OTL logfile created on: 2012-11-28 18:38:40 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\luk\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
15,99 Gb Total Physical Memory | 13,42 Gb Available Physical Memory | 83,92% Memory free
31,98 Gb Paging File | 29,12 Gb Available in Paging File | 91,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 13,28 Gb Free Space | 13,61% Space Free | Partition Type: NTFS
Drive D: | 833,85 Gb Total Space | 60,97 Gb Free Space | 7,31% Space Free | Partition Type: NTFS
Drive F: | 5,39 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: LUKASZ | User Name: luk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-11-28 18:36:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\luk\Desktop\OTL.exe
PRC - [2012-11-14 11:59:26 | 000,024,480 | ---- | M] () -- C:\Program Files\EslWire\inGame32.exe
PRC - [2012-11-02 21:40:41 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-08-04 10:25:44 | 001,353,080 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\Steam.exe
PRC - [2012-04-26 13:33:38 | 003,111,744 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
PRC - [2012-04-26 13:33:16 | 002,743,104 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2012-03-02 16:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- D:\Program Files (x86)\AllShare\AllShareDMS\AllShareDMS.exe
PRC - [2012-03-01 22:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- D:\Program Files (x86)\AllShare\AllShareAgent.exe
PRC - [2011-07-12 15:29:00 | 000,552,960 | ---- | M] (ROCCAT GmbH) -- C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
PRC - [2011-05-12 07:39:00 | 000,539,688 | ---- | M] (ROCCAT GmbH) -- C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
PRC - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010-07-07 19:33:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe
PRC - [2010-07-07 19:27:16 | 001,268,224 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe
PRC - [2010-02-12 09:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2010-02-09 15:43:16 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2010-01-25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2010-01-22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2007-12-10 14:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
PRC - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-11-14 12:05:50 | 000,165,888 | ---- | M] () -- C:\Program Files\EslWire\NocIPC32.dll
MOD - [2012-11-14 11:59:26 | 000,447,904 | ---- | M] () -- C:\Program Files\EslWire\inGame32.dll
MOD - [2012-11-14 11:59:26 | 000,024,480 | ---- | M] () -- C:\Program Files\EslWire\inGame32.exe
MOD - [2012-11-14 03:10:59 | 000,460,904 | ---- | M] () -- C:\Users\luk\AppData\Local\Google\Chrome\Application\23.0.1271.91\ppGoogleNaClPluginChrome.dll
MOD - [2012-11-14 03:10:58 | 012,456,040 | ---- | M] () -- C:\Users\luk\AppData\Local\Google\Chrome\Application\23.0.1271.91\PepperFlash\pepflashplayer.dll
MOD - [2012-11-14 03:10:57 | 004,008,040 | ---- | M] () -- C:\Users\luk\AppData\Local\Google\Chrome\Application\23.0.1271.91\pdf.dll
MOD - [2012-11-14 03:10:12 | 000,587,880 | ---- | M] () -- C:\Users\luk\AppData\Local\Google\Chrome\Application\23.0.1271.91\libglesv2.dll
MOD - [2012-11-14 03:10:11 | 000,124,520 | ---- | M] () -- C:\Users\luk\AppData\Local\Google\Chrome\Application\23.0.1271.91\libegl.dll
MOD - [2012-11-14 03:10:04 | 000,157,304 | ---- | M] () -- C:\Users\luk\AppData\Local\Google\Chrome\Application\23.0.1271.91\avutil-51.dll
MOD - [2012-11-14 03:10:03 | 000,275,576 | ---- | M] () -- C:\Users\luk\AppData\Local\Google\Chrome\Application\23.0.1271.91\avformat-54.dll
MOD - [2012-11-14 03:10:02 | 002,168,952 | ---- | M] () -- C:\Users\luk\AppData\Local\Google\Chrome\Application\23.0.1271.91\avcodec-54.dll
MOD - [2012-10-25 17:16:40 | 020,317,008 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012-10-25 17:16:40 | 001,099,616 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012-10-25 17:16:40 | 000,902,480 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012-10-25 17:16:40 | 000,190,816 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012-10-25 17:16:40 | 000,123,232 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012-03-01 21:42:03 | 011,992,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\38f7e54acfba02e9fcf534b5a11807c8\System.Web.ni.dll
MOD - [2012-03-01 21:41:59 | 000,771,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\61596cabe75992c8b63275da8ad90b8f\System.Runtime.Remoting.ni.dll
MOD - [2012-02-16 10:38:07 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\6d313db8b6c27f5ed7ce0632ca6aa203\System.ServiceProcess.ni.dll
MOD - [2012-02-16 10:13:16 | 011,470,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b540398c49e7c32ab58666de7f09f645\PresentationCore.ni.dll
MOD - [2012-02-16 10:13:11 | 013,138,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\fa45e7d581b80c34cb0d5518491c7387\System.Windows.Forms.ni.dll
MOD - [2012-02-16 10:13:10 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\90223e809b1ff291a7f65509702e2fa1\System.Core.ni.dll
MOD - [2012-02-16 10:13:09 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\c0afb5fbfbc7a8d670b430672c5fd578\WindowsBase.ni.dll
MOD - [2012-02-16 10:13:07 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a48e483c6b13da563725d72ec518a0bb\System.Xml.ni.dll
MOD - [2012-02-16 10:13:06 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\100121f0f4e55a3e85a886f4968dedfc\System.Configuration.ni.dll
MOD - [2012-02-16 10:13:05 | 001,652,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\fd0f015bc4324d8b9716ae38083a4e4d\System.Drawing.ni.dll
MOD - [2012-02-16 10:13:04 | 009,086,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\69adb8f9940fa1330f6f1b706e3dc31e\System.ni.dll
MOD - [2012-02-16 10:13:00 | 014,409,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\2b1af7649e57195b4b85bbf4c5cb7c90\mscorlib.ni.dll
MOD - [2012-01-08 14:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011-11-01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011-11-01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011-03-15 07:13:46 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2010-11-04 11:48:36 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll
MOD - [2010-07-07 19:33:04 | 000,002,560 | ---- | M] () -- C:\Windows\SysWOW64\CTXFIRES.DLL
MOD - [2010-06-22 13:50:52 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll
MOD - [2009-06-29 09:54:08 | 000,164,864 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009-02-27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007-09-02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
MOD - [2006-06-06 05:06:06 | 000,002,560 | ---- | M] () -- C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012-11-14 12:00:10 | 000,678,416 | ---- | M] () [Auto | Running] -- C:\Program Files\EslWire\service\WireHelperSvc.exe -- (EslWireHelper)
SRV:[b]64bit:[/b] - [2012-09-28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2011-01-12 16:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:[b]64bit:[/b] - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-11-02 21:40:41 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-10-14 12:06:11 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-10-11 02:04:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-10-04 22:06:00 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-10-02 20:19:04 | 000,743,320 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-03-02 16:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- D:\Program Files (x86)\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012-03-02 16:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- D:\Program Files (x86)\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2012-01-21 15:20:48 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010-06-25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010-03-11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010-02-12 09:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010-01-25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2010-01-22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2003-09-14 21:08:14 | 002,928,700 | ---- | M] () [Auto | Stopped] -- D:\usr/MYSQL/bin/mysqld.exe -- (MySql)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012-11-14 11:59:58 | 000,160,784 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:[b]64bit:[/b] - [2012-09-28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2012-09-28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2012-09-28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2012-07-30 10:24:30 | 000,158,720 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:[b]64bit:[/b] - [2012-07-07 10:01:16 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2012-03-30 14:00:07 | 000,051,776 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pssdk41.sys -- (PsSdk41)
