OTL logfile created on: 2013-12-27 16:03:28 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Pobrane Pliki
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,99 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 58,67% Memory free
5,98 Gb Paging File | 3,59 Gb Available in Paging File | 60,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 75,04 Gb Total Space | 11,03 Gb Free Space | 14,70% Space Free | Partition Type: NTFS
Drive D: | 390,62 Gb Total Space | 30,89 Gb Free Space | 7,91% Space Free | Partition Type: NTFS
 
Computer Name: CZAREK-KOMPUTER | User Name: Czarek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-12-27 15:49:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Pobrane Pliki\OTL.exe
PRC - [2013-12-27 15:35:44 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Users\Czarek\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
PRC - [2013-10-23 23:39:14 | 001,017,224 | ---- | M] (Flux Software LLC) -- C:\Users\Czarek\AppData\Local\FluxSoftware\Flux\flux.exe
PRC - [2013-10-19 06:19:35 | 000,037,344 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe
PRC - [2013-10-19 06:19:34 | 000,032,736 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
PRC - [2013-10-03 07:13:48 | 000,140,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2013-08-15 13:11:32 | 000,483,328 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2013-08-15 13:10:46 | 000,209,408 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2013-05-11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-12-14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-12-14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-12-14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012-11-23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012-05-22 16:36:13 | 004,942,336 | ---- | M] (FNet Co., Ltd.) -- C:\Program Files\XFastUsb\XFastUsb.exe
PRC - [2012-03-14 16:38:14 | 000,913,752 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2012-03-06 17:39:50 | 000,574,296 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
PRC - [2012-02-02 21:25:30 | 000,458,464 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe
PRC - [2011-11-10 10:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2011-10-25 17:13:21 | 000,079,360 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-25 20:31:10 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2010-07-28 11:23:14 | 001,493,608 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
PRC - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009-07-08 14:32:50 | 001,233,195 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
PRC - [2009-05-04 18:05:04 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
PRC - [2009-02-23 04:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-12-27 15:35:45 | 000,592,896 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0168\~de6248.tmp
MOD - [2013-12-27 15:35:44 | 000,697,884 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0168\~df394b.tmp
MOD - [2013-10-09 21:28:35 | 013,320,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\51c959815de499d10456ec684abf02bf\System.Web.ni.dll
MOD - [2013-10-09 21:28:29 | 000,786,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\5b44a8db5b70143f27fb695b5f72930d\System.Runtime.Remoting.ni.dll
MOD - [2013-10-09 21:28:24 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\18e76c3868d682a7c065bccd142eeec1\WindowsBase.ni.dll
MOD - [2013-10-09 21:28:22 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\d913e7d0b1d32187e0c234f8a1a581fc\System.Core.ni.dll
MOD - [2013-10-09 21:28:21 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c5db04fde4893300ff28045ce4f7567d\System.Windows.Forms.ni.dll
MOD - [2013-10-09 21:28:17 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\edb27e2c25837f79902054965d6813cd\System.Configuration.ni.dll
MOD - [2013-09-20 16:38:24 | 000,229,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ResourceMan446ca0e5#\53dbedcbabaec8ae1de945ae14de1a23\ResourceManagement.Foundation.Implementation.ni.dll
MOD - [2013-09-20 16:38:23 | 000,313,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MOM.Implementation\04f1dd4f1313f87f7e061b88b923a0c3\MOM.Implementation.ni.dll
MOD - [2013-09-20 16:38:21 | 000,222,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundat03490438#\d3c40a63e13b5a601bac7bf7a2b036ba\LOG.Foundation.Implementation.ni.dll
MOD - [2013-09-20 16:38:15 | 000,049,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundat60cdf5df#\4f3c664f4b796254fe1c3bfbb7d590ef\CLI.Foundation.XManifest.ni.dll
MOD - [2013-09-20 16:38:14 | 000,786,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone26c9c557#\d3e593c8be86dd260fc8bed9503b882b\CLI.Component.Systemtray.ni.dll
MOD - [2013-09-20 16:38:12 | 000,204,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.73911eb5#\e4ee019b676ae1cdb1f97a49526209e8\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
MOD - [2013-09-20 16:38:10 | 000,187,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone6692ca50#\6be96472e26449daa9cec780c1078eda\CLI.Component.Runtime.ni.dll
MOD - [2013-09-20 16:38:10 | 000,095,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ATICCCom\07f5da2b82b9b29021f56deca6d1fcc2\ATICCCom.ni.dll
MOD - [2013-09-20 16:38:10 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componeb4d0485c#\376586f748cf5808b1f8dab7a5eb850b\CLI.Component.Runtime.Extension.EEU.ni.dll
