[code] OTS logfile created on: 2012-11-20 12:54:05 - Run 1 OTS by OldTimer - Version 3.1.47.2 Folder = C:\Users\User\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 43,00% Memory free 8,00 Gb Paging File | 5,00 Gb Available in Paging File | 68,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 552,22 Gb Total Space | 57,44 Gb Free Space | 10,40% Space Free | Partition Type: NTFS Drive D: | 29,00 Gb Total Space | 13,04 Gb Free Space | 44,98% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: USER-KOMPUTER Current User Name: User Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Users\User\Downloads\OTS.exe -> [2012-11-20 12:51:02 | 000,646,656 | ---- | M] (OldTimer Tools) rsit.exe -> C:\Users\User\Downloads\RSIT.exe -> [2012-11-20 12:50:05 | 000,781,383 | ---- | M] () pnkbstra.exe -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2012-11-19 22:59:20 | 000,075,136 | ---- | M] () hamachi-2-ui.exe -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe -> [2012-11-19 21:48:16 | 002,254,768 | ---- | M] (LogMeIn Inc.) explorer.exe -> C:\Users\User\Drivers\explorer.exe -> [2012-11-18 23:07:05 | 000,102,912 | RHS- | M] () chrome.exe -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe -> [2012-10-31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) teamviewer_service.exe -> C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -> [2012-10-23 10:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) seaport.exe -> C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -> [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) mcserver.exe -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\mcserver.exe -> [2012-04-06 03:16:24 | 000,069,448 | ---- | M] (ZTE) dbus-daemon.exe -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe -> [2012-04-06 03:16:22 | 000,221,512 | ---- | M] () db_daemon.exe -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\db_daemon.exe -> [2012-04-06 03:16:20 | 000,037,192 | ---- | M] () hydragrd.exe -> C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe -> [2011-11-09 21:36:38 | 000,409,600 | ---- | M] () hydramd.exe -> C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe -> [2011-11-09 21:36:20 | 000,573,440 | ---- | M] (AMD) sftvsa.exe -> C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -> [2011-10-01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) sftlist.exe -> C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -> [2011-10-01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) ekrn.exe -> C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -> [2011-09-22 11:03:30 | 000,974,944 | ---- | M] (ESET) dtlite.exe -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -> [2011-08-02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) jucheck.exe -> C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe -> [2011-06-09 12:06:06 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) armsvc.exe -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -> [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) pmanage.exe -> C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe -> [2011-04-20 22:20:36 | 000,329,056 | ---- | M] (Lenovo) connect.service.contentservice.exe -> C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -> [2011-02-02 13:08:16 | 000,018,656 | ---- | M] () ycmmirage.exe -> C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe -> [2011-01-29 00:29:36 | 000,136,488 | ---- | M] (CyberLink) iastordatamgrsvc.exe -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -> [2011-01-12 19:00:42 | 000,013,336 | ---- | M] (Intel Corporation) iastoricon.exe -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe -> [2011-01-12 19:00:38 | 000,283,160 | ---- | M] (Intel Corporation) uns.exe -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -> [2010-12-21 03:30:38 | 002,656,280 | ---- | M] (Intel Corporation) lms.exe -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -> [2010-12-21 03:30:36 | 000,325,656 | ---- | M] (Intel Corporation) cmd.exe -> C:\Windows\SysWOW64\cmd.exe -> [2010-11-21 04:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) acservice.exe -> C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -> [2010-03-18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) vm332_sti.exe -> C:\Program Files (x86)\USB Camera2\VM332_STI.EXE -> [2010-01-19 11:44:40 | 000,536,576 | ---- | M] (Vimicro) shuttask.exe -> C:\Program Files (x86)\IR\shutTask.exe -> [2010-01-05 13:01:38 | 000,110,592 | ---- | M] () rocketdock.exe -> C:\Program Files (x86)\RocketDock\RocketDock.exe -> [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () [Modules - No Company Name] rsit.exe -> C:\Users\User\Downloads\RSIT.exe -> [2012-11-20 12:50:05 | 000,781,383 | ---- | M] () ppgooglenaclpluginchrome.dll -> C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll -> [2012-10-31 23:15:05 | 000,460,312 | ---- | M] () pepflashplayer.dll -> C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll -> [2012-10-31 23:15:04 | 012,455,448 | ---- | M] () pdf.dll -> C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll -> [2012-10-31 23:15:02 | 004,007,448 | ---- | M] () libglesv2.dll -> C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libglesv2.dll -> [2012-10-31 23:13:47 | 000,587,288 | ---- | M] () libegl.dll -> C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libegl.dll -> [2012-10-31 23:13:46 | 000,123,928 | ---- | M] () avutil-51.dll -> C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avutil-51.dll -> [2012-10-31 23:13:35 | 000,156,712 | ---- | M] () avformat-54.dll -> C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avformat-54.dll -> [2012-10-31 23:13:34 | 000,274,984 | ---- | M] () avcodec-54.dll -> C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll -> [2012-10-31 23:13:32 | 002,168,360 | ---- | M] () iastorutil.ni.dll -> C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\b1acb6d21dd13ae76f360354dc8f8de3\IAStorUtil.ni.dll -> [2012-06-13 18:05:42 | 000,475,648 | ---- | M] () system.windows.forms.ni.dll -> C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll -> [2012-06-13 17:57:39 | 012,436,480 | ---- | M] () system.drawing.ni.dll -> C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll -> [2012-06-13 17:57:34 | 001,591,808 | ---- | M] () iastorcommon.ni.dll -> C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e2ed613308593613ac154671c7549c26\IAStorCommon.ni.dll -> [2012-05-11 09:37:42 | 000,014,336 | ---- | M] () system.runtime.remoting.ni.dll -> C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll -> [2012-05-11 09:27:36 | 000,771,584 | ---- | M] () windowsbase.ni.dll -> C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll -> [2012-05-11 09:27:00 | 003,347,968 | ---- | M] () system.xml.ni.dll -> C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll -> [2012-05-11 09:26:56 | 005,452,800 | ---- | M] () system.ni.dll -> C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll -> [2012-05-11 09:26:53 | 007,967,232 | ---- | M] () system.configuration.ni.dll -> C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll -> [2012-05-11 09:26:53 | 000,971,264 | ---- | M] () mscorlib.ni.dll -> C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll -> [2012-05-11 09:26:49 | 011,492,864 | ---- | M] () dbus-daemon.exe -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe -> [2012-04-06 03:16:22 | 000,221,512 | ---- | M] () db_daemon.exe -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\db_daemon.exe -> [2012-04-06 03:16:20 | 000,037,192 | ---- | M] () libctlsvr.dll -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libctlsvr.dll -> [2012-04-06 03:15:26 | 000,021,504 | ---- | M] () itapi.dll -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\itapi.dll -> [2012-04-06 03:14:28 | 000,099,840 | ---- | M] () audio.dll -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\audio.dll -> [2012-04-06 03:14:24 | 000,043,520 | ---- | M] () coder.dll -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\coder.dll -> [2012-04-06 03:14:20 | 000,058,880 | ---- | M] () libconfig.dll -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libConfig.dll -> [2012-04-06 03:14:18 | 000,036,352 | ---- | M] () log.dll -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\log.dll -> [2012-04-06 03:14:18 | 000,027,648 | ---- | M] () capturecrash.dll -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\CaptureCrash.dll -> [2011-12-26 08:41:00 | 000,090,624 | ---- | M] () hydragrd.exe -> C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe -> [2011-11-09 21:36:38 | 000,409,600 | ---- | M] () hydraplk.dll -> C:\Program Files (x86)\ATI Technologies\HydraVision\HydraPlk.dll -> [2011-11-09 21:35:14 | 000,090,112 | ---- | M] () dbus-1.dll -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-1.dll -> [2011-05-06 04:03:32 | 000,594,944 | ---- | M] () sqlite3.dll -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\sqlite3.dll -> [2011-05-06 04:02:40 | 000,341,504 | ---- | M] () chooselang.dll -> C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll -> [2011-04-20 22:20:36 | 000,013,664 | ---- | M] () system.runtime.remoting.resources.dll -> C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pl_b77a5c561934e089\System.Runtime.Remoting.resources.dll -> [2011-04-20 13:39:10 | 000,032,768 | ---- | M] () office.odf -> C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf -> [2011-03-16 23:11:16 | 004,297,568 | ---- | M] () mscorlib.resources.dll -> C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll -> [2010-11-13 03:03:49 | 000,311,296 | ---- | M] () libxml2.dll -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libxml2.dll -> [2010-10-14 10:37:52 | 000,971,776 | ---- | M] () zlib1.dll -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\zlib1.dll -> [2010-10-14 10:37:52 | 000,080,688 | ---- | M] () shuttask.exe -> C:\Program Files (x86)\IR\shutTask.exe -> [2010-01-05 13:01:38 | 000,110,592 | ---- | M] () keyboard.dll -> C:\Program Files (x86)\IR\KeyBoard.dll -> [2010-01-05 12:48:46 | 000,028,672 | ---- | M] () libexpat.dll -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libexpat.dll -> [2007-09-09 16:07:00 | 000,151,552 | ---- | M] () rocketdock.exe -> C:\Program Files (x86)\RocketDock\RocketDock.exe -> [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () rocketdock.dll -> C:\Program Files (x86)\RocketDock\RocketDock.dll -> [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () [Win32 Services - Safe List] 64bit-(AMD External Events Utility) [Auto | Running] -> C:\Windows\SysNative\atiesrxx.exe -> [2012-09-28 02:38:16 | 000,239,616 | ---- | M] (AMD) 64bit-(FLEXnet Licensing Service 64) [On_Demand | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -> [2012-06-04 16:05:27 | 001,431,888 | ---- | M] (Flexera Software, Inc.) 64bit-(ekrn) [Auto | Running] -> C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -> [2011-09-22 11:03:30 | 000,974,944 | ---- | M] (ESET) 64bit-(btwdins) [Auto | Running] -> C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -> [2010-12-14 19:04:56 | 000,953,632 | ---- | M] (Broadcom Corporation.) 64bit-(wlcrasvc) [Disabled | Stopped] -> C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -> [2010-09-22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) 64bit-(WinDefend) [Auto | Running] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) (PnkBstrA) PnkBstrA [Auto | Running] -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2012-11-19 22:59:20 | 000,075,136 | ---- | M] () (Hamachi2Svc) LogMeIn Hamachi Tunneling Engine [Auto | Running] -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -> [2012-11-19 21:48:16 | 002,462,128 | ---- | M] (LogMeIn Inc.) (Steam Client Service) Steam Client Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Steam\SteamService.exe -> [2012-10-25 11:49:46 | 000,529,744 | ---- | M] (Valve Corporation) (TeamViewer7) TeamViewer 7 [Auto | Running] -> C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -> [2012-10-23 10:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) (npggsvc) nProtect GameGuard Service [On_Demand | Stopped] -> C:\windows\SysWow64\GameMon.des -> [2012-10-15 21:29:30 | 003,882,096 | ---- | M] (INCA Internet Co., Ltd.) (KMService) KMService [Auto | Stopped] -> C:\Windows\SysWOW64\srvany.exe -> [2012-10-11 12:31:55 | 000,008,192 | ---- | M] () (MozillaMaintenance) Mozilla Maintenance Service [On_Demand | Stopped] -> C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -> [2012-09-19 10:08:22 | 000,113,120 | ---- | M] (Mozilla Foundation) (SkypeUpdate) Skype Updater [Auto | Stopped] -> C:\Program Files (x86)\Skype\Updater\Updater.exe -> [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) (BBUpdate) BBUpdate [On_Demand | Running] -> C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -> [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) (BBSvc) BingBar Service [Auto | Stopped] -> C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -> [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) (Futuremark SystemInfo Service) Futuremark SystemInfo Service [On_Demand | Stopped] -> C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -> [2011-12-09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) (sftvsa) Application Virtualization Service Agent [On_Demand | Running] -> C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -> [2011-10-01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) (sftlist) Application Virtualization Client [Auto | Running] -> C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -> [2011-10-01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) (AdobeARMservice) Adobe Acrobat Update Service [Auto | Running] -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -> [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) (Autodesk Content Service) Autodesk Content Service [Auto | Running] -> C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -> [2011-02-02 13:08:16 | 000,018,656 | ---- | M] () (IAStorDataMgrSvc) Intel(R) Rapid Storage Technology [Auto | Running] -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -> [2011-01-12 19:00:42 | 000,013,336 | ---- | M] (Intel Corporation) (UNS) Intel(R) Management and Security Application User Notification Service [Auto | Running] -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -> [2010-12-21 03:30:38 | 002,656,280 | ---- | M] (Intel Corporation) (LMS) Intel(R) Management and Security Application Local Management Service [Auto | Running] -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -> [2010-12-21 03:30:36 | 000,325,656 | ---- | M] (Intel Corporation) (clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) (ACDaemon) ArcSoft Connect Daemon [Auto | Running] -> C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -> [2010-03-18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) (clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] 64bit-(atksgt) atksgt [Kernel | Auto | Stopped] -> C:\Windows\SysNative\drivers\atksgt.sys -> [2012-11-18 18:05:47 | 000,303,616 | ---- | M] () 64bit-(lirsgt) lirsgt [Kernel | Auto | Stopped] -> C:\Windows\SysNative\drivers\lirsgt.sys -> [2012-11-18 18:05:46 | 000,035,328 | ---- | M] () 64bit-(VBoxNetAdp) VirtualBox Host-Only Ethernet Adapter [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\VBoxNetAdp.sys -> [2012-10-26 19:00:50 | 000,131,416 | ---- | M] (Oracle Corporation) 64bit-(amdkmdag) amdkmdag [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2012-09-28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) 64bit-(amdkmdap) amdkmdap [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\atikmpag.sys -> [2012-09-28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) 64bit-(AtiHDAudioService) AMD Function Driver for HD Audio Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\AtihdW76.sys -> [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) 64bit-(Sftvol) Sftvol [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Sftvollh.sys -> [2011-10-01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) 64bit-(Sftplay) Sftplay [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Sftplaylh.sys -> [2011-10-01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) 64bit-(Sftredir) Sftredir [File_System | On_Demand | Running] -> C:\Windows\SysNative\drivers\Sftredirlh.sys -> [2011-10-01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) 64bit-(Sftfs) Sftfs [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Sftfslh.sys -> [2011-10-01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) 64bit-(dtsoftbus01) DAEMON Tools Virtual Bus Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\dtsoftbus01.sys -> [2011-09-25 09:57:40 | 000,270,912 | ---- | M] (DT Soft Ltd) 64bit-(zte_cdc_acm) ZTE All CDC-ACM driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\zte_cdc_acm.sys -> [2011-08-10 11:56:46 | 000,079,872 | ---- | M] (ZTE) 64bit-(zte_cpo) ZTE All Install [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\zte_cpo.sys -> [2011-08-10 11:56:46 | 000,014,336 | ---- | M] (ZTE) 64bit-(eamonm) eamonm [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\eamonm.sys -> [2011-08-09 13:24:52 | 000,202,576 | ---- | M] (ESET) 64bit-(ehdrv) ehdrv [Kernel | System | Running] -> C:\Windows\SysNative\drivers\ehdrv.sys -> [2011-08-04 08:20:38 | 000,146,432 | ---- | M] (ESET) 64bit-(epfwwfpr) epfwwfpr [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\epfwwfpr.sys -> [2011-08-04 08:20:38 | 000,137,144 | ---- | M] (ESET) 64bit-(ssadmdm) SAMSUNG Android USB Modem Drivers [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ssadmdm.sys -> [2011-05-13 02:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) 64bit-(ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ssadserd.sys -> [2011-05-13 02:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) 64bit-(ssadbus) SAMSUNG Android USB Composite Device driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ssadbus.sys -> [2011-05-13 02:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) 64bit-(ssadmdfl) SAMSUNG Android USB Modem (Filter) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ssadmdfl.sys -> [2011-05-13 02:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) 64bit-(LHDmgr) LHDmgr [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\LhdX64.sys -> [2011-04-20 22:30:24 | 000,039,008 | ---- | M] (Lenovo.) 64bit-(ACPIVPC) Lenovo Virtual Power Controller Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\AcpiVpc.sys -> [2011-04-20 22:30:22 | 000,029,792 | ---- | M] (Lenovo Corporation) 64bit-(fbfmon) fbfmon [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\fbfmon.sys -> [2011-04-20 22:28:11 | 000,057,952 | ---- | M] (Lenovo) 64bit-(BPntDrv) BPntDrv [Kernel | System | Running] -> C:\Windows\SysNative\drivers\BPntDrv.sys -> [2011-04-20 22:28:11 | 000,013,408 | ---- | M] (Lenovo) 64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) 64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) 64bit-(CnxtHdAudService) Conexant UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\CHDRT64.sys -> [2011-02-14 05:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) 64bit-(clwvd) CyberLink WebCam Virtual Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\clwvd.sys -> [2011-01-29 00:29:58 | 000,031,088 | ---- | M] (CyberLink Corporation) 64bit-(iaStor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\iaStor.sys -> [2011-01-12 18:51:44 | 000,439,320 | ---- | M] (Intel Corporation) 64bit-(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\SynTP.sys -> [2010-12-17 02:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) 64bit-(BTWAMPFL) BTWAMPFL [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\btwampfl.sys -> [2010-12-15 04:13:31 | 000,349,224 | ---- | M] (Broadcom Corporation.) 64bit-(btwrchid) btwrchid [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\btwrchid.sys -> [2010-12-15 04:13:09 | 000,021,416 | ---- | M] (Broadcom Corporation.) 64bit-(btwl2cap) Bluetooth L2CAP Service [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\btwl2cap.sys -> [2010-12-15 04:13:08 | 000,039,464 | ---- | M] (Broadcom Corporation.) 64bit-(btwavdt) Bluetooth AVDT Service [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\btwavdt.sys -> [2010-12-15 04:13:07 | 000,138,280 | ---- | M] (Broadcom Corporation.) 64bit-(btwaudio) Urz¹dzenie dŸwiêkowe Bluetooth [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\btwaudio.sys -> [2010-12-15 04:13:06 | 000,106,536 | ---- | M] (Broadcom Corporation.) 64bit-(vm332avs) Lenovo Camera2 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\vm332avs.sys -> [2010-12-10 20:43:40 | 000,234,960 | ---- | M] (Vimicro Corporation) 64bit-(athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\athrx.sys -> [2010-11-24 12:33:26 | 002,673,664 | ---- | M] (Atheros Communications, Inc.) 64bit-(TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TsUsbFlt.sys -> [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) 64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) 64bit-(TsUsbGD) Remote Desktop Generic USB Device [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TsUsbGD.sys -> [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) 64bit-(L1C) NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\L1C62x64.sys -> [2010-10-21 07:57:30 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) 64bit-(MEIx64) Intel(R) Management Engine Interface [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\HECIx64.sys -> [2010-10-20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) 64bit-(RSUSBVSTOR) RtsUVStor.Sys Realtek USB Card Reader [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\rtsuvstor.sys -> [2010-09-30 09:45:22 | 000,299,520 | ---- | M] (Realtek Semiconductor Corp.) 64bit-(vm2uvcflt) Vimicro USB Camera Filter 2 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\vm2uvcflt.sys -> [2010-09-21 23:04:54 | 000,015,056 | ---- | M] (Vimicro Corporation) 64bit-(IT9135BDA) IT9135 BDA Devices [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\IT9135BDA.sys -> [2010-02-03 09:05:44 | 000,113,280 | ---- | M] (ITE ) 64bit-(tcpipBM) Bytemobile Kernel Network Provider [Kernel | System | Running] -> C:\Windows\SysNative\drivers\tcpipBM.sys -> [2009-12-15 03:46:38 | 000,039,552 | ---- | M] (Bytemobile, Inc.) 64bit-(HPIR) HP TV Tuner Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HPIR.sys -> [2009-11-16 07:28:46 | 000,093,184 | ---- | M] (Hewlett-Packard) 64bit-(AVerAF35) HP USB DVB-T TV Tuner [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HPAF35.sys -> [2009-10-19 04:35:40 | 000,511,104 | ---- | M] (Hewlett-Packard) 64bit-(wsvd) wsvd [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\wsvd.sys -> [2009-07-21 15:20:06 | 000,121,840 | ---- | M] (CyberLink) 64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) 64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) 64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) 64bit-(CMOS) CMOS [Kernel | On_Demand | Stopped] -> C:\Program Files\Lenovo\OneKey App\OneKey Recovery\CMOS.sys -> [2009-07-13 18:22:42 | 000,013,328 | ---- | M] (Lenovo Corporation) 64bit-(RTL8167) Realtek 8167 NT Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\Rt64win7.sys -> [2009-06-10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) 64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) 64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) 64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) 64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) 64bit-(hamachi) Hamachi Network Interface [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\hamachi.sys -> [2009-03-18 15:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) (mkyolinw) mkyolinw [Kernel | Boot | Stopped] -> C:\windows\system32\drivers\vprrfuh.sys -> [2012-11-20 12:28:54 | 000,061,440 | ---- | M] () (speedfan) speedfan [Kernel | Boot | Running] -> C:\windows\SysWOW64\speedfan.sys -> [2011-03-18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) (tcpipBM) Bytemobile Kernel Network Provider [Kernel | System | Running] -> C:\Windows\SysWOW64\drivers\tcpipBM.sys -> [2009-12-15 03:46:38 | 000,039,552 | ---- | M] (Bytemobile, Inc.) (BMLoad) Bytemobile Boot Time Load Driver [Kernel | Boot | Running] -> C:\windows\system32\drivers\BMLoad.sys -> [2009-12-15 03:46:30 | 000,016,512 | ---- | M] (Bytemobile, Inc.) (WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [Registry - Safe List] < 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Secondary Start Pages" -> http://www.lenovo.com/ [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://lenovo.msn.com -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Secondary Start Pages" -> http://www.lenovo.com/ [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://lenovo.msn.com -> HKEY_LOCAL_MACHINE\: URLSearchHooks\\"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}" [HKLM] -> C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll [uTorrentBar Toolbar] -> [2011-05-09 10:49:38 | 000,176,936 | ---- | M] (Conduit Ltd.) < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\] > -> -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\: Main\\"Default_Page_URL" -> http://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\: Main\\"Secondary Start Pages" -> http://www.lenovo.com/ [binary data] -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\: Main\\"Start Page" -> http://lenovo.msn.com -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\: URLSearchHooks\\"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}" [HKLM] -> C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll [uTorrentBar Toolbar] -> [2011-05-09 10:49:38 | 000,176,936 | ---- | M] (Conduit Ltd.) HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\: "ProxyServer" -> 190.110.221.34:80 -> < FireFox Settings [Prefs.js] > -> C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\btg6ockw.default\prefs.js -> browser.search.defaultenginename -> "AVG Secure Search" -> browser.search.selectedEngine -> "AVG Secure Search" -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com -> C:\PROGRAM FILES (X86)\T-MOBILE\INTERNETMANAGER_Z\BIN\ADDON [C:\PROGRAM FILES (X86)\T-MOBILE\INTERNETMANAGER_Z\BIN\ADDON] -> [2010-04-01 13:29:34 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 14.0.1\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2012-09-19 10:08:23 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2011-11-15 12:51:28 | 000,000,000 | ---D | M] HKLM\software\mozilla\Thunderbird\Extensions -> -> HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com -> C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD] -> [2012-03-31 12:30:36 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Users\User\AppData\Roaming\mozilla\Extensions -> [2011-09-12 14:19:04 | 000,000,000 | ---D | M] -> C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\btg6ockw.default\extensions -> [2012-11-12 20:44:40 | 000,000,000 | ---D | M] BS Player Community Toolbar -> C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\btg6ockw.