DRV:[b]64bit:[/b] - [2011-11-28 13:20:28 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1)
DRV:[b]64bit:[/b] - [2011-08-02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2011-03-11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-12-21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2010-12-21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2010-12-21 13:47:38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:[b]64bit:[/b] - [2010-07-07 21:21:18 | 001,612,888 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x22k.sys -- (ha20x22k)
DRV:[b]64bit:[/b] - [2010-07-07 21:21:06 | 001,567,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:[b]64bit:[/b] - [2010-07-07 21:20:56 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:[b]64bit:[/b] - [2010-07-07 21:20:48 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:[b]64bit:[/b] - [2010-07-07 21:20:40 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:[b]64bit:[/b] - [2010-07-07 21:16:32 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:[b]64bit:[/b] - [2010-07-07 21:16:24 | 000,697,816 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)
DRV:[b]64bit:[/b] - [2010-07-07 21:16:14 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:[b]64bit:[/b] - [2010-07-07 21:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:[b]64bit:[/b] - [2010-07-07 21:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:[b]64bit:[/b] - [2010-07-07 21:15:56 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:[b]64bit:[/b] - [2010-07-07 21:15:56 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:[b]64bit:[/b] - [2010-07-07 21:15:50 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:[b]64bit:[/b] - [2010-07-07 21:15:50 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:[b]64bit:[/b] - [2010-06-25 18:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:[b]64bit:[/b] - [2010-03-29 10:06:06 | 000,233,488 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:[b]64bit:[/b] - [2009-11-06 12:13:20 | 000,597,504 | ---- | M] (PixArt Imaging Incorporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GUCI_AVS.sys -- (GUCI_AVS)
DRV:[b]64bit:[/b] - [2009-09-16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:[b]64bit:[/b] - [2009-08-23 15:02:30 | 000,120,336 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:[b]64bit:[/b] - [2009-07-14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011-01-06 11:06:56 | 000,011,888 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Setup Files\Ms7583v1B0\NTIOLib_X64.sys -- (NTIOLib_1_0_6)
DRV - [2010-10-22 10:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
DRV - [2010-05-10 10:44:40 | 000,033,592 | ---- | M] (Your Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:1.4
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\luk\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\luk\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\luk\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\luk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\luk\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2012-03-07 10:33:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-10-14 02:14:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-03-07 10:33:52 | 000,000,000 | ---D | M]
 
[2012-10-14 02:14:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\luk\AppData\Roaming\mozilla\Extensions
[2012-10-26 17:35:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\luk\AppData\Roaming\mozilla\Firefox\Profiles\awcuqkr8.default\extensions
[2012-10-26 17:29:53 | 000,252,340 | ---- | M] () (No name found) -- C:\Users\luk\AppData\Roaming\mozilla\firefox\profiles\awcuqkr8.