Od jakiegoś czasu podczas logowania się na moje konto na fb zauważyłem że ktoś wyłącza mi czat.
Nikt oprócz mnie nie zna mojego hasła. W ustawieniach konta pojawiają się dodatkowe logowania.
Zauważyłem w procesach dziwny jak dla mnie proces - csrss.exe
Proszę o sprawdzenie moich logów z OTL. Myśle że coś oprócz csrss sie znajdzie jeszcze
Z góry dziękuję
OTL.txt
OTL logfile created on: 2012-09-20 21:45:55 - Run 1
OTL by OldTimer - Version 3.2.64.0 Folder = D:\Program Files (x86)\OTL
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
3,86 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 58,00% Memory free
7,71 Gb Paging File | 5,89 Gb Available in Paging File | 76,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 50,68 Gb Total Space | 2,85 Gb Free Space | 5,62% Space Free | Partition Type: NTFS
Drive D: | 545,39 Gb Total Space | 463,74 Gb Free Space | 85,03% Space Free | Partition Type: NTFS
Computer Name: MICHAŁ | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2012-09-20 21:38:02 | 000,600,064 | ---- | M] (OldTimer Tools) -- D:\Program Files (x86)\OTL\OTL.exe
PRC - [2012-09-08 14:27:22 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012-07-14 11:09:26 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012-07-14 11:09:16 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
PRC - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
PRC - [2012-02-19 17:10:21 | 000,188,024 | ---- | M] (http://www.express-files.com/) -- C:\Program Files (x86)\ExpressFiles\EFupdater.exe
PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010-10-27 15:49:06 | 000,696,320 | ---- | M] (Comarch S.A.) -- C:\Windows\SysWOW64\HASPSrv.exe
PRC - [2010-04-07 22:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2009-11-12 11:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009-10-26 11:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009-09-30 20:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009-09-30 20:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009-06-19 11:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-15 18:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
PRC - [2008-12-22 18:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008-03-31 03:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007-08-08 01:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
========== Modules (No Company Name) ==========
MOD - [2012-09-08 14:27:22 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012-04-01 23:28:50 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2012-03-31 14:58:12 | 001,530,880 | ---- | M] () -- C:\Windows\SysWOW64\fdWx32.dll
MOD - [2009-11-12 11:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2007-06-15 11:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007-06-01 18:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
========== Services (SafeList) ==========
SRV:64bit: - [2011-11-03 17:56:38 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010-09-22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010-04-07 22:10:42 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010-04-07 22:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009-12-16 17:44:44 | 003,750,400 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2009-11-18 07:45:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007-08-08 01:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2012-09-08 14:27:22 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-09-02 14:57:33 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-07-14 11:09:26 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012-07-14 11:09:16 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate)
SRV - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc)
SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010-10-27 15:49:06 | 000,696,320 | ---- | M] (Comarch S.A.) [Auto | Running] -- C:\Windows\SysWOW64\HASPSrv.exe -- (HASPSrv)
SRV - [2010-10-20 11:22:24 | 000,630,272 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-09-30 20:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009-09-30 20:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009-06-15 18:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-03-31 03:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012-03-31 14:59:08 | 000,041,232 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vol2k.sys -- (vol2k)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011-08-08 17:09:39 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011-06-27 02:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-12-02 12:14:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2010-12-02 12:14:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010-12-02 12:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010-12-02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010-12-02 10:36:40 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010-09-23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010-04-07 22:08:30 | 000,050,600 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2010-04-07 22:08:28 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2010-04-07 22:08:26 | 000,169,592 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2010-04-07 22:07:10 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010-04-07 22:03:52 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010-02-26 14:21:22 | 000,173,056 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2010-02-17 21:33:56 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2009-12-18 11:51:32 | 000,113,288 | ---- | M] (Syntek Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\STK03NW2.sys -- (DCamUSBSTK03N)
DRV:64bit: - [2009-11-18 08:21:20 | 006,171,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009-10-27 00:19:48 | 000,176,640 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2009-10-27 00:19:46 | 000,075,264 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009-10-15 11:23:20 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009-09-30 03:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009-09-21 09:07:26 | 000,071,040 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2009-09-17 13:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009-09-04 07:39:08 | 000,062,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009-08-21 08:48:18 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009-08-20 08:02:06 | 000,130,816 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2009-08-20 04:41:38 | 001,800,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009-08-06 23:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009-07-20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-01 06:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-06-09 05:18:20 | 000,053,816 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\DGIVECP.SYS -- (DgiVecp)
DRV:64bit: - [2009-05-20 12:04:56 | 000,202,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009-05-13 03:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009-03-13 11:55:38 | 000,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008-01-10 20:34:52 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2007-07-24 12:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009-12-18 11:51:36 | 000,108,544 | ---- | M] (Syntek Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\STK03NW2.sys -- (DCamUSBSTK03N)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = {searchTerms} - Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Server Error
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = {searchTerms} - Bing
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = Server Error
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Server Error
IE - HKCU\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = {searchTerms} - Bing
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = Babylon Search
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = Server Error
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..keyword.URL: "http://isearch.babyl...0cf3026f209&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\{@alibaba.com/alisetup;version=1.0}: C:\Users\user\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll (alibaba)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-09-08 14:27:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-09-08 14:27:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-12-21 10:27:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-09-08 14:27:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-09-08 14:27:20 | 000,000,000 | ---D | M]
