OTL logfile created on: 2013-05-24 10:31:21 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = L:\Progs 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,95 Gb Total Physical Memory | 2,53 Gb Available Physical Memory | 31,81% Memory free 15,90 Gb Paging File | 8,40 Gb Available in Paging File | 52,85% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 150,26 Gb Total Space | 62,55 Gb Free Space | 41,63% Space Free | Partition Type: NTFS Drive D: | 161,37 Gb Total Space | 4,18 Gb Free Space | 2,59% Space Free | Partition Type: NTFS Drive E: | 97,66 Gb Total Space | 1,80 Gb Free Space | 1,84% Space Free | Partition Type: NTFS Drive H: | 931,48 Gb Total Space | 405,24 Gb Free Space | 43,50% Space Free | Partition Type: NTFS Drive L: | 781,25 Gb Total Space | 335,99 Gb Free Space | 43,01% Space Free | Partition Type: NTFS Drive O: | 16,70 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive S: | 39,06 Gb Total Space | 7,51 Gb Free Space | 19,22% Space Free | Partition Type: NTFS Computer Name: KOMP | User Name: Marian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-05-15 17:15:12 | 000,389,016 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe PRC - [2013-05-10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013-05-10 09:56:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- L:\Progs\OTL.exe PRC - [2013-05-05 00:32:29 | 006,189,056 | ---- | M] (Firefly Studios) -- C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.6.3\StrongholdKingdoms.exe PRC - [2013-04-23 13:48:46 | 015,431,024 | ---- | M] (Wargaming.net) -- L:\Gry\wot\WorldOfTanks.exe PRC - [2013-04-17 15:23:00 | 000,124,416 | ---- | M] (http://code.google.com/p/wot-xvm/) -- L:\Gry\wot\xvm-stat.exe PRC - [2013-04-15 10:51:50 | 003,111,950 | ---- | M] (ATI Technologies) -- C:\Users\Marian\AppData\Local\ATI Technologies\atiedxx.exe PRC - [2013-04-10 11:30:28 | 000,439,352 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe PRC - [2013-03-15 21:28:12 | 004,683,768 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe PRC - [2013-03-14 12:33:10 | 001,977,328 | ---- | M] (Micro-Star International) -- C:\Program Files (x86)\MSI\Live Update 5\LU5.exe PRC - [2013-02-13 20:38:18 | 000,310,128 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe PRC - [2013-02-13 20:38:14 | 001,509,232 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe PRC - [2012-08-30 12:30:34 | 000,196,608 | ---- | M] (MicroStrategy Incorporated) -- C:\Program Files (x86)\Common Files\MicroStrategy\HealthCenter\MSTRExec.exe PRC - [2012-08-30 11:49:50 | 000,118,853 | ---- | M] () -- C:\Program Files (x86)\DataDirect\slserver55\bin\swstrtr.exe PRC - [2012-08-30 11:49:48 | 001,163,333 | ---- | M] () -- C:\Program Files (x86)\DataDirect\slserver55\bin\swsocw.exe PRC - [2012-08-30 11:49:48 | 000,757,829 | ---- | M] () -- C:\Program Files (x86)\DataDirect\slserver55\bin\swagent.exe PRC - [2012-07-21 17:44:39 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012-06-14 11:04:26 | 001,177,536 | R--- | M] (Western Digital ) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe PRC - [2012-06-14 11:04:24 | 001,151,424 | R--- | M] (Western Digital ) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe PRC - [2012-06-14 10:58:24 | 005,235,128 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe PRC - [2012-06-14 10:57:20 | 000,248,248 | R--- | M] (Western Digital) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe PRC - [2012-05-21 01:26:26 | 000,291,648 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2012-04-20 13:00:28 | 003,351,872 | ---- | M] () -- C:\Program Files (x86)\Plus Internet\Plus Internet.exe PRC - [2012-03-29 14:36:56 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012-03-29 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012-03-29 14:36:39 | 000,165,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe PRC - [2011-08-27 10:00:20 | 000,512,000 | ---- | M] (Oracle Corporation) -- L:\programs\oracle\app\oracle\product\11.2.0\server\bin\TNSLSNR.EXE PRC - [2011-08-27 09:58:50 | 115,773,440 | ---- | M] (Oracle Corporation) -- l:\programs\oracle\app\oracle\product\11.2.0\server\bin\oracle.exe PRC - [2011-03-14 17:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DataCardService\DCSHelper.exe PRC - [2011-01-10 14:49:20 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe PRC - [2010-11-04 10:30:14 | 000,918,144 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe PRC - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2009-02-06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2008-12-06 01:18:57 | 000,577,536 | ---- | M] (Hoo Technologies) -- C:\Program Files (x86)\HooTech\NetMeter\HooNetMeter.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-05-24 09:21:58 | 000,192,512 | ---- | M] () -- C:\Users\Marian\AppData\Local\Temp\sfamcc00001.dll MOD - [2013-05-24 09:21:58 | 000,158,720 | ---- | M] () -- C:\Users\Marian\AppData\Local\Temp\sfareca00001.dll MOD - [2013-05-23 07:44:07 | 000,393,168 | ---- | M] () -- C:\Users\Marian\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll MOD - [2013-05-23 07:43:59 | 004,051,408 | ---- | M] () -- C:\Users\Marian\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll MOD - [2013-05-23 07:43:06 | 000,599,504 | ---- | M] () -- C:\Users\Marian\AppData\Local\Google\Chrome\Application\27.0.1453.94\libglesv2.dll MOD - [2013-05-23 07:43:05 | 000,124,368 | ---- | M] () -- C:\Users\Marian\AppData\Local\Google\Chrome\Application\27.0.1453.94\libegl.dll MOD - [2013-05-23 07:43:03 | 001,597,392 | ---- | M] () -- C:\Users\Marian\AppData\Local\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll MOD - [2013-05-19 10:24:48 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll MOD - [2013-05-19 09:26:53 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll MOD - [2013-05-19 09:26:35 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll MOD - [2013-05-19 02:15:33 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\af642fce5dbbc2ac420bbb69d7ee7e8d\PresentationFramework.ni.dll MOD - [2013-05-19 02:15:25 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\f4acd23d37def89dc84afe0b6d9de7bb\PresentationCore.ni.dll MOD - [2013-05-19 02:15:22 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\2f008672dabefc75aca5fc4c07e8a1bb\System.Windows.Forms.ni.dll MOD - [2013-05-19 02:15:19 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll MOD - [2013-05-19 02:15:17 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\5256f7b90ea5a749015eba72990e0c23\WindowsBase.ni.dll MOD - [2013-05-19 02:15:15 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ddc3e8c2774eaec614d6775983652980\System.Configuration.ni.dll MOD - [2013-05-15 17:15:12 | 002,244,504 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll MOD - [2013-05-15 17:15:12 | 000,158,104 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll MOD - [2013-05-15 17:15:12 | 000,022,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll MOD - [2013-05-15 11:06:12 | 016,033,160 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll MOD - [2013-05-05 00:32:25 | 000,049,152 | ---- | M] () -- C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.6.3\ServerInterface.dll MOD - [2013-05-05 00:32:24 | 000,708,608 | ---- | M] () -- C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.6.3\CommonTypes.dll MOD - [2013-05-05 00:32:24 | 000,086,016 | ---- | M] () -- C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.6.3\DXGraphics.dll MOD - [2013-05-05 00:32:24 | 000,069,632 | ---- | M] () -- C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.6.3\CustomSinks.dll MOD - [2013-05-05 00:32:24 | 000,020,480 | ---- | M] () -- C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.6.3\DataInterface.dll MOD - [2013-05-05 00:32:24 | 000,020,480 | ---- | M] () -- C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.6.3\DataClient.dll MOD - [2013-05-05 00:32:23 | 000,016,384 | ---- | M] () -- C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.6.3\ChatServerInterface.dll MOD - [2013-04-10 11:30:28 | 000,439,352 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe MOD - [2013-04-02 04:00:20 | 000,368,128 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll MOD - [2013-04-02 04:00:06 | 000,216,064 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll MOD - [2013-04-02 04:00:06 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll MOD - [2013-04-02 04:00:02 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll MOD - [2013-04-02 03:59:56 | 000,056,832 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll MOD - [2013-02-26 18:36:29 | 000,327,680 | ---- | M] () -- L:\Gry\wot\voip.dll MOD - [2013-02-26 18:36:29 | 000,320,056 | ---- | M] () -- L:\Gry\wot\ortp.dll MOD - [2013-02-18 12:48:23 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll MOD - [2013-02-17 12:24:16 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll MOD - [2013-01-22 08:39:47 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\07753c0a8ed7f9bc61b0ee718f3c779d\System.Runtime.Remoting.ni.dll MOD - [2013-01-22 08:39:31 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll MOD - [2013-01-22 00:44:28 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll MOD - [2013-01-22 00:44:10 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013-01-22 00:44:09 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll MOD - [2013-01-22 00:44:00 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013-01-22 00:43:58 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013-01-22 00:43:54 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2013-01-21 19:22:36 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll MOD - [2013-01-21 19:22:34 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll MOD - [2013-01-21 19:22:33 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll MOD - [2013-01-21 19:22:30 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll MOD - [2012-11-21 07:26:34 | 000,008,704 | ---- | M] () -- C:\Users\Marian\AppData\Roaming\Thunderbird\Profiles\quc28e44.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll MOD - [2012-04-20 13:00:28 | 003,351,872 | ---- | M] () -- C:\Program Files (x86)\Plus Internet\Plus Internet.exe MOD - [2012-04-20 13:00:18 | 001,101,824 | ---- | M] () -- C:\Program Files (x86)\Plus Internet\NDISAPI.dll MOD - [2012-03-03 21:05:36 | 000,929,792 | ---- | M] () -- C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.6.3\GeckoFX\xulrunner\mozjs.dll MOD - [2012-03-03 21:03:20 | 002,979,840 | ---- | M] () -- C:\ProgramData\Firefly Studios\Stronghold Kingdoms\2.0.6.3\SlimDX.dll MOD - [2011-04-13 17:35:50 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2011-03-17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2011-02-04 19:37:01 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pl_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2011-01-10 14:49:16 | 000,035,840 | ---- | M] () -- C:\Windows\SysWOW64\dokan.dll MOD - [2010-09-28 17:37:10 | 000,270,336 | ---- | M] () -- L:\Gry\wot\libcurl.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2013-03-29 03:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2012-03-07 03:00:46 | 000,629,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV:[b]64bit:[/b] - [2011-11-23 23:17:42 | 004,727,632 | ---- | M] (O&O Software GmbH) [On_Demand | Stopped] -- C:\Program Files\OO Software\DiskImage\oodiag.exe -- (OO DiskImage) SRV:[b]64bit:[/b] - [2011-11-09 18:38:06 | 000,189,608 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R) SRV:[b]64bit:[/b] - [2011-04-27 18:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV:[b]64bit:[/b] - [2011-04-27 18:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2009-07-14 03:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC) SRV - [2013-05-17 17:21:03 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-05-15 11:06:13 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-05-10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-11-19 18:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-10-20 00:19:34 | 000,612,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- l:\programs\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SRV - [2012-10-20 00:19:30 | 000,191,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- l:\programs\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SRV - [2012-10-20 00:14:38 | 002,423,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- l:\programs\Microsoft SQL Server\MSRS11.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe -- (ReportServer$SQLEXPRESS) SRV - [2012-08-30 12:40:18 | 000,280,576 | ---- | M] (MicroStrategy Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MicroStrategy\MSTRLsn2_64.exe -- (MAPing) SRV - [2012-08-30 12:40:10 | 000,280,576 | ---- | M] (MicroStrategy Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\MicroStrategy\Intelligence Server\MSTRSvr2_64.exe -- (MicroStrategy Intelligence Server) SRV - [2012-08-30 12:30:34 | 000,196,608 | ---- | M] (MicroStrategy Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MicroStrategy\HealthCenter\MSTRExec.exe -- (MHealthAgent) SRV - [2012-08-30 12:30:34 | 000,196,608 | ---- | M] (MicroStrategy Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\MicroStrategy\HealthCenter\MSTRExec.exe -- (HealthAgent) SRV - [2012-08-30 11:49:50 | 000,118,853 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DataDirect\slserver55\bin\swstrtr.exe -- (SLSocket55) SRV - [2012-08-30 11:49:48 | 000,757,829 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DataDirect\slserver55\bin\swagent.exe -- (SLAgent55) SRV - [2012-07-21 17:44:39 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012-06-14 11:04:26 | 001,177,536 | R--- | M] (Western Digital ) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService) SRV - [2012-06-14 11:04:24 | 001,151,424 | R--- | M] (Western Digital ) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup) SRV - [2012-06-14 10:57:20 | 000,248,248 | R--- | M] (Western Digital) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService) SRV - [2012-03-29 14:36:56 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012-03-29 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012-03-29 14:36:39 | 000,165,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) SRV - [2012-02-11 09:55:36 | 000,049,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- l:\programs\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe -- (MSSQLFDLauncher$SQLEXPRESS) SRV - [2011-08-30 16:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) SRV - [2011-08-27 10:01:00 | 000,012,800 | ---- | M] (Oracle Corporation) [On_Demand | Stopped] -- L:\programs\oracle\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe -- (OracleXEClrAgent) SRV - [2011-08-27 10:00:20 | 000,512,000 | ---- | M] (Oracle Corporation) [Auto | Running] -- L:\programs\oracle\app\oracle\product\11.2.0\server\bin\TNSLSNR.EXE -- (OracleXETNSListener) SRV - [2011-08-27 09:59:56 | 000,069,632 | ---- | M] (Oracle Corporation) [On_Demand | Stopped] -- L:\programs\oracle\app\oracle\product\11.2.0\server\BIN\omtsreco.exe -- (OracleMTSRecoveryService) SRV - [2011-08-27 09:58:52 | 000,049,152 | ---- | M] () [Disabled | Stopped] -- l:\programs\oracle\app\oracle\product\11.2.0\server\Bin\extjob.exe -- (OracleJobSchedulerXE) SRV - [2011-08-27 09:58:50 | 115,773,440 | ---- | M] (Oracle Corporation) [Auto | Running] -- l:\programs\oracle\app\oracle\product\11.2.0\server\bin\ORACLE.EXE -- (OracleServiceXE) SRV - [2011-03-14 17:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DataCardService\HWDeviceService64.exe -- (HWDeviceService64.exe) SRV - [2011-01-10 14:49:20 | 000,014,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe -- (DokanMounter) SRV - [2010-11-21 05:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2010-11-21 05:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2010-11-21 05:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2010-11-04 10:30:14 | 000,918,144 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe -- (asComSvc) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-02-06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2008-01-19 21:01:08 | 004,388,192 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost) SRV - [2007-12-20 18:13:48 | 002,538,480 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe -- (SymSnapService) SRV - [2007-05-31 11:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 11:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2013-04-12 11:41:28 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:[b]64bit:[/b] - [2013-03-29 04:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2013-03-29 03:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2013-02-14 13:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2013-02-12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2013-02-06 08:42:10 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:[b]64bit:[/b] - [2013-02-06 08:42:08 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:[b]64bit:[/b] - [2012-10-20 00:25:58 | 000,336,880 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0201.sys -- (RsFx0201) DRV:[b]64bit:[/b] - [2012-08-23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2012-08-23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2012-08-23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2012-07-17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2012-05-21 01:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:[b]64bit:[/b] - [2012-05-21 01:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:[b]64bit:[/b] - [2012-05-21 01:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:[b]64bit:[/b] - [2012-04-20 13:00:36 | 000,415,744 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb) DRV:[b]64bit:[/b] - [2012-04-20 13:00:36 | 000,222,464 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:[b]64bit:[/b] - [2012-04-20 13:00:36 | 000,212,992 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm) DRV:[b]64bit:[/b] - [2012-04-20 13:00:36 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:[b]64bit:[/b] - [2012-04-20 13:00:36 | 000,098,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV:[b]64bit:[/b] - [2012-04-20 13:00:36 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:[b]64bit:[/b] - [2012-04-20 13:00:36 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV:[b]64bit:[/b] - [2012-04-20 13:00:36 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-11-30 09:09:34 | 000,358,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) DRV:[b]64bit:[/b] - [2011-11-23 23:18:22 | 000,259,312 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\oodivd.sys -- (oodivd) DRV:[b]64bit:[/b] - [2011-11-23 23:18:22 | 000,044,272 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\oodivdh.sys -- (oodivdh) DRV:[b]64bit:[/b] - [2011-11-23 23:18:20 | 000,118,000 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\oodisr.sys -- (oodisr) DRV:[b]64bit:[/b] - [2011-11-23 23:18:20 | 000,040,688 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\oodisrh.sys -- (oodisrh) DRV:[b]64bit:[/b] - [2011-11-15 05:50:14 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:[b]64bit:[/b] - [2011-09-21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135) DRV:[b]64bit:[/b] - [2011-05-11 18:14:03 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-05-11 18:14:03 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-04-27 16:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:[b]64bit:[/b] - [2011-02-17 02:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM) DRV:[b]64bit:[/b] - [2011-01-10 14:51:40 | 000,120,408 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\dokan.sys -- (Dokan) DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-12-30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt) DRV:[b]64bit:[/b] - [2009-11-18 01:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt) DRV:[b]64bit:[/b] - [2009-10-21 18:33:02 | 000,474,240 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wfeaglxt.sys -- (WFLR6654) DRV:[b]64bit:[/b] - [2009-10-13 03:15:52 | 000,061,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\l160x64.sys -- (AtcL001) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-03-15 22:13:08 | 000,040,464 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf) DRV:[b]64bit:[/b] - [2008-07-10 05:25:42 | 000,314,904 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0102.sys -- (RsFx0102) DRV:[b]64bit:[/b] - [2008-01-19 21:12:42 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV:[b]64bit:[/b] - [2008-01-19 20:45:40 | 000,045,104 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\v2imount.sys -- (v2imount) DRV:[b]64bit:[/b] - [2008-01-19 20:40:18 | 000,020,528 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vproeventmonitor.sys -- (VProEventMonitor) DRV:[b]64bit:[/b] - [2008-01-19 20:31:38 | 000,018,224 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2007-12-20 18:13:54 | 000,165,424 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\symsnap.sys -- (symsnap) DRV:[b]64bit:[/b] - [2005-03-29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV - [2013-04-10 11:30:26 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64) DRV - [2011-01-06 12:06:56 | 000,011,888 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Setup Files\Ms7751v190\NTIOLib_X64.sys -- (NTIOLib_1_0_6) DRV - [2010-10-22 11:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009-06-22 17:46:20 | 000,014,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- c:\Program Files (x86)\MSI\Live Update 5\FlashUty\AMI\AFUWIN\UCOREW64.SYS -- (UCOREW64) DRV - [2004-12-23 17:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ULCDRHlp.sys -- (ULCDRHlp) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3191762578-3339541389-2005334998-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-3191762578-3339541389-2005334998-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3191762578-3339541389-2005334998-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-3191762578-3339541389-2005334998-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3191762578-3339541389-2005334998-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;127.0.0.1; IE - HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\..\SearchScopes,DefaultScope = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Yahoo-FileServe" FF - prefs.js..browser.search.defaultenginename: "?????