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012-10-20 15:34:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-10-20 15:34:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012-10-11 02:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-10-11 03:58:06 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-10-11 03:58:06 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-10-11 03:58:06 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-10-11 03:58:06 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-10-11 03:58:06 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-10-11 03:58:06 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\luk\AppData\Local\Google\Chrome\Application\23.0.1271.91\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\luk\AppData\Local\Google\Chrome\Application\23.0.1271.91\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\luk\AppData\Local\Google\Chrome\Application\23.0.1271.91\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\luk\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\luk\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Users\luk\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Szukaj w Google = C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Facebook Friend Inviter = C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\fojfflomljfbdfdcfmiihnijjfnnakdn\1.1_0\
CHR - Extension: Skype Click to Call = C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
CHR - Extension: Battlelog Custom Emblem Uploader = C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaobladaobcegekjlpknibgpoihdcdjc\1.81_0\
CHR - Extension: Facebook Invite All Subrange = C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\phlacnclhiinhhoaonnoflhaoaklmfek\0.1.1_0\
CHR - Extension: Gmail = C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2012-02-24 22:35:42 | 000,001,436 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com 
O1 - Hosts: 127.0.0.1 www.adobeereg.com 
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com 
O1 - Hosts: 127.0.0.1 125.252.224.90 
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O2:[b]64bit:[/b] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:[b]64bit:[/b] - HKLM..\Run: [GUCI_AVS] C:\Windows\PixArt\PAP7501\GUCI_AVS.exe (PixArt Imaging Incorporation)
O4:[b]64bit:[/b] - HKLM..\Run: [PACTray] C:\Windows\PixArt\PAP7501\PACTray.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AllShareAgent] D:\Program Files (x86)\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe ()
O4 - HKLM..\Run: [RoccatIsku] C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE (ROCCAT GmbH)
O4 - HKLM..\Run: [RoccatKone+] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe ()
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ESL Wire] C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH)
O4 - HKCU..\Run: [Facebook Update] C:\Users\luk\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [Steam] D:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\luk\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58B44B91-BD44-4C46-B1B9-143AA3B6A729}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A8FB20F-A191-480F-B261-2A3DA846DC81}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2558F83-B1DD-45C1-A9E5-AFB79B49D65E}: DhcpNameServer = 7.254.254.254
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-03-04 18:23:30 | 000,000,000 | ---D | M] - F:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2010-02-08 08:10:29 | 002,855,560 | R--- | M] (UBISOFT) - F:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2010-02-08 08:10:29 | 000,000,043 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{09e5adcd-4734-11e1-8f3e-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{09e5adcd-4734-11e1-8f3e-00ff01000001}\Shell\AutoRun\command - "" = F:\setup.exe -- [2010-02-08 08:55:08 | 000,377,480 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{40411582-c80b-11e1-8646-8e0000008e8e}\Shell - "" = AutoRun
O33 - MountPoints2\{40411582-c80b-11e1-8646-8e0000008e8e}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2010-02-08 08:10:29 | 002,855,560 | R--- | M] (UBISOFT)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-11-28 18:36:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\luk\Desktop\OTL.exe
[2012-11-28 18:18:31 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{77240949-E941-4CE5-8BB3-B0BB98A4AF84}
[2012-11-27 21:23:38 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{01FE73EA-4E57-4AD0-97C1-C2209BD9365E}
[2012-11-26 23:49:21 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{FCFEEE50-D9E2-4418-8B3D-F176134E5A62}
[2012-11-26 23:45:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-11-26 23:36:07 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012-11-26 23:36:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012-11-26 10:51:18 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{F02A30E3-1EDF-4E74-8435-B05A9B9B5C03}
