OTL logfile created on: 2012-06-28 11:18:32 - Run 2 OTL by OldTimer - Version 3.2.53.0 Folder = D:\!Instalki Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,93 Gb Total Physical Memory | 0,18 Gb Available Physical Memory | 9,48% Memory free 4,86 Gb Paging File | 2,66 Gb Available in Paging File | 54,77% Paging File free Paging file location(s): c:\pagefile.sys 3000 3500 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 150,79 Gb Total Space | 79,65 Gb Free Space | 52,82% Space Free | Partition Type: NTFS Drive D: | 130,00 Gb Total Space | 63,11 Gb Free Space | 48,55% Space Free | Partition Type: NTFS Drive F: | 1,99 Gb Total Space | 1,53 Gb Free Space | 77,14% Space Free | Partition Type: FAT32 Drive X: | 172,18 Gb Total Space | 129,84 Gb Free Space | 75,41% Space Free | Partition Type: NTFS Drive Z: | 300,00 Mb Total Space | 260,69 Mb Free Space | 86,90% Space Free | Partition Type: NTFS Computer Name: HP | User Name: Kika | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-06-27 14:28:41 | 000,596,992 | ---- | M] (OldTimer Tools) -- D:\!Instalki\OTL.exe PRC - [2012-05-15 16:29:37 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2012-05-15 16:29:37 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2012-05-15 16:25:15 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe PRC - [2012-05-15 16:25:15 | 000,254,034 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\stacsv.exe PRC - [2012-05-15 16:25:15 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\IDT\WDM\AEstSrv.exe PRC - [2012-05-15 16:24:04 | 000,312,608 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe PRC - [2012-05-15 16:24:02 | 000,988,448 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Hewlett-Packard\Embedded Security Software\IFXTCS.exe PRC - [2012-05-15 16:24:01 | 001,107,232 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe PRC - [2012-05-15 16:24:01 | 000,214,304 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe PRC - [2012-04-11 22:55:30 | 000,175,632 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe PRC - [2011-11-02 14:54:12 | 000,227,896 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe PRC - [2011-11-02 14:52:42 | 000,289,336 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe PRC - [2011-09-24 15:03:42 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\NLSSRV32.EXE PRC - [2011-09-12 17:08:46 | 000,142,904 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe PRC - [2011-09-12 17:08:22 | 002,945,080 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe PRC - [2011-06-24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011-03-16 11:26:42 | 000,070,256 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe PRC - [2011-03-16 11:26:40 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-10-19 12:26:46 | 000,032,768 | ---- | M] (Hewlett-Packard Development Company, L.P) -- C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe PRC - [2010-07-21 14:33:00 | 000,363,064 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe PRC - [2010-07-21 14:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe PRC - [2010-07-16 14:54:06 | 000,634,192 | ---- | M] (DigitalPersona, Inc.) -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe PRC - [2010-07-16 14:54:06 | 000,300,880 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe PRC - [2010-05-10 08:42:40 | 000,090,112 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe PRC - [2010-05-06 02:30:26 | 011,268,096 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe PRC - [2010-05-06 02:30:06 | 000,298,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe PRC - [2010-04-20 16:54:28 | 000,137,272 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe PRC - [2010-03-15 16:00:46 | 000,102,400 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe PRC - [2010-03-15 15:33:52 | 000,077,824 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe PRC - [2010-03-15 15:32:38 | 000,888,832 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe PRC - [2010-03-12 20:29:22 | 000,311,680 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe PRC - [2010-03-05 10:01:46 | 000,862,480 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe PRC - [2010-03-05 09:46:22 | 001,206,544 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe PRC - [2010-03-05 09:43:50 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2010-02-25 15:18:20 | 000,076,856 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe PRC - [2010-02-01 17:09:48 | 000,281,192 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe PRC - [2009-11-04 23:46:56 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009-11-04 23:46:54 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009-10-20 07:18:02 | 000,360,448 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009-10-20 07:17:32 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009-09-23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files\Panda USB Vaccine\USBVaccine.exe PRC - [2009-09-04 22:43:40 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2009-09-04 22:43:38 | 000,595,232 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe PRC - [2009-08-03 22:32:22 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe PRC - [2009-07-14 03:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe PRC - [2009-06-04 02:16:42 | 000,207,400 | ---- | M] (ActivIdentity) -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe PRC - [2009-06-04 02:16:34 | 000,153,640 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acevents.exe PRC - [2009-06-04 02:13:28 | 000,400,936 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe PRC - [2008-05-08 01:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\Windows\System32\Crypserv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-06-15 08:08:58 | 000,212,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll MOD - [2012-06-15 08:08:43 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll MOD - [2012-06-15 08:07:50 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012-06-15 08:07:39 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012-06-15 08:07:22 | 012,237,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll MOD - [2012-05-16 10:50:28 | 000,237,112 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\hpCASLLibrary\3.0.1.1__67b8d1b5179ba5f8\hpCASLLibrary.dll MOD - [2012-05-16 10:50:28 | 000,112,696 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CaslShared\3.5.1.1__9c6f83d5b7f3d097\CaslShared.dll MOD - [2012-05-16 10:50:28 | 000,091,192 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\hpcasl\3.5.1.1__9c6f83d5b7f3d097\hpcasl.dll MOD - [2012-05-15 16:01:28 | 000,284,216 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\HPCommon\2.0.6.0__89762bc6acc102f8\HPCommon.dll MOD - [2012-05-15 16:01:27 | 000,097,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\HardwareAccess\2.0.6.0__89762bc6acc102f8\HardwareAccess.dll MOD - [2012-05-15 16:01:27 | 000,046,136 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Graphs\2.0.6.0__89762bc6acc102f8\Graphs.dll MOD - [2012-05-15 14:49:34 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll MOD - [2012-05-15 12:57:22 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll MOD - [2012-05-15 12:57:22 | 000,628,224 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.ni.dll MOD - [2012-05-15 12:57:21 | 000,627,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll MOD - [2012-05-15 12:57:20 | 006,611,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll MOD - [2012-05-15 12:55:28 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll MOD - [2012-05-15 08:10:57 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll MOD - [2012-05-15 08:09:40 | 000,185,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\d8af9a65cf0ed85d47360796e2645a06\UIAutomationTypes.ni.dll MOD - [2012-05-15 08:09:40 | 000,060,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ca2eff60beb3ba00a529a2d42dceca22\UIAutomationProvider.ni.dll MOD - [2012-05-15 08:06:33 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll MOD - [2012-05-15 08:03:26 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012-05-15 08:03:23 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012-05-15 08:03:22 | 007,967,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012-05-15 08:03:15 | 011,492,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012-02-11 01:31:41 | 005,283,840 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll MOD - [2011-10-07 15:56:22 | 000,323,584 | ---- | M] () -- C:\Windows\System32\flcdlmsg.dll MOD - [2011-09-12 17:14:30 | 000,891,960 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.DLL MOD - [2011-03-04 12:02:54 | 007,745,536 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll MOD - [2011-03-04 12:02:52 | 000,135,168 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2011-03-04 12:02:50 | 002,121,728 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll MOD - [2010-11-13 04:39:55 | 000,425,984 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_pl_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2010-11-13 03:57:46 | 000,311,296 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2010-11-05 03:58:05 | 002,927,616 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2010-11-05 03:54:42 | 000,249,856 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_pl_31bf3856ad364e35\PresentationFramework.resources.dll MOD - [2010-07-21 14:33:02 | 000,052,280 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll MOD - [2010-07-21 14:33:00 | 000,267,832 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll MOD - [2010-07-21 14:33:00 | 000,030,264 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll MOD - [2010-02-27 17:21:21 | 001,695,744 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3579.36926__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll MOD - [2010-02-27 17:21:21 | 000,491,520 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3579.36895__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2010-02-27 17:21:21 | 000,368,640 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3579.36805__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2010-02-27 17:21:21 | 000,204,800 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3579.36824__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2010-02-27 17:21:21 | 000,077,824 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3579.36876__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2010-02-27 17:21:21 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3579.36857__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2010-02-27 17:21:21 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3579.36848__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2010-02-27 17:21:21 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3579.36819__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2010-02-27 17:21:21 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3579.36814__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2010-02-27 17:21:20 | 000,356,352 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3579.36862__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2010-02-27 17:21:20 | 000,118,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3579.36895__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll MOD - [2010-02-27 17:21:20 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3579.36863__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2010-02-27 17:21:20 | 000,073,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3579.36813__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2010-02-27 17:21:20 | 000,073,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.FramelockGenlock.Graphics.Runtime\2.0.3579.36918__90ba9c70f846762e\CLI.Aspect.FramelockGenlock.Graphics.Runtime.dll MOD - [2010-02-27 17:21:20 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3579.36862__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2010-02-27 17:21:20 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3579.36896__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2010-02-27 17:21:20 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3579.36894__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2010-02-27 17:21:20 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Runtime\2.0.3579.36911__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Runtime.dll MOD - [2010-02-27 17:21:19 | 001,138,688 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3579.36922__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll MOD - [2010-02-27 17:21:19 | 000,823,296 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3579.36850__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2010-02-27 17:21:19 | 000,573,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3579.36825__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2010-02-27 17:21:19 | 000,409,600 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3579.36871__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2010-02-27 17:21:19 | 000,368,640 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3579.36844__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2010-02-27 17:21:19 | 000,323,584 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3579.36856__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2010-02-27 17:21:19 | 000,307,200 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3579.36829__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2010-02-27 17:21:19 | 000,196,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3579.36825__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2010-02-27 17:21:19 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3579.36849__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2010-02-27 17:21:19 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3579.36855__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2010-02-27 17:21:19 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3579.36848__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2010-02-27 17:21:19 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3579.36855__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2010-02-27 17:21:19 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3579.36829__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2010-02-27 17:21:19 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3579.36856__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2010-02-27 17:21:18 | 000,393,216 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3579.36849__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2010-02-27 17:21:18 | 000,270,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2010-02-27 17:21:18 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3579.36849__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2010-02-27 17:21:18 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3574.20483__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2010-02-27 17:21:18 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3574.20475__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2010-02-27 17:21:18 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3574.20511__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2010-02-27 17:21:18 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3574.20570__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MOD - [2010-02-27 17:21:18 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3574.20566__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2010-02-27 17:21:18 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3574.20505__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2010-02-27 17:21:18 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3574.20565__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2010-02-27 17:21:18 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2010-02-27 17:21:17 | 000,147,456 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3574.20469__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2010-02-27 17:21:17 | 000,098,304 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3574.20459__90ba9c70f846762e\CLI.Foundation.dll MOD - [2010-02-27 17:21:17 | 000,069,632 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.FramelockGenlock.Graphics.Shared\2.0.3574.20536__90ba9c70f846762e\CLI.Aspect.FramelockGenlock.Graphics.Shared.dll MOD - [2010-02-27 17:21:17 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3574.20496__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2010-02-27 17:21:17 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3574.20534__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2010-02-27 17:21:17 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2010-02-27 17:21:17 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3574.20557__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2010-02-27 17:21:17 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3574.20454__90ba9c70f846762e\LOG.Foundation.dll MOD - [2010-02-27 17:21:17 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3574.20457__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2010-02-27 17:21:17 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3574.20638__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2010-02-27 17:21:17 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3574.20555__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2010-02-27 17:21:17 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3574.20492__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2010-02-27 17:21:17 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Shared\2.0.3574.20554__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Shared.dll MOD - [2010-02-27 17:21:17 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3574.20491__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2010-02-27 17:21:17 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3574.20472__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2010-02-27 17:21:17 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3574.20506__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2010-02-27 17:21:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3574.20501__90ba9c70f846762e\MOM.Foundation.dll MOD - [2010-02-27 17:21:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2010-02-27 17:21:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3574.20524__90ba9c70f846762e\DEM.Graphics.dll MOD - [2010-02-27 17:21:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2010-02-27 17:21:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3574.20485__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2010-02-27 