@Mail.Ru" FF - prefs.js..browser.search.order.2: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "megaup" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup" FF - prefs.js..browser.search.selectedEngineURL: "http://fileservehome.com/?tmp=toolbar_FileServe_results&prt=fileservetb01ff&clid=8bf44638efb54f6b9e1f59e0a2465b41&subid=&Keywords={searchTerms}" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.pl/" FF - prefs.js..extensions.enabledAddons: bettergmail2%40ginatrapani.org:1.2 FF - prefs.js..extensions.enabledAddons: eliteproxyswitcher%40my-proxy.com:1.2.0.2 FF - prefs.js..extensions.enabledAddons: fort-bar%40belle.starr.colt.com:1.0 FF - prefs.js..extensions.enabledAddons: pl%40dictionaries.addons.mozilla.org:1.0.20110621 FF - prefs.js..extensions.enabledAddons: validator%40totalvalidator.com:7.4.0 FF - prefs.js..extensions.enabledAddons: %7B4BBDD651-70CF-4821-84F8-2B918CF89CA3%7D:7.1.0 FF - prefs.js..extensions.enabledAddons: %7B5C46D283-ABDE-4dce-B83C-08881401921C%7D:2.1.7.1 FF - prefs.js..extensions.enabledAddons: %7BF807FACD-E46A-4793-B345-D58CB177673C%7D:4.0.0.1 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14 FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8 FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.7 FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.20 FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.8 FF - prefs.js..extensions.enabledAddons: %7B6AC85730-7D0F-4de0-B3FA-21142DD85326%7D:2.8 FF - prefs.js..extensions.enabledAddons: %7B3b56bcc7-54e5-44a2-9b44-66c3ef58c13e%7D:0.9.5.1 FF - prefs.js..extensions.enabledAddons: pavel.sherbakov%40gmail.com:4.3.7 FF - prefs.js..extensions.enabledAddons: foxyproxy%40eric.h.jung:4.1.4 FF - prefs.js..extensions.enabledAddons: %7B77b819fa-95ad-4f2c-ac7c-486b356188a9%7D:4.0.20130422 FF - prefs.js..extensions.enabledAddons: %7Bc45c406e-ab73-11d8-be73-000a95be3b12%7D:1.2.5 FF - prefs.js..extensions.enabledAddons: %7BEF522540-89F5-46b9-B6FE-1829E2B572C6%7D:6.2 FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.5 FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.5.4 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.7 FF - prefs.js..extensions.enabledItems: bettergmail2@ginatrapani.org:1.2 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.7.1 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.9.4 FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.1.6 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.3 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.01 FF - prefs.js..extensions.enabledItems: {31513E58-F253-47ad-86DB-D5F21E905429}:0.0.1.2006102615+ FF - prefs.js..extensions.enabledItems: pl@dictionaries.addons.mozilla.org:1.0.20110211 FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.3 FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.7.5 FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.4.0.1 FF - prefs.js..extensions.enabledItems: {9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5}:1.0 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25 FF - prefs.js..keyword.URL: "http://go.mail.ru/search?fr=fftb&q=" FF - prefs.js..network.proxy.backup.gopher: "chorizo-scanner.com" FF - prefs.js..network.proxy.backup.gopher_port: 3128 FF - prefs.js..network.proxy.ftp: "204.232.206.87" FF - prefs.js..network.proxy.ftp_port: 80 FF - prefs.js..network.proxy.gopher: "83.238.44.49" FF - prefs.js..network.proxy.gopher_port: 8080 FF - prefs.js..network.proxy.http: "59.120.218.128 " FF - prefs.js..network.proxy.http_port: 8000 FF - prefs.js..network.proxy.socks_remote_dns: true FF - prefs.js..network.proxy.ssl: "59.120.218.128 " FF - prefs.js..network.proxy.ssl_port: 8000 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Marian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Marian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-05-23 11:58:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013-05-15 17:15:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012-03-03 19:11:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\Extensions [2013-05-23 11:58:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions [2013-04-16 13:32:13 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2012-03-03 19:28:05 | 000,000,000 | ---D | M] (MinimizeToTray) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\{31513E58-F253-47ad-86DB-D5F21E905429} [2013-04-19 13:23:22 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2013-02-28 18:32:34 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2013-04-16 13:32:13 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2013-05-17 17:26:44 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2012-03-03 19:28:02 | 000,000,000 | ---D | M] (Bandwidth Tester) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\{7C06F9C2-B0D0-47b4-93B8-116C919084BA} [2012-03-03 19:28:03 | 000,000,000 | ---D | M] (Subtile) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\{88ce39f5-1e54-477c-809d-93d411720f0c} [2012-03-03 19:28:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\{907dc1bb-665f-4137-806a-fc226ba58625} [2013-03-04 18:41:40 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-03-03 19:28:04 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1} [2012-03-03 19:28:05 | 000,000,000 | ---D | M] ("Better Gmail 2") -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\bettergmail2@ginatrapani.org [2013-05-17 17:26:46 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\foxyproxy@eric.h.jung [2012-03-03 19:28:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\fsonlinescanner@f-secure.com [2013-04-24 21:31:54 | 000,000,000 | ---D | M] ("FVD Speed Dial with Full Online Sync") -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\pavel.sherbakov@gmail.com [2012-03-03 19:28:05 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\piclens@cooliris.com [2012-03-03 19:28:01 | 000,000,000 | ---D | M] (Polski slownik poprawnej pisowni) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\pl@dictionaries.addons.mozilla.org [2013-04-12 19:52:29 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Marian\AppData\Roaming\mozilla\Firefox\Profiles\zacwvo6k.default\extensions\support@lastpass.com [2013-04-06 19:38:29 | 000,275,665 | ---- | M] () (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\firefox\profiles\zacwvo6k.default\extensions\artur.dubovoy@gmail.com.xpi [2012-10-20 18:49:44 | 000,016,275 | ---- | M] () (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\firefox\profiles\zacwvo6k.default\extensions\eliteproxyswitcher@my-proxy.com.xpi [2013-05-17 17:21:50 | 002,167,422 | ---- | M] () (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\firefox\profiles\zacwvo6k.default\extensions\firebug@software.joehewitt.com.xpi [2011-10-23 22:01:51 | 000,088,874 | ---- | M] () (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\firefox\profiles\zacwvo6k.default\extensions\fort-bar@belle.starr.colt.com.xpi [2012-06-03 21:27:18 | 000,083,408 | ---- | M] () (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\firefox\profiles\zacwvo6k.default\extensions\validator@totalvalidator.com.xpi [2013-05-17 17:21:50 | 000,534,383 | ---- | M] () (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\firefox\profiles\zacwvo6k.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-05-17 17:26:44 | 000,350,626 | ---- | M] () (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\firefox\profiles\zacwvo6k.