OTL logfile created on: 2013-03-22 14:54:44 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Fcuk\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 1022,42 Mb Total Physical Memory | 581,40 Mb Available Physical Memory | 56,87% Memory free 2,40 Gb Paging File | 2,03 Gb Available in Paging File | 84,58% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,29 Gb Total Space | 12,86 Gb Free Space | 43,89% Space Free | Partition Type: NTFS Drive D: | 14,65 Gb Total Space | 5,42 Gb Free Space | 37,02% Space Free | Partition Type: NTFS Drive E: | 97,65 Gb Total Space | 28,26 Gb Free Space | 28,93% Space Free | Partition Type: NTFS Drive F: | 91,28 Gb Total Space | 21,32 Gb Free Space | 23,35% Space Free | Partition Type: NTFS Drive K: | 180,05 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: FCUCZOLA-16D135 | User Name: Fcuk | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013-03-22 14:54:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fcuk\My Documents\Downloads\OTL.exe PRC - [2013-03-11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2012-11-14 21:23:01 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (No Company Name) ========== MOD - [2013-03-11 01:22:06 | 000,459,728 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll MOD - [2013-03-11 01:22:05 | 012,662,224 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll MOD - [2013-03-11 01:22:04 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll MOD - [2013-03-11 01:21:16 | 001,552,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll MOD - [2013-02-21 10:28:52 | 002,231,248 | ---- | M] () -- c:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll MOD - [2013-01-24 12:16:54 | 001,050,112 | ---- | M] () -- c:\Program Files\BrowseToSave\sprotector.dll MOD - [2008-04-14 12:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2008-04-14 12:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll ========== Services (SafeList) ========== SRV - [2013-03-13 16:40:58 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-03-05 21:54:26 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013-02-27 12:24:40 | 001,013,552 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\dmwu.exe -- (IBUpdaterService) SRV - [2013-02-21 10:30:09 | 002,561,488 | ---- | M] () [Auto | Stopped] -- C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect) SRV - [2013-02-15 20:06:41 | 000,968,880 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0) SRV - [2013-01-09 17:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) [Auto | Stopped] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service) SRV - [2013-01-09 17:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) [Auto | Stopped] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service) SRV - [2012-12-14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- D:\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-12-14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- D:\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2007-07-12 16:30:42 | 000,257,024 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Stopped] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (asqt7qde) DRV - [2013-02-17 09:53:42 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2013-02-15 20:06:41 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp) DRV - [2013-02-15 13:34:07 | 000,278,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2013-02-15 13:34:06 | 000,025,416 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2012-12-14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012-11-14 21:33:16 | 000,014,184 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mvxxmm.sys -- (mvxxmm) DRV - [2012-11-14 21:33:16 | 000,005,632 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mv64xxmm.sys -- (mv64xxmm) DRV - [2012-11-14 21:33:15 | 000,014,184 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mv61xxmm.sys -- (mv61xxmm) DRV - [2008-04-14 12:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2008-04-14 12:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2008-04-14 12:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2008-04-14 12:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS) DRV - [2007-07-12 10:03:42 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb) DRV - [2007-07-12 10:03:40 | 000,010,752 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Video3D32.sys -- (Video3D) DRV - [2007-07-12 10:03:38 | 000,012,288 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO) DRV - [2007-07-12 10:03:38 | 000,011,136 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt) DRV - [2006-12-14 09:44:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2006-10-18 20:12:16 | 000,012,664 | R--- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO) DRV - [2006-10-18 10:39:58 | 000,017,920 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\xfilt.sys -- (xfilt) DRV - [2006-10-17 13:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\videX32.sys -- (videX32) DRV - [2006-03-26 13:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) DRV - [2006-03-24 17:27:01 | 000,050,176 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04) DRV - [2006-03-13 10:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) DRV - [2005-06-09 07:35:40 | 000,393,088 | R--- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2004-08-13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-08-09 12:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004-08-09 12:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06) DRV - [2004-07-19 15:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1) DRV - [2003-12-01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=119370&babsrc=HP_ss&mntrId=d8b321e60000000000000023ee02224c IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&CUI=UN39756112018074252&ctid=CT3220468 IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.) IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=119370&babsrc=SP_ss&mntrId=d8b321e60000000000000023ee02224c IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468&CUI=UN39756112018074252 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-02-18 18:53:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\uixcd6eeeo@eiore-ai.co.uk: C:\Documents and Settings\Fcuk\Application Data\Mozilla\Firefox\Profiles\62teduto.default\extensions\uixcd6eeeo@eiore-ai.co.uk [2013-03-18 08:58:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{0F827075-B026-42F3-885D-98981EE7B1AE}: C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013-02-23 17:09:16 | 000,000,000 | ---D | M] [2013-02-12 22:02:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Fcuk\Application Data\Mozilla\Extensions [2013-03-09 15:22:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Fcuk\Application Data\Mozilla\Firefox\Profiles\62teduto.default\extensions [2013-02-23 17:08:26 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Documents and Settings\Fcuk\Application Data\Mozilla\Firefox\Profiles\62teduto.default\extensions\ffxtlbr@delta.com [2013-03-18 08:58:41 | 000,000,000 | ---D | M] (BrowSee2Save) -- C:\Documents and Settings\Fcuk\Application Data\Mozilla\Firefox\Profiles\62teduto.default\extensions\uixcd6eeeo@eiore-ai.co.uk [2013-02-23 17:09:07 | 000,001,294 | ---- | M] () -- C:\Documents and Settings\Fcuk\Application Data\Mozilla\Firefox\Profiles\62teduto.default\searchplugins\delta.xml ========== Chrome ========== CHR - homepage: CHR - Extension: No name found = C:\Documents and Settings\Fcuk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\ CHR - Extension: No name found = C:\Documents and Settings\Fcuk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.2.0.1_0\ CHR - Extension: No name found = C:\Documents and Settings\Fcuk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\ CHR - Extension: No name found = C:\Documents and Settings\Fcuk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\ O1 HOSTS File: ([2008-04-14 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR) O2 - BHO: (Winamp Toolbar Loader) - {4accc990-3dc7-4456-a734-5cb4b610a7f5} - C:\Program Files\Winamp Toolbar\winamppltb.dll (AOL Inc.) O2 - BHO: (ALLYouTubeDownloader) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLYouTubeDownloader\ALLYouTubeDownloader.dll (ALLCinema Ltd.) O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found. O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com) O2 - BHO: (BrowSee2Save) - {CC6C66BE-08DA-4DD0-6E32-DD25D0968536} - C:\Documents and Settings\All Users\Application Data\BrowSee2Save\513b4504f156c.dll File not found O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GbR) O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {a0b1221c-a3ff-4f7c-a393-dc63af5301e9} - C:\Program Files\Winamp Toolbar\winamppltb.dll (AOL Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {A0B1221C-A3FF-4F7C-A393-DC63AF5301E9} - C:\Program Files\Winamp Toolbar\winamppltb.dll (AOL Inc.) O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.24\AsRunHelp.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKLM..\Run: [WinampAgent] D:\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [ALLUpdate] D:\ALLPlayer\ALLUpdate.exe (ALLPlayer Group Ltd.) O4 - HKCU..\Run: [DAEMON Tools Lite] D:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [FixMyRegistry] C:\Program Files\SmartTweak Software\FixMyRegistry\FixMyRegistry.exe () O4 - HKCU..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKCU..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro) O4 - HKCU..\Run: [uTorrent] D:\Documents and Settings\Fcuk\Application Data\uTorrent\uTorrent.exe (BitTorrent Inc.) O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] D:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.231.1.206 217.172.224.160 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B8320EBA-3030-40C1-926A-D59F542B03B5}: DhcpNameServer = 89.231.1.206 217.172.224.160 O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll () O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\browse~1\261095~1.52\{c16c1~1\browse~1.dll) - c:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll () O20 - AppInit_DLLs: (c:\progra~1\browse~1\sprote~1.dll) - c:\Program Files\BrowseToSave\sprotector.