MOD - [2013-09-20 16:38:04 | 000,146,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone29e547cc#\e50c46c5021ad50f6eb97d8ddd94e4e9\CLI.Component.Dashboard.ProfileManager2.ni.dll
MOD - [2013-09-20 16:38:03 | 000,754,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone6bf88b08#\5af3fa59b13de47d395b5f93ffe4c15d\CLI.Component.Dashboard.ni.dll
MOD - [2013-09-20 16:38:01 | 000,143,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Combine930f827b#\a1b9b74ebb9fc687116d5145fe53a0f7\CLI.Combined.HydraVision.Aspects.Runtime.ni.dll
MOD - [2013-09-20 16:38:00 | 000,756,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Combine7332395e#\c20cccda19d4f1a371c6f6101efac26c\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
MOD - [2013-09-20 16:38:00 | 000,038,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.382a3def#\4a340552dd5feddae3a936399464507c\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
MOD - [2013-09-20 16:37:59 | 002,275,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Combine0616f305#\866e63679808634e8552968fc46e15f5\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
MOD - [2013-09-20 16:37:56 | 000,038,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Pdb36d56e#\c7adbc97b391ea54b9ec4396e1d13af2\CLI.Caste.Platform.Runtime.ni.dll
MOD - [2013-09-20 16:37:55 | 000,026,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Pac40511b#\e60283c43f563635c2e377623019f2a4\CLI.Caste.Platform.Shared.ni.dll
MOD - [2013-09-20 16:37:55 | 000,023,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Pfeefa2b6#\3aab05e723fd16f980abb5bd8fe56e8b\CLI.Caste.Platform.Dashboard.ni.dll
MOD - [2013-09-20 16:37:54 | 000,039,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.H18c99613#\94d6603fa88562930ab404844b796df2\CLI.Caste.HydraVision.Runtime.ni.dll
MOD - [2013-09-20 16:37:53 | 000,026,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.H92ba4e46#\f4a3646dc1d959a6a8f942c2878ad2e6\CLI.Caste.HydraVision.Shared.ni.dll
MOD - [2013-09-20 16:37:53 | 000,025,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Hbb906c0b#\81dcb4c761fc4b9f417ca6c07647aed5\CLI.Caste.HydraVision.Dashboard.ni.dll
MOD - [2013-09-20 16:37:51 | 002,169,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.G962aa464#\9a41eb41d1161937846e6c87faf4f84d\CLI.Caste.Graphics.Runtime.ni.dll
MOD - [2013-09-20 16:37:48 | 000,236,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.F36b07a2b#\d33e2e93f29a7209a4414c0d5adfa6cc\CLI.Caste.Fuel.Runtime.ni.dll
MOD - [2013-09-20 16:37:48 | 000,033,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Fuel.Foundation\6b7ce766bb8706a55ec88c13bd59a2b6\Fuel.Foundation.ni.dll
MOD - [2013-09-20 16:37:48 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Ff3085433#\6e183d7294a3f6bb4fd80524633a7b82\CLI.Caste.Fuel.Dashboard.ni.dll
MOD - [2013-09-20 16:37:47 | 000,047,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.A4.Runtime\884ffb8435d3675960a71ca0f1ef4b52\CLI.Caste.A4.Runtime.ni.dll
MOD - [2013-09-20 16:37:46 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Af820fedc#\0df7c0cc3aea440b5905c55ed27ed03f\CLI.Caste.A4.Dashboard.ni.dll
MOD - [2013-09-20 16:37:40 | 000,041,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.ef3eaa4d#\b8cc3a710e977fe46f5884ffdd5b1a6c\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
MOD - [2013-09-20 16:37:39 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.3a6f1658#\14abe740dd4392edb705bd137e71370d\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
MOD - [2013-09-20 16:37:39 | 000,068,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.4bbb0755#\d5c24a6649a3ff5215943f8bb7f388d2\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
MOD - [2013-09-20 16:37:38 | 000,048,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.fdcb645d#\2e5850ebcb776ec462815534b1327552\CLI.Aspect.Settings.HydraVision.Shared.ni.dll
MOD - [2013-09-20 16:37:34 | 000,566,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.8d333b6b#\cf10330515c6aa70c6702d0b1e7860df\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
MOD - [2013-09-20 16:37:33 | 003,162,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.e9fd7406#\dc73214066350b91342859c1db18c153\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
MOD - [2013-09-20 16:37:26 | 000,249,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.c7aaa0f8#\5001c4d8bfa471c7e35224a5570c7502\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
MOD - [2013-09-20 16:37:25 | 000,217,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.87ad5c75#\9b4035bc8a4f166b4541ffeb2ed540af\CLI.Aspect.OverDrive5.Graphics.Dashboard.ni.dll
MOD - [2013-09-20 16:37:22 | 000,043,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.dd2ab3e8#\880a04be84c6227592db17e28f1b10d8\CLI.Aspect.MultiDesk.HydraVision.Shared.ni.dll
MOD - [2013-09-20 16:37:21 | 000,513,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.846fa813#\5ed810a8d713ba106bc96a2077714948\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
MOD - [2013-09-20 16:37:20 | 000,211,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.e8635fc7#\02012faf4dba7ee559e14df5cb004d1c\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
MOD - [2013-09-20 16:37:20 | 000,035,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.5432938c#\5c4ad7e8736c747388a53498667bc638\CLI.Aspect.MDProp.HydraVision.Shared.ni.dll