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2011-10-14 09:51:03 | 000,372,140 | ---- | M] () (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\firefox\profiles\zacwvo6k.default\extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}.xpi [2013-05-17 17:26:43 | 000,117,280 | ---- | M] () (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\firefox\profiles\zacwvo6k.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2013-05-17 17:26:43 | 001,360,435 | ---- | M] () (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\firefox\profiles\zacwvo6k.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2013-05-17 17:21:51 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\firefox\profiles\zacwvo6k.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-04 18:41:40 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\firefox\profiles\zacwvo6k.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-05-17 17:26:43 | 000,044,685 | ---- | M] () (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\firefox\profiles\zacwvo6k.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}.xpi [2011-11-16 22:39:49 | 000,529,750 | ---- | M] () (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\firefox\profiles\zacwvo6k.default\extensions\{F807FACD-E46A-4793-B345-D58CB177673C}.xpi [2008-11-17 18:14:06 | 000,001,362 | ---- | M] () (No name found) -- C:\Users\Marian\AppData\Roaming\mozilla\firefox\profiles\zacwvo6k.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}\chrome\skin\xpinstallItemGeneric.png [2013-05-17 17:21:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013-05-17 17:21:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://insajt.insidetns.pl/ CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Marian\AppData\Local\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Marian\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Marian\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll CHR - plugin: LiveVDO plug-in (Enabled) = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\chvsharetvplg.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: LiveVDO plug-in (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: Java(TM) Platform SE 7 U15 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll CHR - plugin: Java Deployment Toolkit 7.0.150.3 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - Extension: SEO Profesional Toolbar = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\adecfhccdknoobplgempjhbojlbpahhn\1.3.0_0\ CHR - Extension: Dokumenty Google = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Dysk Google = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: Session Manager = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0\ CHR - Extension: LouBOS Extension = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\beechnjeplmbdkmcnffacmoiblomipbo\1.6.0_0\ CHR - Extension: Web Developer = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm\0.4.3_0\ CHR - Extension: YouTube = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Firebug Lite for Google Chrome\u2122 = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\ CHR - Extension: Adblock Plus = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\ CHR - Extension: Szukaj w Google = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: WGT Golf Challenge = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg\45.0.0_0\ CHR - Extension: Tampermonkey = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.0.3389.11_0\ CHR - Extension: SEO Site Tools = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\diahigjngdnkdgajdbpjdeomopbpkjjc\2.91_0\ CHR - Extension: Session Buddy = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko\3.2.1_0\ CHR - Extension: Stylish = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.1_0\ CHR - Extension: LouTweak Extension = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmioinkkigieedkcjijojgpikehbfkif\1.7.4.1_0\ CHR - Extension: Edit This Cookie = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\1.2.1_0\ CHR - Extension: AdBlock = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\ CHR - Extension: LastPass = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.24_0\ CHR - Extension: Don't Starve = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc\1.0.0.37_0\ CHR - Extension: SEO & Website Analysis = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlngmmdolgbdnnimbmblfhhndibdipaf\1.0.1_0\ CHR - Extension: Firebug Console = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jodfpogckhbcjamkfgjeicoiphpligka\0.1.0.8_0\ CHR - Extension: RoboForm Lite = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kidhjpmgjfbkmcfpfakmdddddgfbhahj\4.6.2_0\ CHR - Extension: Stay Useful (Extension) = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\megmnmocdfbfgnjnfgcbnbmiflbffmek\0.81.1_0\ CHR - Extension: WebRank SEO = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkhilblbmkdnapffblmecglknalglfji\3.3.3_0\ CHR - Extension: FastestChrome - Browse Faster = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\7.1.1_0\ CHR - Extension: SEO for Chrome = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oangcciaeihlfmhppegpdceadpfaoclj\0.9.5_0\ CHR - Extension: SEO SERP = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoaoaloeipdofknnaapbmdddddioklg\0.14.5_0\ CHR - Extension: Stylist = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pabfempgigicdjjlccdgnbmeggkbjdhd\2.0.6_0\ CHR - Extension: Gmail = C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ Hosts file not found O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Reg Error: Value error.) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - Reg Error: Value error. File not found O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [ACPW06EN] C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe (ACD Systems) O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3191762578-3339541389-2005334998-1000..\Run: [AtiDriverStart] C:\Users\Marian\AppData\Local\ATI Technologies\atidxx.exe () O4 - HKU\S-1-5-21-3191762578-3339541389-2005334998-1000..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) O4 - HKU\S-1-5-21-3191762578-3339541389-2005334998-1000..\Run: [NetMeter] C:\Program Files (x86)\HooTech\NetMeter\HooNetMeter.exe (Hoo Technologies) O4 - HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com)) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 1 O7 - HKU\S-1-5-21-3191762578-3339541389-2005334998-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites) O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in ) O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in ) O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in ) O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in ) O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in ) O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in ) O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in ) O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in ) O15 - HKU\S-1-5-21-3191762578-3339541389-2005334998-1000\..Trusted Domains: clonewarsadventures.com ([]* in Zaufane witryny) O15 - HKU\S-1-5-21-3191762578-3339541389-2005334998-1000\..Trusted Domains: freerealms.com ([]* in Zaufane witryny) O15 - HKU\S-1-5-21-3191762578-3339541389-2005334998-1000\..Trusted Domains: soe.com ([]* in Zaufane witryny) O15 - HKU\S-1-5-21-3191762578-3339541389-2005334998-1000\..Trusted Domains: sony.com ([]* in Zaufane witryny) O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Reg Error: Key error.) O16:[b]64bit:[/b] - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 10.15.2) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 10.15.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1360FA00-F7CC-439B-89B9-4702E95BB36A}: NameServer = 212.2.96.53 212.2.96.54 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2E100A0A-7880-4C0D-9C43-0EAA73D98A68}: NameServer = 212.2.96.53 212.2.96.54 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B27AC62-E0A4-4D0C-874E-09DD1AD0FE28}: NameServer = 212.2.96.53 212.2.96.54 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B575EC7-3491-4064-96F0-F1C777949167}: NameServer = 212.2.96.53 212.2.96.54 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D250644E-55FA-4391-977D-3B949CCE640C}: NameServer = 212.2.96.53 212.2.96.54 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E796A5D6-ABDB-45B7-9E06-2B131B040F15}: NameServer = 212.2.96.53 212.2.96.54 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8946CA8-392F-4B28-9F1D-12E850F2D48F}: NameServer = 212.2.96.54 212.2.96.52 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F947BCBA-F86D-4D6A-9101-132DEBF15B8C}: DhcpNameServer = 192.168.0.1 O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\qvp {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - L:\programs\qlikview\QvProtocol\qvp.dll (QlikTech AB) O18 - Protocol\Handler\qvp {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Program Files (x86)\QlikView\QvProtocol\qvp.dll (QlikTech AB) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-06-09 20:22:29 | 000,075,221 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O32 - AutoRun File - [2011-03-15 00:32:10 | 000,436,768 | R--- | M] () - O:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2012-03-20 11:04:10 | 000,000,051 | R--- | M] () - O:\AUTORUN.INF -- [ CDFS ] O32 - AutoRun File - [2012-06-09 20:22:29 | 000,075,221 | ---- | M] () - S:\AutoMapaSetupLog.txt -- [ NTFS ] O33 - MountPoints2\{0262f7f0-44a1-11e2-b256-000005e7fe57}\Shell - "" = AutoRun O33 - MountPoints2\{0262f7f0-44a1-11e2-b256-000005e7fe57}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2d0547cc-654e-11e1-be30-000005e7fe57}\Shell - "" = AutoRun O33 - MountPoints2\{2d0547cc-654e-11e1-be30-000005e7fe57}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{2d0547d0-654e-11e1-be30-000005e7fe57}\Shell - "" = AutoRun O33 - MountPoints2\{2d0547d0-654e-11e1-be30-000005e7fe57}\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\{2d054806-654e-11e1-be30-001e101f57d0}\Shell - "" = AutoRun O33 - MountPoints2\{2d054806-654e-11e1-be30-001e101f57d0}\Shell\AutoRun\command - "" = Z:\AutoRun.exe O33 - MountPoints2\{672b2069-42f0-11e2-875d-000005e7fe57}\Shell - "" = AutoRun O33 - MountPoints2\{672b2069-42f0-11e2-875d-000005e7fe57}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{866f34f8-54cd-11e2-8a6f-8c89a5c59c62}\Shell - "" = AutoRun O33 - MountPoints2\{866f34f8-54cd-11e2-8a6f-8c89a5c59c62}\Shell\AutoRun\command - "" = W:\AutoRun.exe O33 - MountPoints2\{94c3aa6b-26b4-11e2-b59b-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{94c3aa6b-26b4-11e2-b59b-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{94c3aaaa-26b4-11e2-b59b-000005e7fe57}\Shell - "" = AutoRun O33 - MountPoints2\{94c3aaaa-26b4-11e2-b59b-000005e7fe57}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{94c3aad5-26b4-11e2-b59b-000005e7fe57}\Shell - "" = AutoRun O33 - MountPoints2\{94c3aad5-26b4-11e2-b59b-000005e7fe57}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{a97c49ca-1e06-11e2-8f9a-000005e7fe57}\Shell - "" = AutoRun O33 - MountPoints2\{a97c49ca-1e06-11e2-8f9a-000005e7fe57}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{a97c49e1-1e06-11e2-8f9a-000005e7fe57}\Shell - "" = AutoRun O33 - MountPoints2\{a97c49e1-1e06-11e2-8f9a-000005e7fe57}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{af37351b-4c58-11e2-86b8-8c89a5c59c62}\Shell - "" = AutoRun O33 - MountPoints2\{af37351b-4c58-11e2-86b8-8c89a5c59c62}\Shell\AutoRun\command - "" = O:\AutoRun.exe -- [2011-03-15 00:32:10 | 000,436,768 | R--- | M] () O33 - MountPoints2\{cf834762-bd3c-11e1-a5d9-001e101f57d0}\Shell - "" = AutoRun O33 - MountPoints2\{cf834762-bd3c-11e1-a5d9-001e101f57d0}\Shell\AutoRun\command - "" = S:\AutoRun.exe O33 - MountPoints2\{dcc4f6ea-447e-11e2-832e-000005e7fe57}\Shell - "" = AutoRun O33 - MountPoints2\{dcc4f6ea-447e-11e2-832e-000005e7fe57}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{dd9a3f88-1df3-11e2-99fd-001e101faa49}\Shell - "" = AutoRun O33 - MountPoints2\{dd9a3f88-1df3-11e2-99fd-001e101faa49}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{fed46b6b-1d16-11e2-b676-001e101fe5e1}\Shell - "" = AutoRun O33 - MountPoints2\{fed46b6b-1d16-11e2-b676-001e101fe5e1}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\DVDSetup.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\I\Shell - "" = AutoRun O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\J\Shell - "" = AutoRun O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\setup.exe O33 - MountPoints2\K\Shell - "" = AutoRun O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\setup.exe O33 - MountPoints2\M\Shell - "" = AutoRun O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\SETUP.EXE O33 - MountPoints2\O\Shell - "" = AutoRun O33 - MountPoints2\O\Shell\AutoRun\command - "" = O:\AutoRun.exe -- [2011-03-15 00:32:10 | 000,436,768 | R--- | M] () O33 - MountPoints2\S\Shell - "" = AutoRun O33 - MountPoints2\S\Shell\AutoRun\command - "" = S:\AutoRun.exe O33 - MountPoints2\W\Shell - "" = AutoRun O33 - MountPoints2\W\Shell\AutoRun\command - "" = W:\AutoRun.exe O33 - MountPoints2\Z\Shell - "" = AutoRun O33 - MountPoints2\Z\Shell\AutoRun\command - "" = Z:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-05-23 13:40:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAP Business One [2013-05-23 11:44:35 | 000,000,000 | ---D | C] -- C:\Users\Marian\AppData\Roaming\Malwarebytes [2013-05-23 11:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013-05-23 11:44:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013-05-23 11:44:24 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013-05-23 11:44:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013-05-21 16:15:48 | 000,000,000 | ---D | C] -- C:\Users\Marian\AppData\Local\AlawarWrapper [2013-05-19 02:11:52 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013-05-19 02:11:52 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013-05-19 02:11:51 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013-05-19 02:11:51 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013-05-19 02:11:51 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013-05-19 02:11:51 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013-05-19 02:11:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013-05-19 02:11:51 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013-05-19 02:11:51 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013-05-19 02:11:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013-05-19 02:11:51 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013-05-19 02:11:50 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013-05-19 02:11:49 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013-05-19 02:11:49 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013-05-19 02:11:48 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013-05-19 02:10:40 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013-05-19 02:10:40 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013-05-19 02:10:38 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013-05-19 02:10:38 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013-05-19 02:10:37 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013-05-19 02:10:37 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013-05-19 02:10:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013-05-17 17:20:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013-05-15 17:15:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2013-05-15 16:19:49 | 000,000,000 | ---D | C] -- C:\Users\Marian\.poseidon [2013-05-15 16:18:22 | 000,000,000 | ---D | C] -- C:\Program Files\Poseidon For UML_CE_8.0 [2013-05-15 12:15:36 | 000,000,000 | ---D | C] -- C:\Users\Marian\Documents\Notesy programu OneNote [2013-05-15 10:53:24 | 000,000,000 | ---D | C] -- C:\Users\Marian\AppData\Roaming\dvdcss [2013-05-10 16:47:24 | 000,000,000 | ---D | C] -- C:\Users\Marian\AppData\Roaming\ActiveDossierUploader [2013-05-09 15:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013-05-09 15:48:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2013-05-09 15:48:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2013-05-09 15:45:35 | 000,000,000 | ---D | C] -- C:\AMD [2013-05-06 16:52:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox [2013-05-06 16:51:58 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2013-05-06 15:24:09 | 000,000,000 | ---D | C] -- C:\Users\Marian\Documents\223102459_TV_PODSTAWOWA AXN 2013.04.08 [2013-05-06 15:24:01 | 000,000,000 | ---D | C] -- C:\Users\Marian\Documents\23102427 [2013-04-24 11:37:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dokan [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-05-24 10:11:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-05-24 10:06:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-05-24 10:02:05 | 000,002,377 | ---- | M] () -- C:\Users\Marian\Desktop\Google Chrome.lnk [2013-05-24 09:48:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3191762578-3339541389-2005334998-1000UA.job [2013-05-24 09:31:36 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-05-24 09:31:36 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-05-24 09:24:47 | 000,000,202 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job [2013-05-24 09:24:47 | 000,000,202 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2013-05-24 09:24:42 | 000,078,848 | ---- | M] () -- C:\Windows\KMSEmulator.exe [2013-05-24 09:22:12 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-05-24 09:21:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-05-24 09:21:03 | 2108,002,303 | -HS- | M] () -- C:\hiberfil.sys [2013-05-24 00:48:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3191762578-3339541389-2005334998-1000Core.job [2013-05-23 21:27:17 | 007,808,046 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-05-23 21:27:17 | 002,819,378 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-05-23 21:27:17 | 002,727,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-05-23 21:27:17 | 001,087,098 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-05-23 21:27:17 | 001,046,480 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-05-23 17:01:07 | 000,412,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-05-23 13:41:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\dev_hwid [2013-05-21 18:17:11 | 000,995,328 | ---- | M] () -- C:\Users\Marian\Documents\Wykładowcy.accdb [2013-05-21 18:17:04 | 000,589,824 | ---- | M] () -- C:\Users\Marian\Documents\Tworzenie relacji.accdb [2013-05-21 16:15:34 | 000,001,185 | ---- | M] () -- C:\Users\Marian\Desktop\Oozi Earth Adventure.lnk [2013-05-21 12:00:35 | 000,556,196 | ---- | M] () -- C:\Windows\SysWow64\phatk121016Juniperv2w128l4.bin [2013-05-17 18:42:13 | 000,001,155 | ---- | M] () -- C:\Users\Marian\Desktop\JDownloader.lnk [2013-05-15 11:06:13 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-05-15 11:06:13 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-05-15 11:06:06 | 009,195,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2013-05-09 15:50:26 | 000,001,342 | ---- | M] () -- C:\Users\Marian\Desktop\GPU-Z.lnk [2013-05-09 15:37:20 | 000,007,595 | ---- | M] () -- C:\Users\Marian\AppData\Local\resmon.resmoncfg [2013-05-09 11:47:05 | 000,000,987 | ---- | M] () -- C:\Users\Marian\Desktop\SpeedFan.lnk [2013-05-09 11:47:04 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo [2013-05-07 11:36:05 | 000,001,120 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2013-05-06 23:45:46 | 000,002,106 | ---- | M] () -- C:\Users\Marian\Documents\.Rhistory [2013-05-06 16:52:01 | 000,001,086 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2013-05-06 15:22:57 | 017,609,342 | ---- | M] () -- C:\Users\Marian\Documents\23102427.ZIP [2013-05-06 15:22:57 | 000,782,766 | ---- | M] () -- C:\Users\Marian\Documents\223102459_TV_PODSTAWOWA AXN 2013.04.08.zip [2013-05-05 12:24:19 | 000,001,066 | ---- | M] () -- C:\Users\Marian\Desktop\MSI Afterburner.lnk [2013-05-05 00:53:33 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\CLICKBIOSII.lnk [2013-04-25 12:01:19 | 000,001,957 | ---- | M] () -- C:\Users\Marian\Documents\DU Meter Report.html [2013-04-24 11:38:17 | 000,000,577 | ---- | M] () -- C:\Users\Marian\Desktop\World of Tanks XVM.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-05-21 12:00:35 | 000,556,196 | ---- | C] () -- C:\Windows\SysWow64\phatk121016Juniperv2w128l4.bin [2013-05-17 18:42:13 | 000,001,155 | ---- | C] () -- C:\Users\Marian\Desktop\JDownloader.lnk [2013-05-09 15:50:26 | 000,001,342 | ---- | C] () -- C:\Users\Marian\Desktop\GPU-Z.lnk [2013-05-06 16:52:01 | 000,001,086 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2013-05-06 15:22:57 | 000,782,766 | ---- | C] () -- C:\Users\Marian\Documents\223102459_TV_PODSTAWOWA AXN 2013.04.08.zip [2013-05-06 15:22:55 | 017,609,342 | ---- | C] () -- C:\Users\Marian\Documents\23102427.ZIP [2013-04-24 11:37:56 | 000,000,577 | ---- | C] () -- C:\Users\Marian\Desktop\World of Tanks XVM.lnk [2013-04-15 15:55:22 | 001,413,536 | ---- | C] () -- C:\Windows\SysWow64\diablo130302Juniperv2w128l4.bin [2013-03-29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe [2013-03-29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe [2013-03-17 20:58:34 | 000,707,504 | ---- | C] () -- C:\Users\Marian\AppData\Local\unins000.exe [2013-02-27 19:58:15 | 000,000,034 | ---- | C] () -- C:\Windows\saplogon.ini [2013-02-27 19:51:22 | 000,647,168 | ---- | C] () -- C:\Windows\AutoKMS.exe [2013-02-27 19:51:22 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini [2013-02-27 19:50:59 | 000,078,848 | ---- | C] () -- C:\Windows\KMSEmulator.exe [2013-01-27 23:14:29 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat [2013-01-26 19:21:51 | 000,001,743 | ---- | C] () -- C:\Windows\ODBC.INI [2013-01-26 19:21:50 | 000,000,191 | ---- | C] () -- C:\Windows\ODBCINST.INI [2013-01-26 14:54:19 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2013-01-26 14:54:01 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2013-01-26 14:53:50 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2013-01-26 14:53:50 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2013-01-26 13:16:18 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll [2013-01-26 13:16:18 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll [2013-01-07 00:22:34 | 000,000,218 | ---- | C] () -- C:\Users\Marian\.recently-used.xbel [2013-01-06 14:35:23 | 000,000,000 | ---- | C] () -- C:\Windows\Bench32_2.47(dobreprogramy.pl).INI [2012-12-23 21:10:28 | 000,007,595 | ---- | C] () -- C:\Users\Marian\AppData\Local\resmon.resmoncfg [2012-11-27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012-09-28 16:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll [2012-08-28 10:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012-08-28 10:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012-08-28 10:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012-08-28 10:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012-08-28 10:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012-07-21 17:44:49 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-07-21 17:44:38 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012-06-08 17:07:15 | 000,000,002 | ---- | C] () -- C:\Windows\SysWow64\Dvbpws.dll [2012-06-08 17:01:46 | 000,000,350 | ---- | C] () -- C:\Windows\SysWow64\AF15IRTBL.bin [2012-06-08 16:55:27 | 000,001,376 | ---- | C] () -- C:\Windows\SysWow64\wnpa32.sys [2012-06-08 16:54:01 | 000,000,022 | ---- | C] () -- C:\Windows\SysWow64\winpoa06.sys [2012-05-19 18:32:32 | 000,006,144 | ---- | C] () -- C:\Users\Marian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-04-25 22:26:40 | 000,001,120 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012-04-15 19:06:34 | 000,011,761 | ---- | C] () -- C:\Users\Marian\AppData\Local\unins000.msg [2012-04-15 19:06:34 | 000,007,705 | ---- | C] () -- C:\Users\Marian\AppData\Local\unins000.dat [2012-03-09 06:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012-03-09 06:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012-03-07 02:40:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [2012-03-04 13:26:11 | 000,000,022 | ---- | C] () -- C:\Windows\simpwt.dat [2012-03-03 19:02:24 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012-03-03 18:55:55 | 006,225,300 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-03-03 17:12:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-09-13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013-02-27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2012-10-03 20:56:22 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\ACD Systems [2013-05-10 21:01:09 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\ActiveDossierUploader [2012-04-23 23:56:58 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Alawar [2012-04-29 23:29:13 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Alawar Stargaze [2012-05-09 17:16:02 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\AlawarEntertainment [2013-04-06 15:17:49 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\andro [2013-01-23 20:34:44 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Argonyt [2013-04-16 13:43:23 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Artisteer [2012-08-04 22:31:38 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Awem [2013-02-10 18:39:39 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\DarknessII [2012-05-14 16:41:40 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\DocClockGame [2012-10-29 19:29:33 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Downloaded Installations [2013-03-17 21:21:53 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 [2012-07-26 23:22:37 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\EleFun Games [2013-03-02 23:43:03 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\EurekaLog [2012-08-07 23:50:42 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\FileDoumi [2012-03-03 21:05:59 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Firefly Studios [2012-06-30 09:38:10 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Foxit Software [2013-01-30 21:57:12 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Friday's games [2013-05-07 11:58:42 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\GG [2012-03-05 20:03:57 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\GHISLER [2012-05-24 21:17:34 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\GO Games [2013-01-07 00:20:36 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\gtk-2.0 [2012-12-23 20:30:47 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\HD Tune Pro [2012-05-11 22:19:58 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Helios [2012-03-04 13:30:09 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\HTNetMeter [2012-06-12 19:05:38 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\ImgBurn [2012-03-18 23:49:26 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\JaiboGames [2013-03-08 00:16:26 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\MicroStrategy [2013-02-23 13:21:00 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\MOBILedit [2012-11-12 19:44:41 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\MumboJumbo [2012-03-04 13:34:29 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Net Meter Pro [2013-03-14 21:36:52 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Omerta [2012-08-07 23:51:26 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\OpenTab [2013-04-13 22:15:41 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Outlook AutoConfig [2012-06-09 20:15:51 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Patcher [2012-10-29 19:30:09 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\PingPlotter [2012-12-17 22:07:10 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Plus Internet [2013-05-22 21:45:48 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\QlikTech [2012-09-02 19:42:50 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Rockers Team [2013-04-23 12:06:39 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\RStudio [2012-07-26 22:15:21 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Sahmon Games [2013-02-25 18:32:18 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Samsung [2013-01-26 16:33:49 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Specialbit [2013-04-12 20:05:39 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\SQL Developer [2013-04-12 20:05:40 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Subversion [2013-04-17 16:41:24 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Systweak [2012-05-11 22:30:49 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\TextPad [2012-05-27 17:23:21 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\The Darkness II [2013-04-16 11:42:12 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Thunderbird [2013-03-10 19:52:12 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Trine2 [2013-05-24 02:16:30 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\TS3Client [2012-07-21 17:44:37 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Ubisoft [2012-03-05 00:10:58 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\VampireSagaHL [2012-07-26 22:03:25 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Vessel [2012-05-11 23:31:52 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\VOS [2013-04-24 09:58:28 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\wargaming.net [2012-12-23 00:02:19 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\Wireshark [2012-05-09 17:11:33 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\WOTModInstaller [2012-09-26 20:43:06 | 000,000,000 | ---D | M] -- C:\Users\Marian\AppData\Roaming\WoT_StartPack [color=#E56717]========== Purity Check ==========[/color] < End of report >