[2012-11-25 21:27:04 | 000,000,000 | ---D | C] -- C:\Users\luk\Desktop\Dieta
[2012-11-25 18:20:38 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\Threat Expert
[2012-11-25 17:54:06 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2012-11-25 17:54:06 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2012-11-25 17:54:06 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2012-11-25 17:50:47 | 000,306,648 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys
[2012-11-25 17:50:47 | 000,133,072 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys
[2012-11-25 17:50:45 | 000,233,488 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys
[2012-11-25 17:50:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Doctor
[2012-11-25 17:50:41 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys
[2012-11-25 17:50:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Doctor
[2012-11-25 17:50:33 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Roaming\PC Tools
[2012-11-25 17:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012-11-25 17:50:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012-11-25 17:50:19 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012-11-25 12:03:46 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{41C9BF65-FD27-4999-B621-5E084210B26F}
[2012-11-24 16:40:41 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\FLT
[2012-11-24 15:40:36 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{BD1EE6AD-C1FC-44EF-9DA1-1B16DECB2036}
[2012-11-23 20:17:06 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{97356964-DF45-4667-B6E6-89536AB2BC09}
[2012-11-21 18:36:05 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{8DB825A6-458C-49A5-8FCB-F331E37D1E98}
[2012-11-20 22:44:13 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\ESN
[2012-11-20 20:46:15 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{C3AB86D7-CCBA-46AE-84B6-0786D58A73B0}
[2012-11-19 18:07:42 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{9A2110FA-4A57-44EC-9D0E-5BCC9FE12808}
[2012-11-18 12:25:09 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{4B389D58-3AEF-408E-BE68-B2CC608FC03C}
[2012-11-17 13:34:55 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{1ACED04A-23E9-4FEA-8F2F-DC52BFAE99A7}
[2012-11-16 20:19:07 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{D81576D3-E4B6-434D-BF62-B56EB9D25CC7}
[2012-11-15 19:14:14 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{492629E6-D642-4E9D-8AFA-65AAADE44FA2}
[2012-11-14 18:09:09 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{7B3CFF53-A518-435A-88D6-F7F675AF4991}
[2012-11-13 18:14:37 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{E590B66D-491E-4578-8FDB-03F33EA9DF2A}
[2012-11-12 20:01:00 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{D70E6753-82BA-45F9-A044-58007516E1E1}
[2012-11-11 14:07:30 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Roaming\Ubisoft
[2012-11-11 14:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2012-11-11 11:53:30 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{42459752-9D63-4BCC-A6C3-FF9B775B074A}
[2012-11-10 13:57:38 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{4CAA01BE-0918-4BED-85B3-6A58BAFF50C5}
[2012-11-09 22:45:51 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\Programs
[2012-11-09 18:35:42 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{E92647A8-66A2-4C2D-A117-51CEE423A32D}
[2012-11-08 22:03:37 | 000,000,000 | ---D | C] -- C:\Users\luk\Desktop\Benita
[2012-11-08 18:22:22 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{89484C3F-8E3B-4F3F-85E1-63D693E80F89}
[2012-11-07 18:27:39 | 000,000,000 | ---D | C] -- C:\Windows\symbols
[2012-11-07 18:27:32 | 000,128,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\symsrv.dll
[2012-11-07 17:50:28 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{C3697AD2-8C34-483E-9ADD-D4ED031CE0B4}
[2012-11-06 18:08:55 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{70B6A79B-D822-4D03-A3B5-E7C1EAD8CF41}
[2012-11-05 19:56:39 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-11-05 18:02:53 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{4E400FDC-7850-4DDD-86CC-7030441172FB}
[2012-11-04 17:55:09 | 000,000,000 | ---D | C] -- C:\Users\luk\Desktop\Gmail (1)
[2012-11-04 17:09:56 | 000,000,000 | ---D | C] -- C:\Users\luk\Desktop\1 odprawa listopad 2012
[2012-11-04 10:46:53 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{445C66D1-784F-4395-9C5C-0C18D3E18D34}
[2012-11-03 16:25:21 | 000,000,000 | ---D | C] -- C:\Users\luk\Desktop\CoreTemp64
[2012-11-03 15:54:03 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{0497A081-B498-41B4-AE03-6E574A815A61}
[2012-11-03 13:03:41 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{16F3C1D3-8DC6-46DE-8C3A-43890B8B9665}
[2012-11-02 21:37:49 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012-11-02 21:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012-11-02 21:37:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2012-11-02 13:43:50 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{8833B5DC-DE99-4F97-AEC6-143E66FE161A}
[2012-11-01 12:07:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 3 MP Alpha
[2012-11-01 10:10:55 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{09E59E5B-74FF-43DE-AF08-8B1F01A6403D}
[2012-10-31 18:05:37 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{19B16FF0-0641-42B4-A57F-B101DE27AB5A}
[2012-10-30 17:54:13 | 000,000,000 | ---D | C] -- C:\Users\luk\AppData\Local\{1536E9F8-B780-4BD3-8E3A-E19B0178CFEF}
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-11-28 18:37:17 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-28 18:37:17 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-28 18:37:08 | 000,480,125 | ---- | M] () -- C:\Users\luk\Desktop\AdwCleaner.exe
[2012-11-28 18:36:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\luk\Desktop\OTL.exe
[2012-11-28 18:17:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-28 18:17:15 | 4287,979,518 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-27 23:55:32 | 000,062,308 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000006-00000000-00000000-00001102-0000000B-00421102}.rfx
[2012-11-27 23:55:32 | 000,062,308 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000006-00000000-00000000-00001102-0000000B-00421102}.rfx
[2012-11-27 23:55:32 | 000,000,820 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000006-00000000-00000000-00001102-0000000B-00421102}.rfx
[2012-11-27 23:49:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2678323083-3754379928-4184453254-1001UA.job
[2012-11-27 23:49:00 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2678323083-3754379928-4184453254-1001Core.job
[2012-11-27 23:06:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-11-27 23:02:01 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2678323083-3754379928-4184453254-1001UA.job
[2012-11-27 23:02:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2678323083-3754379928-4184453254-1001Core.job
[2012-11-25 17:50:47 | 000,002,178 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2012-11-25 00:46:12 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-11-25 00:46:12 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-11-25 00:45:47 | 000,281,880 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-11-24 16:38:44 | 000,000,962 | ---- | M] () -- C:\Users\luk\Desktop\Don't Starve Beta (18 November).lnk
[2012-11-23 23:24:10 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settingsbkup.sfm
[2012-11-23 23:24:10 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settings.sfm
[2012-11-22 00:03:54 | 000,001,205 | ---- | M] () -- C:\Users\luk\Desktop\Uplay.lnk
[2012-11-19 20:45:14 | 000,048,713 | ---- | M] () -- C:\Users\luk\Desktop\jolie.jpg
[2012-11-18 20:09:02 | 001,338,445 | ---- | M] () -- C:\Users\luk\Desktop\Bursztyn_Farex_KF_03_a.pdf
[2012-11-18 00:06:54 | 001,671,632 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-11-18 00:06:54 | 000,741,182 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-11-18 00:06:54 | 000,654,946 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-11-18 00:06:54 | 000,155,778 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-11-18 00:06:54 | 000,121,818 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-11-17 00:02:52 | 000,029,364 | ---- | M] () -- C:\Users\luk\Desktop\pass.jpg
[2012-11-15 21:12:05 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\ESL Wire.lnk
[2012-11-14 21:47:45 | 000,172,134 | ---- | M] () -- C:\Users\luk\Desktop\Sons.rar
[2012-11-14 19:22:25 | 000,917,537 | ---- | M] () -- C:\Users\luk\Desktop\SMACO Porforma Invoice for Luk-20100325.pdf
[2012-11-14 19:20:12 | 002,289,655 | ---- | M] () -- C:\Users\luk\Desktop\faktura.JPG