MOD - [2013-09-20 16:37:19 | 000,034,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.bdcffe00#\b68068d83bd9db8845ea07b9b42d865b\CLI.Aspect.Grid.HydraVision.Shared.ni.dll
MOD - [2013-09-20 16:37:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.G60338cc0#\faf68d835ddbaa7ca1f73d7311696197\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
MOD - [2013-09-20 16:37:11 | 000,060,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.b0a7c1fb#\f39be425f7322bfe33ee6bd318485f9e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
MOD - [2013-09-20 16:37:10 | 000,242,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.9b707b25#\dc92012563ea207c779546887d97a14d\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
MOD - [2013-09-20 16:37:10 | 000,071,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.ae5e117c#\a93363715c21f8e72976b2a5d442fbef\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
MOD - [2013-09-20 16:37:08 | 001,585,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.aa59351a#\56b3fb7d93718b85c39372d3040c5fb4\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
MOD - [2013-09-20 16:37:08 | 000,194,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.eda8935e#\a6dced10c81e9a4156f5e3e3ebd70f8c\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
MOD - [2013-09-20 16:37:07 | 000,650,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.e6d9f3a8#\e2c2d0b41b640867711d5c40ce715ec2\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
MOD - [2013-09-20 16:37:06 | 000,041,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.20568423#\5ffcf6aae745860ab0e79d65fd32dcf3\CLI.Aspect.DeskMan.HydraVision.Shared.ni.dll
MOD - [2013-09-20 16:37:04 | 000,017,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.c854b457#\9da8d90d39dbeffa7bd1c433618f5c56\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
MOD - [2013-09-20 16:37:03 | 000,438,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.8e996306#\6b27fbd69649249b3ce5d9559d93d246\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
MOD - [2013-09-20 16:37:02 | 000,038,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.F24de14fe#\e617ed6d70be01199a84a64d28248387\CLI.Caste.Fuel.Shared.ni.dll
MOD - [2013-09-20 16:37:01 | 000,384,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Gee7d2dbc#\69ed79c6c6faee76658af616d4f941e3\CLI.Caste.Graphics.Dashboard.ni.dll
MOD - [2013-09-20 16:37:01 | 000,165,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.4542c692#\ac594b22e0d2b1a9c644de9ee3867cc4\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
MOD - [2013-09-20 16:37:01 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.a0ae52bc#\f291646fe59dfe692375bf37e91f3f34\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
MOD - [2013-09-20 16:37:01 | 000,024,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.37d3d968#\304519bf19d2b3e55e1ed362ee2b29aa\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
MOD - [2013-09-20 16:37:00 | 000,360,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.acb9d930#\24b336811f71088923e5b7afcd3f08f5\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
MOD - [2013-09-20 16:37:00 | 000,228,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.7ec2db45#\5db23e34e6115577978ee304d47c7279\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
MOD - [2013-09-20 16:36:59 | 001,446,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Gd9d9b43b#\0c822a1509fea72d955725357a6cf8ee\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
MOD - [2013-09-20 16:36:59 | 000,099,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.3399d0ec#\69b7305d89ca5190e55ba9d743a13bbe\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
MOD - [2013-09-20 16:36:58 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.ec8786e5#\217c64ce81696227710ffe248f185dec\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
MOD - [2013-09-20 16:36:57 | 000,125,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone59f353b4#\6da546343406b63fe30835d1b3ea322d\CLI.Component.Runtime.Shared.Private.ni.dll
MOD - [2013-09-20 16:36:56 | 001,944,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Wfbf9373c#\4baef58fc0ca36bea031f673f59d7710\Microsoft.WindowsAPICodePack.Shell.ni.dll
MOD - [2013-09-20 16:36:56 | 000,038,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.A4.Shared\6ba11ef4888818677f6439a10e79271e\CLI.Caste.A4.Shared.ni.dll
MOD - [2013-09-20 16:36:55 | 000,748,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundatd3771151#\27566d47e44bf21745825fc7b4749c31\CLI.Foundation.Client.ni.dll
MOD - [2013-09-20 16:36:55 | 000,269,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.W8090224c#\8ec4fd9f78a31ff080a8a067a2510c50\Microsoft.WindowsAPICodePack.ni.dll
MOD - [2013-09-20 16:36:54 | 000,071,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componef4cf054f#\dd0183cd0f683fda9b826fd4ccda1db1\CLI.Component.Dashboard.Shared.ni.dll
MOD - [2013-09-20 16:36:54 | 000,023,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ResourceManf163905a#\4dd06e4ed3a354d46da121d6dbf03334\ResourceManagement.Foundation.Private.ni.dll
MOD - [2013-09-20 16:36:54 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componef1fd67b2#\f53d8afb99e81318db0da00396f2101f\CLI.Component.Client.Shared.ni.dll
MOD - [2013-09-20 16:36:53 | 001,565,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componec89c3bec#\5533b2e71170d35b2d2cce10a100f075\CLI.Component.Dashboard.Shared.Private.ni.dll
MOD - [2013-09-20 16:36:53 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone168638d1#\7edfee88002bf09f70ea78fa106e4f97\CLI.Component.Client.Shared.Private.ni.dll
MOD - [2013-09-20 16:36:51 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundatcaafa75b#\b1131a45bb6b351c45eaaca4749752a0\LOG.Foundation.Implementation.Private.ni.dll
MOD - [2013-09-20 16:36:51 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MOM.Foundation\68f20f6c735eb6a48ac5677dadc7a616\MOM.Foundation.ni.dll
MOD - [2013-09-20 16:36:50 | 001,753,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.G60a7b4d1#\1a9f7fa2d570683c98517e8d5875fdc2\CLI.Caste.Graphics.Shared.ni.dll
MOD - [2013-09-20 16:36:50 | 000,153,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CCC.Implementation\78d6a7c3e11f4445edb6aa204ff98290\CCC.Implementation.ni.dll
MOD - [2013-09-20 16:36:48 | 000,868,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Localizatio01dbc1c0#\4c26e421f3802eafc532c0d987b04024\Localization.Foundation.Private.ni.dll
MOD - [2013-09-20 16:36:48 | 000,205,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\APM.Server\399eb76eaf290de7105c228baa63431c\APM.Server.ni.dll
MOD - [2013-09-20 16:36:48 | 000,075,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundat3d5d3945#\b58e162fa88bb704d28645b39b55148e\CLI.Foundation.Private.ni.dll
MOD - [2013-09-20 16:36:47 | 000,046,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\APM.Foundation\51f80f68c4a8eae6be58b13b2e5f45fb\APM.Foundation.ni.dll
MOD - [2013-09-20 16:36:45 | 000,242,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundation\a02754de44ab6bafa509267cf2dc26ed\CLI.Foundation.ni.dll
MOD - [2013-09-20 16:36:45 | 000,197,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Server\7d79389fecf672c9c5cd347494d95860\AEM.Server.ni.dll
MOD - [2013-09-20 16:36:44 | 000,222,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.5d945b6b#\5f1b7989dce4574b6f9b6b0e35e912e1\AEM.Plugin.Source.Kit.Server.ni.dll
MOD - [2013-09-20 16:36:44 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundat619559bd#\71745af0acd729ad7251ac5b86a09774\CLI.Foundation.CoreAudioAPI.ni.dll
MOD - [2013-09-20 16:36:44 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.674d2b8a#\6fa49ffd061a6b6187e32eb917e2f3d8\AEM.Plugin.WinMessages.Shared.ni.dll
MOD - [2013-09-20 16:36:44 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone1b4a8c97#\50ef9388c6c9456c09284447854ca3c7\CLI.Component.Runtime.Shared.ni.dll
MOD - [2013-09-20 16:36:43 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics\a1a0cfc9a4f25fb0e40efcbbb764948f\DEM.Graphics.ni.dll
MOD - [2013-09-20 16:36:42 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Server.Shared\079f5e9a968e4dea5878ba44e154fdd0\AEM.Server.Shared.ni.dll
MOD - [2013-09-20 16:36:40 | 000,015,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.2b6a6775#\d1ef0b8a86f7e10719e70f7dcefb3643\AEM.Plugin.Hotkeys.Shared.ni.dll
MOD - [2013-09-20 16:36:40 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.88aba5d2#\1a5b6fcc43211caebd4aae424c346b7e\AEM.Plugin.REG.Shared.ni.dll
MOD - [2013-09-20 16:36:40 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.GD.Shared\1b945bea8e82a7c1d1c3d605be3e6498\AEM.Plugin.GD.Shared.ni.dll
MOD - [2013-09-20 16:36:39 | 000,012,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.0a1309f7#\831c3dc8a4a792fbcfe0e5538bbc7e5e\AEM.Plugin.EEU.Shared.ni.dll
MOD - [2013-09-20 16:36:38 | 000,615,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ADL.Foundation\05f61dd4a0654e2a27caf183b5f10109\ADL.Foundation.ni.dll
MOD - [2013-09-20 16:36:38 | 000,046,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\NEWAEM.Foundation\6a2553ea7b1e2baff524d607876b19ad\NEWAEM.Foundation.ni.dll
MOD - [2013-09-20 16:36:38 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Actions5dc83b46#\49e33ea95a45cd965975ca7ad3ff7832\AEM.Actions.CCAA.Shared.ni.dll
MOD - [2013-09-20 16:36:37 | 000,115,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundat5023f8e7#\7c33bf1753524846b52af28e177f7f38\LOG.Foundation.Private.ni.dll
MOD - [2013-09-20 16:36:37 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundation\a96e456f5b6b61eb2c7bb66466f7be0c\LOG.Foundation.ni.dll
MOD - [2013-09-20 16:36:37 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\A4.Foundation\c68f5db7b219fb0e637257b058d2a1f1\A4.Foundation.ni.dll
MOD - [2013-09-05 15:27:30 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\d187afdee972b70222b76bd6aed1f742\PresentationFramework-SystemXml.ni.dll
MOD - [2013-09-04 21:42:52 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MOM\4b2ff8a6aca4291cb8dac57a8905e4da\MOM.ni.exe
MOD - [2013-09-04 21:42:47 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0812\f8e223ea1f4e11532a2af762f0ee9e51\DEM.Graphics.I0812.ni.dll
MOD - [2013-09-04 21:42:47 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0805\d953c79bb70ef062bd0d73f28c24745e\DEM.Graphics.I0805.ni.dll
MOD - [2013-09-04 21:42:34 | 000,015,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0703\e07cfac2df008ec1f31494cc79a7e171\DEM.Graphics.I0703.ni.dll
MOD - [2013-09-04 21:42:26 | 000,027,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I1010\60a10be47e72ebfdaad0df579daa9201\DEM.Graphics.I1010.ni.dll
MOD - [2013-09-04 21:42:26 | 000,012,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0906\da12daa6b665dd4d177ffa139be2fe88\DEM.Graphics.I0906.ni.dll
MOD - [2013-09-04 20:14:10 | 000,062,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0709\735d5d1db238d7a857f523f3d196bd0e\DEM.Graphics.I0709.ni.dll
MOD - [2013-09-04 20:14:06 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0804\926d99fc63d74e2f53d4aa1aa5068940\DEM.Graphics.I0804.ni.dll
MOD - [2013-09-04 20:14:06 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0912\df950665b867f82cf11f5958aaa3fdb1\DEM.Graphics.I0912.ni.dll
MOD - [2013-09-04 20:14:06 | 000,012,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0706\679c4ceffb61b1b3023e218952821602\DEM.Graphics.I0706.ni.dll
MOD - [2013-09-04 20:14:06 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0712\f295fcac75951d11752c8976e6c7c86d\DEM.Graphics.I0712.ni.dll
MOD - [2013-09-04 20:13:52 | 000,257,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\c5a824b183c687586e362140690996a8\WindowsFormsIntegration.ni.dll
MOD - [2013-09-04 20:13:44 | 000,018,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CCC\10eb5851d900eb3d636a9e9f16308961\CCC.ni.exe
MOD - [2013-09-04 20:13:37 | 000,091,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0601\0078e80749f7db16cd6891c4d37bc188\DEM.Graphics.I0601.ni.dll
MOD - [2013-09-04 20:13:37 | 000,021,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Foundation\78fde966036e6177c48e7d4e9eecc54b\DEM.Foundation.ni.dll
MOD - [2013-09-04 16:22:25 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\775d60de39c6f0b49f1640c4e6c8de09\PresentationFramework.ni.dll
MOD - [2013-09-04 16:22:18 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f4fff5d6e716c439b944025d3994170d\System.Xaml.ni.dll
MOD - [2013-09-04 16:22:16 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8e3d6080e8eaaaf28389f3742ff9acdd\PresentationCore.ni.dll
MOD - [2013-09-04 16:22:14 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\cceaf9d7891fc325a90473aa9a661661\System.Drawing.ni.dll
MOD - [2013-09-04 16:22:12 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\82d58d49946f82eb56bae40f3b097784\System.Xml.ni.dll
MOD - [2013-09-04 16:22:09 | 000,462,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7dd4cd3e4768d2aa55af60c838790088\PresentationFramework.Aero.ni.dll
MOD - [2013-09-04 16:22:08 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ac79b74f022d9a096de2b884f4249543\System.ni.dll
MOD - [2013-09-04 16:22:04 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll
MOD - [2013-07-25 01:49:46 | 000,396,240 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
MOD - [2013-07-25 01:49:45 | 013,599,184 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
MOD - [2013-07-25 01:49:44 | 004,052,944 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013-07-25 01:48:54 | 000,601,552 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
MOD - [2013-07-25 01:48:53 | 000,123,344 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Google\Chrome\Application\28.0.1500.95\libegl.dll
MOD - [2013-07-25 01:48:51 | 001,597,392 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2011-11-10 21:43:26 | 000,138,072 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\ASCv5ExtMenu.dll
MOD - [2011-02-28 21:42:14 | 000,652,800 | ---- | M] () -- C:\Program Files\IZArc\IZArcCM.dll
MOD - [2010-11-25 20:30:38 | 000,090,112 | ---- | M] () -- C:\Program Files\ATI Technologies\HydraVision\hydraplk.dll
MOD - [2009-04-20 10:55:58 | 000,148,480 | ---- | M] () -- C:\Windows\System32\APOMngr.DLL
MOD - [2009-02-06 17:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\System32\CmdRtr.DLL
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013-12-11 15:23:03 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-11-26 09:29:52 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013-10-19 06:19:35 | 000,037,344 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe -- (PSUAService)
SRV - [2013-10-03 07:13:48 | 000,140,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2013-08-15 13:10:46 | 000,209,408 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013-07-11 16:53:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013-05-11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-12-14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-12-14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-03-14 16:38:14 | 000,913,752 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012-02-02 21:25:30 | 000,458,464 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2011-10-26 19:45:16 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011-10-25 17:14:14 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011-10-25 17:13:45 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011-10-25 17:13:21 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe -- (Sound Blaster X-Fi MB Licensing Service)
SRV - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-02-23 04:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008-12-22 10:52:16 | 000,104,944 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\ghnloyb.sys -- (qibokemq)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (adzmbb9v)
DRV - [2013-10-17 20:31:28 | 000,145,640 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2013-10-11 10:46:25 | 000,127,720 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2013-10-11 10:46:25 | 000,097,512 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PSINReg.sys -- (PSINReg)
DRV - [2013-10-11 10:46:24 | 000,114,920 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2013-10-11 10:45:49 | 000,175,848 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2013-10-11 10:45:49 | 000,105,704 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2013-08-20 07:02:14 | 000,182,680 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013-08-20 07:02:14 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013-08-15 14:07:54 | 011,037,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2013-08-15 12:38:44 | 000,495,104 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2013-07-05 09:40:32 | 000,078,848 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2013-05-29 04:55:11 | 000,230,376 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSStrm.sys -- (NNSSTRM)
DRV - [2013-05-29 04:55:11 | 000,108,904 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSSmtp.sys -- (NNSSMTP)
DRV - [2013-05-29 04:55:11 | 000,093,928 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNStlsc.sys -- (NNSTLSC)
DRV - [2013-05-29 04:55:10 | 000,287,336 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSProt.sys -- (NNSPROT)
DRV - [2013-05-29 04:55:10 | 000,161,384 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSPrv.sys -- (NNSPRV)
DRV - [2013-05-29 04:55:10 | 000,106,344 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSPop3.sys -- (NNSPOP3)
DRV - [2013-05-29 04:55:09 | 000,124,648 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSIds.sys -- (NNSIDS)
DRV - [2013-05-29 04:55:09 | 000,095,464 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSpicc.sys -- (NNSPICC)
DRV - [2013-05-29 04:55:09 | 000,061,672 | ---- | M] (Panda Security, S.L.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\NNSPihsw.sys -- (NNSPIHSW)
DRV - [2013-05-29 04:55:08 | 000,126,184 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSHttp.sys -- (NNSHTTP)
DRV - [2013-05-29 04:55:08 | 000,107,752 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSHttps.sys -- (NNSHTTPS)
DRV - [2013-05-29 04:55:08 | 000,084,200 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSAlpc.sys -- (NNSALPC)
DRV - [2013-04-29 08:17:34 | 000,047,632 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PSKMAD.sys -- (PSKMAD)
DRV - [2012-12-14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012-10-24 15:10:01 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012-10-24 15:10:01 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012-10-02 09:49:36 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2012-06-03 21:04:56 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-11-27 15:57:24 | 000,428,088 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011-11-14 19:01:17 | 000,029,248 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)
DRV - [2011-11-09 23:52:02 | 000,046,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2011-10-26 20:28:10 | 000,083,872 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011-10-26 20:28:10 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011-10-25 17:11:58 | 000,014,656 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX)
DRV - [2011-08-17 08:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011-02-08 06:30:51 | 000,052,352 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV - [2011-02-08 06:30:50 | 000,032,384 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EtronHub3.sys -- (EtronHub3)
DRV - [2010-11-20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-11-09 13:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2010-06-11 13:37:04 | 000,013,832 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\AsrAppCharger.sys -- (AsrAppCharger)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\POBRANE PLIKI
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
IE - HKCU\..\SearchScopes\{5D1B80C7-4EE2-4fad-AC00-87D50438DACC}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A4107735745&ie=UTF-8&q=&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4107735745&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Czarek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Czarek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Czarek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
 
[2013-10-15 10:12:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Czarek\AppData\Roaming\mozilla\Extensions
[2013-10-08 17:04:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Czarek\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Czarek\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Czarek\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Czarek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Czarek\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Adblock Pro = C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\2.8_0\
 
O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Czarek\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CTSyncService] C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [PSUAMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [RunDLLEntry] C:\Windows\System32\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [XFastUsb] C:\Program Files\XFastUsb\XFastUsb.exe (FNet Co., Ltd.)