[2011-03-13 11:40:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2012-07-25 22:04:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\z8e9ftlj.default\extensions
[2012-07-25 22:04:52 | 000,172,310 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\z8e9ftlj.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012-09-09 21:25:42 | 000,003,984 | ---- | M] () -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\z8e9ftlj.default\searchplugins\sweetim.xml
[2012-09-08 14:27:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-09-08 14:27:22 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-10-03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011-02-15 06:29:58 | 000,112,024 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npww.dll
[2012-07-01 18:18:33 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-02-19 17:10:28 | 000,002,298 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012-07-01 18:18:33 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-07-01 18:18:33 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-07-01 18:18:33 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-07-01 18:18:33 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-07-01 18:18:33 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
========== Chrome ==========
CHR - homepage: Server Error
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: Server Error
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: alibaba setup one click (Enabled) = C:\Users\user\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll
CHR - Extension: YouTube = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: YouTube = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: alipay.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: alipay.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: alisoft.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: alisoft.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: taobao.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: taobao.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7FBD5390-953D-45C1-A4EC-3597DA3E172A}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-11-03 17:55:36 | 000,000,000 | ---D | M] - D:\AUTODESK_COM_FOLDER -- [ NTFS ]
O33 - MountPoints2\{88e238f6-c1d0-11e0-a3be-c203e5f6c5d7}\Shell - "" = AutoRun
O33 - MountPoints2\{88e238f6-c1d0-11e0-a3be-c203e5f6c5d7}\Shell\AutoRun\command - "" = F:\Setup.exe
O33 - MountPoints2\{adfad09c-1bf7-11df-90e7-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{adfad09c-1bf7-11df-90e7-806e6f6e6963}\Shell\AutoRun\command - "" = E:\InstAll.exe
O33 - MountPoints2\{b31172ea-1bf9-11df-a61b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b31172ea-1bf9-11df-a61b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\INF2000.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 360 Days ==========
[2012-09-20 21:27:11 | 000,000,000 | ---D | C] -- C:\!KillBox
[2012-09-20 18:05:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012-09-20 18:05:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012-09-20 18:05:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012-09-20 18:02:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012-09-14 20:57:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{23756DD0-924D-4850-B40D-F1DC76903567}
[2012-09-12 09:29:32 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012-09-12 09:29:30 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012-09-12 09:29:05 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012-09-12 09:29:04 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012-09-11 19:20:18 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Mount&Blade Warband Savegames
[2012-09-11 19:18:06 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Mount&Blade With Fire and Sword
[2012-09-11 19:18:06 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Mount&Blade Warband
[2012-09-11 19:18:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Mount&Blade With Fire and Sword
[2012-09-11 19:18:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Mount&Blade Warband
[2012-09-11 18:57:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband
[2012-09-11 18:57:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband
[2012-09-11 12:22:21 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\dtmcfg
[2012-09-11 12:22:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\dtmcfg
[2012-09-08 14:27:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-08-15 17:17:40 | 000,419,840 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012-08-15 17:17:40 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012-08-15 17:17:40 | 000,133,632 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012-08-15 17:17:40 | 000,110,592 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012-08-15 17:17:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2012-08-15 17:17:38 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\flightgear.org
[2012-08-15 17:17:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlightGear v2.0.0
[2012-08-15 11:30:26 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-08-15 11:30:26 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-08-15 11:30:25 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-08-15 11:30:25 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-08-15 11:30:24 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-08-15 11:30:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-08-15 11:30:24 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012-08-15 11:30:24 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012-08-15 11:30:22 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-08-15 11:30:21 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012-08-15 11:30:21 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012-08-15 11:30:20 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012-08-15 11:30:20 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-08-15 09:52:16 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012-08-15 09:52:13 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012-08-15 09:52:12 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012-08-15 09:52:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012-08-15 09:52:10 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012-08-15 09:52:10 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012-08-15 09:52:10 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012-08-15 09:52:08 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012-08-14 11:34:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012-08-14 11:34:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012-08-14 11:33:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postal 3
[2012-07-25 22:05:32 | 000,000,000 | ---D | C] -- C:\Users\user\Tracing
[2012-07-25 22:04:46 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2012-07-25 22:04:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2012-07-24 21:34:37 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Facebook
[2012-07-18 13:20:16 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{CCC491C5-565F-4182-99D7-9A813E16051B}
[2012-07-14 11:18:24 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012-07-12 15:11:09 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\BlackBean
[2012-07-12 15:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Bean Games
[2012-07-11 06:15:58 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012-07-11 06:15:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012-07-11 06:15:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012-07-11 06:15:39 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012-07-11 06:15:37 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012-07-11 00:01:01 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012-07-11 00:01:01 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012-07-01 18:18:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-07-01 18:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012-06-27 09:56:59 | 000,459,776 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esxwiaud.dll
[2012-06-27 09:56:59 | 000,128,392 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esdevapp.exe
[2012-06-27 09:56:59 | 000,017,408 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxcdev.dll
[2012-06-27 09:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2012-06-27 09:56:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2012-06-25 16:24:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012-06-25 16:23:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\uTorrent
[2012-06-21 09:09:00 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012-06-21 09:08:59 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012-06-21 09:08:59 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012-06-21 09:08:49 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012-06-21 09:08:49 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012-06-21 09:08:49 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012-06-21 09:08:36 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012-06-21 09:08:36 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012-06-18 13:17:13 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1A1D3C40-CAFE-495F-B9DB-F0783A71A32D}
[2012-06-18 08:10:20 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\LolClient2
[2012-06-13 13:28:22 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012-06-13 13:28:22 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012-06-13 13:28:22 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012-06-13 13:28:09 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012-06-13 13:28:05 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012-06-13 13:28:04 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-06-13 13:28:01 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012-06-13 13:27:54 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012-06-13 13:27:52 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012-05-25 06:05:21 | 000,000,000 | -HSD | C] -- C:\found.001
[2012-05-16 08:52:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012-05-16 08:51:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012-05-16 08:51:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012-05-13 11:01:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
[2012-05-13 11:01:22 | 000,000,000 | ---D | C] -- C:\Games
[2012-05-13 00:18:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E-billing
[2012-05-09 19:37:58 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012-04-27 00:15:15 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{7357F10D-C2F5-4B0A-B942-A71CBDA93594}
[2012-04-11 20:35:27 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012-04-11 20:35:26 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012-04-11 20:35:25 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012-04-01 23:28:50 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-04-01 23:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012-03-27 18:21:33 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{547BEECC-54BB-4D1D-A8D6-614269AE4024}
[2012-03-27 18:21:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{01775F15-6E4B-479B-BD55-A8A7D02FA678}
[2012-03-14 12:04:57 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012-03-14 12:04:56 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012-03-13 17:03:25 | 000,108,544 | ---- | C] (Syntek Ltd.) -- C:\Windows\SysWow64\drivers\STK03HW2.sys
[2012-03-13 17:03:25 | 000,040,872 | ---- | C] (Syntek Ltd.) -- C:\Windows\SysWow64\drivers\STK03HW1.sys
[2012-03-13 17:03:24 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\STK03HP.ax
[2012-03-13 17:03:24 | 000,000,000 | ---D | C] -- C:\Windows\STK03H
[2012-03-13 16:59:44 | 000,113,288 | ---- | C] (Syntek Ltd.) -- C:\Windows\SysNative\drivers\STK03NW2.sys
[2012-03-13 16:59:44 | 000,108,544 | ---- | C] (Syntek Ltd.) -- C:\Windows\SysWow64\drivers\STK03NW2.sys
[2012-03-13 16:59:44 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\STK03NP.ax
[2012-03-13 16:59:44 | 000,040,872 | ---- | C] (Syntek Ltd.) -- C:\Windows\SysWow64\drivers\STK03NW1.sys
[2012-03-13 16:59:44 | 000,035,464 | ---- | C] (Syntek Ltd.) -- C:\Windows\SysNative\drivers\STK03NW1.sys
[2012-03-13 16:59:43 | 000,000,000 | ---D | C] -- C:\Windows\STK03N
[2012-02-21 14:32:24 | 000,000,000 | ---D | C] -- C:\Program Files\RawTherapeeV40
[2012-02-21 14:11:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{619D580D-7E0A-45C3-B06E-88AE9CD5468A}
[2012-02-21 14:11:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{FED6CD62-A6E8-453F-A946-6808C8E5F21C}
[2012-02-19 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Babylon
[2012-02-19 17:10:25 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Babylon
[2012-02-19 17:10:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012-02-19 17:10:09 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\ExpressFiles
[2012-02-19 17:10:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ExpressFiles
[2012-02-16 14:58:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2012-02-16 14:58:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\IrfanView
[2012-02-16 14:58:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2012-02-16 11:49:40 | 000,000,000 | ---D | C] -- C:\ProgramData\KONAMI
[2012-02-14 23:45:08 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012-02-14 23:45:05 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012-02-14 23:45:04 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012-02-14 23:44:56 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012-02-13 18:00:28 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\gtk-2.0
[2012-02-13 17:09:37 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\RawTherapee4.0
[2012-02-13 17:09:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raw Therapee
[2012-02-07 11:02:40 | 001,070,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2012-02-06 12:44:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\MixVibes
[2012-02-06 12:44:52 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MixVibes
[2012-02-06 12:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012-02-06 12:44:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012-02-06 12:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012-02-06 12:43:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MixVibes
[2012-02-04 13:41:10 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-02-04 13:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-01-31 12:15:15 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012-01-31 12:15:13 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012-01-31 12:15:12 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012-01-31 12:15:11 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012-01-31 12:15:11 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012-01-31 12:15:10 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012-01-27 15:30:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{561191EB-A34F-4787-BAB9-E856D6B7BBE1}
[2012-01-23 11:54:40 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{18995536-2D44-482A-8C16-28A5C656DFCE}
[2012-01-23 11:54:28 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{92189DAC-EAA0-41A7-972F-6DA27FAFB11D}
[2012-01-11 21:37:08 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012-01-11 21:37:07 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012-01-11 21:37:05 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012-01-11 21:37:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012-01-11 21:37:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012-01-05 10:33:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{D7F4D7D1-D904-4873-85FB-C9CA47EAE52E}
[2011-12-28 23:11:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011-12-28 23:11:38 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011-12-28 23:11:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011-12-28 23:11:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011-12-20 22:20:11 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2011-12-19 22:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011-12-19 22:48:37 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2011-12-19 22:48:37 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2011-12-19 22:48:37 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2011-12-19 22:48:37 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2011-12-19 22:48:35 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2011-12-19 22:48:35 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2011-12-14 10:09:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011-12-14 10:08:31 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011-12-14 10:08:31 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011-11-29 17:12:38 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\foobar2000
[2011-11-29 17:12:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000
[2011-11-29 17:12:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000
[2011-11-18 14:17:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011-11-09 21:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung ML-1640 Series
[2011-11-09 21:29:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SamsungPrinterLiveUpdate
[2011-11-09 21:29:33 | 000,000,000 | ---D | C] -- C:\Windows\Samsung
[2011-11-09 21:29:19 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml2.dll
[2011-11-09 21:29:19 | 000,074,240 | ---- | C] (Samsung Electronics) -- C:\Windows\SysNative\ssdevm64.dll
[2011-11-09 21:29:19 | 000,057,344 | ---- | C] (Samsung Electronics) -- C:\Windows\SysWow64\ssdevm.dll
[2011-11-09 21:29:19 | 000,049,152 | ---- | C] (Samsung Electronics) -- C:\Windows\SysWow64\ssusbpn.dll
[2011-11-09 21:29:19 | 000,047,104 | ---- | C] (Samsung Electronics) -- C:\Windows\SysNative\ssusbp64.dll
[2011-11-09 21:29:19 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2011-11-09 21:29:19 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml2r.dll
[2011-11-09 21:29:19 | 000,021,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml2a.dll
[2011-11-09 21:29:18 | 000,151,552 | ---- | C] (SS) -- C:\Windows\SysNative\ssp2mci.exe
[2011-11-09 21:29:18 | 000,089,600 | ---- | C] (SS) -- C:\Windows\SysNative\ssp2mci.dll
[2011-11-09 21:28:32 | 000,053,816 | ---- | C] (Samsung Electronics Co., Ltd.) -- C:\Windows\SysNative\drivers\DGIVECP.SYS
[2011-11-09 21:28:32 | 000,011,576 | ---- | C] (Samsung Electronics) -- C:\Windows\SysNative\drivers\SSPORT.SYS
[2011-11-09 21:28:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2011-11-09 21:28:22 | 000,000,000 | ---D | C] -- C:\Temp
[2011-11-06 14:13:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011-11-06 14:09:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011-11-06 14:06:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011-11-06 14:05:01 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011-11-06 13:50:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk
[2011-11-06 13:42:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2011-11-06 12:40:21 | 000,000,000 | R--D | C] -- C:\Users\user\Desktop
[2011-11-03 16:48:49 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2011-11-03 16:36:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2011-11-03 16:33:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2011-11-03 16:30:53 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Autodesk
[2011-11-03 16:30:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2011-10-16 15:38:18 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\wargaming.net
[2011-10-12 08:47:12 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011-10-12 08:47:12 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011-10-12 08:47:12 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011-10-12 08:47:11 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011-10-12 08:47:10 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011-10-12 08:47:10 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011-10-01 11:19:01 | 000,000,000 | ---D | C] -- C:\Users\user\riotsGamesLogs
[2011-10-01 11:18:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\LolClient
[2011-09-29 16:12:50 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B82909D1-F412-45C3-9C5D-81C03C4AF0F2}
[2011-09-29 16:12:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5A1AE7A0-6CD8-4503-AF90-EA6D03891D25}
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 360 Days ==========
[2012-09-20 21:39:01 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-09-20 21:39:01 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-09-20 21:39:01 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1124321733-2203559810-1964287125-1000UA.job
[2012-09-20 21:39:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1124321733-2203559810-1964287125-1000Core.job
[2012-09-20 21:38:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1124321733-2203559810-1964287125-1000UA.job
[2012-09-20 21:32:09 | 229,631,578 | ---- | M] () -- C:\Windows\SysWow64\spwcache.dll
[2012-09-20 21:32:09 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012-09-20 21:32:03 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-09-20 21:30:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-09-20 21:30:54 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys
[2012-09-20 21:30:52 | 000,002,560 | ---- | M] () -- C:\Windows\SysNative\thunk.dll
[2012-09-20 21:30:52 | 000,001,024 | ---- | M] () -- C:\Windows\SysWow64\thunk.dll
[2012-09-20 21:13:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1124321733-2203559810-1964287125-1021UA.job
[2012-09-20 20:59:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-09-20 18:05:33 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012-09-19 23:38:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1124321733-2203559810-1964287125-1000Core.job
[2012-09-19 14:13:00 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1124321733-2203559810-1964287125-1021Core.job
[2012-09-14 13:52:40 | 001,846,026 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-09-14 13:52:40 | 000,803,504 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-09-14 13:52:40 | 000,717,672 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-09-14 13:52:40 | 000,178,930 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-09-14 13:52:40 | 000,145,374 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-09-11 12:07:32 | 000,000,032 | ---- | M] () -- C:\Windows\SysWow64\scrcom.dat.dll
[2012-08-22 20:12:40 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012-08-22 20:12:33 | 000,288,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012-08-15 17:17:40 | 000,419,840 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012-08-15 17:17:40 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012-08-15 17:17:40 | 000,133,632 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012-08-15 17:17:40 | 000,110,592 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012-08-15 10:49:31 | 000,420,520 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-08-14 22:00:47 | 000,005,120 | ---- | M] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-02 19:58:52 | 000,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012-07-14 11:18:24 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012-07-14 11:09:26 | 000,107,832 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-07-14 11:09:16 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-07-14 11:09:14 | 002,250,024 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-07-05 00:16:43 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012-07-05 00:13:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012-07-04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012-07-04 22:26:03 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012-06-29 05:56:34 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012-06-29 05:48:07 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012-06-29 05:47:35 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-06-29 05:44:51 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012-06-29 05:43:49 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012-06-29 05:40:11 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-06-29 05:35:21 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-06-29 02:08:59 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-06-29 02:07:44 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-06-29 02:04:43 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012-06-29 02:04:02 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-06-29 02:01:01 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-06-29 01:57:46 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-06-06 08:02:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012-06-06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012-06-03 00:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012-06-03 00:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012-06-03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012-06-03 00:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012-06-03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012-06-03 00:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012-06-02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012-06-02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012-06-02 07:44:21 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012-05-29 20:39:03 | 000,000,218 | ---- | M] () -- C:\Users\user\.recently-used.xbel
[2012-05-14 07:26:34 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012-05-05 10:36:55 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012-05-04 13:06:22 | 005,559,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012-05-04 13:00:43 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012-05-04 12:03:53 | 003,968,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-05-04 12:03:50 | 003,913,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012-05-04 11:59:54 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012-04-26 07:41:56 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012-04-26 07:41:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012-04-26 07:34:27 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012-04-24 07:37:37 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012-04-24 07:37:36 | 001,462,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012-04-09 13:46:12 | 003,502,080 | ---- | M] () -- C:\Windows\SysWow64\bootcsvr.exe
[2012-04-07 14:31:40 | 003,216,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012-04-07 10:52:02 | 001,171,456 | ---- | M] () -- C:\Windows\SysWow64\IEAdvp32.dll
[2012-04-01 23:28:50 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-03-31 14:59:08 | 000,041,232 | ---- | M] () -- C:\Windows\SysNative\drivers\vol2k.sys
[2012-03-31 14:58:40 | 002,237,440 | ---- | M] () -- C:\Windows\SysNative\mstx64.dll
[2012-03-31 14:58:12 | 001,530,880 | ---- | M] () -- C:\Windows\SysWow64\fdWx32.dll
[2012-03-31 14:57:50 | 001,557,504 | ---- | M] () -- C:\Windows\SysNative\fphcx64a.dll
[2012-03-31 14:57:40 | 001,128,448 | ---- | M] () -- C:\Windows\SysWow64\Sensox86.dll
[2012-03-03 08:35:38 | 001,544,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012-03-01 08:38:27 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012-03-01 08:33:50 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012-02-17 08:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012-02-17 07:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012-02-15 10:07:59 | 001,822,164 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-02-11 08:43:47 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012-02-11 08:36:01 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012-02-11 07:43:49 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012-02-07 11:02:40 | 001,070,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2012-01-04 12:44:20 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2011-12-30 08:26:08 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2011-12-30 07:27:56 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2011-12-16 10:46:06 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2011-11-19 16:58:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2011-11-19 16:01:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2011-11-17 08:41:18 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011-11-17 08:35:28 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2011-11-17 08:35:26 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2011-11-17 08:35:26 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2011-11-17 08:35:25 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2011-11-17 08:35:19 | 001,447,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2011-11-17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2011-10-26 07:25:16 | 001,572,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2011-10-26 07:21:20 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011-10-26 06:32:11 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2011-10-15 08:31:56 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011-10-15 07:38:59 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011-10-11 14:31:07 | 000,000,024 | ---- | M] () -- C:\Windows\ATKPF.ini
[2011-10-08 13:04:02 | 000,000,000 | ---- | M] () -- C:\Users\user\AppData\Local\{92AE44AA-8849-431C-B6AF-DED12981FC62}
[2011-10-03 06:06:16 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011-10-03 06:06:15 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011-10-03 06:06:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011-10-03 06:06:03 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012-09-20 18:05:27 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012-09-11 12:08:24 | 229,631,578 | ---- | C] () -- C:\Windows\SysWow64\spwcache.dll
[2012-09-11 12:08:07 | 000,002,560 | ---- | C] () -- C:\Windows\SysNative\thunk.dll
[2012-09-11 12:08:07 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\thunk.dll
[2012-09-11 12:07:33 | 000,041,232 | ---- | C] () -- C:\Windows\SysNative\drivers\vol2k.sys
[2012-09-11 12:07:32 | 000,000,032 | ---- | C] () -- C:\Windows\SysWow64\scrcom.dat.dll
[2012-07-24 21:34:40 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1124321733-2203559810-1964287125-1000UA.job
[2012-07-24 21:34:40 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1124321733-2203559810-1964287125-1000Core.job
[2012-07-14 11:09:18 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-07-14 11:09:16 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-07-14 11:09:14 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-07-01 18:18:40 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-05-29 20:39:03 | 000,000,218 | ---- | C] () -- C:\Users\user\.recently-used.xbel
[2012-04-09 13:46:12 | 003,502,080 | ---- | C] () -- C:\Windows\SysWow64\bootcsvr.exe
[2012-04-07 10:52:02 | 001,171,456 | ---- | C] () -- C:\Windows\SysWow64\IEAdvp32.dll
[2012-03-31 14:58:40 | 002,237,440 | ---- | C] () -- C:\Windows\SysNative\mstx64.dll
[2012-03-31 14:58:12 | 001,530,880 | ---- | C] () -- C:\Windows\SysWow64\fdWx32.dll
[2012-03-31 14:57:50 | 001,557,504 | ---- | C] () -- C:\Windows\SysNative\fphcx64a.dll
[2012-03-31 14:57:40 | 001,128,448 | ---- | C] () -- C:\Windows\SysWow64\Sensox86.dll
[2011-11-18 14:15:26 | 000,001,044 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-11-18 14:15:20 | 000,001,040 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-11-09 21:29:36 | 000,479,232 | ---- | C] () -- C:\Windows\ssndii.exe
[2011-11-09 21:29:18 | 000,022,016 | ---- | C] () -- C:\Windows\SysNative\ssp2ml6.dll
[2011-11-09 21:29:18 | 000,000,357 | ---- | C] () -- C:\Windows\SysNative\ssp2ml6.smt
[2011-11-03 15:08:16 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1124321733-2203559810-1964287125-1021UA.job
[2011-11-03 15:08:16 | 000,000,998 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1124321733-2203559810-1964287125-1021Core.job
[2011-10-08 13:04:02 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{92AE44AA-8849-431C-B6AF-DED12981FC62}
[2011-09-09 21:06:13 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{A9F491AB-65F0-4DF1-B9C7-0358BA6A3D97}
[2011-08-04 13:44:43 | 000,000,249 | ---- | C] () -- C:\Users\user\SciTE.session
[2011-06-29 09:59:59 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{44624080-A4A5-4033-8755-A9E37B25E2A9}
[2011-06-29 09:15:56 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{23CDA064-9525-4923-8B19-429C3AC14183}
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-01-26 22:36:14 | 000,005,120 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-14 00:25:48 | 000,133,120 | ---- | C] () -- C:\Windows\SysWow64\HASPXPx64.dll
[2010-12-14 00:25:48 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\HASPXPx32.dll
[2010-12-14 00:25:48 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\getver.exe
[2010-12-14 00:20:01 | 001,822,164 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010-12-13 00:45:54 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-12-13 00:45:53 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010-12-13 00:45:52 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010-12-13 00:45:52 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010-12-13 00:45:52 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010-12-13 00:41:38 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2010-12-13 00:25:50 | 000,098,564 | ---- | C] () -- C:\Windows\SysWow64\TLDvrLng.ini
========== ZeroAccess Check ==========
[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
========== Alternate Data Streams ==========
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:82F50D1C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:D8527718
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:1C209B86
< End of report >
Extras.txt
OTL Extras logfile created on: 2012-09-20 21:45:55 - Run 1
OTL by OldTimer - Version 3.2.64.0 Folder = D:\Program Files (x86)\OTL
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
3,86 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 58,00% Memory free
7,71 Gb Paging File | 5,89 Gb Available in Paging File | 76,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 50,68 Gb Total Space | 2,85 Gb Free Space | 5,62% Space Free | Partition Type: NTFS
Drive D: | 545,39 Gb Total Space | 463,74 Gb Free Space | 85,03% Space Free | Partition Type: NTFS
Computer Name: MICHAŁ | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08276EA9-1B63-46A9-B2BC-CC2273DCAC92}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0FFAFD2C-3747-4F44-8F31-8A03E3399151}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1305714D-11B6-4CBC-8984-684414495668}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{131308E3-C2FD-43EE-9FD1-5077884A6488}" = lport=139 | protocol=6 | dir=in | app=system |
"{14C422B6-DD13-4E04-A6F6-68FAE1428F0D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1915FFF3-EFF3-402D-8A93-F459E59C2623}" = rport=445 | protocol=6 | dir=out | app=system |
"{1D4B54EA-C7D3-4B02-B98A-FC3224BD8E30}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{26FEA4C9-3FA0-4512-9B0F-7B96A2F11707}" = lport=445 | protocol=6 | dir=in | app=system |
"{29E9329C-29CD-4501-A981-12A3A2AA14CA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2AAE274D-CCF2-4624-8466-A1A02815AD29}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2ED7DC65-DC08-4950-9311-5DA111DB9A7F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{36545A9E-6739-4566-B057-8AF59508174D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3B8B306E-4F9F-4840-87EC-AB1FFB4DF772}" = lport=138 | protocol=17 | dir=in | app=system |
"{4781D99C-A87D-446D-BFF3-8F20BB589927}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{581FBB6A-74C4-462B-84F8-93170FB9CB03}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5B65F6B1-9596-481E-B3D8-B39AEF091588}" = rport=139 | protocol=6 | dir=out | app=system |
"{644C13E5-06FF-40EB-BA9F-CDB1EC481C19}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{64A14CB4-76F8-41B2-A627-E72E25A0134F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{65014F15-CE9F-4470-8D83-043F54D68553}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6A350D61-8F56-4A5E-BC33-216EB16C23E4}" = rport=138 | protocol=17 | dir=out | app=system |
"{76BF79E3-F41E-46BB-9B4C-F1A76455F89D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{84197DB7-E91B-4DA4-9130-0CBF90D8F56F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8801298C-549C-4119-B7D8-C215FCF3DF4E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{97EFD024-1054-4879-8F41-710CDC9AEBB6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{98BEA8B1-F66A-42F4-93A9-357A2705F49B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9D28298F-0E74-41E3-A0E1-ED39D5A122AD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AB008860-EC5B-48B7-B582-1FD6130D58D1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B00D5A85-E704-4828-81D0-2AC4B5B1AAE0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B04EF70C-7775-4EF8-BCA9-E1DE99F1C4FD}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D6E74C39-3E5A-4919-A025-69EE44935691}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{D827EB75-CD64-449F-8535-DFD9A86DAC37}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D91ECAF7-CD17-4A78-8B34-017257B19236}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DDBB132E-6CF8-465C-A78C-62C35B4EF760}" = lport=137 | protocol=17 | dir=in | app=system |
"{F6641EBC-F355-4FB4-8822-F524552187BB}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0962E567-C8F6-4117-B945-014502BEF2AD}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{0A61B059-3E0E-40BB-B2DE-542AD0E11747}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0F0756BA-0DFA-4752-BA92-02DF8D4155B3}" = protocol=6 | dir=in | app=c:\windows\system32\hasplms.exe |
"{10E890FB-50EB-49CD-A8F9-1A6B92F325BF}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{11FBCA40-A816-4A6E-A421-7F931B696AEC}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{135DF213-37B6-4BED-8464-890736E5A485}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{16B6D379-88F0-44DC-883B-48FEC08E0054}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{1777BAC0-EFDE-4D98-94EA-08AB14EE8F0C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{19E6F04E-0DC5-423A-8C6A-6E653A666A25}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1C82FA7F-CD91-4BCB-BA02-B21611AAB750}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1E1506AD-4187-49D2-BF81-CEB59FDD6307}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{20DED3D7-BF4A-4FED-9373-4CD107CC2216}" = protocol=6 | dir=in | app=e:\fscommand\cksocketserver.exe |
"{2428E384-3A14-4A69-9143-EA5210B1F753}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{31ECAA76-FC1D-446F-86B6-49C615DF64CD}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{3A269C5A-4E25-4BB2-B0A5-1CF85AC6810B}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{3B682D92-E7DE-415E-B147-6D9D07BD3883}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{43C30846-A2D0-4FB1-9060-A11628875553}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\empire total war\empire.exe |
"{44B69985-07F4-474D-A750-A3CE4D0B5501}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{4C0FBC01-2610-4096-A297-072B53ACE197}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{4D10BDA9-F989-41DA-8CF5-494FF18AA616}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4DD6AAC3-6802-4522-B169-F265975CE22E}" = dir=in | app=c:\users\user\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{4FA9864C-F908-46EE-8994-0C524BD6B9FB}" = protocol=17 | dir=in | app=e:\fscommand\cksocketserver.exe |
"{539AEB33-0207-4DEF-A1A0-DE680F371E45}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{58928267-14DE-4B19-830F-DCE093D8CDE4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{604A80D8-0284-41BD-AC12-2D0E534D1B02}" = protocol=6 | dir=in | app=e:\fscommand\cksocketserver.exe |
"{615356F4-7B71-4868-B09E-6F961BBB781D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6D1F4F2F-B894-4C79-A2A2-C15DD6C7C6E4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{75508D97-879C-4E7A-B085-BA90FD2F8651}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{80783D4B-A1DA-42DE-9A9B-C0F29DD5BC32}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{82B6619E-C409-4B5B-AA8A-F5A930159A8C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83BE8E63-40F9-490E-83AF-E73812B90330}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{85A1ED87-5717-4374-B181-6CF60FC995D0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{87A1D249-1FD8-48C2-BB1A-4597A8E77C5E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{89F1D1F9-045E-4122-BBA6-E26FE1701EC1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8B9AF7A1-530D-48B7-B968-2AF10F3F7137}" = protocol=17 | dir=in | app=e:\fscommand\cksocketserver.exe |
"{9130CA03-8056-4D4C-9B71-9C7917D3AC8D}" = protocol=6 | dir=out | app=system |
"{9475D610-D26C-48C2-81DC-03B4706F9379}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{9980C329-5E29-4E49-8659-A5F657BE7962}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{9A0C5D5E-2FA5-4682-ADA5-BD79D25DE4F2}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{9DD3C5F5-C005-4285-B45D-658518A42D11}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A238A557-9B74-49B5-B599-A8FD4D5D6139}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{A50C4C7D-9A8C-4274-85FA-36713A3EE68A}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{AD971735-FA42-4277-B3EB-ECA4939A4943}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B5C1609E-1DDD-425F-8B9A-F564BA9BF9C3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B838A9D1-E9D7-46AE-A588-A7C0A22F3B13}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C04E0FAC-7E4E-48B7-A63C-4B8CE7252B96}" = protocol=17 | dir=in | app=c:\windows\system32\hasplms.exe |
"{C3380AC0-4A06-4821-AEE6-A7199F840110}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{C763B849-F078-4D2B-B437-7843D07A911C}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{C7991E6C-E7E5-4AE9-AF68-F6B1C1A45F7F}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{CA7C7E26-2474-4213-97FF-D1F1B005373C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D64D1BEF-4A55-4D20-9C62-AA0452F0E94A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D6B0E58C-ADD6-4CB9-AE02-F11E52C3DB70}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D78034F5-D624-4DBD-88A8-775B7C7683EF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8839989-4786-437B-8DB1-3051B2CBED99}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{DC3FD1E3-0FA5-4A96-BF7F-7324FEB70AF4}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{E30E26BF-23D5-47D7-9C5F-8F253072803B}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\empire total war\empire.exe |
"{EF98C3CE-E38A-4F43-8668-B00ED40B13C5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F4034AFD-6718-4C4F-A7C5-BB7982FC2EF9}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{F4B60DA2-1E8C-490B-9680-0C848F9A311B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FE70E4E0-140C-4812-BBCC-F340100FFF8C}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{FF2FD26B-CCC4-4A83-9842-F2A788B112A9}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{FF7DEE9A-F9BA-4667-9D4E-E89E0C5A4A89}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"TCP Query User{08E375D7-C85B-4E3D-838E-DFD6D78EA0FF}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe |
"TCP Query User{1A3FDC7B-A652-40E5-A865-D6626C7CF39C}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{2D085091-53D1-4926-8EA3-CA8471E89AC1}C:\program files (x86)\trademanager\aliim.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trademanager\aliim.exe |
"TCP Query User{662BC150-660E-486E-9A79-1DF74D989D68}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{6C65D4A9-D144-4034-AFB6-F259BA7D7C4C}C:\program files (x86)\trademanager\aliim.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trademanager\aliim.exe |
"TCP Query User{74C12837-A863-487D-A34E-957ECD8FFBE3}D:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"TCP Query User{7702A9F9-2F3F-46CD-932C-BEB6C7C4EEC9}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe |
"TCP Query User{838068BA-5109-46A0-BE25-466202F1800E}C:\windows\syswow64\regsvr32.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\regsvr32.exe |
"TCP Query User{8C9D77D9-3E32-497B-81C7-A48A6396E0FA}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{A0630641-524B-43B7-9742-AC1A9334E98A}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{A2DB09DC-9062-40AD-812F-757760C8ECF0}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{C2896F5B-2433-4F23-B511-8D43C14CB3E1}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{D3BF1FA3-C8FC-4DCA-AAB0-0775307E45E3}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{32B5AA89-9576-4C6A-B046-CBDF75033CCF}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{39521E87-9447-40DB-A728-65F3B00C4C73}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe |
"UDP Query User{3F4AE845-D920-4417-8F0F-3EBC75463AF8}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{459CA625-B75F-489C-BAB8-54520C0A8FF6}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{53FE9788-DBCD-4537-BAA9-2173107AB18B}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe |
"UDP Query User{7AA95BFD-5FBD-44A9-9B77-3C06DB63514F}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{945F2566-0E76-4202-B29C-8AC4FE56B74E}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{98723C07-BF00-4087-9EFF-D3C87FCD11B8}D:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"UDP Query User{A1F60B2D-ABFB-4CAA-B041-0C9DD28162EF}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{D0314086-1EB2-4D15-8288-14F2FBDF477D}C:\windows\syswow64\regsvr32.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\regsvr32.exe |
"UDP Query User{E29CC734-A244-4550-B93B-E86D64CD0E38}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{ED8BC01D-E4C6-42C1-8476-0F4107CC3854}C:\program files (x86)\trademanager\aliim.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trademanager\aliim.exe |
"UDP Query User{FDA41C5C-7053-4A82-8275-77FF806038B8}C:\program files (x86)\trademanager\aliim.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trademanager\aliim.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}" = Microsoft SQL Server VSS Writer
"{2F168B0C-7EB1-D63A-18E2-B4BC362F54FD}" = ccc-utility64
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}" = Microsoft SQL Server 2008 R2 Native Client
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable - x64 8.0.59192
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AC0A533B-5E29-4081-8D1E-31BE65320527}" = Autodesk Robot Structural Analysis Professional 2012
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C02C2C22-2EB1-47C8-B74F-8AB1A62FAE31}" = Windows Live Family Safety
"{C1AC1FED-9E75-42A5-B3EA-CCEC92E75D61}" = Raw Therapee V4.0.7.1 x64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA8CBD22-FF6A-4BDB-BD74-714401B13F10}" = ESET Smart Security
"{FEC0590D-D4DE-DB7C-C625-657FC30CF927}" = ATI Catalyst Install Manager
"0E74EB10C05C955C24243E6D3120CDC972FC5B1D" = Windows Driver Package - Broadcom HIDClass (06/11/2009 6.2.0.9500)
"2AA10AB519DC7432D599A0E860206A7DDCC27764" = Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.5.9_WHQL
"F9FD5BBF579A4BFD40D38BE291F731666B27DC28" = Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03A92733-D26B-CBCD-52A1-56E31E612972}" = Catalyst Control Center Core Implementation
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{076E75E3-90B4-4310-A01E-DD9F6A5F1371}" = SQL DMO dla Comarch OPT!MA
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{106E3037-BFFF-0B66-7BAE-15E16C9DAB7A}" = CCC Help Turkish
"{124D0E28-CD55-490E-E551-7474F0965983}" = Catalyst Control Center Graphics Previews Common
"{133B19CF-2FDA-492C-07AD-FAE04DB76C99}" = ccc-core-static
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20A5C0D1-9ACF-4393-B6F2-72949F86F700}" = STK03H
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{244F94E8-6801-3AEE-D5F8-8B0F66A323D6}" = CCC Help Chinese Standard
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java™ 6 Update 29
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2A2C6E16-0399-F5AE-B3A8-0990B2464E97}" = Catalyst Control Center Graphics Full New
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{301A4A22-ACBD-993D-682E-4B35F22467B6}" = Catalyst Control Center Graphics Light
"{30559742-2E82-421C-ABDC-35EC0D57485C}" = E-billing
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{403DE62D-DCFF-42F5-AABD-46CD530F2F64}" = Crystal Reports dla Comarch OPT!MA
"{40A208DE-AE5A-F82C-962C-17050826751F}" = Catalyst Control Center Graphics Full Existing
"{41F706DC-FE6D-90AC-6B9A-F175388EBFA6}" = CCC Help Finnish
"{43CC74BB-CB4F-9DE7-5B86-0CB4E498DDAE}" = CCC Help Italian
"{47AC55D2-C743-48A3-BFF9-6407F6000775}_is1" = Postal 3
"{48B08845-0CB0-45EC-893C-15319ADDA312}" = Microsoft SQL Server 2008 R2 Setup (English)
"{49DCA97C-4D99-659C-AE2B-9CDCC227CEE3}" = CCC Help English
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 SP1 Database Engine Shared
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{4E12BF0A-9A6B-B806-F589-1456DA35CFAA}" = CCC Help Spanish
"{5419A3D5-07EC-9C03-483F-41945F9F173C}" = CCC Help Swedish
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = SQL Server 2008 R2 SP1 Database Engine Services
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5E5FF37B-81F4-FAE1-1BEB-2DCCB7D8AC21}" = CCC Help Chinese Traditional
"{6068A42A-C1CF-45F2-9859-5DB16287FE5D}" = msvcrt_installer
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6717A421-DA2D-BC53-3C94-95235480B989}" = CCC Help Japanese
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E6FD4E4-A2FB-2404-6E46-7606B0913FF1}" = CCC Help Greek
"{6FEBE183-A517-770B-9BEC-E0AF07B2C0ED}" = Catalyst Control Center InstallProxy
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729C7781-11C8-783B-CC05-1AC359088502}" = CCC Help Czech
"{7492FE27-81F9-305D-44B8-7696ACBACA2A}" = CCC Help Russian
"{774C0434-9948-4DEE-A14E-69CDD316E36C}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7CA835ED-752D-0AD3-3DD1-DAFCD81E8E6A}" = CCC Help Danish
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{81C9B604-B3D0-82FB-E677-2D96CDFECEAB}" = CCC Help Polish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8B1C8588-60C4-3650-D324-9404AEF01044}" = Catalyst Control Center Graphics Previews Vista
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90949E60-1E05-EAD9-A1B8-D0984F18224B}" = CCC Help Portuguese
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93968FB2-C67A-4A9B-80C2-5D4D9393058E}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A9D317B-610F-5B74-E001-FFF98C3393D8}" = CCC Help Dutch
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A5A70E61-FEAB-4CEC-977C-BE0EF8DC05AB}" = PC Connectivity Solution
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB3C268A-E54B-4F6D-BF97-2DFCEEFA94F5}" = Catalyst Control Center - Branding
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B15930BE-C329-0B26-CE1E-E1E6D4A3EB20}" = CCC Help German
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 SP1 Database Engine Services
"{BCB4C18A-ACA6-4383-8688-E19933A705DD}" = Microsoft SOAP Toolkit 3.0
"{BD8DA595-F501-4ABE-85A0-5C23E82472A0}" = Pomocnik Messenger
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C143B1EA-688C-35CE-34BE-88DFDBA4D0E6}" = Catalyst Control Center Localization All
"{C6F8AFBD-C7D3-2934-DB48-1E2C92D7455B}" = CCC Help Hungarian
"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 SP1 Common Files
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1543DF7-EF94-B6E7-643B-3543EA36F630}" = CCC Help French
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D44EFA1A-5F04-DFB4-A3FF-A1A4D64556D0}" = CCC Help Korean
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DE56B690-A4EE-F806-6DEF-942EF3FB2E20}" = CCC Help Thai
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E737A098-F161-4B6F-AF22-86AAE34F6FBD}" = Pro Evolution Soccer 2012
"{E83CD823-C522-4B71-B10A-E1088B3BD261}" = STK03N
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED27DC1A-550A-5F48-9303-9C0D9C179D42}" = CCC Help Norwegian
"{ED69C92F-AC5C-4C01-A5A7-14856CB31831}" = Comarch OPT!MA
"{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 SP1 Database Engine Shared
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 SP1 Common Files
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AutoItv3" = AutoIt v3.3.6.1
"Comarch OPT!MA" = Comarch OPT!MA
"Crystal Reports dla Comarch OPT!MA" = Crystal Reports dla Comarch OPT!MA
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"FlightGear_is1" = FlightGear v2.0.0
"foobar2000" = foobar2000 v0.9.4.2
"Gadu-Gadu 10" = Gadu-Gadu 10
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.6.0 (Full)
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2
"MixVibes CrossDJ Free 1.7.1" = CrossDJ Free 1.7.1
"Mount&Blade Warband" = Mount&Blade Warband
"Mozilla Firefox 15.0 (x86 pl)" = Mozilla Firefox 15.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"RealAlt_is1" = Real Alternative 2.0.2
"Samsung ML-1640 Series" = Samsung ML-1640 Series
"SQL DMO dla Comarch OPT!MA" = SQL DMO dla Comarch OPT!MA
"Steam App 10500" = Empire: Total War
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TradeManager 2010 Beta1" = TradeManager 2010 Beta1
"uTorrent" = µTorrent
"WinLiveSuite" = Podstawowe programy Windows Live
"WinRAR archiver" = Archiwizator WinRAR
"World of Warcraft" = World of Warcraft
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ExpressFiles" = ExpressFiles
"Google Chrome" = Google Chrome
"Mozilla Firefox 15.0.1 (x86 pl)" = Mozilla Firefox 15.0.1 (x86 pl)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2012-09-17 19:00:25 | Computer Name = Michał | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2044
Error - 2012-09-18 20:55:29 | Computer Name = Michał | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2012-09-18 20:55:29 | Computer Name = Michał | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1045
Error - 2012-09-18 20:55:29 | Computer Name = Michał | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1045
Error - 2012-09-18 20:55:30 | Computer Name = Michał | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2012-09-18 20:55:30 | Computer Name = Michał | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2090
Error - 2012-09-18 20:55:30 | Computer Name = Michał | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2090
Error - 2012-09-20 13:26:50 | Computer Name = Michał | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2012-09-20 13:26:50 | Computer Name = Michał | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10000
Error - 2012-09-20 13:26:50 | Computer Name = Michał | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10000
[ Media Center Events ]
Error - 2010-12-13 13:18:27 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 18:18:19 - Błąd podczas nawiązywania połączenia z Internetem. 18:18:19
- Nie można skontaktować się z serwerem..
Error - 2010-12-19 05:16:16 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 10:16:10 - Nie można pobrać pakietu MCEClientUX (Błąd: Upłynął limit
czasu operacji)
Error - 2010-12-20 14:38:40 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 19:38:40 - Błąd podczas nawiązywania połączenia z Internetem. 19:38:40
- Nie można skontaktować się z serwerem..
Error - 2010-12-20 14:38:49 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 19:38:45 - Błąd podczas nawiązywania połączenia z Internetem. 19:38:45
- Nie można skontaktować się z serwerem..
Error - 2011-01-21 01:01:16 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 06:01:16 - Nie można pobrać pakietu Directory (Błąd: Nie można rozpoznać
nazwy zdalnej: 'data.tvdownload.microsoft.com')
Error - 2011-01-21 05:38:24 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 10:37:45 - Błąd podczas nawiązywania połączenia z Internetem. 10:37:45
- Nie można skontaktować się z serwerem..
Error - 2011-01-22 10:07:38 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 15:07:38 - Błąd podczas nawiązywania połączenia z Internetem. 15:07:38
- Nie można skontaktować się z serwerem..
Error - 2011-01-22 10:07:47 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 15:07:43 - Błąd podczas nawiązywania połączenia z Internetem. 15:07:43
- Nie można skontaktować się z serwerem..
Error - 2011-02-09 13:30:15 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 18:30:15 - Błąd podczas nawiązywania połączenia z Internetem. 18:30:15
- Nie można skontaktować się z serwerem..
Error - 2011-02-09 13:30:47 | Computer Name = user-Komputer | Source = MCUpdate | ID = 0
Description = 18:30:44 - Błąd podczas nawiązywania połączenia z Internetem. 18:30:44
- Nie można skontaktować się z serwerem..
[ System Events ]
Error - 2012-09-20 15:31:42 | Computer Name = Michał | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi DgiVecp z powodu następującego błędu: %%20
Error - 2012-09-20 15:32:29 | Computer Name = Michał | Source = PNRPSvc | ID = 102
Description =
Error - 2012-09-20 15:32:29 | Computer Name = Michał | Source = Service Control Manager | ID = 7023
Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie;
wystąpił następujący błąd: %%-2140993535
Error - 2012-09-20 15:32:29 | Computer Name = Michał | Source = Service Control Manager | ID = 7001
Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania
nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535
Error - 2012-09-20 15:32:40 | Computer Name = Michał | Source = PNRPSvc | ID = 102
Description =
Error - 2012-09-20 15:32:40 | Computer Name = Michał | Source = PNRPSvc | ID = 102
Description =
Error - 2012-09-20 15:32:40 | Computer Name = Michał | Source = Service Control Manager | ID = 7023
Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie;
wystąpił następujący błąd: %%-2140993535
Error - 2012-09-20 15:32:40 | Computer Name = Michał | Source = Service Control Manager | ID = 7001
Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania
nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535
Error - 2012-09-20 15:32:40 | Computer Name = Michał | Source = Service Control Manager | ID = 7023
Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie;
wystąpił następujący błąd: %%-2140993535
Error - 2012-09-20 15:32:40 | Computer Name = Michał | Source = Service Control Manager | ID = 7001
Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania
nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535
< End of report >