5 = 9A5AB2741F3105C11CB49D4DB403E089] () Tibia MULTI-IP Changer.lnk -> C:\Users\Public\Desktop\Tibia MULTI-IP Changer.lnk -> [2012-05-10 22:31:28 | 000,002,206 | ---- | C | MD5 = 3125319A14784D1C9A86F4E13ACD7323] () lua51.dll -> C:\Windows\lua51.dll -> [2012-05-10 22:11:18 | 000,011,264 | ---- | C | MD5 = 5860F15AE01BF2A35F48D6D954A9C048] () otserv.exe -> C:\Windows\otserv.exe -> [2012-05-10 22:09:26 | 002,516,992 | ---- | C | MD5 = CC312A9F3508CCC5817753CFD70F4860] () null -> C:\Windows\null -> [2012-05-10 22:09:26 | 000,000,000 | ---- | C | MD5 = D41D8CD98F00B204E9800998ECF8427E] () libxml2.dll -> C:\Windows\libxml2.dll -> [2012-05-10 22:08:08 | 001,032,657 | ---- | C | MD5 = 7A5FAA0FC546742837514E46028E8E82] () libmysql.dll -> C:\Windows\libmysql.dll -> [2012-05-10 22:07:21 | 001,519,616 | ---- | C | MD5 = 01A2117F1BDDF31FEFD5274A196E6866] () lua5.1.dll -> C:\Windows\SysWow64\lua5.1.dll -> [2012-05-10 22:05:11 | 000,167,936 | ---- | C | MD5 = EE3043C17751C763E26D03F6EEBB1B8B] () DLL-files.com Fixer_UPDATES.job -> C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job -> [2012-05-10 22:05:05 | 000,000,292 | ---- | C | MD5 = C7F37F22F54598DA7A8C28FEC4777776] () DLL-Files.com FIXER.lnk -> C:\Users\Shiva\Desktop\DLL-Files.com FIXER.lnk -> [2012-05-10 22:04:55 | 000,002,028 | ---- | C | MD5 = 2B2CFE54505D2C76DF1A359D5E62C921] () Tibia.lnk -> C:\Users\Public\Desktop\Tibia.lnk -> [2012-05-10 21:06:33 | 000,000,645 | ---- | C | MD5 = 1DD6B17E78ACEB0DD5BED3DD98954D84] () P4270212.JPG -> C:\Users\Shiva\Desktop\P4270212.JPG -> [2012-05-09 14:13:57 | 000,851,317 | ---- | C | MD5 = ED06876E83BBC6BB6E896B9D5C665096] () Sniper Elite V2.lnk -> C:\Users\Public\Desktop\Sniper Elite V2.lnk -> [2012-05-07 16:38:10 | 000,000,834 | ---- | C | MD5 = 6B4CC63B759E5D21BCA0B816EC630E99] () PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2012-04-30 17:12:58 | 001,636,610 | ---- | C | MD5 = EEA0B40FE498514D36B5A5FCD54E045E] () BARCA BUAHAHA.jpg -> C:\Users\Shiva\Desktop\BARCA BUAHAHA.jpg -> [2012-04-25 23:43:38 | 000,955,714 | ---- | C | MD5 = 9B73861BD6E7B9F85ED896169583C04A] () BARCA BUAHAHA.png -> C:\Users\Shiva\Desktop\BARCA BUAHAHA.png -> [2012-04-25 23:40:59 | 004,024,206 | ---- | C | MD5 = D63DDD3F8D4F93F6A5A1897EEA19594D] () TE10681.jpg -> C:\Users\Shiva\Desktop\TE10681.jpg -> [2012-04-24 20:29:42 | 000,027,582 | ---- | C | MD5 = CB6295CE9CD83105593CA66266963EA2] () TE10681.html -> C:\Users\Shiva\Desktop\TE10681.html -> [2012-04-24 20:28:56 | 000,009,636 | ---- | C | MD5 = D6C5DFF1A3430E02760F85BEE19EF158] () TE10681.jpg.crdownload -> C:\Users\Shiva\Desktop\TE10681.jpg.crdownload -> [2012-04-24 20:28:33 | 000,027,582 | ---- | C | MD5 = CB6295CE9CD83105593CA66266963EA2] () ss103-hires.jpg -> C:\Users\Shiva\Desktop\ss103-hires.jpg -> [2012-04-23 15:18:43 | 002,348,003 | ---- | C | MD5 = 53B986AB6412992C30071B59F847A3E1] () Starcraft-2-Zerg-Baneling.jpg -> C:\Users\Shiva\Desktop\Starcraft-2-Zerg-Baneling.jpg -> [2012-04-22 21:12:07 | 000,614,909 | ---- | C | MD5 = E15E276E0A774F61F3095B060D0A2608] () sc2.wlmp -> C:\Users\Shiva\Desktop\sc2.wlmp -> [2012-04-17 17:43:08 | 000,003,999 | ---- | C | MD5 = 2569D35CA7D3276A9EAE47AE43DE7B28] () 2012-04-13 19.52.54.jpg -> C:\Users\Shiva\Desktop\2012-04-13 19.52.54.jpg -> [2012-04-15 11:53:04 | 001,053,817 | ---- | C | MD5 = 4AA7BA03EDC267A2628AA25F5616585C] () Facebook Messenger.lnk -> C:\Users\Shiva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk -> [2012-04-11 23:07:17 | 000,001,338 | ---- | C | MD5 = 1E6FA0A5F3600BBC53A367685DC5E804] () Screenshot2012-04-11 22_47_33.jpg -> C:\Users\Shiva\Desktop\Screenshot2012-04-11 22_47_33.jpg -> [2012-04-11 22:47:33 | 000,553,001 | ---- | C | MD5 = 55370A8817646C55C71AFD466C36D5A3] () kaillera.ini -> C:\Windows\kaillera.ini -> [2012-03-12 19:36:24 | 000,001,176 | ---- | C | MD5 = A25BB3E11528F6BE8308229D2BEEA001] () FOE2.ini -> C:\Windows\FOE2.ini -> [2012-03-05 22:00:11 | 000,001,170 | ---- | C | MD5 = 0EC8C744CD5165793FFFA52A18FD7F33] () dokan.dll -> C:\Windows\SysWow64\dokan.dll -> [2012-02-11 22:52:00 | 000,035,840 | ---- | C | MD5 = D6524CBB7DF32CD1EDAB25710413EC84] () ativpsrm.bin -> C:\Windows\ativpsrm.bin -> [2012-02-01 21:53:07 | 000,000,000 | ---- | C | MD5 = D41D8CD98F00B204E9800998ECF8427E] () libFLAC.dll -> C:\Windows\SysWow64\libFLAC.dll -> [2012-01-17 21:31:20 | 000,258,048 | ---- | C | MD5 = 5C3739F97D09CAF8ABCC0A1F14C82A49] () InsDrvZD64.DLL -> C:\Windows\SysWow64\InsDrvZD64.DLL -> [2011-12-16 18:45:52 | 000,015,872 | ---- | C | MD5 = 105B11CBE36725A4CB608DB6CCF83690] () unrar.dll -> C:\Windows\SysWow64\unrar.dll -> [2011-12-05 22:21:47 | 000,175,616 | ---- | C | MD5 = 1AD3D52C38B68D658D5B808A00CDB880] () xvidcore.dll -> C:\Windows\SysWow64\xvidcore.dll -> [2011-12-05 22:21:45 | 000,644,608 | ---- | C | MD5 = 0D082EC10C9E2F4D79231E5636B33B5D] () xvidvfw.dll -> C:\Windows\SysWow64\xvidvfw.dll -> [2011-12-05 22:21:45 | 000,243,200 | ---- | C | MD5 = 56552C7C36B6237704CE3BA9DF49FECF] () ff_vfw.dll -> C:\Windows\SysWow64\ff_vfw.dll -> [2011-12-05 22:21:45 | 000,074,752 | ---- | C | MD5 = DC6413DEF33D241747D4EB3B8E359E9E] () ativvsvl.dat -> C:\Windows\SysWow64\ativvsvl.dat -> [2011-11-10 04:36:06 | 000,204,960 | ---- | C | MD5 = 8E4F8390AB050975FCA31A5D638E016B] () ativvsva.dat -> C:\Windows\SysWow64\ativvsva.dat -> [2011-11-10 04:36:06 | 000,157,152 | ---- | C | MD5 = 192D37601A9C31999FA5B69B4398FBB0] () OpenVideo.dll -> C:\Windows\SysWow64\OpenVideo.dll -> [2011-11-09 23:39:44 | 000,059,904 | ---- | C | MD5 = 656FEE715E168544BC0C1511D7B733A6] () OVDecode.dll -> C:\Windows\SysWow64\OVDecode.dll -> [2011-11-09 23:39:32 | 000,054,784 | ---- | C | MD5 = 149DCE79B931DEF04EB9D45646B04CDE] () pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2011-10-28 15:53:30 | 002,580,552 | ---- | C | MD5 = AA3D914219B49A567270C0BD735EE7E9] () OVDecoder.dll -> C:\Windows\SysWow64\OVDecoder.dll -> [2011-10-25 22:21:34 | 000,056,832 | ---- | C | MD5 = FF78835CCE0B3F882247504C7E61FE32] () Resmon.ResmonCfg -> C:\Users\Shiva\AppData\Local\Resmon.ResmonCfg -> [2011-09-21 20:25:50 | 000,007,598 | ---- | C | MD5 = 1A16A74DC7BA2629AF5D5C1EE4F7C83B] () Access.dat -> C:\Windows\SysWow64\Access.dat -> [2011-09-18 10:42:08 | 000,000,000 | ---- | C | MD5 = D41D8CD98F00B204E9800998ECF8427E] () PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2011-09-17 14:26:33 | 000,280,904 | ---- | C | MD5 = 1F438C2CB609CD58980CCF30355B97CD] () pbsvc_bc2.exe -> C:\Windows\SysWow64\pbsvc_bc2.exe -> [2011-09-17 14:26:29 | 002,434,856 | ---- | C | MD5 = 97AE01E23FB8D7048377AB08D1938711] () PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2011-09-17 14:26:29 | 000,076,888 | ---- | C | MD5 = 205E1B699FD3F2F9B036EEA2EC30C620] () binkw32.dll -> C:\Windows\binkw32.dll -> [2011-09-15 21:53:22 | 000,286,208 | ---- | C | MD5 = E15B492959DFABC12AA4CA070B38F21A] () Ascd_log.ini -> C:\Windows\Ascd_log.ini -> [2011-09-15 21:19:41 | 000,030,380 | ---- | C | MD5 = FCF2F22F036534EB3DFDA86DD1E2E2F4] () Language_trs.ini -> C:\Windows\Language_trs.ini -> [2011-09-15 21:18:25 | 000,001,769 | ---- | C | MD5 = 718FECF22BF4BD4FC05B79AA4BEC75D0] () Ascd_tmp.ini -> C:\Windows\Ascd_tmp.ini -> [2011-09-15 21:18:22 | 000,022,387 | ---- | C | MD5 = 4A7974A19CCBB21729B065C9E697BEC6] () atipblag.dat -> C:\Windows\SysWow64\atipblag.dat -> [2011-09-13 01:06:16 | 000,003,917 | ---- | C | MD5 = 64A0869F18560CD529120ADE00155C3E] () xlive.dll.cat -> C:\Windows\SysWow64\xlive.dll.cat -> [2011-04-09 18:55:28 | 000,179,261 | ---- | C | MD5 = 340292C12C3533CE83BDC694D27A261E] () [File - Lop Check] DAEMON Tools Pro -> C:\Users\Artur\AppData\Roaming\DAEMON Tools Pro -> [2011-12-04 00:40:57 | 000,000,000 | ---D | M] DeviceVm -> C:\Users\Artur\AppData\Roaming\DeviceVm -> [2011-09-16 16:22:22 | 000,000,000 | ---D | M] EPSON -> C:\Users\Artur\AppData\Roaming\EPSON -> [2011-12-08 17:30:45 | 000,000,000 | ---D | M] OpenFM -> C:\Users\Artur\AppData\Roaming\OpenFM -> [2011-12-25 01:04:03 | 000,000,000 | ---D | M] Ulead Systems -> C:\Users\Artur\AppData\Roaming\Ulead Systems -> [2011-10-22 18:55:17 | 000,000,000 | ---D | M] DAEMON Tools Pro -> C:\Users\Bożena\AppData\Roaming\DAEMON Tools Pro -> [2011-12-02 13:12:26 | 000,000,000 | ---D | M] DeviceVm -> C:\Users\Bożena\AppData\Roaming\DeviceVm -> [2011-11-22 18:24:44 | 000,000,000 | ---D | M] Gadu-Gadu 10 -> C:\Users\Bożena\AppData\Roaming\Gadu-Gadu 10 -> [2011-12-01 12:14:07 | 000,000,000 | ---D | M] Opera -> C:\Users\Bożena\AppData\Roaming\Opera -> [2011-12-01 12:17:14 | 000,000,000 | ---D | M] .minecraft -> C:\Users\Shiva\AppData\Roaming\.minecraft -> [2012-02-27 16:54:39 | 000,000,000 | ---D | M] Audacity -> C:\Users\Shiva\AppData\Roaming\Audacity -> [2011-12-16 21:51:15 | 000,000,000 | ---D | M] Avnex -> C:\Users\Shiva\AppData\Roaming\Avnex -> [2012-03-04 15:35:20 | 000,000,000 | ---D | M] Babylon -> C:\Users\Shiva\AppData\Roaming\Babylon -> [2011-12-16 21:19:32 | 000,000,000 | ---D | M] CadSoft -> C:\Users\Shiva\AppData\Roaming\CadSoft -> [2012-01-30 19:42:35 | 000,000,000 | ---D | M] DAEMON Tools Lite -> C:\Users\Shiva\AppData\Roaming\DAEMON Tools Lite -> [2011-12-18 19:50:15 | 000,000,000 | ---D | M] DAEMON Tools Pro -> C:\Users\Shiva\AppData\Roaming\DAEMON Tools Pro -> [2012-05-08 00:51:57 | 000,000,000 | ---D | M] DarknessII -> C:\Users\Shiva\AppData\Roaming\DarknessII -> [2012-02-17 22:12:35 | 000,000,000 | ---D | M] DeviceVm -> C:\Users\Shiva\AppData\Roaming\DeviceVm -> [2011-09-15 21:23:21 | 000,000,000 | ---D | M] dll-files.com -> C:\Users\Shiva\AppData\Roaming\dll-files.com -> [2012-05-10 22:05:02 | 000,000,000 | ---D | M] Dropbox -> C:\Users\Shiva\AppData\Roaming\Dropbox -> [2012-05-11 10:21:17 | 000,000,000 | ---D | M] EPSON -> C:\Users\Shiva\AppData\Roaming\EPSON -> [2011-10-19 15:47:51 | 000,000,000 | ---D | M] eType -> C:\Users\Shiva\AppData\Roaming\eType -> [2012-01-13 20:04:43 | 000,000,000 | ---D | M] Gadu-Gadu 10 -> C:\Users\Shiva\AppData\Roaming\Gadu-Gadu 10 -> [2011-09-15 23:41:21 | 000,000,000 | ---D | M] GameRanger -> C:\Users\Shiva\AppData\Roaming\GameRanger -> [2012-01-15 22:24:41 | 000,000,000 | ---D | M] GetRightToGo -> C:\Users\Shiva\AppData\Roaming\GetRightToGo -> [2012-03-04 15:33:52 | 000,000,000 | ---D | M] GHISLER -> C:\Users\Shiva\AppData\Roaming\GHISLER -> [2012-01-15 22:29:48 | 000,000,000 | ---D | M] gtk-2.0 -> C:\Users\Shiva\AppData\Roaming\gtk-2.0 -> [2011-11-17 19:39:30 | 000,000,000 | ---D | M] Leadertech -> C:\Users\Shiva\AppData\Roaming\Leadertech -> [2011-09-17 23:16:47 | 000,000,000 | ---D | M] Lionhead Studios -> C:\Users\Shiva\AppData\Roaming\Lionhead Studios -> [2012-01-19 18:28:58 | 000,000,000 | ---D | M] LolClient -> C:\Users\Shiva\AppData\Roaming\LolClient -> [2012-03-27 15:44:19 | 000,000,000 | ---D | M] NapiProjekt -> C:\Users\Shiva\AppData\Roaming\NapiProjekt -> [2011-10-16 18:50:10 | 000,000,000 | ---D | M] OpenFM -> C:\Users\Shiva\AppData\Roaming\OpenFM -> [2011-09-17 09:49:33 | 000,000,000 | ---D | M] Opera -> C:\Users\Shiva\AppData\Roaming\Opera -> [2011-11-03 19:03:26 | 000,000,000 | ---D | M] Origin -> C:\Users\Shiva\AppData\Roaming\Origin -> [2011-10-23 22:05:00 | 000,000,000 | ---D | M] PunkBuster -> C:\Users\Shiva\AppData\Roaming\PunkBuster -> [2011-11-24 19:57:08 | 000,000,000 | ---D | M] SplitMediaLabs -> C:\Users\Shiva\AppData\Roaming\SplitMediaLabs -> [2012-04-22 18:03:47 | 000,000,000 | ---D | M] Sports Interactive -> C:\Users\Shiva\AppData\Roaming\Sports Interactive -> [2012-04-30 11:31:05 | 000,000,000 | ---D | M] sqlitestudio -> C:\Users\Shiva\AppData\Roaming\sqlitestudio -> [2012-05-11 15:32:00 | 000,000,000 | ---D | M] Stereoscopic Player -> C:\Users\Shiva\AppData\Roaming\Stereoscopic Player -> [2011-12-06 18:34:43 | 000,000,000 | ---D | M] StokedBigAir -> C:\Users\Shiva\AppData\Roaming\StokedBigAir -> [2012-03-06 09:03:02 | 000,000,000 | ---D | M] The Creative Assembly -> C:\Users\Shiva\AppData\Roaming\The Creative Assembly -> [2011-09-30 21:32:51 | 000,000,000 | ---D | M] Tibia -> C:\Users\Shiva\AppData\Roaming\Tibia -> [2012-05-11 11:15:30 | 000,000,000 | ---D | M] TS3Client -> C:\Users\Shiva\AppData\Roaming\TS3Client -> [2012-01-03 22:27:45 | 000,000,000 | ---D | M] ts3overlay -> C:\Users\Shiva\AppData\Roaming\ts3overlay -> [2012-01-01 16:36:51 | 000,000,000 | ---D | M] Tunngle -> C:\Users\Shiva\AppData\Roaming\Tunngle -> [2012-05-11 12:29:42 | 000,000,000 | ---D | M] Ulead Systems -> C:\Users\Shiva\AppData\Roaming\Ulead Systems -> [2011-10-29 20:38:21 | 000,000,000 | ---D | M] uTorrent -> C:\Users\Shiva\AppData\Roaming\uTorrent -> [2012-05-11 16:10:45 | 000,000,000 | ---D | M] DLL-files.com Fixer_UPDATES.job -> C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job -> [2012-05-11 16:07:08 | 000,000,292 | ---- | M | MD5 = C7F37F22F54598DA7A8C28FEC4777776] () FacebookUpdateTaskUserS-1-5-21-3352663067-3283764409-785011562-1000Core.job -> C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3352663067-3283764409-785011562-1000Core.job -> [2012-05-10 23:12:00 | 000,000,906 | ---- | M | MD5 = 49C250E76FF7DBD1EC40FB24BBA7A447] () FacebookUpdateTaskUserS-1-5-21-3352663067-3283764409-785011562-1000UA.job -> C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3352663067-3283764409-785011562-1000UA.job -> [2012-05-11 17:12:00 | 000,000,928 | ---- | M | MD5 = 72C47086A71852643C438FB28C2CC4C0] () SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2012-04-18 12:37:58 | 000,032,604 | ---- | M | Unable to obtain MD5] () [File - Purity Scan] [Alternate Data Streams] @Alternate Data Stream - 338 bytes -> C:\Users\Shiva\Desktop\2012-04-13 19.52.54.jpg:com.dropbox.attributes < End of report > [/code]