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Fcuk\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Fcuk\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013-02-12 21:53:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2013-03-06 22:15:43 | 000,000,000 | ---D | M] - D:\AutoIt3 -- [ NTFS ] O33 - MountPoints2\{b077e0ba-755b-11e2-b3ce-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{b077e0ba-755b-11e2-b3ce-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{b077e0ba-755b-11e2-b3ce-806d6172696f}\Shell\AutoRun\command - "" = K:\autorun.exe O33 - MountPoints2\{be94d040-78df-11e2-b79a-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{be94d040-78df-11e2-b79a-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{be94d040-78df-11e2-b79a-806d6172696f}\Shell\AutoRun\command - "" = L:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013-03-22 10:05:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2013-03-22 07:46:23 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC [2013-03-22 07:34:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2013-03-18 09:41:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2013-03-18 09:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Application Data\Malwarebytes [2013-03-18 09:23:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2013-03-18 09:23:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2013-03-18 09:23:28 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2013-03-18 09:00:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2013-03-18 09:00:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak [2013-03-18 09:00:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Start Menu\Programs\Hired Team Trial [2013-03-18 09:00:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nero [2013-03-18 09:00:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Desktop\filmy do pobrania [2013-03-18 08:59:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead [2013-03-18 08:59:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SoftSafe [2013-03-18 08:59:48 | 000,000,000 | ---D | C] -- C:\Program Files\BrowseToSave [2013-03-18 08:59:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BrowSee2Save [2013-03-18 08:59:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BrowSee2Save [2013-03-18 08:59:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WNLT [2013-03-18 08:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\sweetpacks bundle uninstaller [2013-03-18 08:59:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Stoper [2013-03-18 08:59:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ARFC [2013-03-18 08:59:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RegClean [2013-03-18 08:59:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Start Menu\Programs\HyperCam 2 [2013-03-18 08:59:43 | 000,000,000 | ---D | C] -- C:\Program Files\SmartTweak Software [2013-03-18 08:59:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SmartTweak Software [2013-03-18 08:59:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Local Settings\Application Data\PackageAware [2013-03-18 08:59:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Optimizer Pro [2013-03-18 08:59:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Fcuk\Start Menu\Programs\Administrative Tools [2013-03-18 08:59:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AutoIt v3 [2013-03-18 08:59:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Auto Clicker by Shocker [2013-03-18 08:59:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Gothic III [2013-03-18 08:58:41 | 000,000,000 | ---D | C] -- C:\Config.Msi [2013-03-18 08:27:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation [2013-03-18 08:26:53 | 000,065,536 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll [2013-03-18 08:26:31 | 006,070,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvopencl.dll [2013-03-18 08:26:30 | 007,749,632 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll [2013-03-18 08:26:30 | 002,731,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll [2013-03-18 08:26:30 | 001,990,944 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll [2013-03-18 08:26:30 | 001,012,512 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco3220294.dll [2013-03-18 08:26:30 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispgenco3220162.dll [2013-03-18 08:26:28 | 017,551,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll [2013-03-18 08:26:14 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2013-03-18 08:25:57 | 000,000,000 | ---D | C] -- C:\NVIDIA [2013-03-18 08:17:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA [2013-03-15 17:01:55 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys [2013-03-15 17:01:52 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll [2013-03-15 17:01:48 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys [2013-03-15 17:01:42 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys [2013-03-14 11:51:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Local Settings\Application Data\Ahead [2013-03-14 10:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2013-03-14 10:05:38 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll [2013-03-14 10:05:29 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll [2013-03-14 10:05:29 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll [2013-03-14 10:05:28 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll [2013-03-14 10:05:27 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll [2013-03-14 10:05:22 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe [2013-03-13 17:41:37 | 016,486,616 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2013-03-13 05:49:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Desktop\Omerta City Of Gangsters [2013-03-12 16:21:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Local Settings\Application Data\Winamp Toolbar [2013-03-09 15:49:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Desktop\Hipotonia_WIWP-Wspolnie_I_W_Porozumieniu-Bootleg-PL-2010-K1X [2013-03-09 15:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate [2013-03-08 17:25:14 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM [2013-03-08 17:25:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SweetIM [2013-03-08 17:24:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\jmdp [2013-03-08 17:24:49 | 000,632,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll [2013-03-08 17:24:49 | 000,554,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll [2013-03-08 17:24:49 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcm80.dll [2013-03-08 08:32:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Desktop\[BEST-TORRENTS.NET] Silent.Hill.Revelation.2012.PL.BDRip.XviD-BiDA [2013-03-06 22:25:14 | 000,000,000 | ---D | C] -- C:\Program Files\HyperCam 2 [2013-03-06 22:21:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{4D4614F2-505E-4B97-9272-D9EF2FBF7928} [2013-03-06 22:19:35 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro [2013-03-06 22:14:03 | 008,406,664 | ---- | C] (AutoIt Team) -- C:\Documents and Settings\Fcuk\Desktop\autoit-v3-setup.exe [2013-03-06 22:06:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew [2013-03-06 21:56:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\My Documents\AutomaticSolution Software [2013-03-06 21:55:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Fcuk\My Documents\My Videos [2013-03-05 21:54:48 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013-03-05 21:54:48 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013-03-05 21:54:38 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013-03-05 21:54:38 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013-03-05 21:54:37 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013-03-05 21:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013-03-05 17:37:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\My Documents\gothic3 [2013-03-01 06:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Application Data\PDF Architect [2013-02-28 06:58:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Application Data\Omerta [2013-02-28 06:58:22 | 000,444,952 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll [2013-02-28 06:58:22 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL [2013-02-28 06:58:21 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll [2013-02-28 06:57:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\GOG.com [2013-02-28 06:55:05 | 000,000,000 | ---D | C] -- C:\GOG Games [2013-02-25 05:14:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Application Data\BabSolution [2013-02-23 19:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady [2013-02-23 17:13:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Local Settings\Application Data\Downloaded Installations [2013-02-23 17:11:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Application Data\ipla [2013-02-23 17:11:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ipla [2013-02-23 17:10:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack [2013-02-23 17:10:48 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2013-02-23 17:10:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight [2013-02-23 17:10:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ipla [2013-02-23 17:10:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RDRM [2013-02-23 17:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2013-02-23 17:09:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Start Menu\Programs\BrowserProtect [2013-02-23 17:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013-02-23 17:09:10 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll [2013-02-23 17:08:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BrowserProtect [2013-02-23 17:08:26 | 000,000,000 | ---D | C] -- C:\Program Files\Delta [2013-02-23 17:08:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Application Data\Delta [2013-02-23 17:07:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon [2013-02-23 17:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Application Data\Babylon [2013-02-23 12:38:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll [2013-02-23 12:37:59 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll [2013-02-23 11:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DigitalZone [2013-02-22 18:17:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Application Data\Syntrillium [2013-02-22 18:17:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Cool Edit Pro 2.1 [2013-02-22 18:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Toolbar [2013-02-22 18:06:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Winamp Toolbar [2013-02-22 18:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility [2013-02-22 18:05:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Winamp [2013-02-22 18:04:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Start Menu\Programs\Detektor Winampa [2013-02-22 18:03:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages [2013-02-22 18:02:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ReviverSoft [2013-02-22 18:02:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ReviverSoft [2013-02-22 18:02:32 | 000,123,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe [2013-02-22 18:02:32 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [2013-02-22 18:02:32 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [2013-02-22 18:02:31 | 000,133,616 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll [2013-02-22 18:02:31 | 000,126,448 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe [2013-02-22 18:02:31 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe [2013-02-22 18:02:31 | 000,068,592 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe [2013-02-22 18:02:31 | 000,068,080 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe [2013-02-22 18:02:30 | 002,095,600 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll [2013-02-22 18:02:30 | 000,571,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll [2013-02-22 18:02:30 | 000,059,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwma.dll [2013-02-22 18:02:29 | 000,440,816 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll [2013-02-22 18:02:29 | 000,100,848 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll [2013-02-22 18:02:28 | 000,698,864 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll [2013-02-22 18:02:28 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll [2013-02-22 18:02:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fcuk\Application Data\Winamp [2013-02-22 07:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TopGun - Hardlock [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013-03-22 14:52:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-03-22 11:14:19 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\Fcuk\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-03-22 10:55:29 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2013-03-22 09:59:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-03-22 07:41:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\BrowserProtect.job [2013-03-22 07:40:15 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-03-22 07:36:12 | 000,000,320 | ---- | M] () -- C:\WINDOWS\tasks\Start Registry Reviver for FCUCZOLA-16D135@Fcuk(logon).job [2013-03-22 07:34:39 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013-03-22 07:25:47 | 000,196,608 | ---- | M] () -- C:\WINDOWS\System32\drivers\nStandard.bin [2013-03-22 06:45:03 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-03-18 09:54:50 | 000,000,223 | RHS- | M] () -- C:\boot.ini [2013-03-18 09:23:29 | 000,000,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2013-03-18 08:26:52 | 001,079,188 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2013-03-18 08:26:52 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2013-03-18 08:26:48 | 001,079,188 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2013-03-18 08:26:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk [2013-03-18 08:23:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013-03-17 13:16:43 | 000,176,456 | ---- | M] () -- C:\Documents and Settings\Fcuk\Desktop\Wysoki 2.jpg [2013-03-17 13:16:02 | 000,217,799 | ---- | M] () -- C:\Documents and Settings\Fcuk\Desktop\Wysoki 1.jpg [2013-03-16 08:54:31 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2013-03-14 10:08:59 | 000,000,982 | ---- | M] () -- C:\Documents and Settings\Fcuk\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk [2013-03-14 10:08:59 | 000,000,982 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk [2013-03-14 10:07:36 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2013-03-13 17:41:43 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-03-13 17:41:43 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-03-13 17:41:37 | 016,486,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2013-03-09 15:48:52 | 147,277,409 | ---- | M] () -- C:\Documents and Settings\Fcuk\Desktop\Hipotonia_WIWP-Wspolnie_I_W_Porozumieniu-Bootleg-PL-2010-K1X.rar [2013-03-08 21:51:37 | 000,000,476 | ---- | M] () -- C:\Documents and Settings\Fcuk\Desktop\Shortcut to SnapTimer.lnk [2013-03-06 22:25:16 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\Fcuk\Desktop\HyperCam 2.lnk [2013-03-06 22:21:27 | 000,000,980 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FixMyRegistry.lnk [2013-03-06 22:21:06 | 000,000,114 | ---- | M] () -- C:\Documents and Settings\Fcuk\SciTE.session [2013-03-06 22:18:43 | 000,158,144 | ---- | M] () -- C:\Documents and Settings\Fcuk\Desktop\HC2Setup.exe [2013-03-06 22:14:23 | 008,406,664 | ---- | M] (AutoIt Team) -- C:\Documents and Settings\Fcuk\Desktop\autoit-v3-setup.exe [2013-03-06 22:12:23 | 000,874,192 | ---- | M] ( ) -- C:\Documents and Settings\Fcuk\Desktop\AutoIt_v3.3.8.1.exe [2013-03-06 22:06:02 | 000,430,184 | ---- | M] () -- C:\Documents and Settings\Fcuk\Desktop\HyperCam(12897).exe [2013-03-05 21:54:26 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2013-03-05 21:54:26 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013-03-05 21:54:26 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013-03-05 21:54:26 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013-03-05 21:54:26 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013-03-05 21:54:26 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013-03-05 21:54:26 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013-03-05 17:33:24 | 000,000,468 | ---- | M] () -- C:\Documents and Settings\Fcuk\Desktop\Gothic III.lnk [2013-03-01 06:17:02 | 000,210,507 | ---- | M] () -- C:\Documents and Settings\Fcuk\Desktop\Plan Lekci II TA.pdf [2013-02-28 09:43:33 | 003,989,768 | ---- | M] () -- C:\Documents and Settings\Fcuk\Desktop\OmertaCityOfGangsters.rar [2013-02-28 06:58:22 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll [2013-02-28 06:58:21 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll [2013-02-28 06:57:42 | 000,001,648 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Omerta - City of Gangsters.lnk [2013-02-28 06:35:42 | 000,000,671 | ---- | M] () -- C:\Documents and Settings\Fcuk\Desktop\Left4Dead.lnk [2013-02-27 12:24:40 | 001,013,552 | ---- | M] () -- C:\WINDOWS\System32\dmwu.exe [2013-02-27 12:21:38 | 000,028,160 | ---- | M] () -- C:\WINDOWS\System32\ImHttpComm.dll [2013-02-25 05:14:12 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\EPUpdater.job [2013-02-25 05:13:42 | 000,009,808 | ---- | M] () -- C:\Documents and Settings\Fcuk\Application Data\BabMaint.exe [2013-02-23 17:09:11 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll [2013-02-23 12:44:55 | 000,000,496 | ---- | M] () -- C:\Documents and Settings\Fcuk\Desktop\Counter-Strike 1.6.lnk [2013-02-22 18:17:29 | 000,000,468 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Cool Edit Pro 2.1.lnk [2013-02-22 18:05:30 | 000,000,448 | ---- | M] () -- C:\Documents and Settings\Fcuk\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk [2013-02-22 18:05:30 | 000,000,448 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Winamp.lnk [2013-02-22 18:02:53 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\Fcuk\Application Data\Microsoft\Internet Explorer\Quick Launch\Registry Reviver.lnk [2013-02-22 07:17:00 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Launch TopGun.lnk [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013-03-22 07:48:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2013-03-22 07:35:12 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\BrowserProtect.job [2013-03-18 09:23:29 | 000,000,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2013-03-18 08:26:49 | 001,079,188 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2013-03-18 08:26:48 | 001,079,188 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2013-03-18 08:26:48 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2013-03-18 08:26:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk [2013-03-18 08:26:30 | 002,287,232 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2013-03-18 08:26:30 | 000,016,514 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb [2013-03-17 13:16:40 | 000,176,456 | ---- | C] () -- C:\Documents and Settings\Fcuk\Desktop\Wysoki 2.jpg [2013-03-17 13:15:58 | 000,217,799 | ---- | C] () -- C:\Documents and Settings\Fcuk\Desktop\Wysoki 1.jpg [2013-03-14 14:03:43 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2013-03-14 10:08:59 | 000,000,982 | ---- | C] () -- C:\Documents and Settings\Fcuk\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk [2013-03-14 10:08:59 | 000,000,982 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk [2013-03-13 05:49:32 | 002,889,568 | ---- | C] () -- C:\Documents and Settings\Fcuk\Desktop\LanguageSetup.exe [2013-03-09 15:22:50 | 147,277,409 | ---- | C] () -- C:\Documents and Settings\Fcuk\Desktop\Hipotonia_WIWP-Wspolnie_I_W_Porozumieniu-Bootleg-PL-2010-K1X.rar [2013-03-08 21:51:07 | 000,000,476 | ---- | C] () -- C:\Documents and Settings\Fcuk\Desktop\Shortcut to SnapTimer.lnk [2013-03-08 17:24:48 | 001,013,552 | ---- | C] () -- C:\WINDOWS\System32\dmwu.exe [2013-03-08 17:24:48 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ImHttpComm.dll [2013-03-06 22:25:16 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\Fcuk\Desktop\HyperCam 2.lnk [2013-03-06 22:21:27 | 000,000,980 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FixMyRegistry.lnk [2013-03-06 22:21:06 | 000,000,114 | ---- | C] () -- C:\Documents and Settings\Fcuk\SciTE.session [2013-03-06 22:18:40 | 000,158,144 | ---- | C] () -- C:\Documents and Settings\Fcuk\Desktop\HC2Setup.exe [2013-03-06 22:12:22 | 000,874,192 | ---- | C] ( ) -- C:\Documents and Settings\Fcuk\Desktop\AutoIt_v3.3.8.1.exe [2013-03-06 22:06:02 | 000,430,184 | ---- | C] () -- C:\Documents and Settings\Fcuk\Desktop\HyperCam(12897).exe [2013-03-05 17:33:24 | 000,000,468 | ---- | C] () -- C:\Documents and Settings\Fcuk\Desktop\Gothic III.lnk [2013-03-01 06:17:00 | 000,210,507 | ---- | C] () -- C:\Documents and Settings\Fcuk\Desktop\Plan Lekci II TA.pdf [2013-02-28 09:42:27 | 003,989,768 | ---- | C] () -- C:\Documents and Settings\Fcuk\Desktop\OmertaCityOfGangsters.rar [2013-02-28 06:57:42 | 000,001,648 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Omerta - City of Gangsters.lnk [2013-02-28 06:35:41 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Fcuk\Desktop\Left4Dead.lnk [2013-02-25 05:14:12 | 000,000,230 | ---- | C] () -- C:\WINDOWS\tasks\EPUpdater.job [2013-02-25 05:14:11 | 000,009,808 | ---- | C] () -- C:\Documents and Settings\Fcuk\Application Data\BabMaint.exe [2013-02-23 17:10:49 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2013-02-23 12:44:55 | 000,000,496 | ---- | C] () -- C:\Documents and Settings\Fcuk\Desktop\Counter-Strike 1.6.lnk [2013-02-22 18:17:29 | 000,000,468 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Cool Edit Pro 2.1.lnk [2013-02-22 18:05:30 | 000,000,448 | ---- | C] () -- C:\Documents and Settings\Fcuk\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk [2013-02-22 18:05:30 | 000,000,448 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Winamp.lnk [2013-02-22 18:03:02 | 000,000,320 | ---- | C] () -- C:\WINDOWS\tasks\Start Registry Reviver for FCUCZOLA-16D135@Fcuk(logon).job [2013-02-22 18:02:53 | 000,000,921 | ---- | C] () -- C:\Documents and Settings\Fcuk\Application Data\Microsoft\Internet Explorer\Quick Launch\Registry Reviver.lnk [2013-02-22 07:17:00 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Launch TopGun.lnk [2013-02-19 06:26:52 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2013-02-19 06:26:52 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2013-02-19 06:26:52 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2013-02-18 03:31:48 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2013-02-17 13:02:11 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2013-02-15 13:37:39 | 000,451,072 | ---- | C] () -- C:\WINDOWS\uninstall.exe [2013-02-15 13:34:07 | 000,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2013-02-15 13:34:06 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2013-02-13 19:17:45 | 000,643,142 | ---- | C] () -- C:\WINDOWS\aticlocklib.dll [2013-02-13 19:17:45 | 000,110,592 | ---- | C] () -- C:\WINDOWS\R5ClkLib.dll [2013-02-13 19:17:45 | 000,020,480 | ---- | C] () -- C:\WINDOWS\HyperDrive.exe [2013-02-13 19:17:44 | 000,196,653 | ---- | C] () -- C:\WINDOWS\System32\drivers\aVivid.bin [2013-02-13 19:17:44 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nVivid.bin [2013-02-13 19:17:44 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nStandard.bin [2013-02-13 19:17:44 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nAsmedia.bin [2013-02-13 19:17:44 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nAdvanced.bin [2013-02-13 19:17:44 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\aAdvanced.bin [2013-02-13 19:17:44 | 000,196,582 | ---- | C] () -- C:\WINDOWS\System32\drivers\aStandard.bin [2013-02-13 19:17:44 | 000,196,582 | ---- | C] () -- C:\WINDOWS\System32\drivers\aAsmedia.bin [2013-02-13 19:17:44 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2013-02-13 19:17:44 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll [2013-02-13 19:17:44 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll [2013-02-13 19:17:44 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll [2013-02-13 19:17:44 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll [2013-02-13 19:17:44 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll [2013-02-13 19:17:44 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll [2013-02-13 19:17:44 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll [2013-02-13 19:17:44 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini [2013-02-13 19:17:43 | 000,644,608 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2013-02-13 19:17:43 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll [2013-02-13 19:08:24 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2013-02-13 19:08:22 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll [2013-02-13 19:08:22 | 000,012,664 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys [2013-02-13 19:08:20 | 000,012,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys [2013-02-13 19:08:20 | 000,010,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys [2013-02-13 10:11:08 | 000,034,304 | ---- | C] () -- C:\Documents and Settings\Fcuk\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-02-12 22:46:51 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2013-02-12 22:45:31 | 000,098,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-02-12 21:55:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2013-02-12 21:50:01 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2012-11-14 21:25:16 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\msvcrt10.dll [2012-11-14 21:24:58 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\FontReg.exe [2012-11-14 21:24:58 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll ========== ZeroAccess Check ========== [2013-02-18 03:28:12 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2012-11-14 21:24:02 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2012-11-14 21:23:02 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 12:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >