.
DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_31
Run by Adam at 15:56:48 on 2012-07-06
Microsoft Windows 7 Professional   6.1.7601.1.1250.48.1045.18.4095.2641 [GMT 2:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
D:\PROGRA~1\AVG\AVG2012\avgrsa.exe
D:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\atieclxx.exe
D:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
D:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
D:\Program Files (x86)\Ares\Ares.exe
C:\Users\Adam\AppData\Local\vghd\bin\vghd.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Users\Adam\AppData\Local\vghd\bin\VirtuaGirl_Downloader.exe
C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=113480&tt=060612_8_&babsrc=HP_ss&mntrId=9aa6235b000000000000001fc6158b83
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - D:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Foxit PDF Creator Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Foxit PDF Creator Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uRun: [ares] "D:\Program Files (x86)\Ares\Ares.exe" -h
uRun: [AQQ] d:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe
uRun: [Media Finder] "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray
uRun: [Steam] "D:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
uRun: [ChomikBox] D:\Program Files (x86)\ChomikBox\chomikbox.exe
uRun: [CubeDesktop] 
uRun: [DeskSpace] D:\Program Files (x86)\Deskspace\deskspace.exe
uRun: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [famdimbikkancdx] C:\ProgramData\famdimbi.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ExpressFiles] "C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe" -tray
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVG_TRAY] "D:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
StartupFolder: C:\Users\Adam\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DESKTO~1.LNK - C:\Users\Adam\AppData\Local\vghd\bin\vghd.exe
StartupFolder: C:\Users\Adam\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\STARDO~1.LNK - D:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
IE: E&ksportuj do programu Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Wyślij &do programu OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{7025783A-FD22-494C-BA80-769950DDB2D1} : DhcpNameServer = 8.8.8.8 8.8.4.4
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files (x86)\AVG\AVG2012\avgpp.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{D4027C7F-154A-4066-A1AD-4243D8127440}
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [ExpressFiles] "C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe" -tray
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [AVG_TRAY] "D:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\0ebwyc4m.default\
FF - prefs.js: browser.search.selectedEngine - Search the web
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=113480&tt=060612_8_&babsrc=HP_ss&mntrId=9aa6235b000000000000001fc6158b83
FF - prefs.js: keyword.URL - hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\Spik\mozilla\npwpk.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.search.selectedEngine - Search the web
FF - user.js: browser.search.order.1 - Search the web
FF - user.js: browser.search.defaultenginename - Search the web
FF - user.js: keyword.URL - hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - user.js: privacy.item.cookies - false
FF - user.js: privacy.sanitize.promptOnSanitize - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=113480&tt=060612_8_
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 9aa6235b000000000000001fc6158b83
FF - user.js: extensions.BabylonToolbar_i.hardId - 9aa6235b000000000000001fc6158b83
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15501
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1714:49:53
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 mv61xx;mv61xx;C:\Windows\system32\DRIVERS\mv61xx.sys --> C:\Windows\system32\DRIVERS\mv61xx.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 avgwd;AVG WatchDog;D:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Usługa Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176]
S2 KMService;KMService;C:\Windows\System32\srvany.exe [2011-8-26 8192]
S3 acffn;{8D7FC5E1-BDE9-46A2-B7F0-A982B1020F38};d:\Program Files (x86)\ophcrack\pwdump\servpw.exe --> d:\Program Files (x86)\ophcrack\pwdump\servpw.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-15 253088]
S3 gupdatem;Usługa Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176]
S3 itoyfm;{04E12633-6796-4C06-B37B-36DD5F780A8F};d:\Program Files (x86)\ophcrack\pwdump\servpw.exe --> d:\Program Files (x86)\ophcrack\pwdump\servpw.exe [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 113120]
S3 mpqfua;{89AD4F06-BCFB-48CB-91FD-FC98646DA455};d:\Program Files (x86)\ophcrack\pwdump\servpw.exe --> d:\Program Files (x86)\ophcrack\pwdump\servpw.exe [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 StorSvc;Usługa magazynu;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 syuevggq;{62DBB983-37C0-4DA7-8A3F-9FF470A0B347};d:\Program Files (x86)\ophcrack\pwdump\servpw.exe --> d:\Program Files (x86)\ophcrack\pwdump\servpw.exe [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 urwtbdcyd;{4F5E5351-BB53-4032-9BEE-AE2B2CD8A40B};d:\Program Files (x86)\ophcrack\pwdump\servpw.exe --> d:\Program Files (x86)\ophcrack\pwdump\servpw.exe [?]
S3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yfdfb;{A4E2AFD3-1EC1-4E15-8442-5A885245A232};d:\Program Files (x86)\ophcrack\pwdump\servpw.exe --> d:\Program Files (x86)\ophcrack\pwdump\servpw.exe [?]
S3 ysydana;{3C2EC402-E4EB-4C09-AAA5-33E1B3A79D1C};d:\Program Files (x86)\ophcrack\pwdump\servpw.exe --> d:\Program Files (x86)\ophcrack\pwdump\servpw.exe [?]
.
=============== Created Last 30 ================
.
2012-07-06 12:43:28	--------	d-----w-	C:\Users\Adam\AppData\Local\temp
2012-07-06 12:37:30	--------	d-----w-	C:\$RECYCLE.BIN
2012-07-06 12:30:26	98816	----a-w-	C:\Windows\sed.exe
2012-07-06 12:30:26	518144	----a-w-	C:\Windows\SWREG.exe
2012-07-06 12:30:26	256000	----a-w-	C:\Windows\PEV.exe
2012-07-06 12:30:26	208896	----a-w-	C:\Windows\MBR.exe
2012-07-06 10:54:29	--------	d-----w-	C:\Program Files (x86)\Skype
2012-07-06 09:44:54	--------	d-----w-	C:\ProgramData\mdipsqknffxuiex
2012-07-05 19:16:05	--------	d-----w-	C:\Users\Adam\AppData\Local\BigHugeEngine
2012-07-04 15:29:34	--------	d-----w-	C:\Users\Adam\AppData\Local\inXile entertainment
2012-07-02 07:31:30	--------	d-----w-	C:\Users\Adam\AppData\Roaming\Lionhead Studios
2012-06-30 10:54:00	--------	d-----w-	C:\Windows\SysWow64\directx
2012-06-30 10:20:30	--------	d-----w-	C:\Users\Adam\AppData\Local\CrashRpt
2012-06-28 12:03:50	--------	d-----w-	C:\Uninstall
2012-06-28 10:24:20	--------	d-----w-	C:\Users\Adam\AppData\Roaming\OtakuSoftware
2012-06-28 10:04:02	--------	d-----w-	C:\Users\Adam\Desktop 3
2012-06-28 10:04:00	--------	d-----w-	C:\Users\Adam\Desktop 2
2012-06-28 09:59:52	--------	d-----w-	C:\Users\Adam\AppData\Roaming\Dexpot
2012-06-28 09:33:33	--------	d-----w-	C:\Users\Adam\AppData\Roaming\Thinking Minds Budiling Bytes
2012-06-25 12:42:31	--------	d-----w-	C:\ProgramData\Tarma Installer
2012-06-25 12:41:29	--------	d-----w-	C:\Program Files (x86)\1ClickDownload
2012-06-21 04:30:52	2622464	----a-w-	C:\Windows\System32\wucltux.dll
2012-06-21 04:30:29	99840	----a-w-	C:\Windows\System32\wudriver.dll
2012-06-21 04:30:12	36864	----a-w-	C:\Windows\System32\wuapp.exe
2012-06-21 04:30:12	186752	----a-w-	C:\Windows\System32\wuwebv.dll
2012-06-19 05:37:55	770384	----a-w-	C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-19 05:37:55	421200	----a-w-	C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-18 13:58:01	--------	d-----w-	C:\Users\Adam\AppData\Local\Stardock
2012-06-18 13:57:51	--------	d-----w-	C:\Program Files (x86)\Common Files\Stardock
2012-06-18 11:45:20	--------	d-----w-	C:\Users\Adam\AppData\Roaming\Rainmeter
2012-06-17 13:33:22	--------	d-----w-	C:\ProgramData\KONAMI
2012-06-10 12:50:01	--------	d-----w-	C:\Users\Adam\AppData\Roaming\BabylonToolbar
.
==================== Find3M  ====================
.
2012-04-21 13:59:11	183112	----a-w-	C:\Windows\SysWow64\PnkBstrB.exe
2012-04-19 13:43:42	235	----a-w-	C:\Windows\SysWow64\nxEuUninstall.bat
2012-04-19 13:43:41	446464	----a-w-	C:\Windows\NEXON_EU_DownloaderUpdater.exe
2012-04-15 12:54:58	66872	----a-w-	C:\Windows\SysWow64\PnkBstrA.exe
2012-04-15 12:00:49	10272	----a-w-	C:\Windows\SysWow64\ealregsnapshot1.reg
2012-04-15 07:22:13	70304	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-15 07:22:13	418464	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
.
============= FINISH: 15:57:06,07 ===============