17:21:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3574.20528__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2010-02-27 17:21:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3574.20495__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2010-02-27 17:21:16 | 000,106,496 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3579.36890__90ba9c70f846762e\MOM.Implementation.dll MOD - [2010-02-27 17:21:16 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3579.36889__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2010-02-27 17:21:16 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3574.20535__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2010-02-27 17:21:16 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3574.20530__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2010-02-27 17:21:16 | 000,049,152 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3574.20502__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2010-02-27 17:21:16 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3579.36901__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2010-02-27 17:21:16 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3574.20476__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2010-02-27 17:21:16 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3574.20489__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2010-02-27 17:21:16 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3574.20496__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2010-02-27 17:21:16 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3574.20464__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2010-02-27 17:21:16 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3574.20529__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2010-02-27 17:21:16 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3574.20525__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2010-02-27 17:21:16 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3574.20482__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2010-02-27 17:21:16 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3574.20532__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2010-02-27 17:21:16 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3574.20480__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MOD - [2010-02-27 17:21:16 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3574.20494__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2010-02-27 17:21:16 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3574.20504__90ba9c70f846762e\APM.Foundation.dll MOD - [2010-02-27 17:21:16 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3574.20484__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2010-02-27 17:21:16 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3579.36802__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2010-02-27 17:21:15 | 000,405,504 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3579.36819__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2010-02-27 17:21:15 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3579.36804__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2010-02-27 17:21:15 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3579.36802__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2010-02-27 17:21:15 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3574.20509__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2010-02-27 17:21:15 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3574.20498__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2010-02-27 17:21:14 | 001,220,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3579.36809__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2010-02-27 17:21:14 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3579.36801__90ba9c70f846762e\APM.Server.dll MOD - [2010-02-27 17:21:14 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3574.20487__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2010-02-27 17:21:14 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2010-02-27 17:21:14 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3574.20499__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2010-02-27 17:21:14 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3574.20537__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2010-02-27 17:21:14 | 000,019,456 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3579.36890__90ba9c70f846762e\CCC.Implementation.dll MOD - [2010-02-27 17:21:13 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3579.36802__90ba9c70f846762e\AEM.Server.dll MOD - [2009-12-15 05:42:33 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_pl_b77a5c561934e089\System.Core.resources.dll MOD - [2009-12-15 05:42:20 | 000,167,936 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_pl_b77a5c561934e089\System.Xml.resources.dll MOD - [2009-09-04 22:43:54 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll MOD - [2009-06-11 02:30:18 | 000,098,304 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2009-06-10 23:23:19 | 000,261,632 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-06-25 09:44:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-05-15 16:29:37 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2012-05-15 16:25:15 | 000,254,034 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV) SRV - [2012-05-15 16:25:15 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AEstSrv.exe -- (AESTFilters) SRV - [2012-05-15 16:24:02 | 000,988,448 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Embedded Security Software\IFXTCS.exe -- (IFXTCS) SRV - [2012-05-15 16:24:01 | 001,107,232 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe -- (IFXSpMgtSrv) SRV - [2012-05-15 16:24:01 | 000,214,304 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe -- (PersonalSecureDriveService) SRV - [2012-05-14 15:11:58 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-04-11 22:55:30 | 000,175,632 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe -- (NitroReaderDriverReadSpool2) SRV - [2011-11-02 14:54:12 | 000,227,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe) SRV - [2011-09-24 15:03:42 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\NLSSRV32.EXE -- (nlsX86cc) SRV - [2011-09-12 17:08:46 | 000,142,904 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service) SRV - [2011-03-16 11:26:40 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService) SRV - [2010-10-19 12:26:46 | 000,032,768 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service) SRV - [2010-07-21 14:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service) SRV - [2010-07-16 14:54:06 | 000,300,880 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost) SRV - [2010-06-08 14:48:15 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010-05-10 08:42:40 | 000,090,112 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe -- (HPDayStarterService) SRV - [2010-05-06 02:30:06 | 000,298,496 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService) SRV - [2010-04-20 16:54:28 | 000,137,272 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe -- (klnagent) SRV - [2010-03-12 20:29:22 | 000,311,680 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe -- (AVP) SRV - [2010-03-05 10:01:46 | 000,862,480 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2010-03-05 09:45:22 | 000,227,600 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV - [2010-03-05 09:43:50 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2010-02-18 14:26:46 | 001,664,304 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\System32\vcsFPService.exe -- (vcsFPService) SRV - [2010-02-01 17:09:48 | 000,281,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService) SRV - [2009-11-04 23:46:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009-11-04 23:46:54 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009-10-20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2009-10-20 07:17:32 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009-10-06 04:43:54 | 000,362,040 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- C:\Windows\System32\flcdlock.exe -- (FLCDLOCK) SRV - [2009-09-04 22:43:38 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009-08-03 22:32:22 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio) SRV - [2009-07-14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-06-04 02:16:42 | 000,207,400 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore) SRV - [2008-05-08 01:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\windows\System32\Crypserv.exe -- (Crypkey License) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2012-06-27 12:57:48 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2012-05-15 16:25:15 | 000,431,616 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2012-05-15 16:24:11 | 000,039,712 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\psd.sys -- (PersonalSecureDrive) DRV - [2011-10-13 13:06:14 | 000,441,608 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM) DRV - [2011-10-13 13:06:14 | 000,277,576 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\Uim_Vim.sys -- (Uim_Vim) DRV - [2011-10-13 13:06:14 | 000,045,240 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus) DRV - [2011-05-13 18:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt) DRV - [2011-05-13 18:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2011-04-07 08:50:43 | 000,233,560 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2011-04-07 08:50:43 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2010-11-26 09:52:16 | 000,034,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WPRO_41_1879.sys -- (WPRO_41_1879) WinPcap Packet Driver (WPRO_41_1879) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-06-01 11:07:45 | 000,229,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VMM.sys -- (vmm) DRV - [2010-04-28 10:37:12 | 000,322,848 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2010-02-01 17:11:46 | 000,051,800 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg) DRV - [2010-02-01 17:11:28 | 000,013,256 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock) DRV - [2010-02-01 17:11:24 | 000,040,088 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock) DRV - [2010-02-01 17:11:22 | 000,110,520 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot) DRV - [2010-01-13 16:36:40 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Sterownik karty Intel(R) DRV - [2009-12-18 15:23:18 | 001,758,464 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2009-12-11 21:54:16 | 000,038,912 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdpe86.sys -- (rixdpcie) DRV - [2009-11-12 18:49:02 | 000,126,480 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1) DRV - [2009-10-29 03:55:00 | 000,047,616 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdpe86.sys -- (risdpcie) DRV - [2009-10-27 00:39:00 | 000,048,640 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimspe86.sys -- (rimspci) DRV - [2009-10-26 22:39:04 | 000,125,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd) DRV - [2009-10-20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2009-10-20 07:49:32 | 005,089,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009-09-30 19:33:58 | 000,104,976 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009-09-17 22:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel(R) DRV - [2009-09-08 19:14:10 | 000,032,312 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DAMDrv.sys -- (DAMDrv) DRV - [2009-09-03 16:24:40 | 000,024,848 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klfltdev.sys -- (KLFLTDEV) DRV - [2009-08-03 22:32:22 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009-07-14 01:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM) DRV - [2009-06-26 02:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2009-06-26 02:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2009-06-26 02:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2009-05-16 04:15:14 | 000,055,336 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfetdik.sys -- (mfetdik) DRV - [2009-04-29 18:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2008-03-17 18:45:52 | 000,019,584 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\Ckldrv.sys -- (NetworkX) DRV - [2007-01-29 06:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2) DRV - [2002-01-12 17:30:34 | 000,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PortTalk.sys -- (PortTalk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com IE - HKLM\..\SearchScopes,DefaultScope = {5F4F1AF4-26BB-43AF-8F4E-0970635B7261} IE - HKLM\..\SearchScopes\{5F4F1AF4-26BB-43AF-8F4E-0970635B7261}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2679180560-3091958839-3284794598-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com IE - HKU\S-1-5-21-2679180560-3091958839-3284794598-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com IE - HKU\S-1-5-21-2679180560-3091958839-3284794598-1002\..\SearchScopes,DefaultScope = {E20A14F4-F3A8-4CBD-B227-E3FC94B019FD} IE - HKU\S-1-5-21-2679180560-3091958839-3284794598-1002\..\SearchScopes\{5604273E-17F4-45C9-B3CC-EF5FDA013717}: "URL" = http://www.goldenline.pl/szukaj?q={searchTerms} IE - HKU\S-1-5-21-2679180560-3091958839-3284794598-1002\..\SearchScopes\{5F4F1AF4-26BB-43AF-8F4E-0970635B7261}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox IE - HKU\S-1-5-21-2679180560-3091958839-3284794598-1002\..\SearchScopes\{AA730062-5EA6-4BC5-A6C3-BDD533E546D9}: "URL" = http://www.allegro.pl/search.php?sg=0&string={searchTerms} IE - HKU\S-1-5-21-2679180560-3091958839-3284794598-1002\..\SearchScopes\{BC6979DB-4920-46C2-8D78-04AA5ED71EF7}: "URL" = http://pl.wikipedia.org/w/index.php?title=Specjalna:Szukaj&search={searchTerms} IE - HKU\S-1-5-21-2679180560-3091958839-3284794598-1002\..\SearchScopes\{E20A14F4-F3A8-4CBD-B227-E3FC94B019FD}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms} IE - HKU\S-1-5-21-2679180560-3091958839-3284794598-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2679180560-3091958839-3284794598-1088\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com IE - HKU\S-1-5-21-2679180560-3091958839-3284794598-1088\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com IE - HKU\S-1-5-21-2679180560-3091958839-3284794598-1088\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.4179 FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.93 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {ab91efd4-6975-4081-8552-1b3922ed79e2}:1.0.5.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2012-05-15 16:05:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-05-15 14:08:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-05-16 13:36:16 | 000,000,000 | ---D | M] [2010-04-22 10:36:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kika\AppData\Roaming\Mozilla\Extensions [2010-04-22 10:36:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kika\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012-06-18 08:42:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kika\AppData\Roaming\Mozilla\Firefox\Profiles\6yp3sobp.default\extensions [2011-05-30 09:20:12 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\Kika\AppData\Roaming\Mozilla\Firefox\Profiles\6yp3sobp.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2012-04-24 08:08:30 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Kika\AppData\Roaming\Mozilla\Firefox\Profiles\6yp3sobp.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2011-12-23 11:12:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-05-15 16:05:06 | 000,000,000 | ---D | M] (DigitalPersona Extension) -- C:\PROGRAM FILES\HEWLETT-PACKARD\HP PROTECTTOOLS SECURITY MANAGER\BIN\FIREFOXEXT [2012-06-18 08:42:01 | 000,525,301 | ---- | M] () (No name found) -- C:\USERS\Kika\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6YP3SOBP.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI [2011-06-22 08:26:19 | 000,413,408 | ---- | M] () (No name found) -- C:\USERS\Kika\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6YP3SOBP.DEFAULT\EXTENSIONS\{C45C406E-AB73-11D8-BE73-000A95BE3B12}.XPI [2012-01-10 09:55:00 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\Kika\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6YP3SOBP.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012-05-17 14:05:27 | 001,335,949 | ---- | M] () (No name found) -- C:\USERS\Kika\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6YP3SOBP.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI [2012-05-14 15:11:58 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-10-03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-10-05 08:34:26 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-10-05 08:34:26 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-10-05 08:34:26 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-10-05 08:34:26 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-10-05 08:34:26 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-10-05 08:34:26 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\program files\google\chrome\application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\program files\google\chrome\application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\program files\google\chrome\application\19.0.1084.52\pdf.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2012-06-28 11:00:27 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard) O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity) O4 - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard) O4 - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe (Hewlett-Packard Company, L.P.) O4 - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe () O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [IFXSPMGT] C:\Program Files\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe (Infineon Technologies AG) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKU\S-1-5-21-2679180560-3091958839-3284794598-1002..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2679180560-3091958839-3284794598-1088..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Kika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe (Clarus, Inc.) O4 - Startup: C:\Users\Kika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (Clarus, Inc.) O4 - Startup: C:\Users\Kika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe (Clarus, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun_KL_notset = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\S-1-5-21-2679180560-3091958839-3284794598-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm () O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\scieplgn.dll (Kaspersky Lab) O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites) O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites) O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites) O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites) O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites) O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites) O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites) O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites) O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EAC8BD65-0152-4F79-9C2B-0EB8AC24123B}: NameServer = 213.227.72.1,213.227.72.75 O18 - Protocol\Handler\belarc - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\adialhk.dll (Kaspersky Lab ZAO) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\System32\DeviceNP.dll (Hewlett-Packard Limited) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-2679180560-3091958839-3284794598-1002\...com [@ = comfile] -- Reg Error: Key error. File not found O37 - HKU\S-1-5-21-2679180560-3091958839-3284794598-1002\...exe [@ = exefile] -- Reg Error: Key error. File not found O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-06-27 10:45:58 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2012-06-26 15:53:53 | 000,000,000 | ---D | C] -- C:\windows\erdnt [2012-06-21 10:59:28 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qdvd.dll [2012-06-21 10:27:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared [2012-06-21 10:27:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall [2012-06-21 08:13:06 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll [2012-06-21 08:13:06 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll [2012-06-21 08:12:54 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll [2012-06-21 08:12:54 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll [2012-06-21 08:12:54 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll [2012-06-21 08:12:39 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll [2012-06-21 08:12:39 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe [2012-06-14 14:54:18 | 000,000,000 | ---D | C] -- C:\Users\Kika\AppData\Local\Macromedia [2012-06-14 10:12:08 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2012-06-14 10:12:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2012-06-14 10:12:07 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe [2012-06-14 10:12:07 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2012-06-14 10:12:06 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll [2012-06-14 10:12:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll [2012-06-14 10:12:04 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl [2012-06-14 08:16:17 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2012-06-14 08:16:16 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorekmts.dll [2012-06-14 08:16:16 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpwsx.dll [2012-06-14 08:16:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdrmemptylst.exe [2012-06-12 14:52:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012-06-06 13:46:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Mobile Emulator [2012-06-06 13:46:20 | 000,000,000 | ---D | C] -- C:\Program Files\Opera Mobile Emulator [2012-06-05 13:33:01 | 000,000,000 | ---D | C] -- C:\Users\Kika\AppData\Roaming\Security_File [2012-06-05 13:33:01 | 000,000,000 | ---D | C] -- C:\Users\Kika\AppData\Roaming\Kingston [2012-06-05 13:32:46 | 000,000,000 | ---D | C] -- C:\Temp [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-06-28 11:12:18 | 000,020,944 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-06-28 11:12:18 | 000,020,944 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-06-28 11:09:30 | 000,836,930 | ---- | M] () -- C:\windows\System32\perfh015.dat [2012-06-28 11:09:30 | 000,749,356 | ---- | M] () -- C:\windows\System32\perfh009.dat [2012-06-28 11:09:30 | 000,188,814 | ---- | M] () -- C:\windows\System32\perfc015.dat [2012-06-28 11:09:30 | 000,156,796 | ---- | M] () -- C:\windows\System32\perfc009.dat [2012-06-28 11:05:21 | 000,001,028 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2012-06-28 11:04:37 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012-06-28 11:04:35 | 1552,314,368 | -HS- | M] () -- C:\hiberfil.sys [2012-06-28 11:00:27 | 000,000,098 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts [2012-06-28 10:59:43 | 000,340,645 | ---- | M] () -- C:\Users\Kika\Desktop\FSS.exe [2012-06-28 10:44:01 | 000,000,930 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2012-06-28 10:29:01 | 000,001,032 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2012-06-28 08:32:46 | 000,139,264 | ---- | M] () -- C:\Users\Kika\Desktop\SystemLook.exe [2012-06-27 12:57:48 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2012-06-26 14:49:01 | 003,827,125 | ---- | M] () -- C:\Users\Kika\Desktop\SetACL 2.3.2.zip [2012-06-26 12:35:19 | 000,002,044 | -H-- | M] () -- C:\Users\Kika\Documents\Default.rdp [2012-06-25 09:44:14 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe [2012-06-25 09:44:14 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2012-06-22 12:54:18 | 000,057,586 | ---- | M] () -- C:\Users\Kika\.recently-used.xbel [2012-06-22 08:12:47 | 000,000,316 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForKika.job [2012-06-15 08:05:41 | 000,442,104 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2012-06-12 08:30:35 | 000,002,290 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012-06-03 00:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wups2.dll [2012-06-03 00:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wups.dll [2012-06-03 00:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll [2012-06-03 00:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll [2012-06-03 00:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll [2012-06-02 15:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll [2012-06-02 15:12:20 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-06-28 10:59:43 | 000,340,645 | ---- | C] () -- C:\Users\Kika\Desktop\FSS.exe [2012-06-28 08:32:46 | 000,139,264 | ---- | C] () -- C:\Users\Kika\Desktop\SystemLook.exe [2012-06-26 14:48:59 | 003,827,125 | ---- | C] () -- C:\Users\Kika\Desktop\SetACL 2.3.2.zip [2012-06-22 12:54:18 | 000,057,586 | ---- | C] () -- C:\Users\Kika\.recently-used.xbel [2012-05-15 16:10:36 | 000,003,120 | ---- | C] () -- C:\windows\System32\drivers\wddbbgg.sys [2012-05-15 16:01:29 | 000,000,182 | ---- | C] () -- C:\windows\System32\HPPA.ini [2011-11-17 15:04:03 | 000,038,436 | ---- | C] () -- C:\Users\Kika\AppData\Roaming\Microsoft Excel 97-2003.ADR [2011-11-17 14:47:00 | 000,038,442 | ---- | C] () -- C:\Users\Kika\AppData\Roaming\Wartości oddzielone przecinkami (DOS).ADR [2011-10-24 15:31:36 | 000,005,191 | ---- | C] () -- C:\Program Files\default.ihtml [2011-10-07 15:56:22 | 000,323,584 | ---- | C] () -- C:\windows\System32\flcdlmsg.dll [2011-05-19 08:50:58 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPPassFilter.dll.hpsign [2011-05-19 08:50:58 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPCrProv.dll.hpsign [2011-04-19 08:46:13 | 000,066,048 | ---- | C] () -- C:\windows\System32\PrintBrmUi.exe [2011-04-07 08:42:22 | 000,115,369 | ---- | C] () -- C:\windows\System32\drivers\klin.dat [2011-04-07 08:42:22 | 000,097,961 | ---- | C] () -- C:\windows\System32\drivers\klick.dat [2011-03-30 08:41:50 | 000,022,260 | ---- | C] () -- C:\Users\Kika\AppData\Roaming\Wartości oddzielone przecinkami (Windows).ADR [2010-09-28 14:00:12 | 000,012,800 | ---- | C] () -- C:\windows\LPRES.DLL [2010-09-22 14:27:24 | 000,034,576 | ---- | C] () -- C:\windows\System32\drivers\WPRO_41_1879.sys [2010-07-19 14:25:26 | 000,009,317 | ---- | C] () -- C:\Users\Kika\AppData\Roaming\Microsoft Excel 97-2003.EML [2010-07-19 14:15:07 | 000,009,298 | ---- | C] () -- C:\Users\Kika\AppData\Roaming\Microsoft Access 97-2003.EML [2010-07-19 12:45:25 | 000,000,004 | ---- | C] () -- C:\windows\vx86036.dat [2010-07-19 12:45:02 | 000,000,127 | ---- | C] () -- C:\windows\Crypkey.ini [2010-07-19 12:44:58 | 000,027,648 | R--- | C] () -- C:\windows\Setup_ck.exe [2010-07-19 12:44:58 | 000,019,584 | ---- | C] () -- C:\windows\System32\Ckldrv.sys [2010-07-19 12:44:58 | 000,018,432 | ---- | C] () -- C:\windows\Setup_ck.dll [2010-07-19 12:44:58 | 000,011,776 | ---- | C] () -- C:\windows\Ckrfresh.exe [2010-07-16 14:54:06 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPSCEL.dll.hpsign [2010-07-16 14:54:06 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPFPApi.dll.hpsign [2010-07-16 14:54:06 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPClback.dll.hpsign [2010-07-15 16:01:46 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPFPApiUI.dll.hpsign [2010-07-14 20:15:37 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat [2010-05-07 08:04:58 | 000,007,599 | ---- | C] () -- C:\Users\Kika\AppData\Local\resmon.resmoncfg [2010-04-18 11:58:49 | 000,000,102 | ---- | C] () -- C:\Users\Kika\AppData\Roaming\wklnhst.dat [2006-10-28 00:27:20 | 007,160,320 | ---- | C] () -- C:\Users\Kika\o2007pia.msi [2006-10-28 00:27:20 | 000,008,097 | ---- | C] () -- C:\Users\Kika\o2007pia_readme.rtf [color=#E56717]========== LOP Check ==========[/color] [2011-02-09 16:55:49 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Acronis [2011-09-19 13:49:03 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Artisteer [2010-11-22 16:05:12 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Ashampoo [2012-02-28 15:49:06 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Autodesk [2011-04-27 11:54:24 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Canneverbe Limited [2010-04-02 19:24:46 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\DigitalPersona [2012-05-18 15:09:14 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Downloaded Installations [2011-09-22 14:38:35 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\FMA [2010-11-22 15:59:45 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\GetRightToGo [2011-10-25 15:46:54 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\GHISLER [2012-06-22 12:54:18 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\gtk-2.0 [2012-02-28 16:01:32 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\IGC [2010-06-14 09:30:44 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\ImgBurn [2012-05-15 16:25:07 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Infineon [2012-06-05 13:33:05 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Kingston [2011-09-22 14:45:26 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\MyPhoneExplorer [2011-10-26 20:28:29 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\MySQL [2011-11-09 21:52:44 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\NapiProjekt [2012-06-25 11:51:08 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Nitro PDF [2010-07-21 09:35:39 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Nokia [2010-07-02 11:57:10 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Notepad++ [2010-05-07 10:38:01 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\OpenOffice.org [2010-09-08 13:58:18 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Opera [2010-07-21 08:55:18 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\PC Suite [2012-05-29 14:57:32 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\PrimoPDF [2012-02-20 09:45:12 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\QuickScan [2012-06-05 13:33:02 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Security_File [2011-09-22 14:36:18 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Sony [2011-09-12 08:17:25 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Subversion [2010-05-21 11:42:08 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Template [2010-04-22 10:36:43 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Thunderbird [2012-06-13 16:04:02 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Tlen.pl [2010-11-05 11:05:35 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Windows Live Writer [2012-03-06 14:10:00 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\Wireshark [2011-12-22 12:07:57 | 000,000,000 | ---D | M] -- C:\Users\Kika\AppData\Roaming\YCanPDF [2012-02-20 08:56:47 | 000,032,604 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:B755D674 @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:1AAB2E68 @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:39413AC3 < End of report >