[2012-11-14 11:59:58 | 000,160,784 | ---- | M] (<Turtle Entertainment>) -- C:\Windows\SysNative\drivers\ESLWireACD.sys
[2012-11-12 22:01:51 | 005,041,022 | ---- | M] () -- C:\Users\luk\Desktop\poprawiona.jpg
[2012-11-12 21:17:50 | 000,390,646 | ---- | M] () -- C:\Users\luk\Desktop\aromaty płynne asortyment Jaskulski Aromaty JAR 14-07-2010.pdf
[2012-11-12 21:11:30 | 000,052,291 | ---- | M] () -- C:\Users\luk\Desktop\2400.jpg
[2012-11-09 22:48:41 | 000,000,687 | ---- | M] () -- C:\Users\Public\Desktop\Launch.lnk
[2012-11-08 21:59:43 | 000,775,316 | ---- | M] () -- C:\Users\luk\Desktop\Benita.rar
[2012-11-07 20:28:10 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\symsrv.yes
[2012-11-05 21:23:13 | 000,720,066 | ---- | M] () -- C:\Users\luk\Desktop\FILMWEB.TOP100.WORLD.PACK.DVDRiP.XViD-HappyBirthdayPT.torrent
[2012-11-04 17:51:48 | 000,934,951 | ---- | M] () -- C:\Users\luk\Desktop\Gmail.zip
[2012-11-02 21:40:41 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-11-02 21:37:49 | 000,001,011 | ---- | M] () -- C:\Users\luk\Desktop\SpeedFan.lnk
[2012-11-02 21:37:49 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-11-01 12:07:55 | 000,000,838 | ---- | M] () -- C:\Users\Public\Desktop\Crysis 3 MP Alpha.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-11-28 18:37:07 | 000,480,125 | ---- | C] () -- C:\Users\luk\Desktop\AdwCleaner.exe
[2012-11-25 17:54:06 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip
[2012-11-25 17:54:06 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2012-11-25 17:54:06 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2012-11-25 17:54:06 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2012-11-25 17:54:06 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2012-11-25 17:50:47 | 000,007,357 | ---- | C] () -- C:\Windows\SysNative\drivers\pctgntdi64.cat
[2012-11-25 17:50:45 | 000,007,353 | ---- | C] () -- C:\Windows\SysNative\drivers\pctcore64.cat
[2012-11-25 17:50:44 | 000,002,178 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2012-11-25 17:50:41 | 000,007,353 | ---- | C] () -- C:\Windows\SysNative\drivers\pctplsg64.cat
[2012-11-24 16:38:44 | 000,000,962 | ---- | C] () -- C:\Users\luk\Desktop\Don't Starve Beta (18 November).lnk
[2012-11-22 00:03:54 | 000,001,205 | ---- | C] () -- C:\Users\luk\Desktop\Uplay.lnk
[2012-11-19 20:45:14 | 000,048,713 | ---- | C] () -- C:\Users\luk\Desktop\jolie.jpg
[2012-11-18 20:09:01 | 001,338,445 | ---- | C] () -- C:\Users\luk\Desktop\Bursztyn_Farex_KF_03_a.pdf
[2012-11-17 00:02:51 | 000,029,364 | ---- | C] () -- C:\Users\luk\Desktop\pass.jpg
[2012-11-14 21:47:40 | 000,172,134 | ---- | C] () -- C:\Users\luk\Desktop\Sons.rar
[2012-11-14 19:34:32 | 000,459,769 | ---- | C] () -- C:\Users\luk\Desktop\lolo.jpg
[2012-11-14 19:22:25 | 000,917,537 | ---- | C] () -- C:\Users\luk\Desktop\SMACO Porforma Invoice for Luk-20100325.pdf
[2012-11-14 19:20:01 | 002,289,655 | ---- | C] () -- C:\Users\luk\Desktop\faktura.JPG
[2012-11-12 21:59:28 | 005,041,022 | ---- | C] () -- C:\Users\luk\Desktop\poprawiona.jpg
[2012-11-12 21:17:50 | 000,390,646 | ---- | C] () -- C:\Users\luk\Desktop\aromaty płynne asortyment Jaskulski Aromaty JAR 14-07-2010.pdf
[2012-11-12 21:11:30 | 000,052,291 | ---- | C] () -- C:\Users\luk\Desktop\2400.jpg
[2012-11-09 22:48:41 | 000,000,687 | ---- | C] () -- C:\Users\Public\Desktop\Launch.lnk
[2012-11-08 21:59:41 | 000,775,316 | ---- | C] () -- C:\Users\luk\Desktop\Benita.rar
[2012-11-07 20:27:59 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\symsrv.yes
[2012-11-05 21:22:35 | 000,720,066 | ---- | C] () -- C:\Users\luk\Desktop\FILMWEB.TOP100.WORLD.PACK.DVDRiP.XViD-HappyBirthdayPT.torrent
[2012-11-04 17:51:46 | 000,934,951 | ---- | C] () -- C:\Users\luk\Desktop\Gmail.zip
[2012-11-02 21:37:49 | 000,001,011 | ---- | C] () -- C:\Users\luk\Desktop\SpeedFan.lnk
[2012-11-02 21:37:48 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-11-01 12:07:55 | 000,000,838 | ---- | C] () -- C:\Users\Public\Desktop\Crysis 3 MP Alpha.lnk
[2012-10-04 22:21:25 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012-08-20 18:16:03 | 000,002,157 | ---- | C] () -- C:\Windows\SysWow64\GUCI_AVS.ini
[2012-08-18 20:01:02 | 002,044,404 | ---- | C] () -- C:\Users\luk\IMGP1554.JPG
[2012-08-18 20:01:02 | 001,938,598 | ---- | C] () -- C:\Users\luk\IMGP1553.JPG
[2012-08-08 09:54:05 | 000,049,467 | ---- | C] () -- C:\Users\luk\CE4 3.jpg