O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [f.lux] C:\Users\Czarek\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4 - HKCU..\Run: [GG] C:\Users\Czarek\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab (SysInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.172.186.4 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33543BCF-3FD4-4E9B-AD8C-8588FD6841B1}: DhcpNameServer = 213.172.186.4 8.8.8.8
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{491e98fa-1908-11e1-984d-002522cc5546}\Shell - "" = AutoRun
O33 - MountPoints2\{491e98fa-1908-11e1-984d-002522cc5546}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{491e9907-1908-11e1-984d-002522cc5546}\Shell - "" = AutoRun
O33 - MountPoints2\{50899814-adac-11e1-bfeb-002522cc5546}\Shell - "" = AutoRun
O33 - MountPoints2\{50899814-adac-11e1-bfeb-002522cc5546}\Shell\AutoRun\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-12-26 14:27:38 | 000,047,632 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\PSKMAD.sys
[2013-12-22 20:00:17 | 000,000,000 | ---D | C] -- C:\Users\Czarek\AppData\Roaming\TS3Client
[2013-12-22 19:59:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013-12-22 19:59:41 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2013-12-22 14:34:43 | 000,000,000 | ---D | C] -- C:\Users\Czarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
[2013-12-22 14:34:41 | 000,000,000 | ---D | C] -- C:\Users\Czarek\AppData\Local\FluxSoftware
[2013-12-22 14:32:36 | 000,000,000 | ---D | C] -- C:\Users\Czarek\.android
[2013-12-22 14:32:32 | 000,000,000 | ---D | C] -- C:\Users\Czarek\Documents\Mobogenie
[2013-12-22 14:32:32 | 000,000,000 | ---D | C] -- C:\Users\Czarek\AppData\Local\Mobogenie
[2013-12-22 14:32:32 | 000,000,000 | ---D | C] -- C:\Users\Czarek\AppData\Local\genienext
[2013-12-22 14:31:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mobogenie
[2013-12-21 00:44:41 | 000,000,000 | ---D | C] -- C:\Users\Czarek\Documents\Euro Truck Simulator 2
[2013-12-21 00:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCS Software
[2013-12-13 00:20:00 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013-12-13 00:20:00 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013-12-13 00:19:59 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013-12-13 00:19:58 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013-12-13 00:19:58 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2013-12-13 00:19:58 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013-12-13 00:19:58 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013-12-13 00:19:58 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013-12-13 00:19:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2013-12-13 00:19:57 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013-12-13 00:19:57 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2013-12-13 00:19:57 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2013-12-13 00:19:55 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013-12-13 00:19:54 | 004,243,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013-12-13 00:16:58 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2013-12-12 13:38:25 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2013-12-12 13:38:22 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013-12-12 13:38:21 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2013-12-12 13:38:21 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2013-12-12 13:38:19 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013-12-12 13:38:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012-06-03 13:01:40 | 953,772,216 | ---- | C] (Macrovision Corporation) -- C:\Users\Czarek\TWEE_Upgrade.exe
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-12-27 16:02:05 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-938636079-2743700497-1177568648-1000UA.job
[2013-12-27 15:57:54 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-12-27 15:57:54 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-12-27 15:56:58 | 000,154,315 | ---- | M] () -- C:\Users\Czarek\Desktop\aktualizacje 3.jpg
[2013-12-27 15:56:44 | 000,458,823 | ---- | M] () -- C:\Users\Czarek\Desktop\aktualizacje 2.jpg
[2013-12-27 15:39:50 | 000,740,438 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2013-12-27 15:39:50 | 000,654,270 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-12-27 15:39:50 | 000,156,012 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2013-12-27 15:39:50 | 000,122,142 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-12-27 15:35:20 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013-12-27 15:35:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-12-27 15:35:11 | 2408,591,360 | -HS- | M] () -- C:\hiberfil.sys
[2013-12-27 15:34:39 | 000,003,368 | ---- | M] () -- C:\bootsqm.dat
[2013-12-27 15:21:05 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-12-27 15:10:58 | 000,470,568 | ---- | M] () -- C:\Users\Czarek\Desktop\aktualizacje 1.jpg
[2013-12-26 18:02:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-938636079-2743700497-1177568648-1000Core.job
[2013-12-22 19:59:44 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013-12-13 08:06:31 | 000,344,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013-12-11 15:23:02 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013-12-11 15:23:02 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-12-27 15:56:58 | 000,154,315 | ---- | C] () -- C:\Users\Czarek\Desktop\aktualizacje 3.jpg
[2013-12-27 15:56:44 | 000,458,823 | ---- | C] () -- C:\Users\Czarek\Desktop\aktualizacje 2.jpg
[2013-12-27 15:34:39 | 000,003,368 | ---- | C] () -- C:\bootsqm.dat
[2013-12-27 15:10:58 | 000,470,568 | ---- | C] () -- C:\Users\Czarek\Desktop\aktualizacje 1.jpg
[2013-12-22 19:59:44 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013-09-17 21:27:16 | 000,005,856 | ---- | C] () -- C:\ProgramData\NanoRepository.bin.bak
[2013-09-17 21:27:16 | 000,005,856 | ---- | C] () -- C:\ProgramData\NanoRepository.bin
[2013-09-14 20:29:53 | 000,000,000 | ---- | C] () -- C:\ProgramData\0x0304A000.sfl
[2013-09-06 18:22:02 | 000,000,055 | ---- | C] () -- C:\Users\Czarek\AppData\Roaming\WB.CFG
[2013-09-06 18:22:02 | 000,000,005 | ---- | C] () -- C:\Users\Czarek\AppData\Roaming\WBPU-TTL.DAT
[2013-08-15 13:55:12 | 000,200,704 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2013-08-15 08:01:18 | 000,038,912 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2013-08-04 22:15:43 | 000,000,892 | RHS- | C] () -- C:\Users\Czarek\ntuser.pol
[2013-07-18 16:47:16 | 000,231,856 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat
[2013-07-18 16:38:38 | 000,233,396 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat
[2013-07-15 17:29:22 | 000,082,944 | ---- | C] () -- C:\Windows\System32\ativce02.dat
[2013-05-12 23:15:35 | 000,000,835 | ---- | C] () -- C:\Users\Czarek\.recently-used.xbel
[2013-04-10 16:34:24 | 000,662,785 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2013-03-29 03:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\System32\amdocl_ld32.exe
[2013-03-29 03:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\System32\amdocl_as32.exe
[2012-12-19 20:42:42 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012-12-19 20:42:42 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012-12-02 12:53:12 | 000,000,258 | ---- | C] () -- C:\Users\Czarek\SciTE.session
[2012-02-02 21:08:06 | 000,001,536 | ---- | C] () -- C:\Windows\System32\IusEventLog.dll
[2011-11-27 15:40:46 | 000,000,044 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011-11-03 19:50:49 | 000,139,152 | ---- | C] () -- C:\Users\Czarek\AppData\Roaming\PnkBstrK.sys
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-11-19 13:43:21 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\2K Sports
[2011-11-27 15:47:46 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\Ashampoo
[2013-08-21 00:31:07 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\BitTorrent
[2011-11-19 16:03:46 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\BlackBean
[2012-01-24 18:05:06 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\BullGuard
[2013-03-11 10:17:43 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\Chrome_manager
[2011-11-27 14:25:35 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013-12-25 19:26:56 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\DAEMON Tools Lite
[2011-11-02 20:05:29 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\Day 1 Studios
[2013-01-02 22:17:06 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\dist8
[2013-01-11 11:59:03 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\dist9
[2012-09-21 19:22:00 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\DMCache
[2011-11-27 22:27:49 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\FreeArc
[2012-01-24 21:30:55 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\Gadu-Gadu
[2013-01-11 17:30:33 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\Gadu-Gadu 10
[2013-12-27 15:36:25 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\GG
[2011-10-25 16:53:24 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\GHISLER
[2013-03-06 14:33:31 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\gtk-2.0
[2012-04-24 21:20:14 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\HellShare Upload Manager
[2012-05-16 15:43:23 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\IObit
[2013-08-07 19:59:26 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\ipla
[2013-10-13 18:10:30 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\LolClient
[2012-11-23 16:07:02 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\Nowe Gadu-Gadu
[2013-02-20 22:58:23 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\OpenFM
[2012-12-23 13:17:47 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\OpenOffice.org
[2011-11-02 20:48:14 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\Origin
[2013-09-07 10:08:53 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\Panda Security
[2013-03-22 12:54:31 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\Publish Providers
[2013-10-13 16:09:00 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\Riot Games
[2011-11-25 10:37:56 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\RST
[2012-11-14 14:24:00 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\Scribus
[2013-03-22 12:54:27 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\Sony
[2012-12-27 17:21:18 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\support@mozilla.com
[2012-12-27 17:20:59 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\Tibiacast
[2013-12-22 21:06:22 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\TS3Client
[2011-11-02 23:29:21 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\Ubisoft
[2012-11-29 19:42:52 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\Unity
[2011-11-16 20:53:34 | 000,000,000 | ---D | M] -- C:\Users\Czarek\AppData\Roaming\WordToPDF
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 207 bytes -> C:\ProgramData\TEMP:6BE50C2B
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:373E1720

< End of report >