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} -> [2012-11-12 20:44:40 | 000,000,000 | ---D | M] < FireFox Extensions [Program Folders] > -> -> C:\Program Files (x86)\mozilla firefox\extensions -> [2012-05-01 19:38:47 | 000,000,000 | ---D | M] No name found -> C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BTG6OCKW.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI -> () < HOSTS File > ([2009-06-10 22:00:26 | 000,000,824 | ---- | M] - 21 lines) -> C:\windows\SysNative\Drivers\etc\hosts -> Reset Hosts < 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar Helper] -> [2012-09-19 20:57:35 | 000,253,584 | ---- | M] (Google Inc.) < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [Groove GFS Browser Helper] -> [2011-06-12 10:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) {B4F3A835-0E21-4959-BA22-42B3008E02FF} [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [Office Document Cache Handler] -> [2010-12-21 00:05:22 | 000,561,552 | ---- | M] (Microsoft Corporation) {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [HKLM] -> C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll [uTorrentBar Toolbar] -> [2011-05-09 10:49:38 | 000,176,936 | ---- | M] (Conduit Ltd.) {d2ce3e00-f94a-4740-988e-03dc2f38c34f} [HKLM] -> C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [Bing Bar Helper] -> [2012-06-11 16:22:16 | 001,307,728 | ---- | M] (Microsoft Corporation.) {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} [HKLM] -> C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL [IplexToALLPlayer] -> [2011-02-09 19:29:08 | 000,400,384 | ---- | M] (ALLCinema Ltd.) < 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar] -> [2012-09-19 20:57:35 | 000,253,584 | ---- | M] (Google Inc.) "Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{8dcb7100-df86-4384-8842-8fa844297b3f}" [HKLM] -> C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [Bing Bar] -> [2012-06-11 16:22:16 | 001,307,728 | ---- | M] (Microsoft Corporation.) "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}" [HKLM] -> C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll [uTorrentBar Toolbar] -> [2011-05-09 10:49:38 | 000,176,936 | ---- | M] (Conduit Ltd.) "Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\] > -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\Software\Microsoft\Internet Explorer\Toolbar\ -> 64bit-WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar] -> [2012-09-19 20:57:35 | 000,253,584 | ---- | M] (Google Inc.) WebBrowser\\"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}" [HKLM] -> C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll [uTorrentBar Toolbar] -> [2011-05-09 10:49:38 | 000,176,936 | ---- | M] (Conduit Ltd.) < 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "egui" -> C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe ["C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice] -> [2011-09-22 11:03:04 | 004,035,152 | ---- | M] (ESET) "Energy Management" -> C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe] -> [2011-04-20 22:30:23 | 009,753,024 | ---- | M] (Lenovo (Beijing) Limited) "EnergyUtility" -> C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe] -> [2011-04-20 22:30:24 | 005,908,928 | ---- | M] (Lenovo(beijing) Limited) "Lenovo EE Boot Optimizer" -> C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe] -> [2011-04-20 22:28:11 | 000,114,688 | ---- | M] (Lenovo) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "332BigDog" -> C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [C:\Program Files (x86)\USB Camera2\VM332_STI.EXE] -> [2010-01-19 11:44:40 | 000,536,576 | ---- | M] (Vimicro) "IAStorIcon" -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe] -> [2011-01-12 19:00:38 | 000,283,160 | ---- | M] (Intel Corporation) "shutTask" -> C:\Program Files (x86)\IR\shutTask.exe ["C:\Program Files (x86)\IR\shutTask.exe"] -> [2010-01-05 13:01:38 | 000,110,592 | ---- | M] () "StartCCC" -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2012-09-28 16:06:40 | 000,642,728 | ---- | M] (Advanced Micro Devices, Inc.) "UpdateP2GShortCut" -> C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"] -> [2010-07-26 17:35:56 | 000,222,504 | ---- | M] (CyberLink Corp.) "UpdatePRCShortCut" -> C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe ["C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"] -> [2009-05-13 17:38:24 | 000,222,504 | ---- | M] (CyberLink Corp.) "VeriFaceManager" -> C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe] -> [2011-04-20 22:20:36 | 000,329,056 | ---- | M] (Lenovo) "Windows Explorer" -> C:\Users\User\Drivers\msconfig.exe [C:\Users\User\Drivers\msconfig.exe] -> [2012-11-18 23:07:05 | 000,102,912 | RHS- | M] () "YouCam Mirage" -> C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe ["C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"] -> [2011-01-29 00:29:36 | 000,136,488 | ---- | M] (CyberLink) "YouCam Tray" -> C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe ["C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s] -> [2011-01-29 00:29:36 | 000,228,448 | ---- | M] (CyberLink Corp.) < Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2010-11-21 04:25:10 | 001,174,016 | ---- | M] (Microsoft Corporation) < RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> [C:\Windows\System32\mctadmin.exe] -> File not found < Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2010-11-21 04:25:10 | 001,174,016 | ---- | M] (Microsoft Corporation) < RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> [C:\Windows\System32\mctadmin.exe] -> File not found < Run [HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\] > -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "DAEMON Tools Lite" -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe ["C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun] -> [2011-08-02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) "Grid" -> C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe ["C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe"] -> [2011-11-09 21:36:38 | 000,409,600 | ---- | M] () "HydraVisionMDEngine" -> C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe ["C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe"] -> [2011-11-09 21:36:20 | 000,573,440 | ---- | M] (AMD) "RocketDock" -> C:\Program Files (x86)\RocketDock\RocketDock.exe ["C:\Program Files (x86)\RocketDock\RocketDock.exe"] -> [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () "Windows Explorer" -> C:\Users\User\Drivers\msconfig.exe [C:\Users\User\Drivers\msconfig.exe] -> [2012-11-18 23:07:05 | 000,102,912 | RHS- | M] () < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoActiveDesktop" -> [1] -> File not found \\"NoActiveDesktopChanges" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [5] -> File not found \\"ConsentPromptBehaviorUser" -> [3] -> File not found \\"EnableLUA" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000] > -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < 64bit-Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\] > -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> Wyślij obraz do urządzenia &Bluetooth... -> C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm [C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm] -> [2008-12-10 11:36:32 | 000,001,430 | ---- | M] () Wyślij stronę do urządzenia &Bluetooth... -> C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm [C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm] -> [2009-08-24 23:43:00 | 000,004,037 | ---- | M] () < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\] > -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> E&ksportuj do programu Microsoft Excel -> [res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000] -> File not found Wyślij &do programu OneNote -> [res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105] -> File not found Wyślij obraz do urządzenia &Bluetooth... -> C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm [C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm] -> [2008-12-10 11:36:32 | 000,001,430 | ---- | M] () Wyślij stronę do urządzenia &Bluetooth... -> C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm [C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm] -> [2009-08-24 23:43:00 | 000,004,037 | ---- | M] () < 64bit-Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm [Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015] -> [2009-08-24 23:43:00 | 000,004,037 | ---- | M] () {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm [Menu: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650] -> [2009-08-24 23:43:00 | 000,004,037 | ---- | M] () < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm [Button: Wyślij do interfejsu Bluetooth] -> [2009-08-24 23:43:00 | 000,004,037 | ---- | M] () {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm [Menu: Wyślij do urządzenia &Bluetooth...] -> [2009-08-24 23:43:00 | 000,004,037 | ---- | M] () < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\] > -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\Software\Microsoft\Internet Explorer\Extensions\ -> 64bit-CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] -> [@C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015;Wyślij do interfejsu Bluetooth] -> File not found CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] -> @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 [Wyślij do interfejsu Bluetooth;@C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015;Wyślij do interfejsu Bluetooth] -> File not found < 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\] > -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\] > -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < 64bit-Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {816BE035-1450-40D0-8A3B-BA7825A83A77} [HKLM] -> http://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab [Reg Error: Key error.] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab [Java Plug-in 1.6.0_27] -> {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab [Java Plug-in 1.6.0_27] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab [Reg Error: Key error.] -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab [Java Plug-in 1.6.0_27] -> {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab [Java Plug-in 1.6.0_27] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab [Java Plug-in 1.6.0_27] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.1.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {DEA4968D-7662-496A-A543-65BEA21B16E2}\\DhcpNameServer -> 10.0.0.11 194.204.159.1 (Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)) -> {E3AF2340-205F-4C10-A6A2-97FD06FBD288}\\DhcpNameServer -> 192.168.1.1 (Atheros AR9285 Wireless Network Adapter) -> < 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\windows\explorer.exe -> [2011-02-25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> 64bit-*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\Windows\system32\userinit.exe -> C:\Windows\SysNative\userinit.exe -> [2010-11-21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> 64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\windows\SysNative\SystemPropertiesPerformance.exe -> [2009-07-14 02:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\windows\SysWow64\explorer.exe -> [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> userinit.exe -> C:\windows\SysWow64\userinit.exe -> [2010-11-21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> /pagefile -> -> File not found *MultiFile Done* -> -> < 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [Groove GFS Stub Execution Hook] -> [2011-06-12 10:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) < Vista Public Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications -> < Vista Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications -> < Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {0772E6E8-5E1A-411B-8581-6509F34A6CD0} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {0FB67962-604C-45A5-AC85-90FD22DDFFE7} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {190F43DE-6F16-41BB-A12B-B71214A6C89D} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32805 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {1C0FF5EE-569F-496F-8380-77DC983B6DB8} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss | {2028EB0E-77FB-4104-A5A7-0AF536E1D6D1} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system | {26387E61-17BD-4D35-BF3B-74F536B70616} -> lport=1900 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32753 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {29B57124-8BFE-4A98-8E3B-E4217C130C24} -> lport=6004 | profile=private | protocol=17 | dir=in | action=allow | name=microsoft office outlook | app=c:\program files (x86)\microsoft office\office14\outlook.exe | {30C1A13C-34AE-4777-A05A-2D19ED88A8DC} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system | {4A185F78-7E37-4DF2-BBCD-984581C13726} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system | {5620A149-CE86-4024-ACB9-A533D4DFF709} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave | {57BB0BDA-72DD-4ACA-A47D-A6176365897A} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32801 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {5A36903F-BA68-4554-A6F6-07FBCFFA3525} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {60141985-CC91-4605-B311-67EE34186102} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system | {66A69E86-4BAA-44BA-BA5D-CC7023C2B5EC} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live communications platform (ssdp) | {6BB51F00-F0DA-4A66-AFDE-BB7225291BB2} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave | {722EB137-1DA8-4AA3-96F6-7CDE90AEAB62} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system | {7AB071C8-69FD-4C54-98CA-D04AA7CA028A} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system | {7AD31752-FD07-4217-BC6A-49F2A9E3AFC6} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {8370B98A-C4AF-4241-AC56-33709CA26A30} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system | {8E8E01B8-53EC-461C-BCEE-2C1032387331} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system | {911D107A-79C3-410E-A047-477F0FD2B128} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {9130D1D0-E586-45E8-A1A0-F6F953D82C17} -> rport=1900 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32757 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {939CB3F0-DDD6-4380-B78C-5BBE3E716870} -> rport=3702 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32811 | app=%systemroot%\system32\svchost.exe | svc=fdrespub | {A0F74CB3-95E0-47E8-8971-C40C9C373B9A} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave | {A0F7F592-2BE7-4BFE-BAFA-58316F6991ED} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler | {A73ADDFC-355A-4D26-B352-B9307F9F32CC} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {AEA3F3A2-AC9B-4494-9F31-24CDDA5FCBDB} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system | {B4D33A1A-085B-4EEE-8EE8-0F4D1FC5F168} -> lport=3702 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32809 | app=%systemroot%\system32\svchost.exe | svc=fdrespub | {D09A88E0-A2EC-421A-BBEC-54C7D51982E2} -> rport=3702 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32789 | app=%systemroot%\system32\svchost.exe | svc=fdphost | {D0C7134D-D2C4-422E-8B1A-5EE46DF68BC9} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live communications platform (upnp) | {EE8E0168-66CC-448C-9D37-0F4247EC21E1} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave | {EEF7572D-EB26-4534-9AEB-1E5613BD7686} -> lport=3702 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32785 | app=%systemroot%\system32\svchost.exe | svc=fdphost | {F6E68C89-3F32-49DD-980D-C1DB0AC64250} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system | {F729BC7B-2ABD-41FB-9B04-6815D04134DB} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system | < Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {00ECBD40-43E5-4C36-A148-C08943AEC08D} -> dir=in | action=allow | name=windows live communications platform | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | {02458E5C-B84A-466A-AE0F-3CE0B524CD14} -> profile=private | protocol=6 | dir=in | action=allow | name=counter-strike: source | app=c:\program files (x86)\valve\steam\steamapps\rafaxer\counter-strike source\hl2.exe | {02FC7862-9EFF-493C-8DAF-CA11140037A9} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe | {04533A81-DD2A-464C-B836-72576DE7ACB6} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {051EC267-0514-4E84-9E4A-F00E3FA1EA33} -> profile=private | protocol=6 | dir=in | action=allow | name=counter-strike | app=c:\program files (x86)\valve\steam\steamapps\rafaxer\counter-strike\hl.exe | {07ADCCAC-B368-4206-959D-C7068B82A4CB} -> profile=public | protocol=17 | dir=in | action=allow | name=teamviewer remote control service | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | {0FC34573-8BF0-40F9-94EC-36724977BE1D} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe | {179F957D-70EB-4CF9-808E-64751F85C248} -> profile=private | protocol=17 | dir=in | action=allow | name=counter-strike: source | app=c:\program files (x86)\valve\steam\steamapps\rafaxer\counter-strike source\hl2.exe | {1A64E635-DFE7-4361-9FE8-71B05E859FAE} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 | {1F320479-24FD-455E-A747-7411CAE891F7} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe | {238FAF8B-ED9F-4A1E-BA17-5D3DACCFEAF8} -> profile=private | protocol=6 | dir=in | action=allow | name=source sdk base 2007 | app=c:\program files (x86)\valve\steam\steamapps\rafaxer\source sdk base 2007\hl2.exe | {249A2E74-9E9C-4AC2-96CE-839F572501F0} -> profile=private | protocol=17 | dir=in | action=allow | name=blizzard agent | app=c:\programdata\battle.net\agent\agent.868\agent.exe | {251F9C0D-82F9-4B07-871F-432B01A07149} -> profile=private | protocol=17 | dir=in | action=allow | name=counter-strike: condition zero | app=c:\program files (x86)\valve\steam\steamapps\rafaxer\condition zero\hl.exe | {27235CE3-37BE-49CA-9470-7F745E895691} -> profile=private | protocol=6 | dir=in | action=allow | name=pro evolution soccer 2013 | app=c:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe | {275EBBAC-E2A4-4386-9CBB-B4BD990E581A} -> profile=private | protocol=6 | dir=in | action=allow | name=steam | app=c:\program files (x86)\valve\steam\steam.exe | {2A1464FB-E4B5-43A6-8415-BC482F1A9C4B} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe | {2ADCA833-4C10-4EC1-AC92-F9375CEA4722} -> profile=public | protocol=17 | dir=in | action=allow | name=counter-strike | app=c:\program files (x86)\valve\steam\steamapps\rafaxer\counter-strike\hl.exe | {2B69D80D-44A2-4354-A3ED-4AA57159B714} -> profile=private | protocol=17 | dir=in | action=allow | name=ventrilo.exe | app=c:\program files\ventrilo\ventrilo.exe | {3142B17A-EEB1-412F-9599-ABD5BB3AD61B} -> profile=private | protocol=6 | dir=in | action=allow | name=ventrilo.exe | app=c:\program files\ventrilo\ventrilo.exe | {31979895-B47D-4ADF-8038-BF6AE0B8179E} -> profile=public | protocol=17 | dir=in | action=allow | name=microsoft sharepoint workspace | app=c:\program files (x86)\microsoft office\office14\groove.exe | {3284D6B5-396C-4A2D-A53D-F5AA981991CD} -> profile=private | protocol=6 | dir=in | action=allow | name=rockstar games social club | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe | {3DA68E53-7527-49E5-B937-0CE8B352F183} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | {3E8A39CD-6E57-4CFA-A485-9351D80C6B2E} -> profile=public | protocol=6 | dir=in | action=allow | name=counter-strike | app=c:\program files (x86)\valve\steam\steamapps\rafaxer\counter-strike\hl.exe | {41CFADF5-D66E-4F2B-AD2A-2D786A83D31C} -> profile=private | protocol=17 | dir=in | action=allow | name=counter-strike | app=c:\program files (x86)\valve\steam\steamapps\rafaxer\counter-strike\hl.exe | {41EF3E16-10F5-49E4-A8EA-5D6F6A60450E} -> profile=public | protocol=17 | dir=in | action=allow | name=arcsoft totalmedia 3.5 | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe | {42B71975-44B4-4DC8-90FE-032F7F6B70BE} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 | {44B8EACE-DB46-4C45-A3C1-342ACFB806DD} -> profile=public | protocol=6 | dir=in | action=allow | name=teamviewer remote control service | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | {4CC71453-0E12-4CBF-AFCA-63C697B3359B} -> profile=public | protocol=6 | dir=in | action=allow | name=microsoft onenote | app=c:\program files (x86)\microsoft office\office14\onenote.exe | {557F64F7-54B5-45D5-84E7-EC41E3880166} -> profile=public | protocol=6 | dir=in | action=allow | name=microsoft sharepoint workspace | app=c:\program files (x86)\microsoft office\office14\groove.exe | {5963A111-4115-4751-8DBC-4ECB05B81DE6} -> profile=private | protocol=17 | dir=in | action=allow | name=source sdk base 2007 | app=c:\program files (x86)\valve\steam\steamapps\rafaxer\source sdk base 2007\hl2.exe | {6140F2C6-FFD7-416C-A72C-849F0D711DAD} -> profile=public | protocol=17 | dir=in | action=allow | name=teamviewer remote control application | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | {62063F89-9583-4828-881F-8F8D9FD53ADA} -> protocol=6 | dir=in | action=allow | name=μtorrent (tcp-in) | app=c:\program files (x86)\utorrent\utorrent.exe | {6D505564-BBF9-41CB-982C-BB77398C0BDF} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 | {6DC0C9D0-41A5-476F-BC02-A00846D02897} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe | {70014DD1-96A8-4DFF-99FC-FCE2D2992FE9} -> protocol=17 | dir=in | action=allow | name=μtorrent (udp-in) | app=c:\program files (x86)\utorrent\utorrent.exe | {743A13B7-D5B0-4B5F-8656-9B2BF7831967} -> profile=public | protocol=6 | dir=in | action=block | name=age of conan conanlivewin32 v3.04.0@340315 | app=c:\program files (x86)\funcom\age of conan\ageofconan.exe | {74E8DBFD-6A33-4E04-9967-979DE7216385} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe | {772B3A53-A44D-4313-AF71-2999600B6231} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe | {7EE3DBF6-745B-48C1-A718-6E85476C14AE} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | {89A6D53F-0022-4274-A37B-0A2FD4A18FC9} -> profile=private | protocol=17 | dir=in | action=allow | name=pro evolution soccer 2013 | app=c:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe | {8BFAEF9E-05FE-4266-A469-BC6233EA1661} -> profile=public | protocol=17 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | {8EE1CC06-882B-4C54-9030-1F4A4665718E} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {966E6F70-6675-4D0E-9475-230D323375F5} -> profile=public | protocol=17 | dir=in | action=allow | name=microsoft onenote | app=c:\program files (x86)\microsoft office\office14\onenote.exe | {973ACCCE-08E0-4A9A-93A6-0D740183DC66} -> profile=public | protocol=6 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | {98724010-E6A8-42CD-B1D5-93AA9D3CACF0} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | {99F12827-93F4-4B73-8317-0F447FDE90C2} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe | {9C968A07-90DD-4980-92B0-BD6D28D0CE3A} -> profile=private | protocol=17 | dir=in | action=allow | name=blizzard agent | app=c:\programdata\battle.net\agent\agent.913\agent.exe | {9EF0C75A-7ED9-4048-A2D8-CDE58A5F66C9} -> profile=public | protocol=6 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | {A4886665-1622-44C8-B3E9-F594578F7713} -> profile=public | protocol=6 | dir=in | action=allow | name=fifa online | app=c:\program files (x86)\fifa online 2\ff2client.exe | {AE87E09A-DE44-4DFD-B966-FD69D3B33D73} -> profile=public | protocol=6 | dir=in | action=allow | name=socket server | app=f:\fscommand\cksocketserver.exe | {B6284F35-F98F-4D88-A024-BAF10BDB1695} -> profile=public | protocol=17 | dir=in | action=allow | name=fifa online | app=c:\program files (x86)\fifa online 2\ff2client.exe | {B900F713-30F7-4CE3-A4A5-01BAAF8108D7} -> profile=private | protocol=17 | dir=in | action=allow | name=rockstar games social club | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe | {BA20C3C5-070D-4289-8921-82CCD6A79B10} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | {BC9D92B5-EBFA-47A5-BF3C-91DD47216116} -> profile=public | protocol=17 | dir=in | action=block | name=age of conan conanlivewin32 v3.04.0@340315 | app=c:\program files (x86)\funcom\age of conan\ageofconan.exe | {BF04183F-8407-41B3-A68D-BB666F6EA033} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost | {C5ECFAC4-BAE1-4659-86B8-CB9E23678F09} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 | {C66AEB53-EA98-426F-8CB3-AE92E2F4166E} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system | {CD377EA3-AB9A-4051-B761-837129F7B876} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {D3C198DE-DFD2-48B7-86B6-1BFD5E0E7F46} -> profile=public | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-32821 | app=%systemroot%\system32\svchost.exe | svc=upnphost | {DC6AB4DC-FC21-4F98-853B-75D054A22D91} -> profile=private | protocol=17 | dir=in | action=allow | name=steam | app=c:\program files (x86)\valve\steam\steam.exe | {DE22F033-65B8-4D26-90FC-711778BBE3E3} -> profile=private | protocol=6 | dir=in | action=allow | name=counter-strike: condition zero | app=c:\program files (x86)\valve\steam\steamapps\rafaxer\condition zero\hl.exe | {E23275F7-7F75-410E-8CE1-90417DEEFFFC} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe | {E346EF65-84D5-4650-994E-A77A4EEF1E02} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | {EACD5736-FC8A-4A83-A795-B17FB6283F3B} -> profile=public | protocol=17 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | {ED04F1A9-6257-42FD-8BDE-C258EA14C39A} -> profile=private | protocol=6 | dir=in | action=allow | name=blizzard agent | app=c:\programdata\battle.net\agent\agent.913\agent.exe | {F7C0A557-65B1-4BA7-86B2-7A8181255EC1} -> profile=private | protocol=6 | dir=in | action=allow | name=blizzard agent | app=c:\programdata\battle.net\agent\agent.868\agent.exe | {F9F10BB9-B276-4D70-BB8D-E451C079B75A} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe | {FA35D90C-165D-4097-BAF3-6E1C51581B0E} -> profile=public | protocol=6 | dir=in | action=allow | name=teamviewer remote control application | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | {FBE46AB2-C992-4128-9520-FE97AEB8EF8E} -> profile=public | protocol=17 | dir=in | action=allow | name=socket server | app=f:\fscommand\cksocketserver.exe | {FE477DD0-7335-4879-BA2C-559F26D1BBB7} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe | {FF58BBD5-7D27-4F4E-975B-1AD176C7602D} -> dir=in | action=allow | name=windows live mesh | app=c:\program files (x86)\windows live\mesh\moe.exe | {FFA6E791-5442-4960-9FAD-B95FEA90CE24} -> profile=public | protocol=6 | dir=in | action=allow | name=arcsoft totalmedia 3.5 | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe | TCP Query User{0410B137-622E-406E-90C8-9ACA8B572823}C:\program files (x86)\funcom\age of conan\ageofconan.exe -> profile=private | protocol=6 | dir=in | action=allow | name=age of conan conanlivewin32 v3.04.0@340315 | app=c:\program files (x86)\funcom\age of conan\ageofconan.exe | TCP Query User{07C3F95D-FE69-48A4-A6A0-25FD044A8468}C:\games\world_of_tanks\wotlauncher.exe -> profile=private | protocol=6 | dir=in | action=allow | name=world of tanks launcher | app=c:\games\world_of_tanks\wotlauncher.exe | TCP Query User{1CD22735-DDAD-43D4-BD7C-3208EBF88DC3}C:\users\user\appdata\local\virtualstore\program files (x86)\dead island\dead island\deadislandgame.exe -> profile=public | protocol=6 | dir=in | action=block | name=deadislandgame.exe | app=c:\users\user\appdata\local\virtualstore\program files (x86)\dead island\dead island\deadislandgame.exe | TCP Query User{2E3065DE-CCB3-41F6-8C81-DF6F84FAFC3E}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe -> profile=private | protocol=6 | dir=in | action=allow | name=bfheroes | app=c:\program files (x86)\ea games\battlefield heroes\bfheroes.exe | TCP Query User{5128DE05-CF2A-4DE4-8AE4-38CA9D477F99}C:\users\user\appdata\local\apps\2.0\bp9yw64x.mdx\doo4pwqe.n62\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe -> profile=private | protocol=6 | dir=in | action=allow | name=tadzik.exe | app=c:\users\user\appdata\local\apps\2.0\bp9yw64x.mdx\doo4pwqe.n62\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe | TCP Query User{558A426E-553C-4ACF-A67D-2C6C5A3B2DBC}C:\programdata\electronic arts\need for speed world\data\nfsw.exe -> profile=private | protocol=6 | dir=in | action=block | name=need for speed world | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe | TCP Query User{5621ED1F-FD3A-4D72-A8D2-D1C779BE5096}C:\games\world_of_tanks\worldoftanks.exe -> profile=private | protocol=6 | dir=in | action=allow | name=worldoftanks | app=c:\games\world_of_tanks\worldoftanks.exe | TCP Query User{60479352-8B1B-446E-88CE-D84D1AAD0E66}C:\users\user\downloads\need for speed most wanted-le-sc\nfs13.exe -> profile=private | protocol=6 | dir=in | action=block | name=nfs13.exe | app=c:\users\user\downloads\need for speed most wanted-le-sc\nfs13.exe | TCP Query User{60CC3D1B-929C-4FFD-89AD-CBA158F5A8AC}C:\program files (x86)\black_box\virtua tennis 4\vt4.exe -> profile=private | protocol=6 | dir=in | action=block | name=virtua tennis 4™ | app=c:\program files (x86)\black_box\virtua tennis 4\vt4.exe | TCP Query User{6CB018A9-8BFB-4999-9494-2E4B38281BE7}C:\program files (x86)\aviara\left 4 dead 2 full game v_2.1.0.5\left4dead2.exe -> profile=private | protocol=6 | dir=in | action=block | name=left4dead2 | app=c:\program files (x86)\aviara\left 4 dead 2 full game v_2.1.0.5\left4dead2.exe | TCP Query User{7E3428EA-ED5F-4C5F-B653-AA4A62D01A51}C:\program files (x86)\funcom\age of conan\conanpatcher.exe -> profile=private | protocol=6 | dir=in | action=allow | name=age of conan update manager | app=c:\program files (x86)\funcom\age of conan\conanpatcher.exe | TCP Query User{87006830-D949-435A-841E-4EE80F01FD2F}C:\program files (x86)\call of duty\moh_spearhead.exe -> profile=private | protocol=6 | dir=in | action=block | name=moh_spearhead | app=c:\program files (x86)\call of duty\moh_spearhead.exe | TCP Query User{AA8730EC-C27B-49D1-8888-9D823BEDE708}C:\program files (x86)\google\chrome\application\chrome.exe -> profile=private | protocol=6 | dir=in | action=block | name=google chrome | app=c:\program files (x86)\google\chrome\application\chrome.exe | TCP Query User{B6BC1D5A-19D1-49C2-A679-3C40285EED89}C:\program files (x86)\winamp\winamp.exe -> profile=public | protocol=6 | dir=in | action=allow | name=winamp | app=c:\program files (x86)\winamp\winamp.exe | TCP Query User{BFCAB709-D316-4238-B494-1FF4DF828E48}C:\games\world_of_tanks\worldoftanks.exe -> profile=public | protocol=6 | dir=in | action=block | name=worldoftanks | app=c:\games\world_of_tanks\worldoftanks.exe | TCP Query User{D5FC781C-AB73-43B4-ADAE-9A63FB2A7B26}C:\users\user\desktop\fifa 13\game\fifa13.exe -> profile=private | protocol=6 | dir=in | action=block | name=fifa13.exe | app=c:\users\user\desktop\fifa 13\game\fifa13.exe | TCP Query User{DD3EEA81-A4F0-4ACA-8F2B-08AE98A2CB90}C:\program files (x86)\gadu-gadu 10\gg.exe -> profile=private | protocol=6 | dir=in | action=allow | name=gadu-gadu 10 | app=c:\program files (x86)\gadu-gadu 10\gg.exe | TCP Query User{E1470F2E-211A-495D-9508-578609281283}C:\windows\system32\migwiz\migwiz.exe -> profile=private | protocol=6 | dir=in | action=allow | name=aplikacja łatwy transfer w systemie windows | app=c:\windows\system32\migwiz\migwiz.exe | TCP Query User{E51C742A-5387-4565-B9DA-70FF6838555D}C:\users\user\appdata\local\apps\2.0\bp9yw64x.mdx\doo4pwqe.n62\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe -> profile=public | protocol=6 | dir=in | action=allow | name=tadzik.exe | app=c:\users\user\appdata\local\apps\2.0\bp9yw64x.mdx\doo4pwqe.n62\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe | TCP Query User{EB6152D0-058C-4F3B-930B-E4D3911FD8DF}C:\games\world_of_tanks\wotlauncher.exe -> profile=public | protocol=6 | dir=in | action=allow | name=wotlauncher | app=c:\games\world_of_tanks\wotlauncher.exe | TCP Query User{F1F5A31A-CE64-4EC0-849B-214A86FE464C}C:\users\user\appdata\local\virtualstore\program files (x86)\dead island\dead island\deadislandgame.exe -> profile=private | protocol=6 | dir=in | action=block | name=deadislandgame.exe | app=c:\users\user\appdata\local\virtualstore\program files (x86)\dead island\dead island\deadislandgame.exe | TCP Query User{F3D47902-EC80-45A3-B863-109B2272FD8B}C:\program files (x86)\gadu-gadu 10\gg.exe -> profile=public | protocol=6 | dir=in | action=block | name=gadu-gadu 10 | app=c:\program files (x86)\gadu-gadu 10\gg.exe | UDP Query User{03DE56BD-C6D6-47A3-B4B6-94C37BA05AE9}C:\program files (x86)\call of duty\moh_spearhead.exe -> profile=private | protocol=17 | dir=in | action=block | name=moh_spearhead | app=c:\program files (x86)\call of duty\moh_spearhead.exe | UDP Query User{06A40499-E7B7-4CD4-8B70-0FDE59F900C8}C:\programdata\electronic arts\need for speed world\data\nfsw.exe -> profile=private | protocol=17 | dir=in | action=block | name=need for speed world | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe | UDP Query User{115F33F2-539A-44FF-869B-6E01E32E58FA}C:\users\user\appdata\local\apps\2.0\bp9yw64x.mdx\doo4pwqe.n62\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe -> profile=private | protocol=17 | dir=in | action=allow | name=tadzik.exe | app=c:\users\user\appdata\local\apps\2.0\bp9yw64x.mdx\doo4pwqe.n62\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe | UDP Query User{172E982C-FF5D-45EF-B3BC-A280CDA87052}C:\program files (x86)\winamp\winamp.exe -> profile=public | protocol=17 | dir=in | action=allow | name=winamp | app=c:\program files (x86)\winamp\winamp.exe | UDP Query User{1942B1EB-F00B-4030-84E5-EFF564D730B1}C:\program files (x86)\gadu-gadu 10\gg.exe -> profile=private | protocol=17 | dir=in | action=allow | name=gadu-gadu 10 | app=c:\program files (x86)\gadu-gadu 10\gg.exe | UDP Query User{38AABD0C-B6BD-46C7-A2BE-57BB1E268FCD}C:\users\user\appdata\local\virtualstore\program files (x86)\dead island\dead island\deadislandgame.exe -> profile=public | protocol=17 | dir=in | action=block | name=deadislandgame.exe | app=c:\users\user\appdata\local\virtualstore\program files (x86)\dead island\dead island\deadislandgame.exe | UDP Query User{41EFE7B7-FE83-4213-B28C-CA4ED1636DFF}C:\program files (x86)\black_box\virtua tennis 4\vt4.exe -> profile=private | protocol=17 | dir=in | action=block | name=virtua tennis 4™ | app=c:\program files (x86)\black_box\virtua tennis 4\vt4.exe | UDP Query User{43B27A89-5DEE-4426-B93E-D673CBE18C36}C:\users\user\appdata\local\apps\2.0\bp9yw64x.mdx\doo4pwqe.n62\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe -> profile=public | protocol=17 | dir=in | action=allow | name=tadzik.exe | app=c:\users\user\appdata\local\apps\2.0\bp9yw64x.mdx\doo4pwqe.n62\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe | UDP Query User{5FB14A16-F617-438C-89F5-F9520D960323}C:\users\user\downloads\need for speed most wanted-le-sc\nfs13.exe -> profile=private | protocol=17 | dir=in | action=block | name=nfs13.exe | app=c:\users\user\downloads\need for speed most wanted-le-sc\nfs13.exe | UDP Query User{64BF2283-211F-4637-BEB5-751DF4813918}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe -> profile=private | protocol=17 | dir=in | action=allow | name=bfheroes | app=c:\program files (x86)\ea games\battlefield heroes\bfheroes.exe | UDP Query User{69843856-E71A-4148-AEDF-E46876883F07}C:\windows\system32\migwiz\migwiz.exe -> profile=private | protocol=17 | dir=in | action=allow | name=aplikacja łatwy transfer w systemie windows | app=c:\windows\system32\migwiz\migwiz.exe | UDP Query User{74A5C2F1-B541-4CC9-AF15-3C7C6AABA263}C:\games\world_of_tanks\wotlauncher.exe -> profile=private | protocol=17 | dir=in | action=allow | name=world of tanks launcher | app=c:\games\world_of_tanks\wotlauncher.exe | UDP Query User{89485C8D-7E0D-4425-9AA7-597A71B7156B}C:\users\user\desktop\fifa 13\game\fifa13.exe -> profile=private | protocol=17 | dir=in | action=block | name=fifa13.exe | app=c:\users\user\desktop\fifa 13\game\fifa13.exe | UDP Query User{8B3A37F1-F2E5-4FD5-A6D2-A92D1ADC8F23}C:\program files (x86)\funcom\age of conan\ageofconan.exe -> profile=private | protocol=17 | dir=in | action=allow | name=age of conan conanlivewin32 v3.04.0@340315 | app=c:\program files (x86)\funcom\age of conan\ageofconan.exe | UDP Query User{8CAF5FAC-116A-4040-B832-55262430A1DE}C:\games\world_of_tanks\worldoftanks.exe -> profile=public | protocol=17 | dir=in | action=block | name=worldoftanks | app=c:\games\world_of_tanks\worldoftanks.exe | UDP Query User{92982A40-E3A6-44FE-9DCD-B8D24475F90B}C:\games\world_of_tanks\worldoftanks.exe -> profile=private | protocol=17 | dir=in | action=allow | name=worldoftanks | app=c:\games\world_of_tanks\worldoftanks.exe | UDP Query User{A68AA09C-578F-48F9-80EC-E0C99EC25CCA}C:\program files (x86)\gadu-gadu 10\gg.exe -> profile=public | protocol=17 | dir=in | action=block | name=gadu-gadu 10 | app=c:\program files (x86)\gadu-gadu 10\gg.exe | UDP Query User{C2588C1D-37AF-4ED9-A36A-D674A4969CF0}C:\program files (x86)\aviara\left 4 dead 2 full game v_2.1.0.5\left4dead2.exe -> profile=private | protocol=17 | dir=in | action=block | name=left4dead2 | app=c:\program files (x86)\aviara\left 4 dead 2 full game v_2.1.0.5\left4dead2.exe | UDP Query User{EB3C376B-7833-42AB-97BE-089F960C706E}C:\games\world_of_tanks\wotlauncher.exe -> profile=public | protocol=17 | dir=in | action=allow | name=wotlauncher | app=c:\games\world_of_tanks\wotlauncher.exe | UDP Query User{F6B282A1-EB69-4F4A-AF1E-761B657BC8F6}C:\users\user\appdata\local\virtualstore\program files (x86)\dead island\dead island\deadislandgame.exe -> profile=private | protocol=17 | dir=in | action=block | name=deadislandgame.exe | app=c:\users\user\appdata\local\virtualstore\program files (x86)\dead island\dead island\deadislandgame.exe | UDP Query User{F6E8F881-3087-4E55-AAC9-34605BF00DB9}C:\program files (x86)\funcom\age of conan\conanpatcher.exe -> profile=private | protocol=17 | dir=in | action=allow | name=age of conan update manager | app=c:\program files (x86)\funcom\age of conan\conanpatcher.exe | UDP Query User{F74938F6-0135-4607-B7E1-B416FACE04D9}C:\program files (x86)\google\chrome\application\chrome.exe -> profile=private | protocol=17 | dir=in | action=block | name=google chrome | app=c:\program files (x86)\google\chrome\application\chrome.exe | < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> Sterownik stacji dysków CD-ROM -> "ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2010-11-21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) < Drives with AutoRun files > -> -> C:\Autodesk [] -> C:\Autodesk [ NTFS ] -> [2012-06-04 15:50:11 | 000,000,000 | ---D | M] Unable to obtain root file information for disk C:\ Unable to obtain root file information for disk D:\ < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{3fbb928e-f5b0-11e1-b602-b870f407746d} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3fbb928e-f5b0-11e1-b602-b870f407746d}\shell \{3fbb928e-f5b0-11e1-b602-b870f407746d}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3fbb928e-f5b0-11e1-b602-b870f407746d}\shell\AutoRun\command \{3fbb928e-f5b0-11e1-b602-b870f407746d}\shell\AutoRun\command\\"" -> [G:\windows\Install\Install.exe] -> File not found \{6e814976-e752-11e0-b12e-ec55f9d5145a} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e814976-e752-11e0-b12e-ec55f9d5145a}\shell \{6e814976-e752-11e0-b12e-ec55f9d5145a}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e814976-e752-11e0-b12e-ec55f9d5145a}\shell\AutoRun\command \{6e814976-e752-11e0-b12e-ec55f9d5145a}\shell\AutoRun\command\\"" -> [E:\autorun.exe] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> 64bit-comfile [open] -> "%1" %* 64bit-exefile [open] -> "%1" %* comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Registry - Additional Scans - Safe List] < 64bit-ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {020439B4-5178-8C5B-283E-B88577C9BD61} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found {08B0E5C0-4FCB-11CF-AAA5-00401C608500} [KeyFileName] -> Reg Error: Value error. [(default): Java (Sun); IsInstalled: 1] -> File not found {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKLM] -> C:\Windows\SysNative\wmpdxm.dll [(default): Microsoft Windows Media Player 12.0; IsInstalled: 1] -> [2010-11-21 04:24:52 | 000,358,400 | ---- | M] (Microsoft Corporation) {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [StubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> {3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [StubPath] -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [(default): Microsoft Windows; IsInstalled: 1] -> {44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found {45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found {4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> File not found {5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found {630b1da0-b465-11d1-9948-00c04f98bbc9} [KeyFileName] -> Reg Error: Value error. [(default): Browsing Enhancements; IsInstalled: 1] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [StubPath] -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [(default): Microsoft Windows Media Player; IsInstalled: 1] -> {6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found {7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(default): Address Book 7; IsInstalled: 1] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [StubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4383} [StubPath] -> C:\Windows\System32\ie4uinit.exe -BaseSettings [(default): Web Platform Customizations; IsInstalled: 1] -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} [StubPath] -> C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> {91ADDC88-ADE3-2415-649D-4FBBFEF56472} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Media Player; IsInstalled: 1] -> File not found {9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found {95D71051-734A-B62A-5596-F7E5DCF1BE19} [HKLM] -> Reg Error: Key error. [(default): Themes Setup; IsInstalled: 1] -> File not found {C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found {de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found {E90E123B-395D-7D4F-B194-40888A4345D4} [HKLM] -> Reg Error: Key error. [(default): Java (Sun); IsInstalled: 1] -> File not found {E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 1] -> File not found {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {F766B39F-8476-73AC-146D-11E641B6F3F6} [HKLM] -> Reg Error: Key error. [(default): Browser Customizations; IsInstalled: 1] -> File not found {FEBEF00C-046D-438D-8A88-BF94A6C9E703} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [StubPath] -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> >{26923b43-4d38-484f-9b9e-de460746276c} [StubPath] -> C:\Windows\System32\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [StubPath] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> < ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608500} [KeyFileName] -> C:\Program Files (x86)\Java\jre6\bin\regutils.dll [(default): Java (Sun); IsInstalled: 1] -> [2011-07-19 05:37:52 | 000,278,528 | ---- | M] (Sun Microsystems, Inc.) {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKLM] -> C:\Windows\SysWOW64\wmpdxm.dll [(default): Microsoft Windows Media Player 12.0; IsInstalled: 1] -> [2010-11-21 04:25:10 | 000,299,520 | ---- | M] (Microsoft Corporation) {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [StubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> {3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [StubPath] -> "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [(default): Microsoft Windows; IsInstalled: 1] -> {44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found {45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found {4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> File not found {5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found {630b1da0-b465-11d1-9948-00c04f98bbc9} [KeyFileName] -> C:\Windows\SysWOW64\msieftp.dll [(default): Browsing Enhancements; IsInstalled: 1] -> [2010-11-21 04:24:16 | 000,301,568 | ---- | M] (Microsoft Corporation) {6BF52A52-394A-11d3-B153-00C04F79FAA6} [StubPath] -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [(default): Microsoft Windows Media Player; IsInstalled: 1] -> {6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found {7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(default): Address Book 7; IsInstalled: 1] -> File not found {7C028AF8-F614-47B3-82DA-BA94E41B1089} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [StubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4383} [StubPath] -> C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings [(default): Web Platform Customizations; IsInstalled: 1] -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} [StubPath] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> {9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found {C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found {de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found {E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 1] -> File not found {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [StubPath] -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> >{26923b43-4d38-484f-9b9e-de460746276c} [StubPath] -> C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [StubPath] -> "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> < ActiveX StubPath [HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\] > -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [HKLM: Windows Media Player] -> [2010-11-21 04:25:10 | 011,410,432 | ---- | M] (Microsoft Corporation) {89820200-ECBD-11cf-8B85-00AA005B4340} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4383} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89B4C1CD-B018-4511-B0A1-5476DBF70820} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{26923b43-4d38-484f-9b9e-de460746276c} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < 64bit-App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> 7zFM.exe -> C:\Program Files\7-Zip\7zFM.exe [C:\Program Files\7-Zip\7zFM.exe] -> [2010-11-18 20:10:48 | 000,740,352 | ---- | M] (Igor Pavlov) AcroRd32.exe -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe [C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe] -> [2011-09-05 18:04:56 | 001,489,304 | ---- | M] (Adobe Systems Incorporated) ccleaner.exe -> C:\Program Files\CCleaner\CCleaner64.exe [C:\Program Files\CCleaner\CCleaner64.exe] -> [2012-01-24 19:15:02 | 004,600,640 | ---- | M] (Piriform Ltd) chrome.exe -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] -> [2012-10-31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) CitiesXL_2012.exe -> C:\Program Files (x86)\Focus Home Interactive\Cities XL 2012\CitiesXL_2012.exe [C:\Program Files (x86)\Focus Home Interactive\Cities XL 2012\CitiesXL_2012.exe] -> [2011-10-19 22:29:46 | 025,015,296 | ---- | M] (Monte Cristo Games) cmmgr32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found DTLite.exe -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe] -> [2011-08-02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) dvdmaker.exe -> C:\Program Files\DVD Maker\DVDMaker.exe [%ProgramFiles%\DVD Maker\dvdmaker.exe] -> [2009-07-14 02:39:08 | 002,258,432 | ---- | M] (Microsoft Corporation) excel.exe -> C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE [C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE] -> [2012-03-15 17:07:54 | 020,774,680 | ---- | M] (Microsoft Corporation) firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] -> [2012-09-19 10:08:23 | 000,913,888 | ---- | M] (Mozilla Corporation) FreeArc.exe -> C:\Program Files (x86)\FreeArc [C:\Program Files (x86)\FreeArc] -> [2011-12-06 16:54:28 | 000,000,000 | ---D | M] fsquirt.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found GROOVE.EXE -> C:\PROGRA~2\MICROS~1\Office14\GROOVE.EXE [C:\PROGRA~2\MICROS~1\Office14\GROOVE.EXE] -> [2011-06-12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) IEDIAGCMD.EXE -> C:\Program Files (x86)\Internet Explorer\IEDIAGCMD.EXE [C:\Program Files (x86)\Internet Explorer\IEDIAGCMD.EXE] -> [2011-10-14 15:34:07 | 000,307,200 | ---- | M] () infopath.exe -> C:\PROGRA~2\MICROS~1\Office14\INFOPATH.EXE [C:\PROGRA~2\MICROS~1\Office14\INFOPATH.EXE] -> [2012-07-27 23:55:08 | 001,734,760 | ---- | M] (Microsoft Corporation) install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found javaws.exe -> C:\Windows\SysNative\javaws.exe [C:\windows\system32\javaws.exe] -> [2011-09-22 13:41:33 | 000,190,752 | ---- | M] (Sun Microsystems, Inc.) Journal.exe -> C:\Program Files\Windows Journal\Journal.exe [%ProgramFiles%\Windows Journal\Journal.exe] -> [2010-11-21 04:25:06 | 002,164,224 | ---- | M] (Microsoft Corporation) mpc-hc.exe -> C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe ["C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe"] -> [2011-10-28 09:00:00 | 005,574,656 | ---- | M] (MPC-HC Team) mplayer2.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2010-11-21 04:25:10 | 000,164,864 | ---- | M] (Microsoft Corporation) MSACCESS.EXE -> C:\PROGRA~2\MICROS~1\Office14\MSACCESS.EXE [C:\PROGRA~2\MICROS~1\Office14\MSACCESS.EXE] -> [2011-03-18 22:04:54 | 013,996,384 | ---- | M] (Microsoft Corporation) MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found MSPUB.EXE -> C:\PROGRA~2\MICROS~1\Office14\MSPUB.EXE [C:\PROGRA~2\MICROS~1\Office14\MSPUB.EXE] -> [2011-04-06 20:09:20 | 009,773,416 | ---- | M] (Microsoft Corporation) ois.exe -> C:\PROGRA~2\MICROS~1\Office14\OIS.EXE [C:\PROGRA~2\MICROS~1\Office14\OIS.EXE] -> [2010-12-21 00:09:52 | 000,274,280 | ---- | M] (Microsoft Corporation) OneNote.exe -> C:\PROGRA~2\MICROS~1\Office14\ONENOTE.EXE [C:\PROGRA~2\MICROS~1\Office14\ONENOTE.EXE] -> [2012-03-15 17:02:26 | 001,699,104 | ---- | M] (Microsoft Corporation) OUTLOOK.EXE -> C:\PROGRA~2\MICROS~1\Office14\OUTLOOK.EXE [C:\PROGRA~2\MICROS~1\Office14\OUTLOOK.EXE] -> [2012-02-17 09:37:46 | 015,963,936 | ---- | M] (Microsoft Corporation) pbrush.exe -> C:\Windows\SysNative\mspaint.exe [%SystemRoot%\System32\mspaint.exe] -> [2009-07-14 02:39:24 | 006,676,480 | ---- | M] (Microsoft Corporation) Power2GO.exe -> C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe [C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe] -> [2010-11-08 11:07:22 | 002,213,160 | ---- | M] (Cyberlink) Power2GoExpress.exe -> C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe [C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe] -> [2010-11-08 11:10:36 | 002,532,648 | ---- | M] (Cyberlink) powerpnt.exe -> C:\PROGRA~2\MICROS~1\Office14\POWERPNT.EXE [C:\PROGRA~2\MICROS~1\Office14\POWERPNT.EXE] -> [2011-08-29 20:36:58 | 002,162,024 | ---- | M] (Microsoft Corporation) PowerRecover -> C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe [C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe] -> [2010-04-28 16:45:56 | 003,150,120 | ---- | M] (CyberLink) PowerShell.exe -> C:\Windows\SysNative\WindowsPowerShell\v1.0\powershell.exe [%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe] -> [2009-07-14 02:39:20 | 000,473,600 | ---- | M] (Microsoft Corporation) setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found SmartAudio.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found SnippingTool.exe -> C:\Windows\SysNative\SnippingTool.exe [%SystemRoot%\system32\SnippingTool.exe] -> [2009-07-14 02:39:41 | 000,431,104 | ---- | M] (Microsoft Corporation) table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found wab.exe -> C:\Program Files\Windows Mail\wab.exe [%ProgramFiles%\Windows Mail\wab.exe] -> [2010-11-21 04:24:32 | 000,516,096 | ---- | M] (Microsoft Corporation) wabmig.exe -> C:\Program Files\Windows Mail\wabmig.exe [%ProgramFiles%\Windows Mail\wabmig.exe] -> [2009-07-14 02:39:50 | 000,067,584 | ---- | M] (Microsoft Corporation) winamp.exe -> C:\Program Files (x86)\Winamp\winamp.exe [C:\Program Files (x86)\Winamp\winamp.exe] -> [2011-07-11 22:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) WinRAR.exe -> C:\Program Files\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2011-06-01 00:00:04 | 001,169,920 | ---- | M] (Alexander Roshal) Winword.exe -> C:\PROGRA~2\MICROS~1\Office14\WINWORD.EXE [C:\PROGRA~2\MICROS~1\Office14\WINWORD.EXE] -> [2012-07-19 06:55:38 | 001,422,936 | ---- | M] (Microsoft Corporation) wmplayer.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2010-11-21 04:25:10 | 000,164,864 | ---- | M] (Microsoft Corporation) WORDPAD.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2010-11-21 04:24:34 | 004,583,424 | ---- | M] (Microsoft Corporation) WRITE.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2010-11-21 04:24:34 | 004,583,424 | ---- | M] (Microsoft Corporation) xfire.exe -> C:\Program Files (x86)\Xfire\Xfire.exe [C:\Program Files (x86)\Xfire\Xfire.exe] -> [2011-08-26 23:22:26 | 003,510,680 | ---- | M] (Xfire Inc.) YouCam -> C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe] -> [2011-01-29 00:29:36 | 000,228,448 | ---- | M] (CyberLink Corp.) < App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> 7zFM.exe -> C:\Program Files\7-Zip\7zFM.exe [C:\Program Files\7-Zip\7zFM.exe] -> [2010-11-18 20:10:48 | 000,740,352 | ---- | M] (Igor Pavlov) AcroRd32.exe -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe [C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe] -> [2011-09-05 18:04:56 | 001,489,304 | ---- | M] (Adobe Systems Incorporated) ccleaner.exe -> C:\Program Files\CCleaner\CCleaner64.exe [C:\Program Files\CCleaner\CCleaner64.exe] -> [2012-01-24 19:15:02 | 004,600,640 | ---- | M] (Piriform Ltd) chrome.exe -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] -> [2012-10-31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) CitiesXL_2012.exe -> C:\Program Files (x86)\Focus Home Interactive\Cities XL 2012\CitiesXL_2012.exe [C:\Program Files (x86)\Focus Home Interactive\Cities XL 2012\CitiesXL_2012.exe] -> [2011-10-19 22:29:46 | 025,015,296 | ---- | M] (Monte Cristo Games) cmmgr32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found DTLite.exe -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe] -> [2011-08-02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) dvdmaker.exe -> [%ProgramFiles%\DVD Maker\dvdmaker.exe] -> File not found excel.exe -> C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE [C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE] -> [2012-03-15 17:07:54 | 020,774,680 | ---- | M] (Microsoft Corporation) firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] -> [2012-09-19 10:08:23 | 000,913,888 | ---- | M] (Mozilla Corporation) FreeArc.exe -> C:\Program Files (x86)\FreeArc [C:\Program Files (x86)\FreeArc] -> [2011-12-06 16:54:28 | 000,000,000 | ---D | M] fsquirt.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found GROOVE.EXE -> C:\PROGRA~2\MICROS~1\Office14\GROOVE.EXE [C:\PROGRA~2\MICROS~1\Office14\GROOVE.EXE] -> [2011-06-12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) IEDIAGCMD.EXE -> C:\Program Files (x86)\Internet Explorer\IEDIAGCMD.EXE [C:\Program Files (x86)\Internet Explorer\IEDIAGCMD.EXE] -> [2011-10-14 15:34:07 | 000,307,200 | ---- | M] () infopath.exe -> C:\PROGRA~2\MICROS~1\Office14\INFOPATH.EXE [C:\PROGRA~2\MICROS~1\Office14\INFOPATH.EXE] -> [2012-07-27 23:55:08 | 001,734,760 | ---- | M] (Microsoft Corporation) install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found javaws.exe -> C:\Windows\SysWOW64\javaws.exe [C:\windows\system32\javaws.exe] -> [2011-07-19 04:05:38 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) Journal.exe -> [%ProgramFiles%\Windows Journal\Journal.exe] -> File not found mpc-hc.exe -> C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe ["C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe"] -> [2011-10-28 09:00:00 | 005,574,656 | ---- | M] (MPC-HC Team) mplayer2.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2010-11-21 04:25:10 | 000,164,864 | ---- | M] (Microsoft Corporation) MSACCESS.EXE -> C:\PROGRA~2\MICROS~1\Office14\MSACCESS.EXE [C:\PROGRA~2\MICROS~1\Office14\MSACCESS.EXE] -> [2011-03-18 22:04:54 | 013,996,384 | ---- | M] (Microsoft Corporation) MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found MSPUB.EXE -> C:\PROGRA~2\MICROS~1\Office14\MSPUB.EXE [C:\PROGRA~2\MICROS~1\Office14\MSPUB.EXE] -> [2011-04-06 20:09:20 | 009,773,416 | ---- | M] (Microsoft Corporation) ois.exe -> C:\PROGRA~2\MICROS~1\Office14\OIS.EXE [C:\PROGRA~2\MICROS~1\Office14\OIS.EXE] -> [2010-12-21 00:09:52 | 000,274,280 | ---- | M] (Microsoft Corporation) OneNote.exe -> C:\PROGRA~2\MICROS~1\Office14\ONENOTE.EXE [C:\PROGRA~2\MICROS~1\Office14\ONENOTE.EXE] -> [2012-03-15 17:02:26 | 001,699,104 | ---- | M] (Microsoft Corporation) OUTLOOK.EXE -> C:\PROGRA~2\MICROS~1\Office14\OUTLOOK.EXE [C:\PROGRA~2\MICROS~1\Office14\OUTLOOK.EXE] -> [2012-02-17 09:37:46 | 015,963,936 | ---- | M] (Microsoft Corporation) pbrush.exe -> C:\Windows\SysWOW64\mspaint.exe [%SystemRoot%\System32\mspaint.exe] -> [2009-07-14 02:14:26 | 006,376,960 | ---- | M] (Microsoft Corporation) Power2GO.exe -> C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe [C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe] -> [2010-11-08 11:07:22 | 002,213,160 | ---- | M] (Cyberlink) Power2GoExpress.exe -> C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe [C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe] -> [2010-11-08 11:10:36 | 002,532,648 | ---- | M] (Cyberlink) powerpnt.exe -> C:\PROGRA~2\MICROS~1\Office14\POWERPNT.EXE [C:\PROGRA~2\MICROS~1\Office14\POWERPNT.EXE] -> [2011-08-29 20:36:58 | 002,162,024 | ---- | M] (Microsoft Corporation) PowerRecover -> C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe [C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe] -> [2010-04-28 16:45:56 | 003,150,120 | ---- | M] (CyberLink) PowerShell.exe -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe [%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe] -> [2009-07-14 02:14:24 | 000,452,608 | ---- | M] (Microsoft Corporation) setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found sidebar.exe -> C:\Program Files (x86)\Windows Sidebar\sidebar.exe ["%ProgramFiles%\Windows Sidebar\sidebar.exe"] -> [2010-11-21 04:25:10 | 001,174,016 | ---- | M] (Microsoft Corporation) SmartAudio.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found SnippingTool.exe -> [%SystemRoot%\system32\SnippingTool.exe] -> File not found table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found TabTip.exe -> [%CommonProgramFiles%\microsoft shared\ink\TabTip.exe] -> File not found wab.exe -> C:\Program Files (x86)\Windows Mail\wab.exe [%ProgramFiles%\Windows Mail\wab.exe] -> [2010-11-21 04:23:56 | 000,516,096 | ---- | M] (Microsoft Corporation) wabmig.exe -> C:\Program Files (x86)\Windows Mail\wabmig.exe [%ProgramFiles%\Windows Mail\wabmig.exe] -> [2009-07-14 02:14:44 | 000,065,536 | ---- | M] (Microsoft Corporation) winamp.exe -> C:\Program Files (x86)\Winamp\winamp.exe [C:\Program Files (x86)\Winamp\winamp.exe] -> [2011-07-11 22:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) WinRAR.exe -> C:\Program Files\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2011-06-01 00:00:04 | 001,169,920 | ---- | M] (Alexander Roshal) Winword.exe -> C:\PROGRA~2\MICROS~1\Office14\WINWORD.EXE [C:\PROGRA~2\MICROS~1\Office14\WINWORD.EXE] -> [2012-07-19 06:55:38 | 001,422,936 | ---- | M] (Microsoft Corporation) wmplayer.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2010-11-21 04:25:10 | 000,164,864 | ---- | M] (Microsoft Corporation) WORDPAD.EXE -> C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2010-11-21 04:24:51 | 004,247,040 | ---- | M] (Microsoft Corporation) WRITE.EXE -> C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2010-11-21 04:24:51 | 004,247,040 | ---- | M] (Microsoft Corporation) xfire.exe -> C:\Program Files (x86)\Xfire\Xfire.exe [C:\Program Files (x86)\Xfire\Xfire.exe] -> [2011-08-26 23:22:26 | 003,510,680 | ---- | M] (Xfire Inc.) YouCam -> C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe] -> [2011-01-29 00:29:36 | 000,228,448 | ---- | M] (CyberLink Corp.) < Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> "{00020D75-0000-0000-C000-000000000046}" [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\MLSHEXT.DLL [Microsoft Outlook Desktop Icon Handler] -> [2010-03-22 20:30:04 | 000,020,864 | ---- | M] (Microsoft Corporation) "{0561EC90-CE54-4f0c-9C55-E226110A740C}" [HKLM] -> C:\Program Files (x86)\SubEdit-Player\codec\MatroskaSplitter\mmfinfo.dll [Haali Column Provider] -> [2008-03-29 15:42:20 | 000,159,744 | ---- | M] () "{0563DB41-F538-4B37-A92D-4659049B7766}" [HKLM] -> Reg Error: Key error. [WLMD Message Handler] -> File not found "{1532B32D-3A75-4A4D-9B38-5A6000EA7045}" [HKLM] -> C:\Program Files (x86)\FreeArc\bin\ArcShellExt\ArcShellExt.dll [FreeArc] -> [2010-05-19 21:16:18 | 000,348,160 | ---- | M] (freearc.org) "{16F3DD56-1AF5-4347-846D-7C10C4192619}" [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [Groove Explorer Icon Overlay 3 (GFS Folder)] -> [2011-06-12 10:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) "{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> [2011-06-12 10:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}" [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [Groove GFS Explorer Bar] -> [2011-06-12 10:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) "{327669A0-59A7-4be9-B99E-1C9F3A57611A}" [HKLM] -> C:\Program Files (x86)\SubEdit-Player\codec\MatroskaSplitter\mmfinfo.dll [Haali Matroska Thumbnail Extractor] -> [2008-03-29 15:42:20 | 000,159,744 | ---- | M] () "{387E725D-DC16-4D76-B310-2C93ED4752A0}" [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [Groove XML Icon Handler] -> [2011-06-12 10:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) "{3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D}" [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [Groove Namespace Extension] -> [2011-06-12 10:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) "{5574006C-28F5-4a65-A28C-74DE6BFBE0BB}" [HKLM] -> C:\Program Files (x86)\SubEdit-Player\codec\MatroskaSplitter\mmfinfo.dll [Haali Matroska Shell Property Page] -> [2008-03-29 15:42:20 | 000,159,744 | ---- | M] () "{5E2121EE-0300-11D4-8D3B-444553540000}" [HKLM] -> Reg Error: Key error. [Catalyst Context Menu extension] -> File not found "{6C467336-8281-4E60-8204-430CED96822D}" [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [Groove GFS Context Menu Handler] -> [2011-06-12 10:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [Groove GFS Browser Helper] -> [2011-06-12 10:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) "{80009818-f38f-4af1-87b5-eadab9433e58}" [HKLM] -> C:\Windows\SysWOW64\mf.dll [MF ADTS Property Handler] -> [2010-11-21 04:25:11 | 003,207,680 | ---- | M] (Microsoft Corporation) "{920E6DB1-9907-4370-B3A0-BAFC03D81399}" [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> [2011-06-12 10:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) "{99FD978C-D287-4F50-827F-B2C658EDA8E7}" [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> [2011-06-12 10:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) "{A449600E-1DC6-4232-B948-9BD794D62056}" [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [Groove GFS Stub Icon Handler] -> [2011-06-12 10:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) "{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [Groove Explorer Icon Overlay 2 (GFS Stub)] -> [2011-06-12 10:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) "{B089FE88-FB52-11D3-BDF1-0050DA34150D}" [HKLM] -> C:\Program Files\ESET\ESET NOD32 Antivirus\x86\shellExt.dll [ESET Smart Security - Context Menu Shell Extension] -> [2011-09-22 11:10:20 | 000,175,664 | ---- | M] (ESET) "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [Groove GFS Stub Execution Hook] -> [2011-06-12 10:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < 64bit-Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ -> C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk -> C:\PROGRA~2\Xfire\Xfire.exe -> [2011-08-26 23:22:26 | 003,510,680 | ---- | M] (Xfire Inc.) < 64bit-Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ -> Adobe ARM hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe -> [2012-01-03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) ALLUpdate hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe -> [2011-08-16 19:30:40 | 001,379,840 | ---- | M] () ArcSoft Connection Service hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe -> [2010-10-27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) EADM hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Origin\Origin.exe -> [2012-10-28 09:40:54 | 003,389,080 | ---- | M] (Electronic Arts) LogMeIn Hamachi Ui hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe -> [2012-11-19 21:48:16 | 002,254,768 | ---- | M] (LogMeIn Inc.) MPlayerForWindows_UpdateReminder hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\MPlayer for Windows\AutoUpdate.exe -> [2010-04-16 21:22:18 | 000,234,917 | ---- | M] () Steam hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Valve\Steam\steam.exe -> [2012-08-04 12:20:06 | 001,353,080 | ---- | M] (Valve Corporation) < 64bit-Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state -> "startup" -> 2 -> < 64bit-Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "msacm.l3acm" -> C:\Windows\SysNative\l3codeca.acm [C:\Windows\System32\l3codeca.acm] -> [2009-07-14 02:38:53 | 000,081,408 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) "VIDC.XFR1" -> C:\windows\SysNative\xfcodec64.dll [xfcodec64.dll] -> [2011-08-26 23:22:30 | 000,028,056 | ---- | M] () < Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "msacm.ac3acm" -> C:\windows\SysWow64\ac3acm.acm [ac3acm.acm] -> [2011-07-16 15:17:06 | 000,151,552 | ---- | M] (fccHandler) "msacm.clmp3enc" -> C:\PROGRA~2\Lenovo\Power2Go\CLMP3Enc.ACM [C:\PROGRA~2\Lenovo\Power2Go\CLMP3Enc.ACM] -> [2005-05-13 21:00:52 | 000,217,088 | ---- | M] (CyberLink Corp.) "msacm.l3acm" -> C:\Windows\SysWOW64\l3codeca.acm [C:\Windows\SysWOW64\l3codeca.acm] -> [2009-07-14 02:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) "msacm.lameacm" -> C:\windows\SysWow64\lameACM.acm [lameACM.acm] -> [2008-09-24 19:41:12 | 000,839,680 | ---- | M] (http://www.mp3dev.org/) "msacm.lhacm" -> C:\windows\SysWow64\lhacm.acm [lhacm.acm] -> [2012-02-26 15:14:42 | 000,034,064 | ---- | M] (Microsoft Corporation) "vidc.cvid" -> C:\windows\SysWow64\iccvid.dll [iccvid.dll] -> [2010-11-21 04:25:10 | 000,082,944 | ---- | M] (Radius Inc.) "VIDC.FFDS" -> C:\windows\SysWow64\ff_vfw.dll [ff_vfw.dll] -> [2011-10-28 09:00:00 | 000,074,752 | ---- | M] () "VIDC.XFR1" -> C:\windows\SysWow64\xfcodec.dll [xfcodec.dll] -> [2011-08-26 23:22:30 | 000,042,392 | ---- | M] () "VIDC.XVID" -> C:\windows\SysWow64\xvidvfw.dll [xvidvfw.dll] -> [2011-06-24 15:44:30 | 000,243,200 | ---- | M] () "VIDC.YV12" -> C:\windows\SysWow64\xvidvfw.dll [xvidvfw.dll] -> [2011-06-24 15:44:30 | 000,243,200 | ---- | M] () < 64bit-Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> C:\Program Files\Microsoft Office\Office14\IEAWSDC.DLL [Microsoft Office Template and Media Control] -> [2011-02-18 09:03:48 | 000,242,528 | ---- | M] () {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysNative\icardie.dll [InformationCardSigninHelper Class] -> [2011-10-14 15:34:05 | 000,082,432 | ---- | M] (Microsoft Corporation) {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3050F819-98B5-11CF-BB82-00AA00BDCE0B} [HKLM] -> C:\Windows\SysNative\mshtmled.dll [HtmlDlgSafeHelper Class] -> [2012-08-24 11:10:14 | 000,096,768 | ---- | M] (Microsoft Corporation) {333C7BC4-460F-11D0-BC04-0080C7055A83} [HKLM] -> C:\Windows\SysNative\tdc.ocx [Tabular Data Control] -> [2011-10-14 15:34:05 | 000,076,800 | ---- | M] (Microsoft Corporation) {3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [oleprn Class] -> [2009-07-14 02:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {435899C9-44AB-11D1-AF00-080036234103} [HKLM] -> C:\Windows\SysNative\oleprn.dll [DSPrintQueue Class] -> [2009-07-14 02:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {4F664F91-FF01-11D0-8AED-00C04FD7B597} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleSNMP Class] -> [2009-07-14 02:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2011-09-22 13:41:33 | 000,126,240 | ---- | M] (Sun Microsystems, Inc.) {65303443-AD66-11D1-9D65-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleCvt Class] -> [2009-07-14 02:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysNative\wmp.dll [Windows Media Player] -> [2010-11-21 04:24:52 | 014,633,472 | ---- | M] (Microsoft Corporation) {760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\SysNative\msnetobj.dll [Windows Media Services DRM Storage object] -> [2010-11-21 04:24:52 | 000,325,632 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {884e2049-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysNative\CertEnrollCtrl.exe [X509 Enrollment WebClassFactory] -> [2009-07-14 02:38:58 | 000,070,144 | ---- | M] (Microsoft Corporation) {884e2051-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysNative\CertEnroll.dll [X509 Machine Enrollment Factory] -> [2010-11-21 04:24:15 | 001,975,296 | ---- | M] (Microsoft Corporation) {88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_27] -> [2011-09-22 13:41:33 | 000,112,928 | ---- | M] () {8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\SysNative\RegCtrl.dll [Registration Control] -> [2009-07-14 02:41:53 | 000,049,152 | ---- | M] (Microsoft Corporation) {92337A8C-E11D-11D0-BE48-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [prturl Class] -> [2009-07-14 02:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\SysNative\msnetobj.dll [RMGetLicense Class] -> [2010-11-21 04:24:52 | 000,325,632 | ---- | M] (Microsoft Corporation) {C3701884-B39B-11D1-9D68-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleInstall Class] -> [2009-07-14 02:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_27] -> [2011-09-22 13:41:33 | 000,112,928 | ---- | M] () {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_27] -> [2011-09-22 13:41:33 | 000,112,928 | ---- | M] () {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_27] -> [2011-09-22 13:41:33 | 000,112,928 | ---- | M] () {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysNative\deployJava1.dll [Deployment Toolkit] -> [2011-09-22 13:41:33 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysNative\deployJava1.dll [Deployment Toolkit] -> [2011-09-22 13:41:33 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EE09B103-97E0-11CF-978F-00A02463E06F} [HKLM] -> C:\Windows\SysNative\scrrun.dll [Scripting.Dictionary] -> [2009-07-14 02:41:53 | 000,202,752 | ---- | M] (Microsoft Corporation) < Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\IEAWSDC.DLL [Microsoft Office Template and Media Control] -> [2011-02-18 09:04:04 | 000,196,448 | ---- | M] () {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {0D012ABD-CEED-11D2-9C76-00105AA73033} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysWOW64\icardie.dll [InformationCardSigninHelper Class] -> [2011-10-14 15:34:07 | 000,066,048 | ---- | M] (Microsoft Corporation) {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3050F819-98B5-11CF-BB82-00AA00BDCE0B} [HKLM] -> C:\Windows\SysWOW64\mshtmled.dll [HtmlDlgSafeHelper Class] -> [2012-08-24 07:44:10 | 000,073,216 | ---- | M] (Microsoft Corporation) {31261F21-2B16-45EE-BEAB-07C4CFA18B65} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {333C7BC4-460F-11D0-BC04-0080C7055A83} [HKLM] -> C:\Windows\SysWOW64\tdc.ocx [Tabular Data Control] -> [2011-10-14 15:34:07 | 000,063,488 | ---- | M] (Microsoft Corporation) {3760D689-C63B-4422-9A1D-31CA856CD5C1} [HKLM] -> C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.4.dll [GGClass Class] -> [2011-07-04 18:45:30 | 000,406,112 | ---- | M] (GG Network S.A.) {3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [oleprn Class] -> [2009-07-14 02:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {435899C9-44AB-11D1-AF00-080036234103} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [DSPrintQueue Class] -> [2009-07-14 02:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {444785F1-DE89-4295-863A-D46C3A781394} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {4F664F91-FF01-11D0-8AED-00C04FD7B597} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleSNMP Class] -> [2009-07-14 02:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {4FCEE402-10E9-4446-AE0F-AE48D6D62E9A} [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [Groove Site Client ActiveX] -> [2011-06-12 10:15:00 | 004,221,328 | ---- | M] (Microsoft Corporation) {56A58823-AE99-11D5-B90B-0050DACD1F75} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2011-07-19 04:05:27 | 000,112,416 | ---- | M] (Sun Microsystems, Inc.) {65303443-AD66-11D1-9D65-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleCvt Class] -> [2009-07-14 02:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [Windows Media Player] -> [2010-11-21 04:25:10 | 011,410,432 | ---- | M] (Microsoft Corporation) {760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\SysWOW64\msnetobj.dll [Windows Media Services DRM Storage object] -> [2010-11-21 04:25:10 | 000,265,216 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {884e2049-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysWOW64\CertEnrollCtrl.exe [X509 Enrollment WebClassFactory] -> [2009-07-14 02:14:13 | 000,067,072 | ---- | M] (Microsoft Corporation) {884e2051-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysWOW64\CertEnroll.dll [X509 Machine Enrollment Factory] -> [2010-11-21 04:24:29 | 001,334,272 | ---- | M] (Microsoft Corporation) {88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_27] -> [2011-07-19 04:05:27 | 000,108,320 | ---- | M] () {8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\SysWOW64\RegCtrl.dll [Registration Control] -> [2009-07-14 02:16:13 | 000,041,472 | ---- | M] (Microsoft Corporation) {92337A8C-E11D-11D0-BE48-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [prturl Class] -> [2009-07-14 02:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {9F9C4924-C3F3-4459-A396-9E9E0D8B83D1} [HKLM] -> Reg Error: Key error. [SharePoint OpenDocuments Class] -> File not found {a97b89cd-b65c-49dd-af46-2b772c627456} [HKLM] -> C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll [uTorrentBar API Server] -> [2011-05-09 10:49:38 | 000,176,936 | ---- | M] (Conduit Ltd.) {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\SysWOW64\msnetobj.dll [RMGetLicense Class] -> [2010-11-21 04:25:10 | 000,265,216 | ---- | M] (Microsoft Corporation) {BAD4FE2C-503B-45CC-88CD-4B0574057D11} [HKLM] -> C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSIX.exe [FuturemarkSystemInfoX Class] -> [2011-12-09 14:39:52 | 000,198,560 | ---- | M] (Futuremark Corporation) {BDEADE98-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\OWSCLT.DLL [OWS Post Data] -> [2010-10-20 14:03:46 | 000,519,552 | ---- | M] (Microsoft Corporation) {BDEADE9E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\OWSCLT.DLL [SharePoint Spreadsheet Launcher] -> [2010-10-20 14:03:46 | 000,519,552 | ---- | M] (Microsoft Corporation) {BDEADEDE-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\OWSCLT.DLL [OSE Global Class] -> [2010-10-20 14:03:46 | 000,519,552 | ---- | M] (Microsoft Corporation) {BDEADEF2-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [SharePoint OpenDocuments Class] -> File not found {BDEADEF4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [SharePoint Stssync Handler] -> File not found {C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} [HKLM] -> C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll [Google Update Plugin] -> [2012-09-09 10:51:20 | 000,572,880 | ---- | M] (Google Inc.) {C3701884-B39B-11D1-9D68-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleInstall Class] -> [2009-07-14 02:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {C442AC41-9200-4770-8CC0-7CDB4F245C55} [HKLM] -> C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll [Google Update Plugin] -> [2012-09-09 10:51:20 | 000,572,880 | ---- | M] (Google Inc.) {C514A18E-862A-45d3-8A5E-62CF54D912B6} [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\AUTHZAX.DLL [Microsoft Office 14 Authorization Control] -> [2010-01-09 20:41:04 | 000,054,152 | ---- | M] (Microsoft Corporation) {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2011-09-05 18:04:58 | 000,755,088 | ---- | M] (Adobe Systems, Inc.) {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_27] -> [2011-07-19 04:05:27 | 000,108,320 | ---- | M] () {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_27] -> [2011-07-19 04:05:27 | 000,108,320 | ---- | M] () {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_27] -> [2011-07-19 04:05:27 | 000,108,320 | ---- | M] () {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysWOW64\deployJava1.dll [Deployment Toolkit] -> [2011-07-19 04:05:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysWOW64\deployJava1.dll [Deployment Toolkit] -> [2011-07-19 04:05:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CDEC13B2-0B3C-400E-B909-E27EE89C6799} [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\STSCOPY.DLL [STSUpld CopyCtl Class] -> [2010-03-24 19:22:38 | 000,094,080 | ---- | M] (Microsoft Corporation) {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10x.ocx [Shockwave Flash Object] -> [2011-09-26 11:50:06 | 006,383,776 | R--- | M] (Adobe Systems, Inc.) {DFEAF541-F3E1-4c24-ACAC-99C30715084A} [HKLM] -> c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [Microsoft Silverlight] -> [2012-03-29 02:57:56 | 001,026,632 | ---- | M] ( Microsoft Corporation) {E01D1C6A-4F40-11D3-8958-00105A272DCF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EE09B103-97E0-11CF-978F-00A02463E06F} [HKLM] -> C:\Windows\SysWOW64\scrrun.dll [Scripting.Dictionary] -> [2009-07-14 02:16:13 | 000,163,840 | ---- | M] (Microsoft Corporation) {F9152AEC-3462-4632-8087-EEE3C3CDDA24} [HKLM] -> C:\Program Files (x86)\Google\Google Earth\plugin\ie\6.2.2.6613\plugin_ax.dll [GEPluginCoClass Object] -> [2012-04-14 10:23:10 | 002,415,616 | ---- | M] (Google) < Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ -> 64bit-{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar] -> [2012-09-19 20:57:35 | 000,253,584 | ---- | M] (Google Inc.) {32004B8A-44A9-43E7-84E9-808838809519} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8DCB7100-DF86-4384-8842-8FA844297B3F} [HKLM] -> C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [Bing Bar] -> [2012-06-11 16:22:16 | 001,307,728 | ---- | M] (Microsoft Corporation.) 64bit-{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar Helper] -> [2012-09-19 20:57:35 | 000,253,584 | ---- | M] (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} [HKLM] -> C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll [uTorrentBar Toolbar] -> [2011-05-09 10:49:38 | 000,176,936 | ---- | M] (Conduit Ltd.) {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10x.ocx [Shockwave Flash Object] -> [2011-09-26 11:50:06 | 006,383,776 | R--- | M] (Adobe Systems, Inc.) {D2CE3E00-F94A-4740-988E-03DC2F38C34F} [HKLM] -> C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [Bing Bar Helper] -> [2012-06-11 16:22:16 | 001,307,728 | ---- | M] (Microsoft Corporation.) {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} [HKLM] -> C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL [IplexToALLPlayer] -> [2011-02-09 19:29:08 | 000,400,384 | ---- | M] (ALLCinema Ltd.) < Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ -> 64bit-{02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> C:\Program Files\Microsoft Office\Office14\IEAWSDC.DLL [Microsoft Office Template and Media Control] -> [2011-02-18 09:03:48 | 000,242,528 | ---- | M] () {02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> C:\PROGRA~2\MICROS~1\Office14\IEAWSDC.DLL [Microsoft Office Template and Media Control] -> [2011-02-18 09:04:04 | 000,196,448 | ---- | M] () {1c492e6a-2803-5ed7-83e1-1b1d4d41eb39} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 64bit-{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar] -> [2012-09-19 20:57:35 | 000,253,584 | ---- | M] (Google Inc.) {3760D689-C63B-4422-9A1D-31CA856CD5C1} [HKLM] -> C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.4.dll [GGClass Class] -> [2011-07-04 18:45:30 | 000,406,112 | ---- | M] (GG Network S.A.) {444785F1-DE89-4295-863A-D46C3A781394} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {816BE035-1450-40D0-8A3B-BA7825A83A77} [HKLM] -> C:\Program Files\Lenovo\AcpIRExe\AcpIRExe.exe [IASRunner Class] -> [2007-02-08 11:50:20 | 000,271,984 | ---- | M] (Lenovo (United States) Inc) {8DCB7100-DF86-4384-8842-8FA844297B3F} [HKLM] -> C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [Bing Bar] -> [2012-06-11 16:22:16 | 001,307,728 | ---- | M] (Microsoft Corporation.) {A97B89CD-B65C-49DD-AF46-2B772C627456} [HKLM] -> C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll [uTorrentBar API Server] -> [2011-05-09 10:49:38 | 000,176,936 | ---- | M] (Conduit Ltd.) 64bit-{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar Helper] -> [2012-09-19 20:57:35 | 000,253,584 | ---- | M] (Google Inc.) {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} [HKLM] -> C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll [uTorrentBar Toolbar] -> [2011-05-09 10:49:38 | 000,176,936 | ---- | M] (Conduit Ltd.) {CCA281CA-C863-46EF-9331-5C8D4460577F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10x.ocx [Shockwave Flash Object] -> [2011-09-26 11:50:06 | 006,383,776 | R--- | M] (Adobe Systems, Inc.) {D2CE3E00-F94A-4740-988E-03DC2F38C34F} [HKLM] -> C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [Bing Bar Helper] -> [2012-06-11 16:22:16 | 001,307,728 | ---- | M] (Microsoft Corporation.) {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} [HKLM] -> C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL [IplexToALLPlayer] -> [2011-02-09 19:29:08 | 000,400,384 | ---- | M] (ALLCinema Ltd.) {DFEAF541-F3E1-4C24-ACAC-99C30715084A} [HKLM] -> c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [Microsoft Silverlight] -> [2012-03-29 02:57:56 | 001,026,632 | ---- | M] ( Microsoft Corporation) < 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> .html [@ = ChromeHTML] -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe -> [2012-10-31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) .url [@ = InternetShortcut] -> C:\windows\SysNative\rundll32.exe -> [2009-07-14 02:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) .js [@ = JSFile] -> C:\windows\SysWow64\CScript.exe -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) .jse [@ = JSEFile] -> C:\windows\SysWow64\CScript.exe -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> .vbe [@ = VBEFile] -> C:\windows\SysWow64\CScript.exe -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) .vbs [@ = VBSFile] -> C:\windows\SysWow64\CScript.exe -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) .wsf [@ = WSFFile] -> C:\windows\SysWow64\CScript.exe -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = comfile] -> "%1" %* -> .cpl [@ = cplfile] -> C:\windows\SysWow64\control.exe -> [2009-07-14 02:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation) .exe [@ = exefile] -> "%1" %* -> .html [@ = ChromeHTML] -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe -> [2012-10-31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) .js [@ = JSFile] -> C:\windows\SysWow64\CScript.exe -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) .jse [@ = JSEFile] -> C:\windows\SysWow64\CScript.exe -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> .vbe [@ = VBEFile] -> C:\windows\SysWow64\CScript.exe -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) .vbs [@ = VBSFile] -> C:\windows\SysWow64\CScript.exe -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) .wsf [@ = WSFFile] -> C:\windows\SysWow64\CScript.exe -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) < File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\SOFTWARE\Classes\\ -> .html [@ = ChromeHTML] -> Reg Error: Key error. -> File not found < 64bit-Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found wlpg:{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL[IEProtocolHandler Class] -> [2011-11-03 13:48:40 | 002,156,192 | R--- | M] (Skype Technologies) < 64bit-SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AppMgmt -> Service Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group HelpSvc -> Service MCODS -> Reg Error: Value error. NTDS -> 32bit -> File not found PCI Configuration -> Driver Group PNP Filter -> Driver Group Primary disk -> Driver Group sacsvr -> Service SCSI Class -> Driver Group System Bus Extender -> Driver Group TrustedInstaller -> 32bit -> File not found vmms -> Service WinDefend -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AppInfo -> 64bit -> File not found AppMgmt -> Service Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group DcomLaunch -> 64bit -> File not found EFS -> 64bit -> File not found EventLog -> 64bit -> File not found File system -> Driver Group Filter -> Driver Group HelpSvc -> Service KeyIso -> 64bit -> File not found MCODS -> Reg Error: Value error. Netlogon -> 64bit -> File not found NTDS -> 64bit -> File not found PCI Configuration -> Driver Group PlugPlay -> 64bit -> File not found PNP Filter -> Driver Group Power -> 64bit -> File not found Primary disk -> Driver Group ProfSvc -> 64bit -> File not found RpcEptMapper -> 64bit -> File not found RpcSs -> 64bit -> File not found sacsvr -> Service SCSI Class -> Driver Group sermouse.sys -> 64bit -> File not found SWPRV -> 64bit -> File not found System Bus Extender -> Driver Group TabletInputService -> 64bit -> File not found TBS -> 64bit -> File not found VDS -> 64bit -> File not found vga.sys -> 64bit -> File not found vgasave.sys -> 64bit -> File not found vmms -> Service volmgr.sys -> 64bit -> File not found volmgrx.sys -> 64bit -> File not found WinDefend -> 64bit -> File not found WinMgmt -> 64bit -> File not found WudfPf -> 64bit -> File not found WudfRd -> 64bit -> File not found WudfSvc -> 64bit -> File not found < 64bit-SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AppMgmt -> Service Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group Hamachi2Svc -> 32bit -> File not found HelpSvc -> Service MCODS -> Reg Error: Value error. Messenger -> Service NDIS Wrapper -> Driver Group NetBIOSGroup -> Driver Group NetDDEGroup -> Driver Group Network -> Driver Group NetworkProvider -> Driver Group NTDS -> 32bit -> File not found PCI Configuration -> Driver Group PNP Filter -> Driver Group PNP_TDI -> Driver Group Primary disk -> Driver Group rdsessmgr -> Service sacsvr -> Service SCSI Class -> Driver Group Streams Drivers -> Driver Group System Bus Extender -> Driver Group TDI -> Driver Group TrustedInstaller -> 32bit -> File not found vmms -> Service WinDefend -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) WudfUsbccidDriver -> Driver < SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AFD -> 64bit -> File not found AppInfo -> 64bit -> File not found AppMgmt -> Service Base -> Driver Group BFE -> 64bit -> File not found Boot Bus Extender -> Driver Group Boot file system -> Driver Group bowser -> 64bit -> File not found Browser -> 64bit -> File not found DcomLaunch -> 64bit -> File not found dfsc -> 64bit -> File not found DnsCache -> 64bit -> File not found Dot3Svc -> 64bit -> File not found Eaphost -> 64bit -> File not found EFS -> 64bit -> File not found EventLog -> 64bit -> File not found File system -> Driver Group Filter -> Driver Group Hamachi2Svc -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -> [2012-11-19 21:48:16 | 002,462,128 | ---- | M] (LogMeIn Inc.) HelpSvc -> Service IKEEXT -> 64bit -> File not found ipnat.sys -> 64bit -> File not found KeyIso -> 64bit -> File not found LanmanServer -> 64bit -> File not found LanmanWorkstation -> 64bit -> File not found LmHosts -> 64bit -> File not found MCODS -> Reg Error: Value error. Messenger -> Service MPSDrv -> 64bit -> File not found MPSSvc -> 64bit -> File not found mrxsmb -> 64bit -> File not found mrxsmb10 -> 64bit -> File not found mrxsmb20 -> 64bit -> File not found NativeWifiP -> 64bit -> File not found NDIS -> 64bit -> File not found NDIS Wrapper -> Driver Group ndiscap -> 64bit -> File not found Ndisuio -> 64bit -> File not found NetBIOS -> 64bit -> File not found NetBIOSGroup -> Driver Group NetBT -> 64bit -> File not found NetDDEGroup -> Driver Group Netlogon -> 64bit -> File not found NetMan -> 64bit -> File not found Network -> Driver Group NetworkProvider -> Driver Group NlaSvc -> 64bit -> File not found Nsi -> 64bit -> File not found nsiproxy.sys -> 64bit -> File not found NTDS -> 64bit -> File not found PCI Configuration -> Driver Group PlugPlay -> 64bit -> File not found PNP Filter -> Driver Group PNP_TDI -> Driver Group PolicyAgent -> 64bit -> File not found Power -> 64bit -> File not found Primary disk -> Driver Group ProfSvc -> 64bit -> File not found rdbss -> 64bit -> File not found rdpencdd.sys -> 64bit -> File not found rdsessmgr -> Service RpcEptMapper -> 64bit -> File not found RpcSs -> 64bit -> File not found sacsvr -> Service SCardSvr -> 64bit -> File not found SCSI Class -> Driver Group sermouse.sys -> 64bit -> File not found SharedAccess -> 64bit -> File not found Streams Drivers -> Driver Group SWPRV -> 64bit -> File not found System Bus Extender -> Driver Group TabletInputService -> 64bit -> File not found TBS -> 64bit -> File not found Tcpip -> 64bit -> File not found TDI -> Driver Group VaultSvc -> 64bit -> File not found VDS -> 64bit -> File not found vga.sys -> 64bit -> File not found vgasave.sys -> 64bit -> File not found vmms -> Service volmgr.sys -> 64bit -> File not found volmgrx.sys -> 64bit -> File not found WinDefend -> 64bit -> File not found WinMgmt -> 64bit -> File not found Wlansvc -> 64bit -> File not found WudfPf -> 64bit -> File not found WudfRd -> 64bit -> File not found WudfSvc -> 64bit -> File not found WudfUsbccidDriver -> Driver < 64bit-Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center \\"cval" -> [1] -> File not found 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc \Svc\\"VistaSp1" -> [28 4D B2 76 41 04 CA 01 [binary data]] -> File not found \Svc\\"AntiVirusOverride" -> [0] -> File not found \Svc\\"AntiSpywareOverride" -> [0] -> File not found \Svc\\"FirewallOverride" -> [0] -> File not found 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> -> < Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> < Windows DomainProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile \\"EnableFirewall" -> [1] -> File not found \\"DisableNotifications" -> [0] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging\ -> -> < Windows StandardProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile \\"EnableFirewall" -> [1] -> File not found \\"DisableNotifications" -> [0] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> -> < Session Manager Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager -> *BootExecute* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\BootExecute -> autocheck autochk * -> -> File not found *MultiFile Done* -> -> "ExcludeFromKnownDlls" -> [binary data] -> 64bit-*ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\ObjectDirectories -> \Windows -> \Windows -> [2012-11-20 12:03:57 | 000,000,000 | ---D | M] \RPC Control -> -> File not found *MultiFile Done* -> -> *ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\ObjectDirectories -> \Windows -> \Windows -> [2012-11-20 12:03:57 | 000,000,000 | ---D | M] \RPC Control -> -> File not found *MultiFile Done* -> -> < Session Manager Environment Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment -> 64bit-"ComSpec" -> C:\Windows\SysNative\cmd.exe -> [2010-11-21 04:23:55 | 000,345,088 | ---- | M] (Microsoft Corporation) "ComSpec" -> C:\Windows\SysWOW64\cmd.exe -> [2010-11-21 04:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) "TEMP" -> C:\Windows\Temp -> [2012-11-20 12:56:00 | 000,000,000 | ---D | M] "TMP" -> C:\Windows\Temp -> [2012-11-20 12:56:00 | 000,000,000 | ---D | M] "windir" -> C:\Windows -> [2012-11-20 12:03:57 | 000,000,000 | ---D | M] 64bit-*Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64 -> C:\Program Files (x86)\AMD APP\bin\x86_64 -> [2012-11-12 20:44:11 | 000,000,000 | ---D | M] C:\Program Files (x86)\AMD APP\bin\x86 -> -> File not found C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> [2012-03-24 15:20:13 | 000,000,000 | ---D | M] C:\Program Files\Common Files\Microsoft Shared\Windows Live -> C:\Program Files\Common Files\Microsoft Shared\Windows Live -> [2011-04-20 22:25:21 | 000,000,000 | ---D | M] C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live -> [2011-04-20 22:25:20 | 000,000,000 | ---D | M] %SystemRoot%\system32 -> C:\Windows\SysNative -> File not found %SystemRoot% -> C:\Windows -> [2012-11-20 12:03:57 | 000,000,000 | ---D | M] %SystemRoot%\System32\Wbem -> C:\Windows\SysNative\wbem -> [2011-04-20 13:39:50 | 000,000,000 | ---D | M] %SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ -> C:\windows\SysNative\WindowsPowerShell\v1.0\ -> [2010-11-21 08:06:50 | 000,000,000 | ---D | M] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static -> [2012-11-12 20:43:52 | 000,000,000 | ---D | M] C:\Program Files\Lenovo\Bluetooth Software\ -> C:\Program Files\Lenovo\Bluetooth Software\ -> [2011-04-20 22:10:18 | 000,000,000 | ---D | M] C:\Program Files\Lenovo\Bluetooth Software\syswow64 -> C:\Program Files\Lenovo\Bluetooth Software\syswow64 -> [2011-04-20 22:09:50 | 000,000,000 | ---D | M] C:\Program Files (x86)\Windows Live\Shared -> C:\Program Files (x86)\Windows Live\Shared -> [2011-04-20 22:26:17 | 000,000,000 | ---D | M] c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\ -> c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\ -> [2012-10-04 13:12:30 | 000,000,000 | ---D | M] c:\Program Files\Microsoft SQL Server\100\Tools\Binn\ -> c:\Program Files\Microsoft SQL Server\100\Tools\Binn\ -> [2012-10-04 13:11:36 | 000,000,000 | ---D | M] c:\Program Files\Microsoft SQL Server\100\DTS\Binn\ -> c:\Program Files\Microsoft SQL Server\100\DTS\Binn\ -> [2012-10-04 13:11:49 | 000,000,000 | ---D | M] *MultiFile Done* -> -> *Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64 -> C:\Program Files (x86)\AMD APP\bin\x86_64 -> [2012-11-12 20:44:11 | 000,000,000 | ---D | M] C:\Program Files (x86)\AMD APP\bin\x86 -> -> File not found C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> [2012-03-24 15:20:13 | 000,000,000 | ---D | M] C:\Program Files\Common Files\Microsoft Shared\Windows Live -> C:\Program Files\Common Files\Microsoft Shared\Windows Live -> [2011-04-20 22:25:21 | 000,000,000 | ---D | M] C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live -> [2011-04-20 22:25:20 | 000,000,000 | ---D | M] %SystemRoot%\system32 -> C:\Windows\SysWOW64 -> [2012-11-19 22:27:42 | 000,000,000 | ---D | M] %SystemRoot% -> C:\Windows -> [2012-11-20 12:03:57 | 000,000,000 | ---D | M] %SystemRoot%\System32\Wbem -> C:\Windows\SysWOW64\wbem -> [2011-04-20 13:39:51 | 000,000,000 | ---D | M] %SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ -> C:\windows\SysWow64\WindowsPowerShell\v1.0\ -> [2010-11-21 08:06:51 | 000,000,000 | ---D | M] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static -> [2012-11-12 20:43:52 | 000,000,000 | ---D | M] C:\Program Files\Lenovo\Bluetooth Software\ -> C:\Program Files\Lenovo\Bluetooth Software\ -> [2011-04-20 22:10:18 | 000,000,000 | ---D | M] C:\Program Files\Lenovo\Bluetooth Software\syswow64 -> C:\Program Files\Lenovo\Bluetooth Software\syswow64 -> [2011-04-20 22:09:50 | 000,000,000 | ---D | M] C:\Program Files (x86)\Windows Live\Shared -> C:\Program Files (x86)\Windows Live\Shared -> [2011-04-20 22:26:17 | 000,000,000 | ---D | M] c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\ -> c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\ -> [2012-10-04 13:12:30 | 000,000,000 | ---D | M] c:\Program Files\Microsoft SQL Server\100\Tools\Binn\ -> c:\Program Files\Microsoft SQL Server\100\Tools\Binn\ -> [2012-10-04 13:11:36 | 000,000,000 | ---D | M] c:\Program Files\Microsoft SQL Server\100\DTS\Binn\ -> c:\Program Files\Microsoft SQL Server\100\DTS\Binn\ -> [2012-10-04 13:11:49 | 000,000,000 | ---D | M] *MultiFile Done* -> -> *PATHEXT* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\PATHEXT -> .COM -> -> File not found .EXE -> -> File not found .BAT -> -> File not found .CMD -> -> File not found .VBS -> -> File not found .VBE -> -> File not found .JS -> -> File not found .JSE -> -> File not found .WSF -> -> File not found .WSH -> -> File not found .MSC -> -> File not found *MultiFile Done* -> -> < Session Manager FileRenameOperations Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\FileRenameOperations -> < Session Manager KnownDlls Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDlls -> 64bit-"advapi32" -> C:\windows\SysNative\advapi32.dll -> [2009-07-14 02:40:01 | 000,877,056 | ---- | M] (Microsoft Corporation) 64bit-"clbcatq" -> C:\windows\SysNative\clbcatq.dll -> [2009-07-14 02:40:15 | 000,607,744 | ---- | M] (Microsoft Corporation) 64bit-"COMDLG32" -> C:\windows\SysNative\comdlg32.dll -> [2010-11-21 04:24:22 | 000,594,432 | ---- | M] (Microsoft Corporation) 64bit-"DifxApi" -> C:\windows\SysNative\difxapi.dll -> [2009-07-14 02:40:30 | 000,504,320 | ---- | M] (Microsoft Corporation) 64bit-"DllDirectory" -> C:\Windows\SysNative -> File not found 64bit-"DllDirectory32" -> C:\Windows\SysWOW64 -> [2012-11-19 22:27:42 | 000,000,000 | ---D | M] 64bit-"gdi32" -> C:\windows\SysNative\gdi32.dll -> [2010-11-21 04:24:03 | 000,403,968 | ---- | M] (Microsoft Corporation) 64bit-"IERTUTIL" -> C:\windows\SysNative\iertutil.dll -> [2012-08-24 11:12:04 | 002,144,768 | ---- | M] (Microsoft Corporation) 64bit-"IMAGEHLP" -> C:\windows\SysNative\imagehlp.dll -> [2012-03-01 07:33:50 | 000,081,408 | ---- | M] (Microsoft Corporation) 64bit-"IMM32" -> C:\windows\SysNative\imm32.dll -> [2009-07-14 02:41:09 | 000,167,424 | ---- | M] (Microsoft Corporation) 64bit-"kernel32" -> C:\windows\SysNative\kernel32.dll -> [2012-08-20 19:48:35 | 001,162,240 | ---- | M] (Microsoft Corporation) 64bit-"LPK" -> C:\windows\SysNative\lpk.dll -> [2009-07-14 02:41:19 | 000,041,984 | ---- | M] (Microsoft Corporation) 64bit-"MSCTF" -> C:\windows\SysNative\msctf.dll -> [2009-07-14 02:41:28 | 001,067,008 | ---- | M] (Microsoft Corporation) 64bit-"MSVCRT" -> C:\windows\SysNative\msvcrt.dll -> [2011-12-16 09:46:06 | 000,634,880 | ---- | M] (Microsoft Corporation) 64bit-"NORMALIZ" -> C:\windows\SysNative\normaliz.dll -> [2009-07-14 02:31:40 | 000,002,560 | ---- | M] (Microsoft Corporation) 64bit-"NSI" -> C:\windows\SysNative\nsi.dll -> [2009-07-14 02:41:53 | 000,013,824 | ---- | M] (Microsoft Corporation) 64bit-"ole32" -> C:\windows\SysNative\ole32.dll -> [2010-11-21 04:23:48 | 002,086,912 | ---- | M] (Microsoft Corporation) 64bit-"OLEAUT32" -> C:\windows\SysNative\oleaut32.dll -> [2011-08-27 06:37:49 | 000,861,696 | ---- | M] (Microsoft Corporation) 64bit-"PSAPI" -> C:\windows\SysNative\psapi.dll -> [2009-07-14 02:41:53 | 000,009,216 | ---- | M] (Microsoft Corporation) 64bit-"rpcrt4" -> C:\windows\SysNative\rpcrt4.dll -> [2010-11-21 04:24:02 | 001,219,584 | ---- | M] (Microsoft Corporation) 64bit-"sechost" -> C:\windows\SysNative\sechost.dll -> [2009-07-14 02:41:53 | 000,113,664 | ---- | M] (Microsoft Corporation) 64bit-"Setupapi" -> C:\windows\SysNative\setupapi.dll -> [2010-11-21 04:24:28 | 001,900,544 | ---- | M] (Microsoft Corporation) 64bit-"SHELL32" -> C:\windows\SysNative\shell32.dll -> [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) 64bit-"SHLWAPI" -> C:\windows\SysNative\shlwapi.dll -> [2010-11-21 04:24:22 | 000,448,512 | ---- | M] (Microsoft Corporation) 64bit-"URLMON" -> C:\windows\SysNative\urlmon.dll -> [2012-08-24 11:22:46 | 001,346,048 | ---- | M] (Microsoft Corporation) 64bit-"user32" -> C:\windows\SysNative\user32.dll -> [2010-11-21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) 64bit-"USP10" -> C:\windows\SysNative\usp10.dll -> [2010-11-21 04:24:08 | 000,800,256 | ---- | M] (Microsoft Corporation) 64bit-"WININET" -> C:\windows\SysNative\wininet.dll -> [2012-08-24 11:21:18 | 001,392,128 | ---- | M] (Microsoft Corporation) 64bit-"WLDAP32" -> C:\windows\SysNative\Wldap32.dll -> [2010-11-21 04:24:07 | 000,312,832 | ---- | M] (Microsoft Corporation) 64bit-"WS2_32" -> C:\windows\SysNative\ws2_32.dll -> [2010-11-21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) "advapi32" -> C:\windows\SysWow64\advapi32.dll -> [2010-11-21 04:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) "clbcatq" -> C:\windows\SysWow64\clbcatq.dll -> [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) "COMDLG32" -> C:\windows\SysWow64\comdlg32.dll -> [2010-11-21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) "DifxApi" -> C:\windows\SysWow64\difxapi.dll -> [2009-07-14 02:15:11 | 000,315,904 | ---- | M] (Microsoft Corporation) "DllDirectory" -> C:\Windows\SysWOW64 -> [2012-11-19 22:27:42 | 000,000,000 | ---D | M] "DllDirectory32" -> C:\Windows\SysWOW64 -> [2012-11-19 22:27:42 | 000,000,000 | ---D | M] "gdi32" -> C:\windows\SysWow64\gdi32.dll -> [2010-11-21 04:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) "IERTUTIL" -> C:\windows\SysWow64\iertutil.dll -> [2012-08-24 07:44:35 | 001,793,024 | ---- | M] (Microsoft Corporation) "IMAGEHLP" -> C:\windows\SysWow64\imagehlp.dll -> [2012-03-01 06:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) "IMM32" -> C:\windows\SysWow64\imm32.dll -> [2010-11-21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) "kernel32" -> C:\windows\SysWow64\kernel32.dll -> [2012-08-20 18:37:18 | 001,114,112 | ---- | M] (Microsoft Corporation) "LPK" -> C:\windows\SysWow64\lpk.dll -> [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) "MSCTF" -> C:\windows\SysWow64\msctf.dll -> [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) "MSVCRT" -> C:\windows\SysWow64\msvcrt.dll -> [2011-12-16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) "NORMALIZ" -> C:\windows\SysWow64\normaliz.dll -> [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) "NSI" -> C:\windows\SysWow64\nsi.dll -> [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) "ole32" -> C:\windows\SysWow64\ole32.dll -> [2010-11-21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) "OLEAUT32" -> C:\windows\SysWow64\oleaut32.dll -> [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) "PSAPI" -> C:\windows\SysWow64\psapi.dll -> [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) "rpcrt4" -> C:\windows\SysWow64\rpcrt4.dll -> [2010-11-21 04:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) "sechost" -> C:\windows\SysWow64\sechost.dll -> [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) "Setupapi" -> C:\windows\SysWow64\setupapi.dll -> [2010-11-21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) "SHELL32" -> C:\windows\SysWow64\shell32.dll -> [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "SHLWAPI" -> C:\windows\SysWow64\shlwapi.dll -> [2010-11-21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) "URLMON" -> C:\windows\SysWow64\urlmon.dll -> [2012-08-24 07:51:50 | 001,103,872 | ---- | M] (Microsoft Corporation) "user32" -> C:\windows\SysWow64\user32.dll -> [2010-11-21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) "USP10" -> C:\windows\SysWow64\usp10.dll -> [2010-11-21 04:24:16 | 000,626,176 | ---- | M] (Microsoft Corporation) "WININET" -> C:\windows\SysWow64\wininet.dll -> [2012-08-24 07:51:27 | 001,129,472 | ---- | M] (Microsoft Corporation) "WLDAP32" -> C:\windows\SysWow64\Wldap32.dll -> [2010-11-21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) "WS2_32" -> C:\windows\SysWow64\ws2_32.dll -> [2010-11-21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> 64bit-batfile [open] -> "%1" %* 64bit-cmdfile [open] -> "%1" %* 64bit-comfile [open] -> "%1" %* 64bit-exefile [open] -> "%1" %* 64bit-htmlfile [print] -> rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" 64bit-http [open] -> "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" -> [2012-10-31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) 64bit-https [open] -> "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" -> [2012-10-31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) 64bit-inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009-07-14 02:39:13 | 000,010,240 | ---- | M] (Microsoft Corporation) 64bit-InternetShortcut [open] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l -> [2009-07-14 02:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) 64bit-InternetShortcut [print] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" -> [2009-07-14 02:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) 64bit-jsfile [open] -> %SystemRoot%\SysWow64\CScript.exe "%1" %* -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) 64bit-jsefile [open] -> %SystemRoot%\SysWow64\CScript.exe "%1" %* -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) 64bit-piffile [open] -> "%1" %* 64bit-scrfile [config] -> "%1" 64bit-scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l 64bit-scrfile [open] -> "%1" /S 64bit-vbefile [open] -> %SystemRoot%\SysWow64\CScript.exe "%1" %* -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) 64bit-vbsfile [open] -> %SystemRoot%\SysWow64\CScript.exe "%1" %* -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) 64bit-wsffile [open] -> %SystemRoot%\SysWow64\CScript.exe "%1" %* -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) 64bit-Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 64bit-Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2010-11-21 04:23:55 | 000,345,088 | ---- | M] (Microsoft Corporation) 64bit-Directory [find] -> %SystemRoot%\Explorer.exe -> [2011-02-25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) 64bit-Directory [Winamp.Bookmark] -> "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" -> [2011-07-11 22:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) 64bit-Directory [Winamp.Enqueue] -> "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" -> [2011-07-11 22:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) 64bit-Directory [Winamp.Play] -> "C:\Program Files (x86)\Winamp\winamp.exe" "%1" -> [2011-07-11 22:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) 64bit-Folder [open] -> %SystemRoot%\Explorer.exe -> [2011-02-25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) 64bit-Drive [find] -> %SystemRoot%\Explorer.exe -> [2011-02-25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> cplfile [cplopen] -> %SystemRoot%\System32\control.exe "%1",%* -> [2009-07-14 02:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation) exefile [open] -> "%1" %* -> htmlfile [print] -> rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" -> http [open] -> "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" -> [2012-10-31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) https [open] -> "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" -> [2012-10-31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009-07-14 02:14:21 | 000,009,216 | ---- | M] (Microsoft Corporation) jsfile [open] -> %SystemRoot%\SysWow64\CScript.exe "%1" %* -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) jsefile [open] -> %SystemRoot%\SysWow64\CScript.exe "%1" %* -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) piffile [open] -> "%1" %* -> scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> scrfile [open] -> "%1" /S -> vbefile [open] -> %SystemRoot%\SysWow64\CScript.exe "%1" %* -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) vbsfile [open] -> %SystemRoot%\SysWow64\CScript.exe "%1" %* -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) wsffile [open] -> %SystemRoot%\SysWow64\CScript.exe "%1" %* -> [2009-07-14 02:14:16 | 000,126,976 | ---- | M] (Microsoft Corporation) Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2010-11-21 04:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) Directory [find] -> %SystemRoot%\Explorer.exe -> [2011-02-25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) Directory [Winamp.Bookmark] -> "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" -> [2011-07-11 22:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) Directory [Winamp.Enqueue] -> "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" -> [2011-07-11 22:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) Directory [Winamp.Play] -> "C:\Program Files (x86)\Winamp\winamp.exe" "%1" -> [2011-07-11 22:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) Folder [open] -> %SystemRoot%\Explorer.exe -> [2011-02-25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2011-02-25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) < Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> ldap -> 4 = Restricted sites (Not a Default Protocol) -> news -> 4 = Restricted sites (Not a Default Protocol) -> nntp -> 4 = Restricted sites (Not a Default Protocol) -> oecmd -> 4 = Restricted sites (Not a Default Protocol) -> snews -> 4 = Restricted sites (Not a Default Protocol) -> < Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> @ivt -> @ivt protocol not assigned -> file -> file protocol not assigned -> ftp -> ftp protocol not assigned -> http -> http protocol not assigned -> https -> https protocol not assigned -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> @ivt -> @ivt protocol not assigned -> file -> file protocol not assigned -> ftp -> ftp protocol not assigned -> http -> http protocol not assigned -> https -> https protocol not assigned -> shell -> shell protocol not assigned -> < 64bit-Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {034106B5-54B7-467F-B477-5B7DBB492624} -> Microsoft Sync Framework Services v1.0 SP1 (x64) {0407893F-352C-B182-E04A-A8C3333DA29B} -> AMD Drag and Drop Transcoding {071c9b48-7c32-4621-a0ac-3f809523288f} -> Microsoft Visual C++ 2005 Redistributable (x64) {0826F9E4-787E-481D-83E0-BC6A57B056D5} -> Microsoft SQL Server VSS Writer {0DCAB5DD-CC69-271A-CF03-F2BD6B60BD8A} -> AMD Media Foundation Decoders {0F37D969-1260-419E-B308-EF7D29ABDE20} -> Web Deployment Tool {1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B} -> Microsoft Team Foundation Server 2010 Object Model - ENU {1B8ABA62-74F0-47ED-B18C-A43128E591B8} -> Windows Live ID Sign-in Assistant {1CB6C387-65A7-327F-B4A5-7DDC75A291AF} -> Microsoft Visual Studio 2010 Office Developer Tools (x64) {1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3} -> Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) {1D8E6291-B0D5-35EC-8441-6616F567A0F7} -> Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 {23170F69-40C1-2702-0920-000001000000} -> 7-Zip 9.20 (x64 edition) {2426E29F-9E8C-4C0B-97FC-0DB690C1ED98} -> Windows Live Remote Client Resources {26A24AE4-039D-4CA4-87B4-2F86416027FF} -> Java(TM) 6 Update 27 (64-bit) {27D28586-BEF1-4E06-8787-3B1FC3A41489} -> Internet Manager {2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF} -> Sql Server Customer Experience Improvement Program {436E0B79-2CFB-4E5F-9380-E17C1B25D0C5} -> Lenovo Bluetooth with Enhanced Data Rate Software {46DA7FD9-8BC1-7BA8-98D1-27F46647871B} -> AMD Catalyst Install Manager {46F4D124-20E5-4D12-BE52-EC177A7A4B42} -> Lenovo OneKey Recovery {480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF} -> Windows Live Remote Service Resources {4A8CE6D7-4D52-43B9-970B-03FC75FAD667} -> Microsoft SQL Server System CLR Types (x64) {4B6C7001-C7D6-3710-913E-5BC23FCE91E6} -> Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 {503F672D-6C84-448A-8F8F-4BC35AC83441} -> AMD APP SDK Runtime {504184A2-1B0E-5D93-603A-517E93E7EDB3} -> AMD Accelerated Video Transcoding {5340A3B5-3853-4745-BED2-DD9FF5371331} -> Microsoft SQL Server 2008 Common Files {57580625-C673-7FEA-8791-E84B7AAF5069} -> ccc-utility64 {5783F2D7-A001-0415-0102-0060B0CE6BBA} -> AutoCAD 2012 - Polski {5783F2D7-A001-0415-1102-0060B0CE6BBA} -> AutoCAD 2012 Language Pack - Polski {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} -> Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 {662014D2-0450-37ED-ABAE-157C88127BEB} -> Visual Studio 2010 Prerequisites - English {7ACE202B-1B01-4B43-B6AE-03D66D621CDE} -> Microsoft SQL Server 2008 RsFx Driver {8220EEFE-38CD-377E-8595-13398D740ACE} -> Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 {8438EC02-B8A9-462D-AC72-1B521349C001} -> Microsoft Sync Framework Runtime v1.0 SP1 (x64) {867DE0DC-A93F-41EA-9654-A212514FA946} -> Oracle VM VirtualBox 4.2.4 {88BAE373-00F4-3E33-828F-96E89E5E0CB9} -> Microsoft Visual Studio 2010 IntelliTrace Collection (x64) {88D426A2-4FDF-428B-96F9-CE04F413D5C1} -> ESET NOD32 Antivirus {893F27E6-D6BE-4B9F-80E6-0ADA694A31A8} -> Microsoft SQL Server 2008 Common Files {8E34682C-8118-31F1-BC4C-98CD9675E1C2} -> Microsoft .NET Framework 4 Extended {8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7} -> Microsoft .NET Framework 4 Extended PLK Language Pack {8FF0ACBD-17A5-3637-95F4-D7C69723E2BF} -> Microsoft Visual Studio 2010 Performance Collection Tools - ENU {90140000-002A-0000-1000-0000000FF1CE} -> Microsoft Office Office 64-bit Components 2010 {90140000-002A-0415-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit MUI (Polish) 2010 {90140000-006D-0415-1000-0000000FF1CE} -> Moduł Szybka instalacja pakietu Microsoft Office 2010 {94D70749-4281-39AC-AD90-B56A0E0A402E} -> Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 {95120000-00B9-0409-1000-0000000FF1CE} -> Microsoft Application Error Reporting {A49402DD-2781-3782-B0CF-52BDA349E3F3} -> Microsoft .NET Framework 4 Client Profile PLK Language Pack {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028} -> Microsoft Visual C++ 2005 Redistributable (x64) {B40EE88B-400A-4266-A17B-E3DE64E94431} -> Microsoft SQL Server 2008 Setup Support Files {B6E3757B-5E77-3915-866A-CCFC4B8D194C} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 {BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1} -> Microsoft SQL Server 2008 Native Client {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04} -> PlayReady PC Runtime amd64 {BD430C50-784F-32CD-87E7-A8C47EE6107F} -> Microsoft Visual Studio 2010 Tools for Office Runtime (x64) {CC8BA866-16A7-4667-BA0C-C494A1E7B2BF} -> Microsoft SQL Server 2008 Database Engine Shared {D07A61E5-A59C-433C-BCBD-22025FA2287B} -> Windows Live Language Selector {D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3} -> Microsoft SQL Server Compact 3.5 SP2 x64 ENU {DA54F80E-261C-41A2-A855-549A144F2F59} -> Windows Live MIME IFilter {DA67488A-2689-4F10-B90F-D2F6977509D6} -> Microsoft SQL Server 2008 R2 Management Objects (x64) {DF167CE3-60E7-44EA-99EC-2507C51F37AE} -> Microsoft SQL Server 2008 Database Engine Shared {DF6D988A-EEA0-4277-AAB8-158E086E439B} -> Windows Live Remote Client {E02A6548-6FDE-40E2-8ED9-119D7D7E641F} -> Windows Live Remote Service {E552C39C-C70E-464F-9733-8311331BDD90} -> Dodatek Autodesk Inventor Fusion Language Pack dla programu AutoCAD 2012 {EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC} -> Dodatek Autodesk Inventor Fusion dla programu AutoCAD 2012 {EEB3F6BB-318D-4CE5-989F-8191FCBFB578} -> Ventrilo Client for Windows x64 {F5079164-1DB9-3BDA-853B-F78AF67CE071} -> Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} -> Microsoft .NET Framework 4 Client Profile {FA7394B8-CE65-4F9E-AC99-F372AD365424} -> Microsoft SQL Server 2008 Database Engine Services {FBD367D1-642F-47CF-B79B-9BE48FB34007} -> Microsoft SQL Server 2008 Database Engine Services {FCADA26A-5672-31DD-BF0E-BA76ECF9B02D} -> Microsoft Help Viewer 1.0 {FFF5619F-6669-4EC5-A85E-9994F70A9E5D} -> Autodesk Inventor Fusion 2012 {FFF7F80F-929E-497F-A112-B070DE816128} -> Autodesk Inventor Fusion 2012 Language Pack AutoCAD 2012 - Polski -> AutoCAD 2012 - Polski Autodesk Inventor Fusion 2012 -> Autodesk Inventor Fusion 2012 CCleaner -> CCleaner CNXT_AUDIO_HDA -> Conexant HD Audio Dodatek Autodesk Inventor Fusion dla programu AutoCAD 2012 -> Autodesk Inventor Fusion plug-in for AutoCAD 2012 EA12B1FB53CE4E387C31A85236C41EF559B5E392 -> Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) Lenovo EE Boot Optimizer -> Lenovo EE Boot Optimizer Microsoft .NET Framework 4 Client Profile -> Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile PLK Language Pack -> Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended -> Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended PLK Language Pack -> Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended Microsoft Help Viewer 1.0 -> Microsoft Help Viewer 1.0 Microsoft SQL Server 10 -> Microsoft SQL Server 2008 (64-bit) Microsoft SQL Server 10 Release -> Microsoft SQL Server 2008 (64-bit) Microsoft Team Foundation Server 2010 Object Model - ENU -> Microsoft Team Foundation Server 2010 Object Model - ENU Microsoft Visual Studio 2010 Tools for Office Runtime (x64) -> Microsoft Visual Studio 2010 Tools for Office Runtime (x64) SynTPDeinstKey -> Synaptics Pointing Device Driver TeamSpeak 3 Client -> TeamSpeak 3 Client WinRAR archiver -> WinRAR 4.01 (64-bitowy) < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {01FB4998-33C4-4431-85ED-079E3EEFE75D} -> Lenovo YouCam {02B244A2-7F6A-42E8-A36F-8C385D7A1625} -> Gothic III {048298C9-A4D3-490B-9FF9-AB023A9238F3} -> Steam(TM) {0654EA5D-308A-4196-882B-5C09744A5D81} -> Windows Live Photo Common {086F9A69-CD39-4893-A9FB-D3A0634CE3F7} -> Usługa Autodesk Content Service {08B3869E-D282-424C-9AFC-870E04A4BA14} -> Rockstar Games Social Club {0B0F231F-CE6A-483D-AA23-77B364F75917} -> Windows Live Installer {0C1931EB-8339-4837-8BEC-75029BF42734} -> Windows Live UX Platform Language Pack {0DDCEC37-369C-484B-B16D-B4413FD42FB9} -> Microsoft SQL Server 2008 R2 Data-Tier Application Framework {0E3DFC64-CC49-4BE2-8C9C-58EF129675DB} -> Microsoft Sync Framework SDK v1.0 SP1 {0F7A6FD0-87F5-FB5D-973C-CF604DE1BC6B} -> CCC Help Polish {112C23F2-C036-4D40-BED4-0CB47BF5555C} -> Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU {14DD7530-CCD2-3798-B37D-3839ED6A441C} -> Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools {1803A630-3C38-4D2B-9B9A-0CB37243539C} -> Microsoft ASP.NET MVC 2 {18455581-E099-4BA8-BC6B-F34B2F06600C} -> Google Toolbar for Internet Explorer {1A9BE3D6-4D53-2C9D-B77D-562D85936B91} -> CCC Help Norwegian {1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF} -> Bing Bar {1C36647E-F5BD-43E9-BA64-5F274B7F7051}_is1 -> Symulator Jazdy 2 v.1.0 {1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1 -> World of Tanks {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} -> Junk Mail filter update {1F77C418-2C90-459C-BD33-B56A4182B9FA} -> System Requirements Lab CYRI {200FEC62-3C34-4D60-9CE8-EC372E01C08F} -> Windows Live SOXE Definitions {2012098D-EEE9-4769-8DD3-B038050854D4} -> Microsoft Silverlight 3 SDK {210DFA65-F805-1A2B-4F83-8E27279AE385} -> Catalyst Control Center Graphics Previews Common {2318C2B1-4965-11d4-9B18-009027A5CD4F} -> Google Toolbar for Internet Explorer {26A24AE4-039D-4CA4-87B4-2F83216024FF} -> Java(TM) 6 Update 27 {26E3C07C-7FF7-4362-9E99-9E49E383CF16} -> Windows Live Writer Resources {29822CAD-C76A-0BEE-55F5-AAA524DA814F} -> CCC Help Greek {29E44E9D-ACB2-4D2D-849F-5361C941B7E1} -> ArcSoft TotalMedia 3.5 {2A2F3AE8-246A-4252-BB26-1BEB45627074} -> Microsoft SQL Server System CLR Types {2C7E8AA1-9C03-4606-BF34-5D99D07964DA} -> Windows Live Messenger {2D9FEBEE-F1B7-344F-BFDF-760E18332D96} -> Microsoft Visual Studio 2010 SharePoint Developer Tools {3108C217-BE83-42E4-AE9E-A56A2A92E549} -> Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver {33286280-8617-11E1-8FF6-B8AC6F97B88E} -> Google Earth Plug-in {3336F667-9049-4D46-98B6-4C743EEBC5B1} -> Windows Live Photo Gallery {3A1293DF-7D09-BB0F-9576-EC47EE4A9362} -> CCC Help Italian {3A9FC03D-C685-4831-94CF-4EDFD3749497} -> Microsoft SQL Server Compact 3.5 SP2 ENU {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} -> Intel(R) Rapid Storage Technology {40416836-56CC-4C0E-A6AF-5C34BADCE483} -> Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools {4061B869-37CE-4C4A-7EA3-04B53AB1F2DB} -> HydraVision {40BF1E83-20EB-11D8-97C5-0009C5020658} -> Power2Go {41B31ABE-5A6E-498A-8F28-3BA3B8779A41} -> Dotfuscator Software Services - Community Edition {46EDCFA5-7EDB-46A9-B093-1C6237470CEC} -> 3DMark 11 {47416F0B-6589-591E-C6F8-4235D2230B14} -> Catalyst Control Center InstallProxy {4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater {4A5667B2-5D13-46C2-85B5-9D46A6096F61} -> Secure Download Manager {4CB0307C-565E-4441-86BE-0DF2E4FB828C} -> Microsoft Games for Windows Marketplace {4E968D9C-21A7-4915-B698-F7AEB913541D} -> Microsoft SQL Server 2008 R2 Management Objects {6068A42A-C1CF-45F2-9859-5DB16287FE5D} -> msvcrt_installer {625FC7D1-656D-1BEC-F86F-3EACAFDAA8FE} -> CCC Help English {62BBB2F0-E220-4821-A564-730807D2C34D} -> Realtek USB 2.0 Reader Driver {64376910-1860-4CEF-8B34-AA5D205FC5F1} -> Poczta usługi Windows Live {65153EA5-8B6E-43B6-857B-C6E4FC25798A} -> Intel(R) Management Engine Components {65420DC9-306E-4371-905F-F4DC3B418E52} -> Autodesk Material Library Base Resolution Image Library 2012 {682B3E4F-696A-42DE-A41C-4C07EA1678B4} -> Windows Live SOXE {6A86554B-8928-30E4-A53C-D7337689134D} -> Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 {6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3} -> Microsoft Visual Studio Macro Tools {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} -> Microsoft Visual C++ 2005 Redistributable {7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable {729A3000-BC8A-3B74-BA5D-5068FE12D70C} -> Microsoft Visual F# 2.0 Runtime {7351EEF8-9D6C-5F46-5A19-F2C7456CE132} -> CCC Help German {73877A89-A11E-43D6-9A15-A77FF0F48C8F} -> AMD GPU Clock Tool {78C3657E-742C-40B1-9F53-E5A921D40F17} -> Microsoft SQL Server 2008 R2 Transact-SQL Language Service {7A9D47BA-6D50-4087-866F-0800D8B89383} -> Podstawowe programy Windows Live {7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1 -> Need For Speed™ World {7F172E34-4107-8964-6AEA-5051FFD265FF} -> CCC Help Portuguese {837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable {83C292B7-38A5-440B-A731-07070E81A64F} -> Windows Live PIMT Platform {86095E92-1959-8364-920E-82E81F64F8FB} -> Catalyst Control Center {888F1505-C2B3-4FDE-835D-36353EBD4754} -> Ubisoft Game Launcher {89D05F35-933A-89C0-B935-C92BEE4229BD} -> CCC Help French {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight {8C6D6116-B724-4810-8F2D-D047E6B7D68E} -> Mesh Runtime {8DC910CD-8EE3-4ffc-A4EB-9B02701059C4} -> Battlefield Heroes {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} -> MSVCRT {8F0837C2-EE09-4903-88F3-1976FE7FFF4E} -> Autodesk Material Library 2012 {90140000-0011-0000-0000-0000000FF1CE} -> Microsoft Office Professional Plus 2010 {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-0015-0415-0000-0000000FF1CE} -> Microsoft Office Access MUI (Polish) 2010 {90140000-0015-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-0016-0415-0000-0000000FF1CE} -> Microsoft Office Excel MUI (Polish) 2010 {90140000-0016-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-0018-0415-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (Polish) 2010 {90140000-0018-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-0019-0415-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (Polish) 2010 {90140000-0019-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-001A-0415-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (Polish) 2010 {90140000-001A-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-001B-0415-0000-0000000FF1CE} -> Microsoft Office Word MUI (Polish) 2010 {90140000-001B-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-001F-0407-0000-0000000FF1CE} -> Microsoft Office Proof (German) 2010 {90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2010 {90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-001F-0415-0000-0000000FF1CE} -> Microsoft Office Proof (Polish) 2010 {90140000-001F-0415-0000-0000000FF1CE}_Office14.PROPLUS_{1D751709-BA6C-49E2-844B-4F4F20F410C9} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-002A-0415-1000-0000000FF1CE}_Office14.PROPLUS_{0844B6E1-0A6F-4D81-8BCF-48F883F521FE} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-002C-0415-0000-0000000FF1CE} -> Microsoft Office Proofing (Polish) 2010 {90140000-002C-0415-0000-0000000FF1CE}_Office14.PROPLUS_{6606F321-8216-466E-981E-B75A14C46894} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-0044-0415-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (Polish) 2010 {90140000-0044-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-006E-0415-0000-0000000FF1CE} -> Microsoft Office Shared MUI (Polish) 2010 {90140000-006E-0415-0000-0000000FF1CE}_Office14.PROPLUS_{6AF8887A-72F7-4FA0-ABE4-396172B64550} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-00A1-0415-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (Polish) 2010 {90140000-00A1-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4} -> Microsoft Office 2010 Service Pack 1 (SP1) {90140000-00BA-0415-0000-0000000FF1CE} -> Microsoft Office Groove MUI (Polish) 2010 {90140000-00BA-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4} -> Microsoft Office 2010 Service Pack 1 (SP1) {92EA4134-10D1-418A-91E1-5A0453131A38} -> Windows Live Movie Maker {95120000-00B9-0409-0000-0000000FF1CE} -> Microsoft Application Error Reporting {951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C} -> FARO LS 1.1.406.58 {9530AE42-DAE1-4619-9594-B23487285D17} -> NVIDIA PhysX {959E4378-CCA1-E4E4-2425-793DA92E8D95} -> CCC Help Czech {96BB3C67-4EB4-9757-E0C2-C0D2FE9053B1} -> CCC Help Turkish {974F4B73-2017-E174-9070-3F58F01B341F} -> CCC Help Danish {98E20A18-3C29-86FA-50B4-918C2B34A082} -> CCC Help Hungarian {9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 {9BE518E6-ECC6-35A9-88E4-87755C07200F} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 {9D56775A-93F3-44A3-8092-840E3826DE30} -> Windows Live Mail {9E2E5EB3-DC6E-9277-E9DB-13175E7DDA39} -> CCC Help Dutch {9E4F7DD0-C596-4501-AE16-77F18F7EE694} -> Angry Birds Seasons {A49F249F-0C91-497F-86DF-B2585E8E76B7} -> Microsoft Visual C++ 2005 Redistributable {A726AE06-AAA3-43D1-87E3-70F510314F04} -> Windows Live Writer {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper {A9BDCA6B-3653-467B-AC83-94367DA3BFE3} -> Windows Live Photo Common {AAACC0A5-4382-04D0-C75E-0669C7B949B6} -> CCC Help Japanese {AAAFC670-569B-4A2F-82B4-42945E0DE3EF} -> Windows Live Writer {AC41D924-8C68-4BD5-A7A1-0AE4176C31A6} -> Crystal Reports for Visual Studio {AC76BA86-7AD7-1045-7B44-AA1000000001} -> Adobe Reader X (10.1.1) - Polish {ACE28263-76A4-4BF5-B6F4-8BD719595969} -> Microsoft SQL Server Database Publishing Wizard 1.4 {ACEF4078-9B86-2455-E18D-34D52D37D9D5} -> CCC Help Chinese Standard {ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333} -> Lenovo EasyCamera {B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7} -> Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych {B2164CCB-C002-4B80-8550-7535D80DF237} -> Lenovo DirectShare {B55FB422-B803-11F5-5582-B3666EA1B9AC} -> Catalyst Control Center Localization All {B8010864-15F8-613B-20EF-AC35B14B3E0D} -> CCC Help Russian {BC0464FA-A0BA-3E38-85BF-DC5B3A401F48} -> Microsoft Visual Studio 2010 Ultimate - ENU {BEE64C14-BEF1-4610-8A68-A16EAA47B882} -> Futuremark SystemInfo {BF35168D-F6F9-4202-BA87-86B5E3C9BF7A} -> Windows Live Mesh {C1342411-5A98-DE8A-5629-D0C518E1C280} -> CCC Help Finnish {C2523AE6-F335-4D0B-BC15-1C07E4ACE629} -> Pro Evolution Soccer 2013 {C688457E-03FD-4941-923B-A27F4D42A7DD} -> Microsoft SQL Server 2008 Browser {CAE017F8-C238-4397-879B-7FBB915D9457} -> LogMeIn Hamachi {CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431} -> Galeria fotografii usługi Windows Live {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} -> Windows Live UX Platform {CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE} -> Microsoft .NET Framework 4 Multi-Targeting Pack {D08B4177-5160-6B66-8934-2F9012134D61} -> CCC Help Thai {D0956C11-0F60-43FE-99AD-524E833471BB} -> Energy Management {D0B44725-3666-492D-BEF6-587A14BD9BD9} -> MSVCRT_amd64 {D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1 -> Rapture3D 2.4.11 Game {D34A6029-FB1A-9EA8-A938-5393F82A3A00} -> CCC Help Korean {D3694B69-6F8C-42D3-8A0A-EB2AB528C02C} -> Atheros Client Installation Program {D45240D3-B6B3-4FF9-B243-54ECE3E10066} -> Windows Live Communications Platform {D64833F8-860D-4216-8EDC-DD08AD68C0B5} -> LibreOffice 3.4 {D76999C8-BE29-1C28-488D-01E96A0ECD54}_is1 -> Virtua Tennis 4 version 1.0 {DB9E4EAB-2717-499F-8D56-4CC8A644AB60} -> MPlayer for Windows (Full Package) {DECDCB7C-58CC-4865-91AF-627F9798FE48} -> Windows Live Mesh {DF5A03CC-D5AA-43D8-B948-D9903F2AF94A} -> Counter-Strike(TM) {E09C4DB7-630C-4F06-A631-8EA7239923AF} -> D3DX10 {E2F0AF23-FE2F-4222-9A43-55E63CC41EF1} -> Catalyst Control Center - Branding {E3A09D13-4D40-3CF8-7D32-8BD55F8D1533} -> CCC Help Spanish {E55E0C35-AC3C-4683-BA2F-834348577B80} -> Windows Live Writer {E5AE9031-79A5-4627-9641-BEFA82819B08} -> Microsoft SQL Server 2008 R2 Data-Tier Application Project {EB4DF488-AAEF-406F-A341-CB2AAA315B90} -> Windows Live Messenger {EBBE64F6-7E23-5857-891F-045560AECC7F} -> Application Profiles {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8} -> Skype™ 5.10 {F07C2CF8-4C53-4EC3-8162-A6221E36EB88} -> Podręcznik użytkownika {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU] {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} -> Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 {F2508213-9989-4E85-A078-72BE483917EF} -> Microsoft Games for Windows - LIVE Redistributable {F2C35491-9323-3AE7-6023-6B4128045153} -> CCC Help Swedish {F6BC20A5-3C48-4675-BDE6-E2E6FED30B9D} -> IRRecevie {F80E5450-3EF3-4270-B26C-6AC53BEC5E76} -> Windows Live Movie Maker {FC66A32F-1A57-AC5C-4F12-DAC2F4CB77A0} -> CCC Help Chinese Traditional {FCDBEA60-79F0-4FAE-BBA8-55A26C609A49} -> Visual Studio 2008 x64 Redistributables {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX Adobe Flash Player Plugin -> Adobe Flash Player 11 Plugin Age of Conan_is1 -> Age of Conan: Unchained ALLPlayer_is1 -> ALLPlayer V4.X Call of Duty -> Call of Duty Cities XL 2012 -> Cities XL 2012 Crossfire Europe -> Crossfire Europe DAEMON Tools Lite -> DAEMON Tools Lite Dzielenie i łączenie plików_is1 -> Dzielenie i łączenie plików v1.2.2 FreeArc -> FreeArc 0.666 Gadu-Gadu 10 -> Gadu-Gadu 10 Google Chrome -> Google Chrome HP DVB-T TV Tuner -> HP DVB-T TV Tuner 8.0.64.43 Improvement System Improve -> Improvement System Improve 1.11 InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} -> Lenovo YouCam InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42} -> Lenovo OneKey Recovery InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237} -> Lenovo DirectShare InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB} -> Energy Management InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88} -> UserGuide KLiteCodecPack_is1 -> K-Lite Codec Pack 7.9.0 (Full) LogMeIn Hamachi -> LogMeIn Hamachi Microsoft Visual Studio 2010 Ultimate - ENU -> Microsoft Visual Studio 2010 Ultimate - ENU Microsoft Visual Studio Macro Tools -> Microsoft Visual Studio Macro Tools MiNODLogin -> ESET Antivirus License Finder (MiNODLogin) Mount&Blade Warband -> Mount&Blade Warband Mozilla Firefox 14.0.1 (x86 pl) -> Mozilla Firefox 14.0.1 (x86 pl) MozillaMaintenanceService -> Mozilla Maintenance Service Office14.Click2Run -> Moduł Szybka instalacja pakietu Microsoft Office 2010 Office14.PROPLUS -> Microsoft Office Professional Plus 2010 OpenAL -> OpenAL Origin -> Origin PunkBusterSvc -> PunkBuster Services RMVB Player_is1 -> RMVB Player 1.0 RocketDock_is1 -> RocketDock 1.3.5 Rockstar Games Social Club -> Rockstar Games Social Club Sapphire TRIXX -> Sapphire TRIXX SpeedFan -> SpeedFan (remove only) Steam App 218 -> Source SDK Base 2007 Steam App 240 -> Counter-Strike: Source Steam App 260 -> Counter-Strike: Source Beta Steam App 440 -> Team Fortress 2 SubEdit-Player_is1 -> SubEdit-Player Teamspeak 2 RC2_is1 -> TeamSpeak 2 RC2 TeamViewer 7 -> TeamViewer 7 TechPowerUp GPU-Z -> TechPowerUp GPU-Z The Walking Dead Episode 3 (c) TellTale Games_is1 -> The Walking Dead Episode 3 (c) TellTale Games version 1 The.Walking.Dead_is1 -> The.Walking.Dead uTorrent -> µTorrent uTorrentBar Toolbar -> uTorrentBar Toolbar VeriFace -> VeriFace Viking: Battle for Asgard_is1 -> Viking: Battle for Asgard Winamp -> Winamp WinLiveSuite -> Podstawowe programy Windows Live World of Warcraft -> World of Warcraft Xfire -> Xfire (remove only) < Uninstall List [HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\] > -> HKEY_USERS\S-1-5-21-2388659095-55667830-214554767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> CodeBlocks -> CodeBlocks UnityWebPlayer -> Unity Web Player Winamp Detect -> Detektor Winampa < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 2012-07-26 05:34:07 Computer Name = User-Komputer | Source = WinMgmt | ID = 10 -> Description = Application [ Error ] 2012-07-27 07:11:37 Computer Name = User-Komputer | Source = Application Error | ID = 1000 -> Description = Nazwa aplikacji powodującej błąd: PopWnd.exe, wersja: 0.0.1.4, sygnatura czasowa: 0x4cd26316 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x002cfe25 Identyfikator procesu powodującego błąd: 0x5b0 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd6be88e1f9853 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: d4f29c15-d7db-11e1-9367-b870f407746d Application [ Error ] 2012-07-27 07:12:59 Computer Name = User-Komputer | Source = WinMgmt | ID = 10 -> Description = Application [ Error ] 2012-07-29 11:18:52 Computer Name = User-Komputer | Source = Application Error | ID = 1000 -> Description = Nazwa aplikacji powodującej błąd: PopWnd.exe, wersja: 0.0.1.4, sygnatura czasowa: 0x4cd26316 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x003dfe33 Identyfikator procesu powodującego błąd: 0x6b0 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd6d9d6c1422b2 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: b3beab34-d990-11e1-96c3-b870f407746d Application [ Error ] 2012-07-29 11:20:12 Computer Name = User-Komputer | Source = WinMgmt | ID = 10 -> Description = Application [ Error ] 2012-07-29 11:21:07 Computer Name = User-Komputer | Source = Application Hang | ID = 1002 -> Description = Program ALLPlayer.exe w wersji 4.7.6.9 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 344 Godzina rozpoczęcia: 01cd6d9db150c778 Godzina zakończenia: 8 Ścieżka aplikacji: C:\Program Files (x86)\ALLPlayer\ALLPlayer.exe Identyfikator raportu: 007d3ff3-d991-11e1-96c3-b870f407746d Application [ Error ] 2012-07-29 11:39:37 Computer Name = User-Komputer | Source = Application Error | ID = 1000 -> Description = Nazwa aplikacji powodującej błąd: PopWnd.exe, wersja: 0.0.1.4, sygnatura czasowa: 0x4cd26316 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc000001d Przesunięcie błędu: 0x0039fe25 Identyfikator procesu powodującego błąd: 0x7b4 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd6da052f580d5 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 99ddd1b8-d993-11e1-b802-b870f407746d Application [ Error ] 2012-07-29 11:39:37 Computer Name = User-Komputer | Source = Application Error | ID = 1005 -> Description = System Windows nie może uzyskać dostępu do pliku z jednej z następujących przyczyn: problem z połączeniem sieciowym; problem z dyskiem, na którym jest przechowywany plik; problem ze sterownikami magazynu zainstalowanymi na tym komputerze; brak dysku. System Windows zamknął program Lenovo EE Boot Optimizer Software z powodu tego błędu. Program: Lenovo EE Boot Optimizer Software Plik: Wartość błędu jest wyświetlona w sekcji Dodatkowe dane. Akcja użytkownika 1. Otwórz plik ponownie. Ta sytuacja może być przejściowym problemem, który sam się rozwiąże po ponownym uruchomieniu programu. 2. Jeśli nadal nie można uzyskać dostępu do pliku i - jest w sieci, administrator sieci powinien sprawdzić, czy nie ma problemu z siecią i czy można skontaktować się z serwerem. - jest na dysku wymiennym, na przykład dyskietce lub dysku CD-ROM, sprawdź, czy cały dysk jest włożony do komputera. 3. Sprawdź i napraw system plików, uruchamiając program CHKDSK. Aby uruchomić program CHKDSK, kliknij przycisk Start, kliknij polecenie Uruchom, wpisz polecenie CMD, a następnie kliknij przycisk OK. W wierszu polecenia wpisz polecenie CHKDSK /F, a następnie naciśnij klawisz ENTER. 4. Jeżeli problem nie ustąpi, przywróć plik z kopii zapasowej. 5. Ustal, czy można otworzyć inne pliki na tym samym dysku. Jeśli nie, dysk może być uszkodzony. Jeśli jest to dysk twardy, skontaktuj się z administratorem komputera lub dostawcą sprzętu komputerowego, aby uzyskać dalszą pomoc. Dodatkowe dane Wartość błędu: 00000000 Typ dysku: 0 Application [ Error ] 2012-07-29 11:40:59 Computer Name = User-Komputer | Source = WinMgmt | ID = 10 -> Description = Application [ Error ] 2012-07-29 11:49:48 Computer Name = User-Komputer | Source = CVHSVC | ID = 100 -> Description = Tylko informacje. (Patch task for {90140011-0066-0415-0000-0000000FF1CE}): DownloadLatest Failed: Nie można określić nazwy serwera lub adresu. Media Center [ Error ] 2012-10-24 12:15:32 Computer Name = User-Komputer | Source = MCUpdate | ID = 0 -> Description = 18:15:28 - Błąd podczas nawiązywania połączenia z Internetem. 18:15:28 - Nie można skontaktować się z serwerem.. Media Center [ Error ] 2012-10-29 13:17:00 Computer Name = User-Komputer | Source = MCUpdate | ID = 0 -> Description = 18:17:00 - Błąd podczas nawiązywania połączenia z Internetem. 18:17:00 - Nie można skontaktować się z serwerem.. Media Center [ Error ] 2012-10-29 13:17:10 Computer Name = User-Komputer | Source = MCUpdate | ID = 0 -> Description = 18:17:06 - Błąd podczas nawiązywania połączenia z Internetem. 18:17:06 - Nie można skontaktować się z serwerem.. Media Center [ Error ] 2012-10-29 15:19:24 Computer Name = User-Komputer | Source = MCUpdate | ID = 0 -> Description = 20:19:23 - Nie można pobrać pakietu MCEClientUX (Błąd: Nie można rozpoznać nazwy zdalnej: 'data.tvdownload.microsoft.com') Media Center [ Error ] 2012-10-29 15:19:34 Computer Name = User-Komputer | Source = MCUpdate | ID = 0 -> Description = 20:19:24 - Nie można pobrać pakietu Broadband (Błąd: Nie można rozpoznać nazwy zdalnej: 'data.tvdownload.microsoft.com') Media Center [ Error ] 2012-11-07 16:58:43 Computer Name = User-Komputer | Source = ehRecvr | ID = 3 -> Description = Tuner telewizyjny napotkał błąd. (0x80070001) HP USB DVB-T TV Tuner Media Center [ Error ] 2012-11-19 22:44:31 Computer Name = User-Komputer | Source = MCUpdate | ID = 0 -> Description = 03:44:29 - Błąd podczas nawiązywania połączenia z Internetem. 03:44:31 - Nie można skontaktować się z serwerem.. Media Center [ Error ] 2012-11-19 23:45:28 Computer Name = User-Komputer | Source = MCUpdate | ID = 0 -> Description = 04:45:27 - Błąd podczas nawiązywania połączenia z Internetem. 04:45:27 - Nie można skontaktować się z serwerem.. Media Center [ Error ] 2012-11-20 00:46:14 Computer Name = User-Komputer | Source = MCUpdate | ID = 0 -> Description = 05:46:14 - Błąd podczas nawiązywania połączenia z Internetem. 05:46:14 - Nie można skontaktować się z serwerem.. Media Center [ Error ] 2012-11-20 01:47:07 Computer Name = User-Komputer | Source = MCUpdate | ID = 0 -> Description = 06:47:07 - Błąd podczas nawiązywania połączenia z Internetem. 06:47:07 - Nie można skontaktować się z serwerem.. System [ Error ] 2012-11-20 07:05:28 Computer Name = User-Komputer | Source = BugCheck | ID = 1001 -> Description = System [ Error ] 2012-11-20 07:05:41 Computer Name = User-Komputer | Source = Service Control Manager | ID = 7000 -> Description = Nie można uruchomić usługi atksgt z powodu następującego błędu: %%577 System [ Error ] 2012-11-20 07:05:47 Computer Name = User-Komputer | Source = Service Control Manager | ID = 7000 -> Description = Nie można uruchomić usługi lirsgt z powodu następującego błędu: %%577 System [ Error ] 2012-11-20 07:07:14 Computer Name = User-Komputer | Source = DCOM | ID = 10010 -> Description = System [ Error ] 2012-11-20 07:22:17 Computer Name = User-Komputer | Source = Server | ID = 2505 -> Description = Serwer nie mógł utworzyć powiązania do transportu \Device\NetBT_Tcpip_{167CDB00-9515-4F74-8E91-3E22BABCEEBE}, ponieważ inny komputer w sieci ma tę samą nazwę. Nie można uruchomić serwera. System [ Error ] 2012-11-20 07:22:17 Computer Name = User-Komputer | Source = NetBT | ID = 4321 -> Description = Nie można zarejestrować nazwy „USER-KOMPUTER :0” w interfejsie o adresie IP 25.246.173.97. Komputer o adresie IP 25.246.174.126 nie zezwolił na przejęcie tej nazwy przez ten komputer. System [ Error ] 2012-11-20 07:22:17 Computer Name = User-Komputer | Source = NetBT | ID = 4321 -> Description = Nie można zarejestrować nazwy „USER-KOMPUTER :20” w interfejsie o adresie IP 25.246.173.97. Komputer o adresie IP 25.246.174.126 nie zezwolił na przejęcie tej nazwy przez ten komputer. System [ Error ] 2012-11-20 07:31:07 Computer Name = User-Komputer | Source = Service Control Manager | ID = 7000 -> Description = Nie można uruchomić usługi atksgt z powodu następującego błędu: %%577 System [ Error ] 2012-11-20 07:31:12 Computer Name = User-Komputer | Source = Service Control Manager | ID = 7000 -> Description = Nie można uruchomić usługi lirsgt z powodu następującego błędu: %%577 System [ Error ] 2012-11-20 07:31:59 Computer Name = User-Komputer | Source = Service Control Manager | ID = 7026 -> Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: mkyolinw [Files/Folders - Created Within 30 Days] trend micro -> C:\Program Files (x86)\trend micro -> [2012-11-20 12:50:16 | 000,000,000 | ---D | C] rsit -> C:\rsit -> [2012-11-20 12:50:16 | 000,000,000 | ---D | C] LogMeIn Hamachi -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi -> [2012-11-19 23:59:35 | 000,000,000 | ---D | C] LogMeIn Hamachi -> C:\Program Files (x86)\LogMeIn Hamachi -> [2012-11-19 23:59:32 | 000,000,000 | ---D | C] Do Oddania -> C:\Users\User\Desktop\Do Oddania -> [2012-11-19 21:30:43 | 000,000,000 | ---D | C] Drivers -> C:\Users\User\Drivers -> [2012-11-19 20:36:49 | 000,000,000 | -HSD | C] Assassin's Creed III -> C:\Users\User\Documents\Assassin's Creed III -> [2012-11-19 16:19:43 | 000,000,000 | ---D | C] AC3 -> C:\Users\User\Desktop\AC3 -> [2012-11-19 14:30:48 | 000,000,000 | ---D | C] Nowy folder (3) -> C:\Users\User\Desktop\Nowy folder (3) -> [2012-11-18 21:46:21 | 000,000,000 | ---D | C] TeamViewer -> C:\Program Files (x86)\TeamViewer -> [2012-11-18 18:29:42 | 000,000,000 | ---D | C] Gothic3 -> C:\Users\User\Documents\Gothic3 -> [2012-11-18 18:12:27 | 000,000,000 | ---D | C] Gothic III -> C:\Program Files (x86)\Gothic III -> [2012-11-18 18:01:47 | 000,000,000 | ---D | C] Gothic III -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic III -> [2012-11-18 18:01:15 | 000,000,000 | ---D | C] {9472B6AD-2D99-430F-8F35-266FF5D62B0A} -> C:\Users\User\AppData\Local\{9472B6AD-2D99-430F-8F35-266FF5D62B0A} -> [2012-11-18 17:55:36 | 000,000,000 | ---D | C] 3DMark 11 -> C:\Users\User\Documents\3DMark 11 -> [2012-11-18 14:31:23 | 000,000,000 | ---D | C] IsolatedStorage -> C:\Users\User\AppData\Local\IsolatedStorage -> [2012-11-18 14:31:12 | 000,000,000 | ---D | C] Futuremark_Corporation -> C:\Users\User\AppData\Local\Futuremark_Corporation -> [2012-11-18 14:31:11 | 000,000,000 | ---D | C] Futuremark -> C:\Program Files (x86)\Futuremark -> [2012-11-18 14:30:00 | 000,000,000 | ---D | C] Futuremark -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark -> [2012-11-18 14:29:34 | 000,000,000 | ---D | C] Futuremark -> C:\Program Files\Futuremark -> [2012-11-18 14:29:19 | 000,000,000 | ---D | C] Sapphire TRIXX -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sapphire TRIXX -> [2012-11-18 14:08:43 | 000,000,000 | ---D | C] Sapphire TRIXX -> C:\Program Files (x86)\Sapphire TRIXX -> [2012-11-18 14:08:42 | 000,000,000 | ---D | C] AMD GPU Clock Tool -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD GPU Clock Tool -> [2012-11-18 14:02:11 | 000,000,000 | ---D | C] TechPowerUp GPU-Z -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z -> [2012-11-18 13:57:56 | 000,000,000 | ---D | C] GPU-Z -> C:\Program Files (x86)\GPU-Z -> [2012-11-18 13:57:56 | 000,000,000 | ---D | C] Nowy folder (2) -> C:\Users\User\Desktop\Nowy folder (2) -> [2012-11-17 01:40:54 | 000,000,000 | ---D | C] Activision -> C:\Program Files (x86)\Activision -> [2012-11-17 00:59:00 | 000,000,000 | ---D | C] Codemasters -> C:\Users\User\Documents\Codemasters -> [2012-11-16 12:54:29 | 000,000,000 | ---D | C] Codemasters -> C:\Program Files (x86)\Codemasters -> [2012-11-16 12:28:23 | 000,000,000 | ---D | C] Race Driver GRID -> C:\Users\User\Race Driver GRID -> [2012-11-16 09:32:39 | 000,000,000 | ---D | C] {CC22C467-5F25-407C-86BE-2C5055150F3C} -> C:\Users\User\AppData\Local\{CC22C467-5F25-407C-86BE-2C5055150F3C} -> [2012-11-15 14:59:29 | 000,000,000 | ---D | C] {DBD517EE-FA28-499E-B5CA-93326A1A0259} -> C:\Users\User\AppData\Local\{DBD517EE-FA28-499E-B5CA-93326A1A0259} -> [2012-11-14 21:04:47 | 000,000,000 | ---D | C] angol -> C:\Users\User\Desktop\angol -> [2012-11-13 08:41:53 | 000,000,000 | ---D | C] pss -> C:\windows\pss -> [2012-11-13 08:39:57 | 000,000,000 | ---D | C] Call.of.Duty.Black.Ops.II-SKIDROW -> C:\Users\User\Desktop\Call.of.Duty.Black.Ops.II-SKIDROW -> [2012-11-13 00:05:46 | 000,000,000 | ---D | C] FIFAOnline2 -> C:\Users\User\Documents\FIFAOnline2 -> [2012-11-12 20:47:20 | 000,000,000 | ---D | C] npptNT2.sys -> C:\windows\SysWow64\npptNT2.sys -> [2012-11-12 20:46:50 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) Log -> C:\Log -> [2012-11-12 20:44:51 | 000,000,000 | ---D | C] ATI -> C:\ProgramData\ATI -> [2012-11-12 20:44:28 | 000,000,000 | ---D | C] AMD -> C:\ProgramData\AMD -> [2012-11-12 20:44:18 | 000,000,000 | ---D | C] AMD AVT -> C:\Program Files (x86)\AMD AVT -> [2012-11-12 20:44:17 | 000,000,000 | ---D | C] AMD APP -> C:\Program Files (x86)\AMD APP -> [2012-11-12 20:44:11 | 000,000,000 | ---D | C] ATI Technologies -> C:\Program Files\Common Files\ATI Technologies -> [2012-11-12 20:44:04 | 000,000,000 | ---D | C] ATI Technologies -> C:\Program Files (x86)\Common Files\ATI Technologies -> [2012-11-12 20:44:04 | 000,000,000 | ---D | C] Catalyst Control Center -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center -> [2012-11-12 20:43:52 | 000,000,000 | ---D | C] Fifa Online 2 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fifa Online 2 -> [2012-11-12 20:40:50 | 000,000,000 | ---D | C] Fifa Online 2 -> C:\Program Files (x86)\Fifa Online 2 -> [2012-11-12 20:35:00 | 000,000,000 | ---D | C] gry i programy 360x640 25.10.2010 -> C:\Users\User\gry i programy 360x640 25.10.2010 -> [2012-11-12 19:17:48 | 000,000,000 | ---D | C] Xfire -> C:\Users\User\AppData\Roaming\Xfire -> [2012-11-12 13:42:26 | 000,000,000 | ---D | C] Xfire -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire -> [2012-11-12 13:42:25 | 000,000,000 | ---D | C] Xfire -> C:\ProgramData\Xfire -> [2012-11-12 13:42:24 | 000,000,000 | ---D | C] Xfire -> C:\Program Files (x86)\Xfire -> [2012-11-12 13:42:24 | 000,000,000 | ---D | C] media center programs -> C:\ProgramData\media center programs -> [2012-11-12 13:41:57 | 000,000,000 | ---D | C] Funcom -> C:\Program Files (x86)\Funcom -> [2012-11-12 13:41:54 | 000,000,000 | ---D | C] World of Warcraft - Cataclysm -> C:\Users\User\World of Warcraft - Cataclysm -> [2012-11-08 23:49:22 | 000,000,000 | ---D | C] VirtualBox VMs -> C:\Users\User\VirtualBox VMs -> [2012-11-08 14:24:07 | 000,000,000 | ---D | C] .VirtualBox -> C:\Users\User\.VirtualBox -> [2012-11-08 14:04:38 | 000,000,000 | ---D | C] Oracle VM VirtualBox -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox -> [2012-11-08 13:58:49 | 000,000,000 | ---D | C] DRVSTORE -> C:\windows\SysNative\DRVSTORE -> [2012-11-08 13:58:35 | 000,000,000 | ---D | C] Oracle -> C:\Program Files\Oracle -> [2012-11-08 13:58:24 | 000,000,000 | ---D | C] Bethesda Softworks -> C:\Program Files (x86)\Bethesda Softworks -> [2012-11-06 16:08:51 | 000,000,000 | ---D | C] Nordic Games -> C:\Program Files (x86)\Nordic Games -> [2012-11-06 12:39:45 | 000,000,000 | ---D | C] PlayReady -> C:\Program Files\PlayReady -> [2012-11-01 15:25:03 | 000,000,000 | ---D | C] HPAF35.sys -> C:\windows\SysNative\drivers\HPAF35.sys -> [2012-11-01 12:26:58 | 000,511,104 | ---- | C] (Hewlett-Packard) HPIR.sys -> C:\windows\SysNative\drivers\HPIR.sys -> [2012-11-01 12:26:58 | 000,093,184 | ---- | C] (Hewlett-Packard) CIRCoInst.dll -> C:\windows\SysNative\CIRCoInst.dll -> [2012-11-01 12:26:58 | 000,009,728 | ---- | C] (Microsoft Corporation) Driver Cache -> C:\windows\Driver Cache -> [2012-11-01 12:26:58 | 000,000,000 | ---D | C] HP -> C:\Program Files (x86)\HP -> [2012-11-01 12:26:55 | 000,000,000 | ---D | C] HP USB DVB-T TV Tuner -> C:\Program Files (x86)\HP USB DVB-T TV Tuner -> [2012-11-01 12:26:52 | 000,000,000 | ---D | C] Medal of Honor Warfighter -> C:\Users\User\Desktop\Medal of Honor Warfighter -> [2012-10-31 18:15:59 | 000,000,000 | ---D | C] MOHW -> C:\Users\User\Documents\MOHW -> [2012-10-30 13:50:38 | 000,000,000 | ---D | C] Medal of Honor Warfighter -> C:\Program Files (x86)\Medal of Honor Warfighter -> [2012-10-30 13:15:43 | 000,000,000 | ---D | C] Criterion Games -> C:\Users\User\Documents\Criterion Games -> [2012-10-30 08:53:56 | 000,000,000 | ---D | C] AiSD -> C:\Users\User\Desktop\AiSD -> [2012-10-29 13:25:21 | 000,000,000 | ---D | C] ead6d16549b612420a3396 -> C:\ead6d16549b612420a3396 -> [2012-10-27 15:24:27 | 000,000,000 | ---D | C] Viking Battle for Asgard -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Viking Battle for Asgard -> [2012-10-27 15:24:23 | 000,000,000 | ---D | C] Viking Battle for Asgard -> C:\Program Files (x86)\Viking Battle for Asgard -> [2012-10-27 15:19:51 | 000,000,000 | ---D | C] VBoxNetAdp.sys -> C:\windows\SysNative\drivers\VBoxNetAdp.sys -> [2012-10-26 19:00:50 | 000,131,416 | ---- | C] (Oracle Corporation) VBoxNetFltNobj.dll -> C:\windows\SysNative\VBoxNetFltNobj.dll -> [2012-10-26 18:59:44 | 000,203,608 | ---- | C] (Oracle Corporation) Programowanie Obiektowe -> C:\Users\User\Desktop\Programowanie Obiektowe -> [2012-10-25 13:02:57 | 000,000,000 | ---D | C] Filmy -> C:\Users\User\Desktop\Filmy -> [2012-10-23 19:06:55 | 000,000,000 | ---D | C] Baza Danych cw -> C:\Users\User\Desktop\Baza Danych cw -> [2012-10-22 14:28:32 | 000,000,000 | ---D | C] 5 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> 1 C:\windows\*.tmp files -> C:\windows\*.tmp -> [Files/Folders - Modified Within 30 Days] GoogleUpdateTaskMachineUA.job -> C:\windows\tasks\GoogleUpdateTaskMachineUA.job -> [2012-11-20 12:56:10 | 000,001,062 | ---- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2012-11-20 12:39:08 | 000,021,280 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2012-11-20 12:39:08 | 000,021,280 | -H-- | M] () PerfStringBackup.INI -> C:\windows\SysNative\PerfStringBackup.INI -> [2012-11-20 12:36:03 | 001,860,566 | ---- | M] () perfh015.dat -> C:\windows\SysNative\perfh015.dat -> [2012-11-20 12:36:03 | 000,808,210 | ---- | M] () perfh009.dat -> C:\windows\SysNative\perfh009.dat -> [2012-11-20 12:36:03 | 000,721,934 | ---- | M] () perfc015.dat -> C:\windows\SysNative\perfc015.dat -> [2012-11-20 12:36:03 | 000,181,606 | ---- | M] () perfc009.dat -> C:\windows\SysNative\perfc009.dat -> [2012-11-20 12:36:03 | 000,147,638 | ---- | M] () fastboot.set -> C:\windows\SysNative\fastboot.set -> [2012-11-20 12:30:36 | 000,328,757 | ---- | M] () GoogleUpdateTaskMachineCore.job -> C:\windows\tasks\GoogleUpdateTaskMachineCore.job -> [2012-11-20 12:30:24 | 000,001,058 | ---- | M] () bootstat.dat -> C:\windows\bootstat.dat -> [2012-11-20 12:29:42 | 000,067,584 | ---- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2012-11-20 12:29:29 | 3206,860,800 | -HS- | M] () vprrfuh.sys -> C:\windows\SysWow64\drivers\vprrfuh.sys -> [2012-11-20 12:28:54 | 000,061,440 | ---- | M] () MEMORY.DMP -> C:\windows\MEMORY.DMP -> [2012-11-20 12:03:57 | 511,098,976 | ---- | M] () cc_20121120_000255.reg -> C:\Users\Public\Documents\cc_20121120_000255.reg -> [2012-11-20 00:02:59 | 000,247,678 | ---- | M] () PnkBstrB.exe -> C:\windows\SysWow64\PnkBstrB.exe -> [2012-11-19 22:59:20 | 000,189,248 | ---- | M] () PnkBstrA.exe -> C:\windows\SysWow64\PnkBstrA.exe -> [2012-11-19 22:59:20 | 000,075,136 | ---- | M] () PnkBstrB.xtr -> C:\windows\SysWow64\PnkBstrB.xtr -> [2012-11-19 22:27:26 | 000,281,392 | ---- | M] () PnkBstrB.ex0 -> C:\windows\SysWow64\PnkBstrB.ex0 -> [2012-11-19 22:13:50 | 000,189,248 | ---- | M] () autorun.inf -> C:\autorun.inf -> [2012-11-19 20:37:14 | 000,000,051 | -H-- | M] () Bez tytułu.jpg -> C:\Users\User\Desktop\Bez tytułu.jpg -> [2012-11-19 16:54:16 | 000,300,317 | ---- | M] () Database11.accdb -> C:\Users\User\Desktop\Database11.accdb -> [2012-11-19 16:48:42 | 011,927,552 | ---- | M] () setup.exe -> C:\setup.exe -> [2012-11-18 23:07:05 | 000,102,912 | RHS- | M] () FOE2.ini -> C:\windows\FOE2.ini -> [2012-11-18 21:14:19 | 000,001,168 | ---- | M] () TeamViewer 7.lnk -> C:\Users\Public\Desktop\TeamViewer 7.lnk -> [2012-11-18 18:29:55 | 000,001,158 | ---- | M] () Warsztat1.accdb -> C:\Users\User\Desktop\Warsztat1.accdb -> [2012-11-18 18:06:15 | 003,059,712 | ---- | M] () atksgt.sys -> C:\windows\SysNative\drivers\atksgt.sys -> [2012-11-18 18:05:47 | 000,303,616 | ---- | M] () lirsgt.sys -> C:\windows\SysNative\drivers\lirsgt.sys -> [2012-11-18 18:05:46 | 000,035,328 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2012-11-18 17:35:32 | 000,003,584 | ---- | M] () 3DMark 11.lnk -> C:\Users\Public\Desktop\3DMark 11.lnk -> [2012-11-18 14:29:34 | 000,001,809 | ---- | M] () AMD GPU Clock Tool.lnk -> C:\Users\Public\Desktop\AMD GPU Clock Tool.lnk -> [2012-11-18 14:02:11 | 000,002,633 | ---- | M] () Database1.accdb -> C:\Users\User\Documents\Database1.accdb -> [2012-11-17 03:26:58 | 001,277,952 | ---- | M] () wrap_oal.dll -> C:\windows\SysNative\wrap_oal.dll -> [2012-11-16 12:50:35 | 000,466,456 | ---- | M] (Creative Labs) wrap_oal.dll -> C:\windows\SysWow64\wrap_oal.dll -> [2012-11-16 12:50:34 | 000,444,952 | ---- | M] (Creative Labs) Meilenwerk w Berlinie - A tutaj serwis Jaguara. Na podnośniku XJ220 - w latach 1992-1994 najszybszy i najdroższy samochód na świecie. Jeden z trzech egzemplarzy zarejestrowanych w Berlinie. - zdjęcie n.lnk -> C:\windows\SysNative\Meilenwerk w Berlinie - A tutaj serwis Jaguara. Na podnośniku XJ220 - w latach 1992-1994 najszybszy i najdroższy samochód na świecie. Jeden z trzech egzemplarzy zarejestrowanych w Berlinie. - zdjęcie n.lnk -> [2012-11-16 12:24:42 | 000,001,105 | ---- | M] () Książki.accdb -> C:\Users\User\Documents\Książki.accdb -> [2012-11-14 21:02:41 | 000,954,368 | ---- | M] () Warsztat.accdb -> C:\Users\User\Documents\Warsztat.accdb -> [2012-11-14 19:03:57 | 000,950,272 | ---- | M] () Warsztat Samochodowy.accdb -> C:\Users\User\Documents\Warsztat Samochodowy.accdb -> [2012-11-14 18:20:40 | 001,044,480 | ---- | M] () Motywy S60V5 Xxx.rar -> C:\Users\User\Motywy S60V5 Xxx.rar -> [2012-11-13 16:58:22 | 040,829,901 | ---- | M] () PUTTY.RND -> C:\Users\User\AppData\Local\PUTTY.RND -> [2012-11-13 10:43:29 | 000,000,600 | ---- | M] () Fifa Online 2.lnk -> C:\Users\Public\Desktop\Fifa Online 2.lnk -> [2012-11-12 20:40:51 | 000,001,048 | ---- | M] () Xfire.lnk -> C:\Users\Public\Desktop\Xfire.lnk -> [2012-11-12 13:42:25 | 000,000,959 | ---- | M] () angol.rar -> C:\Users\User\Desktop\angol.rar -> [2012-11-11 23:23:32 | 017,772,623 | ---- | M] () PerfStringBackup.INI -> C:\windows\SysWow64\PerfStringBackup.INI -> [2012-11-09 13:51:32 | 001,878,432 | ---- | M] () Windows XP Professional SP3 32-bit - Black Edition 2012.10.11.zip -> C:\Users\User\Windows XP Professional SP3 32-bit - Black Edition 2012.10.11.zip -> [2012-11-08 14:03:58 | 624,027,075 | ---- | M] () Oracle VM VirtualBox.lnk -> C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk -> [2012-11-08 13:58:50 | 000,001,076 | ---- | M] () IMG_0835.JPG -> C:\Users\User\Desktop\IMG_0835.JPG -> [2012-11-07 18:07:20 | 000,761,492 | ---- | M] () Shortcut to SecureDownloadManager.exe.lnk -> C:\Users\User\Desktop\Shortcut to SecureDownloadManager.exe.lnk -> [2012-11-05 13:35:56 | 000,003,133 | ---- | M] () VBoxNetAdp.sys -> C:\windows\SysNative\drivers\VBoxNetAdp.sys -> [2012-10-26 19:00:50 | 000,131,416 | ---- | M] (Oracle Corporation) VBoxNetFltNobj.dll -> C:\windows\SysNative\VBoxNetFltNobj.dll -> [2012-10-26 18:59:44 | 000,203,608 | ---- | M] (Oracle Corporation) 5 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> 4 C:\ProgramData\Microsoft\Application Virtualization Client\SoftGrid Client\Icon Cache\*.tmp files -> C:\ProgramData\Microsoft\Application Virtualization Client\SoftGrid Client\Icon Cache\*.tmp -> 2 C:\ProgramData\Microsoft\Application Virtualization Client\SoftGrid Client\*.tmp files -> C:\ProgramData\Microsoft\Application Virtualization Client\SoftGrid Client\*.tmp -> 1 C:\windows\*.tmp files -> C:\windows\*.tmp -> [Files - No Company Name] vprrfuh.sys -> C:\windows\SysWow64\drivers\vprrfuh.sys -> [2012-11-20 12:28:54 | 000,061,440 | ---- | C] () cc_20121120_000255.reg -> C:\Users\Public\Documents\cc_20121120_000255.reg -> [2012-11-20 00:02:56 | 000,247,678 | ---- | C] () setup.exe -> C:\setup.exe -> [2012-11-19 20:37:14 | 000,102,912 | RHS- | C] () autorun.inf -> C:\autorun.inf -> [2012-11-19 20:37:14 | 000,000,051 | -H-- | C] () Bez tytułu.jpg -> C:\Users\User\Desktop\Bez tytułu.jpg -> [2012-11-19 16:54:16 | 000,300,317 | ---- | C] () TeamViewer 7.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk -> [2012-11-18 18:29:55 | 000,001,170 | ---- | C] () TeamViewer 7.lnk -> C:\Users\Public\Desktop\TeamViewer 7.lnk -> [2012-11-18 18:29:55 | 000,001,158 | ---- | C] () atksgt.sys -> C:\windows\SysNative\drivers\atksgt.sys -> [2012-11-18 18:05:47 | 000,303,616 | ---- | C] () lirsgt.sys -> C:\windows\SysNative\drivers\lirsgt.sys -> [2012-11-18 18:05:46 | 000,035,328 | ---- | C] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2012-11-18 17:35:32 | 000,003,584 | ---- | C] () 3DMark 11.lnk -> C:\Users\Public\Desktop\3DMark 11.lnk -> [2012-11-18 14:29:34 | 000,001,809 | ---- | C] () AMD GPU Clock Tool.lnk -> C:\Users\Public\Desktop\AMD GPU Clock Tool.lnk -> [2012-11-18 14:02:11 | 000,002,633 | ---- | C] () Database11.accdb -> C:\Users\User\Desktop\Database11.accdb -> [2012-11-17 03:26:58 | 011,927,552 | ---- | C] () Database1.accdb -> C:\Users\User\Documents\Database1.accdb -> [2012-11-17 02:33:27 | 001,277,952 | ---- | C] () Warsztat1.accdb -> C:\Users\User\Desktop\Warsztat1.accdb -> [2012-11-16 09:42:20 | 003,059,712 | ---- | C] () Meilenwerk w Berlinie - A tutaj serwis Jaguara. Na podnośniku XJ220 - w latach 1992-1994 najszybszy i najdroższy samochód na świecie. Jeden z trzech egzemplarzy zarejestrowanych w Berlinie. - zdjęcie n.lnk -> C:\windows\SysNative\Meilenwerk w Berlinie - A tutaj serwis Jaguara. Na podnośniku XJ220 - w latach 1992-1994 najszybszy i najdroższy samochód na świecie. Jeden z trzech egzemplarzy zarejestrowanych w Berlinie. - zdjęcie n.lnk -> [2012-11-15 14:51:25 | 000,001,105 | ---- | C] () Warsztat.accdb -> C:\Users\User\Documents\Warsztat.accdb -> [2012-11-14 18:20:40 | 000,950,272 | ---- | C] () Motywy S60V5 Xxx.rar -> C:\Users\User\Motywy S60V5 Xxx.rar -> [2012-11-13 16:30:55 | 040,829,901 | ---- | C] () FOE2.ini -> C:\windows\FOE2.ini -> [2012-11-12 20:48:40 | 000,001,168 | ---- | C] () nppt9x.vxd -> C:\windows\SysWow64\nppt9x.vxd -> [2012-11-12 20:46:49 | 000,005,174 | ---- | C] () Fifa Online 2.lnk -> C:\Users\Public\Desktop\Fifa Online 2.lnk -> [2012-11-12 20:40:51 | 000,001,048 | ---- | C] () Xfire.lnk -> C:\Users\Public\Desktop\Xfire.lnk -> [2012-11-12 13:42:25 | 000,000,959 | ---- | C] () angol.rar -> C:\Users\User\Desktop\angol.rar -> [2012-11-11 23:23:09 | 017,772,623 | ---- | C] () Warsztat Samochodowy.accdb -> C:\Users\User\Documents\Warsztat Samochodowy.accdb -> [2012-11-08 14:45:34 | 001,044,480 | ---- | C] () Oracle VM VirtualBox.lnk -> C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk -> [2012-11-08 13:58:50 | 000,001,076 | ---- | C] () Windows XP Professional SP3 32-bit - Black Edition 2012.10.11.zip -> C:\Users\User\Windows XP Professional SP3 32-bit - Black Edition 2012.10.11.zip -> [2012-11-08 13:55:41 | 624,027,075 | ---- | C] () IMG_0835.JPG -> C:\Users\User\Desktop\IMG_0835.JPG -> [2012-11-07 18:07:00 | 000,761,492 | ---- | C] () PUTTY.RND -> C:\Users\User\AppData\Local\PUTTY.RND -> [2012-11-06 09:19:06 | 000,000,600 | ---- | C] () Shortcut to SecureDownloadManager.exe.lnk -> C:\Users\User\Desktop\Shortcut to SecureDownloadManager.exe.lnk -> [2012-11-05 13:35:56 | 000,003,133 | ---- | C] () srvany.exe -> C:\windows\SysWow64\srvany.exe -> [2012-10-09 09:35:29 | 000,008,192 | ---- | C] () ativvsvl.dat -> C:\windows\SysWow64\ativvsvl.dat -> [2012-09-28 02:29:54 | 000,204,952 | ---- | C] () ativvsva.dat -> C:\windows\SysWow64\ativvsva.dat -> [2012-09-28 02:29:54 | 000,157,144 | ---- | C] () bmsdk.exe -> C:\windows\SysWow64\bmsdk.exe -> [2012-09-03 13:43:18 | 000,193,664 | ---- | C] () boc.ini -> C:\windows\SysWow64\boc.ini -> [2012-09-03 13:43:18 | 000,002,960 | ---- | C] () bocinstall.ini -> C:\windows\SysWow64\bocinstall.ini -> [2012-09-03 13:43:18 | 000,000,519 | ---- | C] () COD.INI -> C:\windows\COD.INI -> [2012-06-19 10:25:33 | 000,000,766 | ---- | C] () Microsoft.SqlServer.Compact.351.32.bc -> C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc -> [2012-06-04 16:06:13 | 000,000,153 | ---- | C] () kdbsdk32.dll -> C:\windows\SysWow64\kdbsdk32.dll -> [2012-05-02 14:58:10 | 000,029,184 | ---- | C] () changeAcl.exe -> C:\windows\SysWow64\changeAcl.exe -> [2012-03-12 18:27:32 | 000,072,192 | R--- | C] () {8FA47D35-6CB1-4102-955E-DE920596B833} -> C:\Users\User\AppData\Local\{8FA47D35-6CB1-4102-955E-DE920596B833} -> [2011-12-03 14:55:07 | 000,000,000 | ---- | C] () PnkBstrB.exe -> C:\windows\SysWow64\PnkBstrB.exe -> [2011-11-07 18:34:00 | 000,189,248 | ---- | C] () PnkBstrA.exe -> C:\windows\SysWow64\PnkBstrA.exe -> [2011-11-07 18:33:59 | 000,075,136 | ---- | C] () pbsvc.exe -> C:\windows\SysWow64\pbsvc.exe -> [2011-11-07 17:30:10 | 002,580,552 | R--- | C] () xvidcore.dll -> C:\windows\SysWow64\xvidcore.dll -> [2011-11-02 20:15:27 | 000,650,752 | ---- | C] () xvidvfw.dll -> C:\windows\SysWow64\xvidvfw.dll -> [2011-11-02 20:15:27 | 000,243,200 | ---- | C] () ff_vfw.dll -> C:\windows\SysWow64\ff_vfw.dll -> [2011-11-02 20:15:27 | 000,074,752 | ---- | C] () libFLAC.dll -> C:\windows\SysWow64\libFLAC.dll -> [2011-09-27 13:12:55 | 000,258,048 | ---- | C] () PerfStringBackup.INI -> C:\windows\SysWow64\PerfStringBackup.INI -> [2011-09-16 10:52:41 | 001,878,432 | ---- | C] () atipblag.dat -> C:\windows\SysWow64\atipblag.dat -> [2011-09-12 23:06:16 | 000,003,917 | ---- | C] () unrar.dll -> C:\windows\SysWow64\unrar.dll -> [2011-09-12 14:33:10 | 000,175,616 | ---- | C] () xfcodec.dll -> C:\windows\SysWow64\xfcodec.dll -> [2011-08-26 23:22:30 | 000,042,392 | ---- | C] () previous.bin -> C:\windows\previous.bin -> [2011-04-20 22:35:43 | 000,000,512 | ---- | C] () current.bin -> C:\windows\current.bin -> [2011-04-20 22:35:43 | 000,000,512 | ---- | C] () LenovoVeriface.Interface.dll -> C:\windows\SysWow64\LenovoVeriface.Interface.dll -> [2011-04-20 22:20:40 | 002,086,240 | ---- | C] () Apblend.dll -> C:\windows\SysWow64\Apblend.dll -> [2011-04-20 22:20:40 | 001,500,512 | ---- | C] () PicNotify.dll -> C:\windows\SysWow64\PicNotify.dll -> [2011-04-20 22:20:40 | 001,171,456 | ---- | C] () Lenovo.VerifaceStub.dll -> C:\windows\SysWow64\Lenovo.VerifaceStub.dll -> [2011-04-20 22:20:40 | 000,472,416 | ---- | C] () 3DImageRenderer.dll -> C:\windows\SysWow64\3DImageRenderer.dll -> [2011-04-20 22:20:34 | 001,044,480 | ---- | C] () vm332Rmv.ini -> C:\windows\vm332Rmv.ini -> [2011-04-20 22:11:38 | 000,001,823 | ---- | C] () vm332Rmv.ini -> C:\windows\SysWow64\vm332Rmv.ini -> [2011-04-20 22:11:38 | 000,001,823 | ---- | C] () SynTPEnhPS.dll -> C:\windows\SysWow64\SynTPEnhPS.dll -> [2011-04-20 22:08:20 | 000,066,856 | ---- | C] () ativpsrm.bin -> C:\windows\ativpsrm.bin -> [2011-04-20 22:00:30 | 000,000,000 | ---- | C] () xlive.dll.cat -> C:\windows\SysWow64\xlive.dll.cat -> [2011-04-09 17:55:28 | 000,179,261 | ---- | C] () [File - Lop Check] ArcSyncConfig -> C:\Users\User\AppData\Roaming\ArcSyncConfig -> [2011-10-03 15:16:11 | 000,000,000 | ---D | M] Autodesk -> C:\Users\User\AppData\Roaming\Autodesk -> [2012-06-05 13:56:15 | 000,000,000 | ---D | M] AVG10 -> C:\Users\User\AppData\Roaming\AVG10 -> [2012-01-02 22:05:08 | 000,000,000 | ---D | M] BESTplayer -> C:\Users\User\AppData\Roaming\BESTplayer -> [2011-11-13 23:02:21 | 000,000,000 | ---D | M] DAEMON Tools Lite -> C:\Users\User\AppData\Roaming\DAEMON Tools Lite -> [2012-02-12 12:21:47 | 000,000,000 | ---D | M] DarknessIIDemo -> C:\Users\User\AppData\Roaming\DarknessIIDemo -> [2012-02-11 20:10:47 | 000,000,000 | ---D | M] Day 1 Studios -> C:\Users\User\AppData\Roaming\Day 1 Studios -> [2011-10-18 20:14:30 | 000,000,000 | ---D | M] e-academy Inc -> C:\Users\User\AppData\Roaming\e-academy Inc -> [2012-10-04 11:56:57 | 000,000,000 | ---D | M] FreeArc -> C:\Users\User\AppData\Roaming\FreeArc -> [2011-12-06 16:54:29 | 000,000,000 | ---D | M] Gadu-Gadu 10 -> C:\Users\User\AppData\Roaming\Gadu-Gadu 10 -> [2011-09-22 07:43:43 | 000,000,000 | ---D | M] gnupg -> C:\Users\User\AppData\Roaming\gnupg -> [2012-01-14 21:28:16 | 000,000,000 | ---D | M] InternetManager_Z -> C:\Users\User\AppData\Roaming\InternetManager_Z -> [2012-09-03 13:44:32 | 000,000,000 | ---D | M] LibreOffice -> C:\Users\User\AppData\Roaming\LibreOffice -> [2012-03-26 11:38:15 | 000,000,000 | ---D | M] Mount&Blade Warband -> C:\Users\User\AppData\Roaming\Mount&Blade Warband -> [2011-11-19 19:41:07 | 000,000,000 | ---D | M] Need for Speed World -> C:\Users\User\AppData\Roaming\Need for Speed World -> [2012-02-11 16:37:39 | 000,000,000 | ---D | M] OpenOffice.org -> C:\Users\User\AppData\Roaming\OpenOffice.org -> [2011-09-16 10:52:51 | 000,000,000 | ---D | M] Origin -> C:\Users\User\AppData\Roaming\Origin -> [2012-09-12 06:03:25 | 000,000,000 | ---D | M] Rovio -> C:\Users\User\AppData\Roaming\Rovio -> [2011-10-01 09:50:15 | 000,000,000 | ---D | M] SoftGrid Client -> C:\Users\User\AppData\Roaming\SoftGrid Client -> [2012-10-11 12:35:51 | 000,000,000 | ---D | M] ToD -> C:\Users\User\AppData\Roaming\ToD -> [2012-04-15 13:36:32 | 000,000,000 | ---D | M] TP -> C:\Users\User\AppData\Roaming\TP -> [2011-09-16 10:53:42 | 000,000,000 | ---D | M] TS3Client -> C:\Users\User\AppData\Roaming\TS3Client -> [2012-06-21 21:29:53 | 000,000,000 | ---D | M] Unity -> C:\Users\User\AppData\Roaming\Unity -> [2012-02-25 13:35:53 | 000,000,000 | ---D | M] uTorrent -> C:\Users\User\AppData\Roaming\uTorrent -> [2012-11-19 19:25:45 | 000,000,000 | ---D | M] wargaming.net -> C:\Users\User\AppData\Roaming\wargaming.net -> [2012-04-16 00:01:58 | 000,000,000 | ---D | M] SCHEDLGU.TXT -> C:\windows\Tasks\SCHEDLGU.TXT -> [2012-11-19 21:54:46 | 000,032,608 | ---- | M] () [File - Purity Scan] < End of report > [/code]