[2012-07-25 23:49:30 | 000,042,440 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012-07-22 20:16:49 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012-07-10 21:08:47 | 000,007,597 | ---- | C] () -- C:\Users\luk\AppData\Local\Resmon.ResmonCfg
[2012-06-21 09:37:14 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-06-20 10:39:02 | 000,215,068 | ---- | C] () -- C:\Users\luk\egosct.jpg
[2012-06-20 10:39:02 | 000,140,012 | ---- | C] () -- C:\Users\luk\SCT.jpg
[2012-06-14 08:19:21 | 000,163,888 | ---- | C] () -- C:\Users\luk\1.jpg
[2012-06-14 08:19:21 | 000,113,181 | ---- | C] () -- C:\Users\luk\2.jpg
[2012-06-14 08:19:21 | 000,101,211 | ---- | C] () -- C:\Users\luk\6.jpg
[2012-06-14 08:19:20 | 000,679,626 | ---- | C] () -- C:\Users\luk\IMG_7096.JPG
[2012-06-14 08:19:20 | 000,505,042 | ---- | C] () -- C:\Users\luk\IMG_7098.JPG
[2012-06-07 13:02:13 | 000,000,132 | ---- | C] () -- C:\Users\luk\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012-05-02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-03-25 16:08:24 | 000,000,404 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012-03-23 02:13:13 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2012-03-02 00:58:19 | 000,380,928 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012-03-01 21:10:56 | 001,697,406 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-02-15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-02-15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-02-13 18:01:14 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2012-02-13 08:39:26 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012-02-13 08:39:26 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-02-13 08:39:25 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012-01-25 23:03:13 | 000,000,132 | ---- | C] () -- C:\Users\luk\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012-01-23 23:22:17 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012-01-23 23:22:17 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2012-01-22 13:20:07 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2012-01-22 00:21:32 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-01-22 00:21:31 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-01-21 15:25:17 | 000,164,864 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012-01-21 15:25:17 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012-01-21 14:23:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-09-19 14:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2011-09-13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010-07-27 15:59:11 | 014,162,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010-07-27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2012-11-08 22:09:01 | 020,536,320 | ---- | M] ()(C:\Users\luk\Desktop\HKDA Price List ??.xls) -- C:\Users\luk\Desktop\HKDA Price List 师傅.xls
[2012-11-08 22:08:44 | 020,536,320 | ---- | C] ()(C:\Users\luk\Desktop\HKDA Price List ??.xls) -- C:\Users\luk\Desktop\HKDA Price List 师傅.xls
[2012-08-08 09:57:44 | 002,526,208 | ---- | M] ()(C:\Users\luk\Desktop\??uotation Sheet From Shenzhen Hengkangda Technology(Revised).xls) -- C:\Users\luk\Desktop\悄悄uotation Sheet From Shenzhen Hengkangda Technology(Revised).xls
[2012-08-08 09:54:22 | 000,400,145 | ---- | M] ()(C:\Users\luk\j_??.png) -- C:\Users\luk\j_副本.png
[2012-08-08 09:54:21 | 000,096,376 | ---- | M] ()(C:\Users\luk\CE44_??.jpg) -- C:\Users\luk\CE44_副本.jpg
[2012-08-08 09:54:18 | 000,086,211 | ---- | M] ()(C:\Users\luk\CE46_??.jpg) -- C:\Users\luk\CE46_副本.jpg
[2012-08-08 09:54:11 | 000,042,230 | ---- | M] ()(C:\Users\luk\ego-k_??.jpg) -- C:\Users\luk\ego-k_副本.jpg
[2012-08-08 09:54:05 | 000,400,145 | ---- | C] ()(C:\Users\luk\j_??.png) -- C:\Users\luk\j_副本.png
[2012-08-08 09:54:05 | 000,096,376 | ---- | C] ()(C:\Users\luk\CE44_??.jpg) -- C:\Users\luk\CE44_副本.jpg
[2012-08-08 09:54:05 | 000,086,211 | ---- | C] ()(C:\Users\luk\CE46_??.jpg) -- C:\Users\luk\CE46_副本.jpg
[2012-08-08 09:54:05 | 000,042,230 | ---- | C] ()(C:\Users\luk\ego-k_??.jpg) -- C:\Users\luk\ego-k_副本.jpg
[2012-07-26 09:50:32 | 002,526,208 | ---- | C] ()(C:\Users\luk\Desktop\??uotation Sheet From Shenzhen Hengkangda Technology(Revised).xls) -- C:\Users\luk\Desktop\悄悄uotation Sheet From Shenzhen Hengkangda Technology(Revised).xls
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 185 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >