OTL logfile created on: 2012-09-18 19:11:15 - Run 2 OTL by OldTimer - Version 3.2.61.5 Folder = D:\Pobieranie Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,98 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 47,99% Memory free 5,96 Gb Paging File | 4,25 Gb Available in Paging File | 71,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97,56 Gb Total Space | 51,73 Gb Free Space | 53,02% Space Free | Partition Type: NTFS Drive D: | 184,05 Gb Total Space | 51,06 Gb Free Space | 27,74% Space Free | Partition Type: NTFS Drive E: | 184,05 Gb Total Space | 77,72 Gb Free Space | 42,23% Space Free | Partition Type: NTFS Drive G: | 14,78 Gb Total Space | 11,87 Gb Free Space | 80,34% Space Free | Partition Type: FAT32 Computer Name: USER-KOMPUTER | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-09-17 18:37:26 | 000,600,064 | ---- | M] (OldTimer Tools) -- D:\Pobieranie\OTL.exe PRC - [2012-09-08 19:32:59 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-07-27 22:51:28 | 001,498,552 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe PRC - [2012-07-27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-11-11 14:31:54 | 000,334,448 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe PRC - [2010-11-11 14:31:50 | 000,404,080 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe PRC - [2010-11-11 14:31:36 | 000,064,112 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\hqtray.exe PRC - [2010-11-11 14:30:44 | 000,113,264 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe PRC - [2010-11-11 13:31:44 | 000,539,248 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe PRC - [2010-07-02 14:36:26 | 001,597,440 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe PRC - [2010-06-24 18:50:50 | 006,806,144 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2010-06-07 09:57:18 | 001,576,072 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe PRC - [2010-06-07 09:57:18 | 000,240,776 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe PRC - [2010-06-03 03:29:48 | 000,102,453 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\S7UBTOOX\S7ubTstx.exe PRC - [2010-06-02 21:23:30 | 000,061,493 | ---- | M] (SIEMENS AG) -- C:\Program Files\Siemens\Step7\S7BIN\s7hspsvx.exe PRC - [2010-05-28 11:49:08 | 000,277,120 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe PRC - [2010-05-06 12:25:40 | 001,102,848 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe PRC - [2010-05-03 15:45:50 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2010-05-03 15:41:46 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2010-04-13 09:32:42 | 000,548,744 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe PRC - [2010-04-07 07:16:54 | 001,599,880 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe PRC - [2010-04-05 19:33:52 | 001,271,088 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe PRC - [2010-01-22 03:01:30 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2010-01-22 03:01:00 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009-12-15 11:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2009-12-03 11:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe PRC - [2009-09-30 20:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009-09-30 20:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009-07-14 03:14:46 | 000,115,200 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE PRC - [2009-06-19 11:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe PRC - [2009-06-19 11:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe PRC - [2009-06-15 18:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe PRC - [2009-05-14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe PRC - [2008-12-22 18:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe PRC - [2007-04-02 19:51:56 | 000,083,512 | ---- | M] (iAnywhere Solutions, Inc.) -- C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe PRC - [2006-12-19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-09-08 19:32:59 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-08-27 20:36:54 | 009,813,704 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_265.dll MOD - [2012-08-21 19:30:58 | 000,013,824 | ---- | M] () -- C:\Users\User\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.POL MOD - [2012-08-21 19:30:23 | 009,327,616 | ---- | M] () -- C:\Users\User\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.pol MOD - [2012-07-27 22:51:28 | 000,249,272 | ---- | M] () -- C:\Program Files\Adobe\Reader 10.0\Reader\sqlite.dll MOD - [2012-05-22 14:48:41 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\1d96b1ef408e2b5a2aa8de007b822aa3\System.Web.ni.dll MOD - [2012-05-22 14:48:31 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0af36b5de27960f649fcd6fe6e95c03d\System.Runtime.Remoting.ni.dll MOD - [2012-05-22 14:48:12 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a9f6cfa4eb1436ff770995822f10e227\System.Windows.Forms.ni.dll MOD - [2012-05-22 14:48:01 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c8aa11ee6789d0f3f5542747aad7a2e4\System.Drawing.ni.dll MOD - [2012-05-22 14:47:03 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c68401de935c813374253d4fc2a18f6a\System.Xml.ni.dll MOD - [2012-05-22 14:46:57 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\338f3c91a0bea33a07a4611d324bf73a\System.Configuration.ni.dll MOD - [2012-05-22 14:46:52 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\acbc57d41499fbc2b99194148786c677\System.ni.dll MOD - [2012-05-22 14:46:42 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll MOD - [2011-02-04 12:30:42 | 001,708,032 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3674.16114__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll MOD - [2011-02-04 12:30:42 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3674.16083__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2011-02-04 12:30:42 | 000,380,928 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3674.15987__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2011-02-04 12:30:42 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3674.16049__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2011-02-04 12:30:42 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3674.16008__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2011-02-04 12:30:42 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3674.16082__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll MOD - [2011-02-04 12:30:42 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3674.16049__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2011-02-04 12:30:42 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3674.16063__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2011-02-04 12:30:42 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3674.15996__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2011-02-04 12:30:42 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3674.16084__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2011-02-04 12:30:42 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3674.16048__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2011-02-04 12:30:42 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3674.16043__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2011-02-04 12:30:42 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3674.16033__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2011-02-04 12:30:42 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3674.16082__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2011-02-04 12:30:42 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3674.16002__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2011-02-04 12:30:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3674.15997__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2011-02-04 12:30:42 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3674.16114__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll MOD - [2011-02-04 12:30:41 | 001,290,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3674.16110__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll MOD - [2011-02-04 12:30:41 | 000,827,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3674.16036__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2011-02-04 12:30:41 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3674.16009__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2011-02-04 12:30:41 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3674.16057__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2011-02-04 12:30:41 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3674.16034__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2011-02-04 12:30:41 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3674.16029__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2011-02-04 12:30:41 | 000,323,584 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3674.16042__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2011-02-04 12:30:41 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3674.16013__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2011-02-04 12:30:41 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011-02-04 12:30:41 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3674.16008__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2011-02-04 12:30:41 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3639.21529__90ba9c70f846762e\CLI.Foundation.dll MOD - [2011-02-04 12:30:41 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3674.16035__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2011-02-04 12:30:41 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3674.16041__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2011-02-04 12:30:41 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3674.16033__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2011-02-04 12:30:41 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2011-02-04 12:30:41 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3674.16040__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2011-02-04 12:30:41 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3674.16013__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2011-02-04 12:30:41 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3674.16034__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2011-02-04 12:30:41 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3674.16042__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2011-02-04 12:30:41 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3639.21517__90ba9c70f846762e\LOG.Foundation.dll MOD - [2011-02-04 12:30:41 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3639.21518__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2011-02-04 12:30:41 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3639.21922__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2011-02-04 12:30:41 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3639.21569__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2011-02-04 12:30:41 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3639.21562__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2011-02-04 12:30:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3639.21599__90ba9c70f846762e\MOM.Foundation.dll MOD - [2011-02-04 12:30:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2011-02-04 12:30:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3639.21620__90ba9c70f846762e\DEM.Graphics.dll MOD - [2011-02-04 12:30:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2011-02-04 12:30:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3639.21613__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2011-02-04 12:30:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3639.21806__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MOD - [2011-02-04 12:30:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3639.21789__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2011-02-04 12:30:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3639.21606__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2011-02-04 12:30:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3639.21788__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2011-02-04 12:30:41 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2011-02-04 12:30:40 | 001,220,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3674.15992__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2011-02-04 12:30:40 | 000,741,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3674.16108__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll MOD - [2011-02-04 12:30:40 | 000,577,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3674.16071__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2011-02-04 12:30:40 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3674.16002__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2011-02-04 12:30:40 | 000,151,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3639.21544__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3674.16077__90ba9c70f846762e\MOM.Implementation.dll MOD - [2011-02-04 12:30:40 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3674.16075__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2011-02-04 12:30:40 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3639.21679__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3674.15985__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2011-02-04 12:30:40 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3639.21608__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3674.15986__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2011-02-04 12:30:40 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3639.21677__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3639.21609__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3639.21670__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3639.21589__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2011-02-04 12:30:40 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3674.16088__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2011-02-04 12:30:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3639.21551__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2011-02-04 12:30:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3639.21578__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2011-02-04 12:30:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3639.21772__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3639.21577__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3639.21601__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3639.21521__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2011-02-04 12:30:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3639.21765__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3639.21666__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3639.21623__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3639.21565__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3639.21594__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2011-02-04 12:30:40 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3639.21571__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2011-02-04 12:30:40 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3639.21673__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3639.21539__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MOD - [2011-02-04 12:30:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3639.21592__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2011-02-04 12:30:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3639.21582__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2011-02-04 12:30:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3639.21596__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2011-02-04 12:30:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3639.21557__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2011-02-04 12:30:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3639.21681__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2011-02-04 12:30:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3639.21776__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3639.21611__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2011-02-04 12:30:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3639.21604__90ba9c70f846762e\APM.Foundation.dll MOD - [2011-02-04 12:30:40 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3674.16077__90ba9c70f846762e\CCC.Implementation.dll MOD - [2011-02-04 12:30:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3639.21566__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2011-02-04 12:30:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3639.21663__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2011-02-04 12:30:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3639.21591__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2011-02-04 12:30:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3639.21570__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2011-02-04 12:30:40 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3674.15982__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2011-02-04 12:30:39 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3674.15984__90ba9c70f846762e\APM.Server.dll MOD - [2011-02-04 12:30:39 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3674.15983__90ba9c70f846762e\AEM.Server.dll MOD - [2011-02-04 12:30:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2010-11-13 04:39:47 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2010-11-11 14:31:14 | 000,068,720 | ---- | M] () -- C:\Program Files\VMware\VMware Player\zlib1.dll MOD - [2010-11-11 14:31:00 | 000,970,352 | ---- | M] () -- C:\Program Files\VMware\VMware Player\libxml2.dll MOD - [2010-11-05 03:54:34 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pl_b77a5c561934e089\System.resources.dll MOD - [2010-07-02 14:36:26 | 001,597,440 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe MOD - [2010-05-05 19:22:30 | 000,098,304 | ---- | M] () -- C:\Program Files\P4G\OvrClk.dll MOD - [2010-01-11 11:27:36 | 000,012,800 | ---- | M] () -- C:\Program Files\P4G\DevMng.dll MOD - [2008-10-23 11:21:32 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012-09-08 19:32:59 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-08-27 20:36:55 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-07-27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-05-24 09:20:40 | 000,158,896 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2011-02-04 15:27:28 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010-11-11 14:31:54 | 000,334,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2010-11-11 14:31:50 | 000,404,080 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service) SRV - [2010-11-11 14:30:44 | 000,113,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService) SRV - [2010-11-11 13:31:44 | 000,539,248 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService) SRV - [2010-08-19 14:57:14 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60) SRV - [2010-06-07 09:57:18 | 001,576,072 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe -- (s7oiehsx) SRV - [2010-06-07 09:57:18 | 000,240,776 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe -- (S7TraceServiceX) SRV - [2010-06-02 21:23:30 | 000,061,493 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Siemens\Step7\S7BIN\s7hspsvx.exe -- (s7hspsvx) SRV - [2010-05-06 12:25:40 | 001,102,848 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe -- (almservice) SRV - [2010-01-22 03:01:00 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009-12-15 11:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009-09-30 20:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2009-09-30 20:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-06-15 18:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2009-05-14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0) SRV - [2007-04-17 09:07:50 | 000,135,168 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\Windows\System32\OpcEnum.exe -- (OpcEnum) SRV - [2007-03-15 15:48:26 | 000,535,807 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Stopped] -- C:\Windows\System32\hasplms.exe -- (hasplms) SRV - [2006-12-19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2011-08-04 09:20:38 | 000,147,480 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw) DRV - [2011-08-04 09:20:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp) DRV - [2011-08-04 09:20:38 | 000,033,656 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF) DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2011-06-27 01:37:12 | 002,191,872 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2011-04-26 16:10:34 | 000,111,280 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2011-04-26 15:10:34 | 000,033,712 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxUSB.sys -- (VBoxUSB) DRV - [2011-02-13 21:05:05 | 000,685,816 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-11-11 14:32:10 | 000,070,768 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci) DRV - [2010-11-11 14:32:08 | 000,854,128 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86) DRV - [2010-11-11 14:30:34 | 000,024,688 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd) DRV - [2010-11-11 14:29:26 | 000,026,352 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif) DRV - [2010-11-11 13:31:28 | 000,032,368 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon) DRV - [2010-11-11 11:04:54 | 000,031,280 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmusb.sys -- (vmusb) DRV - [2010-11-11 11:04:52 | 000,036,400 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge) DRV - [2010-11-11 11:04:52 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV - [2010-08-19 14:56:38 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60) DRV - [2010-06-07 09:40:34 | 000,031,744 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\s7opcsrtx.sys -- (S7opcsrtx) DRV - [2010-04-28 11:53:32 | 000,288,256 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\dpmconv32.sys -- (dpmconv) DRV - [2010-03-22 22:38:02 | 000,098,944 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsnl2ada32.sys -- (vsnl2ada) DRV - [2010-03-22 22:35:44 | 000,072,248 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\DPMTRCDD32.sys -- (DPMTRCDD) DRV - [2010-03-18 18:56:32 | 000,521,216 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\S7otranx32.sys -- (S7otranx32) DRV - [2010-03-18 18:51:22 | 000,087,552 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\S7odpx2x32.sys -- (S7odpx2x32) DRV - [2010-02-25 05:27:00 | 000,098,928 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\JME.sys -- (JME) DRV - [2010-01-24 15:53:02 | 000,336,128 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SNTIE.SYS -- (SNTIE) DRV - [2010-01-22 03:12:40 | 005,191,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag) DRV - [2010-01-22 02:07:42 | 000,125,440 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2009-10-30 04:48:50 | 000,502,272 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService) DRV - [2009-09-30 03:33:58 | 000,104,976 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009-09-17 13:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) DRV - [2009-08-20 04:39:58 | 001,760,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) DRV - [2009-08-18 10:23:28 | 000,119,408 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2009-07-20 11:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009-07-02 18:36:10 | 000,013,880 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys -- (ASMMAP) DRV - [2009-05-13 10:06:48 | 000,014,392 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009-02-24 19:39:58 | 000,073,088 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\s7snsrtx.sys -- (s7snsrtx) DRV - [2009-02-03 17:36:58 | 000,059,000 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) DRV - [2008-11-28 19:30:18 | 000,011,688 | ---- | M] (GE Fanuc International, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ikbf5.sys -- (ikbf5) DRV - [2007-03-12 21:48:56 | 000,351,744 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aksfridge.sys -- (aksfridge) DRV - [2007-02-08 19:44:43 | 000,083,320 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) DRV - [2006-07-10 18:19:58 | 000,027,032 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) DRV - [2006-06-14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-4012775161-2277137369-418426659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-4012775161-2277137369-418426659-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-4012775161-2277137369-418426659-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-4012775161-2277137369-418426659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33 FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-09-16 14:50:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-09-08 19:32:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-09-08 19:32:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-09-16 15:40:00 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-09-08 19:32:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-09-08 19:32:56 | 000,000,000 | ---D | M] [2011-02-04 13:42:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions [2012-05-04 19:04:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ugx89ror.default\extensions [2011-06-27 17:24:44 | 000,090,118 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ugx89ror.default\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}.xpi [2012-09-09 21:59:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-09-08 19:32:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-09-09 21:59:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-08 19:32:59 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-03-23 16:06:36 | 000,931,328 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPBOARDS.dll [2010-11-24 12:12:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll [2012-06-15 01:13:23 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-06-15 01:13:23 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-06-15 01:13:23 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-06-15 01:13:23 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-06-15 01:13:23 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-06-15 01:13:23 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2012-09-16 15:07:35 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [S7UB Start] C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe (SIEMENS AG) O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware\VMware Player\hqtray.exe (VMware, Inc.) O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4012775161-2277137369-418426659-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4012775161-2277137369-418426659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA2E098D-EF3F-4DB4-9FD0-5C73BE625ADC}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EFE6C788-82A1-4431-AF34-A292E8561673}: NameServer = 220.220.2.2 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-09-16 16:01:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012-09-16 15:39:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [2012-09-16 15:09:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\temp [2012-09-16 14:59:18 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012-09-15 19:36:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Avg2013 [2012-09-10 19:56:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013 [2012-09-10 19:54:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\MFAData [2012-09-10 19:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2012-09-10 19:31:06 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\TuneUp Software [2012-09-10 19:30:27 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012-09-10 19:30:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012-09-10 19:30:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012-09-09 21:59:25 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012-09-09 21:59:25 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012-09-09 21:59:25 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012-09-09 15:48:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\LibreOffice [2012-09-09 15:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 3.6 [2012-09-09 15:47:23 | 000,000,000 | ---D | C] -- C:\Program Files\LibreOffice 3.6 [2012-09-09 15:01:55 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\rzeczy [2012-09-08 19:32:54 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-09-18 19:19:43 | 009,175,040 | -HS- | M] () -- C:\Users\User\ntuser.dat [2012-09-18 19:15:19 | 000,010,416 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-09-18 19:15:18 | 000,010,416 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-09-18 19:13:20 | 001,700,230 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2012-09-18 19:13:20 | 000,750,486 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-09-18 19:13:20 | 000,663,812 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-09-18 19:13:20 | 000,161,572 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-09-18 19:13:20 | 000,126,528 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-09-18 19:09:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-09-18 19:07:10 | 000,000,438 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics [2012-09-18 19:06:30 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-09-18 19:06:27 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-09-18 19:06:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-09-18 19:05:59 | 2400,620,544 | -HS- | M] () -- C:\hiberfil.sys [2012-09-18 19:05:28 | 007,067,392 | -H-- | M] () -- C:\Users\User\AppData\Local\IconCache.db [2012-09-18 18:53:01 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-09-16 16:17:46 | 020,667,352 | ---- | M] () -- C:\Users\User\Desktop\praca_mgr - Projekt mikroprpcesorowego układu do pomiaru prędkości i przemieszczenia liniowego z zastosowaniem czujnika optoelektronicznego.odt [2012-09-16 16:00:50 | 000,524,288 | -HS- | M] () -- C:\Users\User\ntuser.dat{b0b4e26b-fffb-11e1-9f19-bcaec5085cfb}.TMContainer00000000000000000002.regtrans-ms [2012-09-16 16:00:50 | 000,524,288 | -HS- | M] () -- C:\Users\User\ntuser.dat{b0b4e26b-fffb-11e1-9f19-bcaec5085cfb}.TMContainer00000000000000000001.regtrans-ms [2012-09-16 16:00:50 | 000,065,536 | -HS- | M] () -- C:\Users\User\ntuser.dat{b0b4e26b-fffb-11e1-9f19-bcaec5085cfb}.TM.blf [2012-09-16 15:07:41 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini [2012-09-16 15:07:35 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012-09-16 14:39:15 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{a571eb38-ffe7-11e1-8f23-bcaec5085cfb}.TMContainer00000000000000000002.regtrans-ms [2012-09-16 14:39:15 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{a571eb38-ffe7-11e1-8f23-bcaec5085cfb}.TMContainer00000000000000000001.regtrans-ms [2012-09-16 14:39:15 | 000,065,536 | -HS- | M] () -- C:\ProgramData\ntuser.dat{a571eb38-ffe7-11e1-8f23-bcaec5085cfb}.TM.blf [2012-09-16 14:39:13 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{a571eb2d-ffe7-11e1-8f23-bcaec5085cfb}.TMContainer00000000000000000002.regtrans-ms [2012-09-16 14:39:13 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{a571eb2d-ffe7-11e1-8f23-bcaec5085cfb}.TMContainer00000000000000000001.regtrans-ms [2012-09-16 14:39:13 | 000,065,536 | -HS- | M] () -- C:\ProgramData\ntuser.dat{a571eb2d-ffe7-11e1-8f23-bcaec5085cfb}.TM.blf [2012-09-11 21:17:42 | 000,028,247 | ---- | M] () -- C:\Users\User\Desktop\- FALOWNIKI.pdf [2012-09-11 21:08:58 | 005,908,322 | ---- | M] () -- C:\Users\User\Desktop\Wytyczne.pdf [2012-09-10 21:01:35 | 000,457,702 | ---- | M] () -- C:\Users\User\Desktop\combofix.pdf [2012-09-09 23:01:27 | 003,325,615 | ---- | M] () -- C:\Users\User\Desktop\starsza wersja praca_mgr - Projekt mikroprpcesorowego układu do pomiaru prędkości i przemieszczenia liniowego z zastosowaniem czujnika optoelektronicznego.pdf [2012-09-09 18:51:43 | 000,385,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-09-09 16:26:26 | 000,095,104 | ---- | M] () -- C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT [2012-09-09 15:48:21 | 000,001,058 | ---- | M] () -- C:\Users\Public\Desktop\LibreOffice 3.6.lnk [2012-08-28 20:24:56 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll [2012-08-28 20:24:53 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2012-08-28 20:10:12 | 000,157,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012-08-28 20:10:07 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012-08-28 20:09:57 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012-08-27 20:36:55 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-08-27 20:36:55 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-09-16 14:51:28 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{b0b4e26b-fffb-11e1-9f19-bcaec5085cfb}.TMContainer00000000000000000002.regtrans-ms [2012-09-16 14:51:28 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{b0b4e26b-fffb-11e1-9f19-bcaec5085cfb}.TMContainer00000000000000000001.regtrans-ms [2012-09-16 14:51:28 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{b0b4e26b-fffb-11e1-9f19-bcaec5085cfb}.TM.blf [2012-09-16 14:39:15 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{a571eb38-ffe7-11e1-8f23-bcaec5085cfb}.TMContainer00000000000000000002.regtrans-ms [2012-09-16 14:39:15 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{a571eb38-ffe7-11e1-8f23-bcaec5085cfb}.TMContainer00000000000000000001.regtrans-ms [2012-09-16 14:39:15 | 000,065,536 | -HS- | C] () -- C:\ProgramData\ntuser.dat{a571eb38-ffe7-11e1-8f23-bcaec5085cfb}.TM.blf [2012-09-16 14:39:13 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{a571eb2d-ffe7-11e1-8f23-bcaec5085cfb}.TMContainer00000000000000000002.regtrans-ms [2012-09-16 14:39:13 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{a571eb2d-ffe7-11e1-8f23-bcaec5085cfb}.TMContainer00000000000000000001.regtrans-ms [2012-09-16 14:39:13 | 000,065,536 | -HS- | C] () -- C:\ProgramData\ntuser.dat{a571eb2d-ffe7-11e1-8f23-bcaec5085cfb}.TM.blf [2012-09-11 21:17:42 | 000,028,247 | ---- | C] () -- C:\Users\User\Desktop\- FALOWNIKI.pdf [2012-09-11 21:08:58 | 005,908,322 | ---- | C] () -- C:\Users\User\Desktop\Wytyczne.pdf [2012-09-10 21:01:34 | 000,457,702 | ---- | C] () -- C:\Users\User\Desktop\combofix.pdf [2012-09-09 23:01:27 | 003,325,615 | ---- | C] () -- C:\Users\User\Desktop\starsza wersja praca_mgr - Projekt mikroprpcesorowego układu do pomiaru prędkości i przemieszczenia liniowego z zastosowaniem czujnika optoelektronicznego.pdf [2012-09-09 19:16:01 | 020,667,352 | ---- | C] () -- C:\Users\User\Desktop\praca_mgr - Projekt mikroprpcesorowego układu do pomiaru prędkości i przemieszczenia liniowego z zastosowaniem czujnika optoelektronicznego.odt [2012-09-09 15:48:21 | 000,001,058 | ---- | C] () -- C:\Users\Public\Desktop\LibreOffice 3.6.lnk [2012-07-26 15:27:00 | 007,067,392 | -H-- | C] () -- C:\Users\User\AppData\Local\IconCache.db [2012-07-26 14:12:37 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{8d14787d-d71a-11e1-b220-b58e6938c1d8}.TMContainer00000000000000000002.regtrans-ms [2012-07-26 14:12:37 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{8d14787d-d71a-11e1-b220-b58e6938c1d8}.TMContainer00000000000000000001.regtrans-ms [2012-07-26 14:12:37 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{8d14787d-d71a-11e1-b220-b58e6938c1d8}.TM.blf [2012-07-25 20:11:02 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{5a79b93e-d683-11e1-bff4-ce637f0214d8}.TMContainer00000000000000000002.regtrans-ms [2012-07-25 20:11:02 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{5a79b93e-d683-11e1-bff4-ce637f0214d8}.TMContainer00000000000000000001.regtrans-ms [2012-07-25 20:11:02 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{5a79b93e-d683-11e1-bff4-ce637f0214d8}.TM.blf [2012-05-26 17:06:16 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{aa516aa0-a742-11e1-b653-854209ea06d7}.TMContainer00000000000000000002.regtrans-ms [2012-05-26 17:06:16 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{aa516aa0-a742-11e1-b653-854209ea06d7}.TMContainer00000000000000000001.regtrans-ms [2012-05-26 17:06:16 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{aa516aa0-a742-11e1-b653-854209ea06d7}.TM.blf [2012-05-01 17:52:09 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{1ed0e91d-93a5-11e1-b2fd-9f6d596c1ed5}.TMContainer00000000000000000002.regtrans-ms [2012-05-01 17:52:09 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{1ed0e91d-93a5-11e1-b2fd-9f6d596c1ed5}.TMContainer00000000000000000001.regtrans-ms [2012-05-01 17:52:09 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{1ed0e91d-93a5-11e1-b2fd-9f6d596c1ed5}.TM.blf [2012-04-30 19:43:46 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{8767767e-92eb-11e1-83bb-e1e42282d2d5}.TMContainer00000000000000000002.regtrans-ms [2012-04-30 19:43:46 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{8767767e-92eb-11e1-83bb-e1e42282d2d5}.TMContainer00000000000000000001.regtrans-ms [2012-04-30 19:43:46 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{8767767e-92eb-11e1-83bb-e1e42282d2d5}.TM.blf [2012-04-30 14:27:26 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{55cf3081-92bf-11e1-b7f9-a9544275e7d6}.TMContainer00000000000000000002.regtrans-ms [2012-04-30 14:27:26 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{55cf3081-92bf-11e1-b7f9-a9544275e7d6}.TMContainer00000000000000000001.regtrans-ms [2012-04-30 14:27:26 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{55cf3081-92bf-11e1-b7f9-a9544275e7d6}.TM.blf [2012-04-29 20:15:45 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{70069ea1-9226-11e1-b220-cc6f132858d5}.TMContainer00000000000000000002.regtrans-ms [2012-04-29 20:15:45 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{70069ea1-9226-11e1-b220-cc6f132858d5}.TMContainer00000000000000000001.regtrans-ms [2012-04-29 20:15:45 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{70069ea1-9226-11e1-b220-cc6f132858d5}.TM.blf [2012-04-18 17:51:36 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{39e011ff-896d-11e1-bb40-bcaec5085cfb}.TMContainer00000000000000000002.regtrans-ms [2012-04-18 17:51:36 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{39e011ff-896d-11e1-bb40-bcaec5085cfb}.TMContainer00000000000000000001.regtrans-ms [2012-04-18 17:51:36 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{39e011ff-896d-11e1-bb40-bcaec5085cfb}.TM.blf [2012-04-01 17:01:49 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{18671a1d-7c0b-11e1-840e-ffea285362d5}.TMContainer00000000000000000002.regtrans-ms [2012-04-01 17:01:49 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{18671a1d-7c0b-11e1-840e-ffea285362d5}.TMContainer00000000000000000001.regtrans-ms [2012-04-01 17:01:49 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{18671a1d-7c0b-11e1-840e-ffea285362d5}.TM.blf [2012-04-01 16:10:10 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{ebb88a74-7c02-11e1-9f70-4e5d6067b0db}.TMContainer00000000000000000002.regtrans-ms [2012-04-01 16:10:10 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{ebb88a74-7c02-11e1-9f70-4e5d6067b0db}.TMContainer00000000000000000001.regtrans-ms [2012-04-01 16:10:10 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{ebb88a74-7c02-11e1-9f70-4e5d6067b0db}.TM.blf [2012-04-01 15:59:55 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{35e154c8-7c02-11e1-ba82-cd59729e5cd5}.TMContainer00000000000000000002.regtrans-ms [2012-04-01 15:59:55 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{35e154c8-7c02-11e1-ba82-cd59729e5cd5}.TMContainer00000000000000000001.regtrans-ms [2012-04-01 15:59:55 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{35e154c8-7c02-11e1-ba82-cd59729e5cd5}.TM.blf [2012-03-29 15:16:12 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{c58a2a1d-79a0-11e1-bb4a-8d63374222dd}.TMContainer00000000000000000002.regtrans-ms [2012-03-29 15:16:12 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{c58a2a1d-79a0-11e1-bb4a-8d63374222dd}.TMContainer00000000000000000001.regtrans-ms [2012-03-29 15:16:12 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{c58a2a1d-79a0-11e1-bb4a-8d63374222dd}.TM.blf [2012-02-05 14:26:00 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{84a7d6c1-4ff4-11e1-9022-bcaec5085cfb}.TMContainer00000000000000000002.regtrans-ms [2012-02-05 14:26:00 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{84a7d6c1-4ff4-11e1-9022-bcaec5085cfb}.TMContainer00000000000000000001.regtrans-ms [2012-02-05 14:26:00 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{84a7d6c1-4ff4-11e1-9022-bcaec5085cfb}.TM.blf [2012-02-01 22:23:52 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{fedde859-4d11-11e1-8d3a-bcaec5085cfb}.TMContainer00000000000000000002.regtrans-ms [2012-02-01 22:23:52 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{fedde859-4d11-11e1-8d3a-bcaec5085cfb}.TMContainer00000000000000000001.regtrans-ms [2012-02-01 22:23:52 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{fedde859-4d11-11e1-8d3a-bcaec5085cfb}.TM.blf [2012-02-01 22:16:19 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{ea75fe67-4cc9-11e1-8c8a-bcaec5085cfb}.TMContainer00000000000000000002.regtrans-ms [2012-02-01 22:16:19 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{ea75fe67-4cc9-11e1-8c8a-bcaec5085cfb}.TMContainer00000000000000000001.regtrans-ms [2012-02-01 22:16:19 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{ea75fe67-4cc9-11e1-8c8a-bcaec5085cfb}.TM.blf [2012-01-26 15:16:08 | 000,000,341 | ---- | C] () -- C:\Windows\ODBCINST.INI [2012-01-02 22:18:02 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{d9cf38f7-357a-11e1-9f59-bcaec5085cfb}.TMContainer00000000000000000002.regtrans-ms [2012-01-02 22:18:02 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{d9cf38f7-357a-11e1-9f59-bcaec5085cfb}.TMContainer00000000000000000001.regtrans-ms [2012-01-02 22:18:02 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{d9cf38f7-357a-11e1-9f59-bcaec5085cfb}.TM.blf [2012-01-02 21:49:39 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{46854700-3562-11e1-9869-bcaec5085cfb}.TMContainer00000000000000000002.regtrans-ms [2012-01-02 21:49:39 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{46854700-3562-11e1-9869-bcaec5085cfb}.TMContainer00000000000000000001.regtrans-ms [2012-01-02 21:49:39 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{46854700-3562-11e1-9869-bcaec5085cfb}.TM.blf [2011-12-07 23:16:08 | 000,022,328 | ---- | C] () -- C:\Users\User\AppData\Roaming\PnkBstrK.sys [2011-12-07 23:15:09 | 000,000,273 | ---- | C] () -- C:\Windows\game.ini [2011-12-07 19:01:19 | 000,000,600 | ---- | C] () -- C:\Users\User\AppData\Local\PUTTY.RND [2011-11-22 16:18:40 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{319ce32b-1514-11e1-87b8-d5a9a629b5d5}.TMContainer00000000000000000002.regtrans-ms [2011-11-22 16:18:40 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{319ce32b-1514-11e1-87b8-d5a9a629b5d5}.TMContainer00000000000000000001.regtrans-ms [2011-11-22 16:18:40 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{319ce32b-1514-11e1-87b8-d5a9a629b5d5}.TM.blf [2011-11-21 18:32:28 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{c562097d-145d-11e1-ba6e-e8cc3a65b6d5}.TMContainer00000000000000000002.regtrans-ms [2011-11-21 18:32:28 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{c562097d-145d-11e1-ba6e-e8cc3a65b6d5}.TMContainer00000000000000000001.regtrans-ms [2011-11-21 18:32:28 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{c562097d-145d-11e1-ba6e-e8cc3a65b6d5}.TM.blf [2011-09-28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011-07-25 20:26:33 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{d3de12e2-b6de-11e0-aa53-bcaec5085cfb}.TMContainer00000000000000000002.regtrans-ms [2011-07-25 20:26:33 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{d3de12e2-b6de-11e0-aa53-bcaec5085cfb}.TMContainer00000000000000000001.regtrans-ms [2011-07-25 20:26:33 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{d3de12e2-b6de-11e0-aa53-bcaec5085cfb}.TM.blf [2011-06-03 16:28:36 | 000,000,017 | ---- | C] () -- C:\Users\User\AppData\Local\resmon.resmoncfg [2011-05-23 20:19:01 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-05-23 20:16:21 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011-05-23 20:16:19 | 000,053,600 | ---- | C] () -- C:\Windows\System32\dosx.exe [2011-05-22 17:34:55 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{e8f6dcfc-8485-11e0-8626-b3e9b08d15e6}.TMContainer00000000000000000002.regtrans-ms [2011-05-22 17:34:55 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{e8f6dcfc-8485-11e0-8626-b3e9b08d15e6}.TMContainer00000000000000000001.regtrans-ms [2011-05-22 17:34:55 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{e8f6dcfc-8485-11e0-8626-b3e9b08d15e6}.TM.blf [2011-05-05 22:35:34 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{28f95894-7741-11e0-8588-ee904ee83c88}.TMContainer00000000000000000002.regtrans-ms [2011-05-05 22:35:34 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{28f95894-7741-11e0-8588-ee904ee83c88}.TMContainer00000000000000000001.regtrans-ms [2011-05-05 22:35:34 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{28f95894-7741-11e0-8588-ee904ee83c88}.TM.blf [2011-03-06 23:05:32 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{f63ed828-4817-11e0-a268-e6508ea0627c}.TMContainer00000000000000000002.regtrans-ms [2011-03-06 23:05:32 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{f63ed828-4817-11e0-a268-e6508ea0627c}.TMContainer00000000000000000001.regtrans-ms [2011-03-06 23:05:32 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{f63ed828-4817-11e0-a268-e6508ea0627c}.TM.blf [2011-03-05 01:23:16 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{0daf1e4a-46b5-11e0-9752-97dc033f14dc}.TMContainer00000000000000000002.regtrans-ms [2011-03-05 01:23:16 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{0daf1e4a-46b5-11e0-9752-97dc033f14dc}.TMContainer00000000000000000001.regtrans-ms [2011-03-05 01:23:16 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{0daf1e4a-46b5-11e0-9752-97dc033f14dc}.TM.blf [2011-03-05 01:14:01 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{d2c157cc-46b2-11e0-9904-bb069c94b2fd}.TMContainer00000000000000000002.regtrans-ms [2011-03-05 01:14:01 | 000,524,288 | -HS- | C] () -- C:\Users\User\ntuser.dat{d2c157cc-46b2-11e0-9904-bb069c94b2fd}.TMContainer00000000000000000001.regtrans-ms [2011-03-05 01:14:01 | 000,065,536 | -HS- | C] () -- C:\Users\User\ntuser.dat{d2c157cc-46b2-11e0-9904-bb069c94b2fd}.TM.blf [2011-03-03 14:02:16 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011-02-15 21:46:48 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011-02-15 21:46:44 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2011-02-15 21:46:38 | 000,183,112 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011-02-09 20:07:32 | 000,004,096 | -H-- | C] () -- C:\Users\User\AppData\Local\keyfile3.drm [2011-02-09 00:21:06 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2011-02-09 00:05:25 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2011-02-09 00:05:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011-02-09 00:05:22 | 000,810,496 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-02-09 00:05:22 | 000,183,808 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011-02-09 00:05:22 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011-02-09 00:05:22 | 000,000,590 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2011-02-08 22:38:56 | 000,003,352 | ---- | C] () -- C:\Windows\unins000.dat [2011-02-04 15:42:59 | 000,000,675 | ---- | C] () -- C:\Windows\ODBC.INI [2011-02-04 13:43:04 | 000,000,095 | ---- | C] () -- C:\Windows\winamp.ini [2011-02-04 13:41:22 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011-02-04 12:34:14 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys [2011-02-04 12:34:07 | 001,760,384 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2011-02-04 12:34:07 | 000,196,608 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll [2011-02-04 12:34:07 | 000,028,544 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2011-02-04 12:34:07 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [2011-02-04 12:33:10 | 001,700,230 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [2011-02-04 12:31:37 | 000,095,104 | ---- | C] () -- C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT [2011-02-04 12:31:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-02-04 12:29:56 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2011-02-04 12:19:17 | 009,175,040 | -HS- | C] () -- C:\Users\User\ntuser.dat [2011-02-04 12:19:17 | 000,524,288 | -HS- | C] () -- C:\Users\User\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2011-02-04 12:19:17 | 000,524,288 | -HS- | C] () -- C:\Users\User\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2011-02-04 12:19:17 | 000,065,536 | -HS- | C] () -- C:\Users\User\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2011-02-04 12:19:17 | 000,000,020 | -HS- | C] () -- C:\Users\User\ntuser.ini [color=#E56717]========== LOP Check ==========[/color] [2012-02-05 20:35:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ACD Systems [2012-05-21 19:07:50 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Atmel [2012-09-16 16:46:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite [2011-12-29 16:57:48 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Epson [2011-02-23 11:52:17 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ESET [2011-03-17 13:47:24 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Foxit Software [2011-02-08 17:14:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Gadu-Gadu 10 [2011-11-28 18:24:38 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GameRanger [2012-06-25 12:42:50 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GanymedeNet [2012-04-04 19:16:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ipla [2011-02-15 21:45:01 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech [2012-09-09 15:48:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\LibreOffice [2011-03-03 21:34:28 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OpenFM [2012-02-22 21:06:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\openmodelica [2011-02-12 23:53:39 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OpenOffice.org [2011-02-07 21:12:33 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\RDRM [2012-09-10 19:31:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TuneUp Software [2012-05-29 13:06:49 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\VisualAssist [2012-04-01 15:59:14 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\XnView [2012-08-16 19:19:01 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\ReclaimerResumeInstall_User.job [2012-01-23 18:06:52 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(21).TXT [2012-07-26 14:12:39 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >