OTL logfile created on: 2014-07-17 04:57:22 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Pobrane Pliki
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,99 Gb Total Physical Memory | 1,05 Gb Available Physical Memory | 35,06% Memory free
5,98 Gb Paging File | 2,12 Gb Available in Paging File | 35,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 75,04 Gb Total Space | 21,08 Gb Free Space | 28,09% Space Free | Partition Type: NTFS
Drive D: | 390,62 Gb Total Space | 90,53 Gb Free Space | 23,18% Space Free | Partition Type: NTFS
 
Computer Name: CZAREK-KOMPUTER | User Name: Czarek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014-07-16 21:43:57 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Users\Czarek\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
PRC - [2014-07-16 02:36:42 | 006,162,488 | ---- | M] (Spotify Ltd) -- C:\Users\Czarek\AppData\Roaming\Spotify\spotify.exe
PRC - [2014-07-16 02:36:42 | 001,178,168 | ---- | M] (Spotify Ltd) -- C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014-07-16 02:36:41 | 000,601,144 | ---- | M] () -- C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
PRC - [2014-05-22 17:48:18 | 000,061,688 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
PRC - [2014-05-06 14:26:35 | 000,038,136 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe
PRC - [2014-05-06 14:26:35 | 000,037,624 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
PRC - [2014-05-05 02:17:37 | 000,141,560 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2014-01-08 13:20:18 | 004,413,216 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe
PRC - [2013-12-27 16:49:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Pobrane Pliki\OTL.exe
PRC - [2013-12-21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013-12-18 17:55:24 | 002,285,344 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
PRC - [2013-12-11 19:52:06 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013-12-11 19:52:04 | 001,564,528 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2013-12-09 15:01:58 | 000,881,440 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
PRC - [2013-12-03 16:10:24 | 000,775,968 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
PRC - [2013-10-25 12:07:38 | 001,120,032 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 7\RealTimeProtector.exe
PRC - [2013-10-24 00:39:14 | 001,017,224 | ---- | M] (Flux Software LLC) -- C:\Users\Czarek\AppData\Local\FluxSoftware\Flux\flux.exe
PRC - [2013-08-15 14:11:32 | 000,483,328 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2013-08-15 14:10:46 | 000,209,408 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2013-08-08 12:18:55 | 006,427,008 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
PRC - [2013-06-27 23:48:00 | 000,770,432 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
PRC - [2013-04-04 15:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013-04-04 15:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013-04-04 15:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012-11-23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012-05-22 17:36:13 | 004,942,336 | ---- | M] (FNet Co., Ltd.) -- C:\Program Files\XFastUsb\XFastUsb.exe
PRC - [2012-02-02 22:25:30 | 000,458,464 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe
PRC - [2011-11-10 11:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2011-10-25 18:13:21 | 000,079,360 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-25 21:31:10 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2010-07-28 12:23:14 | 001,493,608 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
PRC - [2009-07-20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009-07-08 15:32:50 | 001,233,195 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
PRC - [2009-05-04 19:05:04 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
PRC - [2009-02-23 05:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2014-07-16 21:43:57 | 000,697,884 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0428\~df394b.tmp
MOD - [2014-07-16 21:43:57 | 000,592,896 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0428\~de6248.tmp
MOD - [2014-07-16 02:36:42 | 036,966,968 | ---- | M] () -- C:\Users\Czarek\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2014-07-16 02:36:42 | 000,886,840 | ---- | M] () -- C:\Users\Czarek\AppData\Roaming\Spotify\Data\libglesv2.dll
MOD - [2014-07-16 02:36:41 | 000,867,896 | ---- | M] () -- C:\Users\Czarek\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
MOD - [2014-07-16 02:36:41 | 000,601,144 | ---- | M] () -- C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
MOD - [2014-07-16 02:36:41 | 000,108,600 | ---- | M] () -- C:\Users\Czarek\AppData\Roaming\Spotify\Data\libegl.dll
MOD - [2014-07-09 13:27:25 | 017,029,808 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_14_0_0_145.dll
MOD - [2014-07-08 08:18:04 | 014,663,856 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll
MOD - [2014-05-15 13:53:38 | 002,139,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\09f91a0daec3afe80e522585bd8578bc\Kies.ni.exe
MOD - [2014-05-15 13:53:21 | 000,225,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundat03490438#\93c8274951a67ead1d8aac9921fabd01\LOG.Foundation.Implementation.ni.dll
MOD - [2014-05-14 23:59:55 | 000,805,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\04824fdbd5dce32530ba44ae012e4fb9\System.Runtime.Remoting.ni.dll
MOD - [2014-05-14 01:40:54 | 000,414,536 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
MOD - [2014-05-14 01:40:50 | 004,217,672 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll
MOD - [2014-05-14 01:40:45 | 000,716,616 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
MOD - [2014-05-14 01:40:44 | 000,126,280 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Google\Chrome\Application\35.0.1916.114\libegl.dll
MOD - [2014-05-14 01:40:43 | 001,732,424 | ---- | M] () -- C:\Users\Czarek\AppData\Local\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
MOD - [2014-02-28 17:57:04 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
MOD - [2014-02-28 17:56:42 | 014,971,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\c94e1e76e67ad518b4310a539f072832\Kies.Theme.ni.dll
MOD - [2014-02-28 17:56:28 | 000,236,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\cffeb31975c17760187d713cf2d7934d\ASF_cSharpAPI.ni.dll
MOD - [2014-02-28 17:56:28 | 000,064,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\66e54b7bc2ea804b9d1ea35524181ae9\Kies.Common.AllShare.ni.dll
MOD - [2014-02-28 17:56:01 | 002,199,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common23b84511#\3db278141395a37f1e89b69d554998bb\Kies.Common.Multimedia.ni.dll
MOD - [2014-02-28 17:55:57 | 000,186,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\21871ce315d4257cfe2052454e583368\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2014-02-28 16:16:23 | 000,310,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\7ac978a5cfffa4d6e9bae239aafe62d5\Kies.Common.Util.ni.dll
MOD - [2014-02-28 16:16:22 | 001,702,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\a939a4fe7890e6346d81511556e7c926\Kies.Locale.ni.dll
MOD - [2014-02-28 16:16:22 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\8375369d3ac9c732c2ec8f6b5c9f2bb8\Kies.MVVM.ni.dll
MOD - [2014-02-28 16:16:21 | 001,842,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\0107366ee1ddeb3e9873c6fac6344bc1\Kies.UI.ni.dll
MOD - [2014-02-28 16:16:19 | 001,251,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\72fa0622f70e7ec16a34ff7d4dc7a65a\Kies.Interface.ni.dll
MOD - [2014-02-28 16:16:11 | 000,230,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ResourceMan446ca0e5#\551aca184146bc2ef4f8b2baa96c953f\ResourceManagement.Foundation.Implementation.ni.dll
MOD - [2014-02-28 16:16:10 | 000,318,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MOM.Implementation\3eaab808dcdf2ff3ed45ef2272307015\MOM.Implementation.ni.dll
MOD - [2014-02-28 16:16:09 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MOM\da85a98972df6395fca1a7fc73250854\MOM.ni.exe
MOD - [2014-02-28 16:16:03 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0812\60d818e0d4ed8f1d94f5f4e7d91b8fbe\DEM.Graphics.I0812.ni.dll
MOD - [2014-02-28 16:16:03 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0805\1c870907d55a41d0e14a46896d8f5444\DEM.Graphics.I0805.ni.dll
MOD - [2014-02-28 16:16:01 | 000,050,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundat60cdf5df#\ed9ceb9aeabe463281a49adb704b0e02\CLI.Foundation.XManifest.ni.dll
MOD - [2014-02-28 16:16:00 | 000,797,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone26c9c557#\1ce2a67036956929daa61bd794e2a23f\CLI.Component.Systemtray.ni.dll
MOD - [2014-02-28 16:15:59 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.73911eb5#\dbf59330dbc547a1615653490dcb1899\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
MOD - [2014-02-28 16:15:57 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone6692ca50#\fb3b4100ab0cb6adcab618827e852c2e\CLI.Component.Runtime.ni.dll
MOD - [2014-02-28 16:15:57 | 000,095,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ATICCCom\111754c983194e1b7b093be554cae021\ATICCCom.ni.dll
MOD - [2014-02-28 16:15:57 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componeb4d0485c#\9bc80f245dc839ec12dff2e1364979d3\CLI.Component.Runtime.Extension.EEU.ni.dll
MOD - [2014-02-28 16:15:51 | 000,150,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone29e547cc#\91ada40396ea548f7c1668b5543ab9e6\CLI.Component.Dashboard.ProfileManager2.ni.dll
MOD - [2014-02-28 16:15:49 | 000,760,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone6bf88b08#\2695edda496d24262bf0b8aae87d8b64\CLI.Component.Dashboard.ni.dll
MOD - [2014-02-28 16:15:47 | 000,765,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Combine7332395e#\b62e3d109bd2af6acac3390f512dc53f\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
MOD - [2014-02-28 16:15:47 | 000,145,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Combine930f827b#\a36f0ba18f443c1688ee1aa2a6176160\CLI.Combined.HydraVision.Aspects.Runtime.ni.dll
MOD - [2014-02-28 16:15:47 | 000,038,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.382a3def#\853aec558dea31617e5233b6991d56df\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
MOD - [2014-02-28 16:15:47 | 000,015,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0703\bc2533895dbfd6f5423d8ce63a3fe014\DEM.Graphics.I0703.ni.dll
MOD - [2014-02-28 16:15:45 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Combine0616f305#\b03be8c2b753f39e29e70a4e13cea756\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
MOD - [2014-02-28 16:15:41 | 000,038,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Pdb36d56e#\1538169675dda15d52233f4f846c8477\CLI.Caste.Platform.Runtime.ni.dll
MOD - [2014-02-28 16:15:40 | 000,026,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Pac40511b#\4d2e23f87d6d6c567423a26c2764abb2\CLI.Caste.Platform.Shared.ni.dll
MOD - [2014-02-28 16:15:40 | 000,023,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Pfeefa2b6#\7d875e6acddbcd45434a2c7a1153ceb8\CLI.Caste.Platform.Dashboard.ni.dll
MOD - [2014-02-28 16:15:39 | 000,040,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.H18c99613#\979d66721f40f54e8f53f939b34c2630\CLI.Caste.HydraVision.Runtime.ni.dll
MOD - [2014-02-28 16:15:39 | 000,026,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.H92ba4e46#\f4c2e12101d2a116a13c27285638ba61\CLI.Caste.HydraVision.Shared.ni.dll
MOD - [2014-02-28 16:15:39 | 000,025,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Hbb906c0b#\cb89182cb7f013b0e1d280765f9e07f5\CLI.Caste.HydraVision.Dashboard.ni.dll
MOD - [2014-02-28 16:15:38 | 000,027,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I1010\3a88b9ed73f7415cc54004af89002cf8\DEM.Graphics.I1010.ni.dll
MOD - [2014-02-28 16:15:38 | 000,012,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0906\d3b8d75bb334afa0a2019c4d0139f562\DEM.Graphics.I0906.ni.dll
MOD - [2014-02-28 16:15:37 | 002,189,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.G962aa464#\93ef5755734b9753510e68b4ecb73196\CLI.Caste.Graphics.Runtime.ni.dll
MOD - [2014-02-28 16:15:35 | 000,033,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Fuel.Foundation\d3e067eb63b25cf92011254f3ff11dc8\Fuel.Foundation.ni.dll
MOD - [2014-02-28 16:15:34 | 000,239,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.F36b07a2b#\8ffb93a186db3a55c4d4cdaee5720783\CLI.Caste.Fuel.Runtime.ni.dll
MOD - [2014-02-28 16:15:34 | 000,026,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Ff3085433#\f81ed4acc5c71c4345c91774da23073c\CLI.Caste.Fuel.Dashboard.ni.dll
MOD - [2014-02-28 16:15:33 | 000,047,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.A4.Runtime\1c99fe21fdab056ac653c9c590c90fbe\CLI.Caste.A4.Runtime.ni.dll
MOD - [2014-02-28 16:15:33 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Af820fedc#\7004eda68b7c08aaa454763999f281b4\CLI.Caste.A4.Dashboard.ni.dll
MOD - [2014-02-28 16:15:26 | 000,090,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.3a6f1658#\28b3a655e8e3863bb7172c4cd33f2990\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
MOD - [2014-02-28 16:15:26 | 000,041,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.ef3eaa4d#\8715a92372239b95e822e4ba9f2a14a4\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
MOD - [2014-02-28 16:15:25 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.4bbb0755#\f2bec14cebf368fd0fe257f2516d8bc5\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
MOD - [2014-02-28 16:15:25 | 000,048,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.fdcb645d#\d50c22341571f94d5048cd2173f95efc\CLI.Aspect.Settings.HydraVision.Shared.ni.dll
MOD - [2014-02-28 16:15:21 | 003,181,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.e9fd7406#\4c62a9525e9faadcfa74046c36caee1d\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
MOD - [2014-02-28 16:15:21 | 000,570,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.8d333b6b#\c2965c6a8d4853ba7b5b5a61d16ea85b\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
MOD - [2014-02-28 16:15:13 | 000,253,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.c7aaa0f8#\039d83f66244563b1a7eb002bb4b9068\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
MOD - [2014-02-28 16:15:13 | 000,219,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.87ad5c75#\e5a616f0083b75b39bb78a71e796aaa6\CLI.Aspect.OverDrive5.Graphics.Dashboard.ni.dll
MOD - [2014-02-28 16:15:09 | 000,518,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.846fa813#\950e0e8013d18d79de7bffcca0ce5e2b\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
MOD - [2014-02-28 16:15:09 | 000,044,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.dd2ab3e8#\8a66979abe23a9309a412da122ad7939\CLI.Aspect.MultiDesk.HydraVision.Shared.ni.dll
MOD - [2014-02-28 16:15:08 | 000,035,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.5432938c#\1995e165687306ea94bdd4dc5ec734ee\CLI.Aspect.MDProp.HydraVision.Shared.ni.dll
MOD - [2014-02-28 16:15:07 | 000,212,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.e8635fc7#\073aec70696859e4c8ee3f197f135500\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
MOD - [2014-02-28 16:15:07 | 000,034,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.bdcffe00#\2a36da584e8296debae1a188d40a7909\CLI.Aspect.Grid.HydraVision.Shared.ni.dll
MOD - [2014-02-28 16:15:02 | 000,062,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0709\7c8ab23afe178b7a954d57f51307fd8c\DEM.Graphics.I0709.ni.dll
MOD - [2014-02-28 16:15:02 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.G60338cc0#\5f025e91b2422bbea7f4181885957c31\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
MOD - [2014-02-28 16:14:59 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.b0a7c1fb#\ad027a39ccf4c28e4fb6e3e815245719\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
MOD - [2014-02-28 16:14:58 | 000,072,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.ae5e117c#\97248c59529de0b45dfdfc57260b9cac\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
MOD - [2014-02-28 16:14:57 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.9b707b25#\675c6c0e634f9caebe20aee9d11dbfdd\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
MOD - [2014-02-28 16:14:57 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0804\60cead97feee056d6e0a233d89bf00a9\DEM.Graphics.I0804.ni.dll
MOD - [2014-02-28 16:14:57 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0912\59f894040c7818787d36bd03cfc62c54\DEM.Graphics.I0912.ni.dll
MOD - [2014-02-28 16:14:57 | 000,012,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0706\b66e32cba5cbf7c2677b9cfd349c1e64\DEM.Graphics.I0706.ni.dll
MOD - [2014-02-28 16:14:57 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0712\70b451b9b94bdfa942ba0b3fc34b9402\DEM.Graphics.I0712.ni.dll
MOD - [2014-02-28 16:14:55 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.aa59351a#\b8eb319a6e927c84d2f7098eb510a9e5\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
MOD - [2014-02-28 16:14:55 | 000,195,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.eda8935e#\f3f3d1487caa1ec5631139e94c590913\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
MOD - [2014-02-28 16:14:54 | 000,654,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.e6d9f3a8#\4d1d1c5ccb123fdabfda8235f48091cd\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
MOD - [2014-02-28 16:14:52 | 000,041,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.20568423#\b0b842061793540b3fad6cf3c42ab954\CLI.Aspect.DeskMan.HydraVision.Shared.ni.dll
MOD - [2014-02-28 16:14:50 | 000,439,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.8e996306#\b35fab10f72cd0fe58d7e8ae2b732780\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
MOD - [2014-02-28 16:14:50 | 000,017,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.c854b457#\fd5198b0012805752c503aaa6cdd7641\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
MOD - [2014-02-28 16:14:49 | 000,038,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.F24de14fe#\b513f73f5a7976a581fa8d950b18bb0c\CLI.Caste.Fuel.Shared.ni.dll
MOD - [2014-02-28 16:14:47 | 000,387,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Gee7d2dbc#\e4cddcc9cb340bf6e98afc76c8a68d74\CLI.Caste.Graphics.Dashboard.ni.dll
MOD - [2014-02-28 16:14:47 | 000,166,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.4542c692#\29fb1d6d86b9958a65921f6a77f1262a\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
MOD - [2014-02-28 16:14:47 | 000,115,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.a0ae52bc#\cc1d2a4eee87c0865fa421563ad34d08\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
MOD - [2014-02-28 16:14:47 | 000,024,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.37d3d968#\6680e77607a14d82b6e5771f7f83c9f9\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
MOD - [2014-02-28 16:14:46 | 000,364,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.acb9d930#\5b1df76a1599f9c76a9cfa512936410c\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
MOD - [2014-02-28 16:14:46 | 000,230,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.7ec2db45#\7f8da2f93b0cc4b59de3016fca7e0b34\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
MOD - [2014-02-28 16:14:45 | 001,456,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Gd9d9b43b#\0e2b3044c3040c5261fe4f724755b9da\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
MOD - [2014-02-28 16:14:45 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.3399d0ec#\4f44f0bb30a184cf8565065c01abbf12\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
MOD - [2014-02-28 16:14:45 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.ec8786e5#\95f09b7a24f85e8dcfc409d3ced53393\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
MOD - [2014-02-28 16:14:44 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone59f353b4#\abd90a32fd1ad75bc5f7eb986871454b\CLI.Component.Runtime.Shared.Private.ni.dll
MOD - [2014-02-28 16:14:43 | 001,953,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Wfbf9373c#\590f9f87c77c59ae3aac77be86fe5d3c\Microsoft.WindowsAPICodePack.Shell.ni.dll
MOD - [2014-02-28 16:14:43 | 000,038,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.A4.Shared\cbc8cb932e3b33c95f4f722b0f9ee88f\CLI.Caste.A4.Shared.ni.dll
MOD - [2014-02-28 16:14:41 | 000,270,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.W8090224c#\4f1eff65cad89efae28594a0a6d1ea4f\Microsoft.WindowsAPICodePack.ni.dll
MOD - [2014-02-28 16:14:41 | 000,260,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\1ab52f8951c2ab97592ec25830dd5165\WindowsFormsIntegration.ni.dll
MOD - [2014-02-28 16:14:40 | 000,754,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundatd3771151#\3ca23737487bb7ae24f29517f4839074\CLI.Foundation.Client.ni.dll
MOD - [2014-02-28 16:14:39 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone168638d1#\6911e2ee49690c144d63652e4e82e7c7\CLI.Component.Client.Shared.Private.ni.dll
MOD - [2014-02-28 16:14:39 | 000,071,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componef4cf054f#\bb9e41401c36fa10a0df2d547f872581\CLI.Component.Dashboard.Shared.ni.dll
MOD - [2014-02-28 16:14:39 | 000,023,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ResourceManf163905a#\870bdd03df9b1c5dcdcbdcbde870ca5a\ResourceManagement.Foundation.Private.ni.dll
MOD - [2014-02-28 16:14:39 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componef1fd67b2#\e3bf5e78486626d014e7f815556e7187\CLI.Component.Client.Shared.ni.dll
MOD - [2014-02-28 16:14:35 | 001,566,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componec89c3bec#\2f762e2b9c0be84062177fb3104703b6\CLI.Component.Dashboard.Shared.Private.ni.dll
MOD - [2014-02-28 16:14:32 | 000,155,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CCC.Implementation\3dab6d2a1a19cfaa4f3ecb529d4e8593\CCC.Implementation.ni.dll
MOD - [2014-02-28 16:14:32 | 000,065,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundatcaafa75b#\15ae4cd7cfc8b0d391fc1af7cc8316a9\LOG.Foundation.Implementation.Private.ni.dll
MOD - [2014-02-28 16:14:32 | 000,018,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CCC\d8ae649364dd4f9813b3ac8234310e0f\CCC.ni.exe
MOD - [2014-02-28 16:14:32 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MOM.Foundation\714bf92d6554f40bd097473cfbd935b6\MOM.Foundation.ni.dll
MOD - [2014-02-28 16:14:31 | 001,765,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.G60a7b4d1#\6853eeafa7c42aa42ddaae712aed6741\CLI.Caste.Graphics.Shared.ni.dll
MOD - [2014-02-28 16:14:30 | 000,868,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Localizatio01dbc1c0#\c29b6fa530fd4fdc4e0e76a287eaf3ab\Localization.Foundation.Private.ni.dll
MOD - [2014-02-28 16:14:30 | 000,208,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\APM.Server\286a973643927f8a3013d1d90c0cdca9\APM.Server.ni.dll
MOD - [2014-02-28 16:14:30 | 000,076,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundat3d5d3945#\c72cd7b1566121681d49feb04d348f17\CLI.Foundation.Private.ni.dll
MOD - [2014-02-28 16:14:29 | 000,047,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\APM.Foundation\f453e8c9410d9b90c7ac5b38e9f38921\APM.Foundation.ni.dll
MOD - [2014-02-28 16:14:27 | 000,199,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Server\332282eb2ede362e40eeee400099f1c5\AEM.Server.ni.dll
MOD - [2014-02-28 16:14:26 | 000,243,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundation\f56ea2ad1670d53314e6f89872b76910\CLI.Foundation.ni.dll
MOD - [2014-02-28 16:14:26 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundat619559bd#\41f9ef94d46b131320f4fb9ce4f317c6\CLI.Foundation.CoreAudioAPI.ni.dll
MOD - [2014-02-28 16:14:26 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.674d2b8a#\f72c493b55b2228ddbfc4248ba5b38e2\AEM.Plugin.WinMessages.Shared.ni.dll
MOD - [2014-02-28 16:14:26 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone1b4a8c97#\ba5754d9489684590ca79995356e9cd1\CLI.Component.Runtime.Shared.ni.dll
MOD - [2014-02-28 16:14:25 | 000,224,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.5d945b6b#\032b48b5cf60dc7a16b68bf4a6e90a03\AEM.Plugin.Source.Kit.Server.ni.dll
MOD - [2014-02-28 16:14:24 | 000,021,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Foundation\487fb81cb4402f312d5d45f064aed646\DEM.Foundation.ni.dll
MOD - [2014-02-28 16:14:24 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics\bf3dbc612b09c814fef607c7173ab552\DEM.Graphics.ni.dll
MOD - [2014-02-28 16:14:23 | 000,091,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0601\1075b957552826cb33fe8f6faa682031\DEM.Graphics.I0601.ni.dll
MOD - [2014-02-28 16:14:22 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Server.Shared\0ec6099ada002a8c2070f550f93d6ee9\AEM.Server.Shared.ni.dll
MOD - [2014-02-28 16:14:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.2b6a6775#\09a4c53c4b034236a888e61ed5e16540\AEM.Plugin.Hotkeys.Shared.ni.dll
MOD - [2014-02-28 16:14:21 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.88aba5d2#\844c0881f66b64b8799f09498f7311db\AEM.Plugin.REG.Shared.ni.dll
MOD - [2014-02-28 16:14:20 | 000,012,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.0a1309f7#\b975632de9ae2cd651eeeae4786a56c6\AEM.Plugin.EEU.Shared.ni.dll
MOD - [2014-02-28 16:14:20 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.GD.Shared\b090e7ce5db1f15422b283965313eeb0\AEM.Plugin.GD.Shared.ni.dll
MOD - [2014-02-28 16:14:19 | 000,614,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ADL.Foundation\b5aaa82007d4a92913833340c6668817\ADL.Foundation.ni.dll
MOD - [2014-02-28 16:14:19 | 000,046,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\NEWAEM.Foundation\79787a80ee45d14e38c1ffa437d9026d\NEWAEM.Foundation.ni.dll
MOD - [2014-02-28 16:14:19 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Actions5dc83b46#\5b2eb0b8a54dee28623de996041eae19\AEM.Actions.CCAA.Shared.ni.dll
MOD - [2014-02-28 16:14:18 | 000,098,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundation\9c0149c066f2ba660c48f6499ac87dd5\LOG.Foundation.ni.dll
MOD - [2014-02-28 16:14:17 | 000,117,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundat5023f8e7#\3f2296fa9bb61985c8f5763d5f4583f7\LOG.Foundation.Private.ni.dll
MOD - [2014-02-28 16:14:17 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\A4.Foundation\9574a177200d780180eeed32fbb207d3\A4.Foundation.ni.dll
MOD - [2014-02-27 22:19:40 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014-02-27 22:19:40 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\f4354d6580fbb745c0c8acba382a7b84\System.ServiceProcess.ni.dll
MOD - [2014-02-27 22:19:39 | 013,620,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\921861ef36355e6f12a981a188f99b8a\System.Web.ni.dll
MOD - [2014-02-27 22:19:35 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014-02-27 22:19:35 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014-02-27 22:19:31 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014-02-27 22:19:30 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014-02-27 22:19:27 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014-02-27 22:19:27 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014-02-27 22:19:26 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014-02-27 22:19:26 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014-02-27 22:19:24 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014-02-27 22:19:23 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014-02-27 22:19:19 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2013-12-02 19:06:40 | 001,281,312 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 7\Scan.dll
MOD - [2013-10-25 12:08:02 | 000,517,408 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 7\sqlite3.dll
MOD - [2013-10-25 12:07:38 | 001,120,032 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 7\RealTimeProtector.exe
MOD - [2013-01-15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 7\madexcept_.bpl
MOD - [2013-01-15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 7\maddisAsm_.bpl
MOD - [2013-01-15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 7\madbasic_.bpl
MOD - [2013-01-15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 7\webres.dll
MOD - [2011-02-28 22:42:14 | 000,652,800 | ---- | M] () -- C:\Program Files\IZArc\IZArcCM.dll
MOD - [2010-11-25 21:30:38 | 000,090,112 | ---- | M] () -- C:\Program Files\ATI Technologies\HydraVision\hydraplk.dll
MOD - [2009-04-20 11:55:58 | 000,148,480 | ---- | M] () -- C:\Windows\System32\APOMngr.DLL
MOD - [2009-02-06 18:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\System32\CmdRtr.DLL
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2014-07-09 13:27:27 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-06-19 01:23:24 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014-05-22 17:48:18 | 000,061,688 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe -- (PandaAgent)
SRV - [2014-05-06 14:26:35 | 000,038,136 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe -- (PSUAService)
SRV - [2014-05-05 02:17:37 | 000,141,560 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2013-12-21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013-12-09 15:01:58 | 000,881,440 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
SRV - [2013-12-03 17:10:24 | 002,151,200 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-08-15 14:10:46 | 000,209,408 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013-07-11 17:53:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013-06-27 23:48:00 | 000,770,432 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2013-04-04 15:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013-04-04 15:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-02-02 22:25:30 | 000,458,464 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2011-10-26 20:45:16 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011-10-25 18:14:14 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011-10-25 18:13:45 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011-10-25 18:13:21 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe -- (Sound Blaster X-Fi MB Licensing Service)
SRV - [2009-07-20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-02-23 05:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008-12-22 11:52:16 | 000,104,944 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2007-05-31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\ghnloyb.sys -- (qibokemq)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Czarek\AppData\Local\Temp\kwrdapog.sys -- (kwrdapog)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (a81zfufe)
DRV - [2014-05-06 09:21:35 | 000,122,912 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2014-05-05 14:36:34 | 000,112,160 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2014-05-05 14:36:34 | 000,098,336 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINReg.sys -- (PSINReg)
DRV - [2014-05-05 02:21:22 | 000,166,432 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2014-05-05 02:20:59 | 000,137,760 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2014-05-05 02:20:59 | 000,103,456 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2014-05-02 16:42:33 | 000,243,872 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSStrm.sys -- (NNSSTRM)
DRV - [2014-05-02 16:42:33 | 000,096,928 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNStlsc.sys -- (NNSTLSC)
DRV - [2014-05-02 16:42:32 | 000,208,800 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSPrv.sys -- (NNSPRV)
DRV - [2014-05-02 16:42:32 | 000,109,856 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSSmtp.sys -- (NNSSMTP)
DRV - [2014-05-02 16:42:31 | 000,288,032 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSProt.sys -- (NNSPROT)
DRV - [2014-05-02 16:42:31 | 000,121,888 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSPop3.sys -- (NNSPOP3)
DRV - [2014-05-02 16:42:31 | 000,061,984 | ---- | M] (Panda Security, S.L.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\NNSPihsw.sys -- (NNSPIHSW)
DRV - [2014-05-02 16:42:30 | 000,096,160 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSpicc.sys -- (NNSPICC)
DRV - [2014-05-02 16:42:29 | 000,125,216 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSIds.sys -- (NNSIDS)
DRV - [2014-05-02 16:42:29 | 000,110,496 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSHttps.sys -- (NNSHTTPS)
DRV - [2014-05-02 16:42:28 | 000,166,816 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSHttp.sys -- (NNSHTTP)
DRV - [2014-05-02 16:42:28 | 000,088,992 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSAlpc.sys -- (NNSALPC)
DRV - [2014-03-25 15:15:08 | 000,048,736 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PSKMAD.sys -- (PSKMAD)
DRV - [2014-01-22 09:52:12 | 000,184,192 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2014-01-22 09:52:12 | 000,088,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013-08-15 15:07:54 | 011,037,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2013-08-15 13:38:44 | 000,495,104 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2013-07-05 10:40:32 | 000,078,848 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2013-04-04 15:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012-10-24 16:10:01 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012-10-24 16:10:01 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012-10-02 10:49:36 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2012-06-22 12:01:32 | 000,019,984 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\EsgScanner.sys -- (EsgScanner)
DRV - [2012-06-03 22:04:56 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-11-27 16:57:24 | 000,428,088 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011-11-14 20:01:17 | 000,029,248 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)
DRV - [2011-11-10 00:52:02 | 000,046,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2011-10-26 21:28:10 | 000,083,872 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011-10-26 21:28:10 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011-10-25 18:11:58 | 000,014,656 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX)
DRV - [2011-08-17 09:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011-05-06 16:57:10 | 000,013,904 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2011-02-08 07:30:51 | 000,052,352 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV - [2011-02-08 07:30:50 | 000,032,384 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EtronHub3.sys -- (EtronHub3)
DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-11-09 14:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2010-06-11 14:37:04 | 000,013,832 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV - [2009-07-14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\POBRANE PLIKI
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
IE - HKCU\..\SearchScopes\{39AAB8FE-CD26-4925-A003-E3207D5E940E}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{5D1B80C7-4EE2-4fad-AC00-87D50438DACC}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@IObit.com/np_Asc_Plugin: C:\Program Files\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll (IObit)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Czarek\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Czarek\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Czarek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
 
[2013-10-15 11:12:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Czarek\AppData\Roaming\mozilla\Extensions
[2013-10-08 18:04:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Dysk Google = C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\
CHR - Extension: YouTube = C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock Premium = C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj\2.6.4.3_0\
CHR - Extension: Google Wallet = C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Czarek\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CTSyncService] C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [PSUAMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [RunDLLEntry] C:\Windows\System32\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [XFastUsb] C:\Program Files\XFastUsb\XFastUsb.exe (FNet Co., Ltd.)
O4 - HKCU..\Run: [Advanced SystemCare 7] C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [f.lux] C:\Users\Czarek\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [Spotify] C:\Users\Czarek\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 600
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab (SysInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33543BCF-3FD4-4E9B-AD8C-8588FD6841B1}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{491e98fa-1908-11e1-984d-002522cc5546}\Shell - "" = AutoRun
O33 - MountPoints2\{491e98fa-1908-11e1-984d-002522cc5546}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{491e9907-1908-11e1-984d-002522cc5546}\Shell - "" = AutoRun
O33 - MountPoints2\{50899814-adac-11e1-bfeb-002522cc5546}\Shell - "" = AutoRun
O33 - MountPoints2\{50899814-adac-11e1-bfeb-002522cc5546}\Shell\AutoRun\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014-07-16 12:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014-07-16 12:44:33 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014-07-16 12:44:23 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014-07-16 12:44:23 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014-07-16 12:44:23 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014-07-16 12:44:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014-07-16 03:45:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Riot Games
[2014-07-16 02:18:45 | 000,000,000 | ---D | C] -- C:\Users\Czarek\AppData\Local\Spotify
[2014-07-16 02:18:17 | 000,000,000 | ---D | C] -- C:\Users\Czarek\AppData\Roaming\Spotify
[2014-07-09 16:52:42 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014-07-09 16:52:41 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014-07-09 16:52:41 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014-07-09 16:52:40 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014-07-09 16:52:40 | 000,240,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014-07-09 16:52:40 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014-07-09 16:52:40 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014-07-09 16:52:40 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014-07-09 16:52:39 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014-07-09 16:52:39 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014-07-09 16:52:39 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014-07-09 16:52:39 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014-07-09 16:52:38 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014-07-09 16:52:38 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014-07-09 16:52:38 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014-07-09 16:52:38 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014-07-09 16:52:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014-07-09 16:52:37 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014-07-09 16:52:37 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014-07-09 16:52:36 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014-07-09 16:52:35 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014-07-09 16:52:34 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014-07-09 16:52:33 | 004,254,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014-07-09 16:52:03 | 002,350,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014-07-09 16:52:03 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2014-07-09 16:51:56 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2014-07-09 16:51:54 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2014-07-09 16:51:50 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014-07-09 16:51:49 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014-07-09 12:43:52 | 000,048,736 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\PSKMAD.sys
[2014-07-08 05:02:22 | 000,000,000 | ---D | C] -- C:\Users\Czarek\AppData\Roaming\ParetoLogic
[2014-07-08 05:02:22 | 000,000,000 | ---D | C] -- C:\Users\Czarek\AppData\Roaming\DriverCure
[2014-07-08 05:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2014-07-08 04:49:54 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014-07-08 03:00:03 | 000,000,000 | ---D | C] -- C:\Users\Czarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2014-07-08 03:00:02 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2014-07-08 02:59:43 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014-07-07 00:15:38 | 000,000,000 | ---D | C] -- C:\Users\Czarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2014-07-07 00:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2014-06-17 09:07:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2014-06-17 09:07:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014-06-17 09:07:23 | 000,187,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012-06-03 14:01:40 | 953,772,216 | ---- | C] (Macrovision Corporation) -- C:\Users\Czarek\TWEE_Upgrade.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Czarek\AppData\Local\*.tmp files -> C:\Users\Czarek\AppData\Local\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014-07-17 04:27:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-07-17 04:17:02 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-938636079-2743700497-1177568648-1000UA.job
[2014-07-17 03:43:30 | 000,220,370 | ---- | M] () -- C:\Users\Czarek\Desktop\wf.jpg
[2014-07-17 03:26:35 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-07-17 03:26:35 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-07-17 02:41:12 | 000,000,831 | ---- | M] () -- C:\Users\Public\Desktop\Wolfenstein The New Order.lnk
[2014-07-16 21:43:39 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2014-07-16 21:43:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-07-16 21:43:28 | 2408,591,360 | -HS- | M] () -- C:\hiberfil.sys
[2014-07-16 02:18:44 | 000,001,817 | ---- | M] () -- C:\Users\Czarek\Desktop\Spotify.lnk
[2014-07-11 03:02:10 | 000,096,680 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014-07-11 02:56:08 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014-07-11 02:56:01 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014-07-11 02:55:32 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014-07-09 23:09:56 | 000,348,864 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014-07-09 13:27:26 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014-07-09 13:27:26 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014-07-08 22:53:18 | 000,740,438 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014-07-08 22:53:18 | 000,654,270 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-07-08 22:53:18 | 000,156,012 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014-07-08 22:53:18 | 000,122,142 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-07-08 12:04:59 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-938636079-2743700497-1177568648-1000Core.job
[2014-07-08 03:00:03 | 000,002,204 | ---- | M] () -- C:\Users\Czarek\Desktop\SpyHunter.lnk
[2014-07-08 01:31:04 | 000,003,584 | ---- | M] () -- C:\Users\Czarek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-06-30 03:40:16 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014-06-30 03:36:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014-06-20 21:39:54 | 000,240,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014-06-19 09:24:59 | 000,000,024 | ---- | M] () -- C:\Users\Czarek\AppData\Roaming\temp.ini
[2014-06-19 01:56:37 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014-06-19 01:56:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014-06-19 01:37:23 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014-06-19 01:36:35 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014-06-19 01:35:55 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014-06-19 01:28:45 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014-06-19 01:28:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014-06-19 01:25:38 | 000,442,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014-06-19 01:23:27 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014-06-19 01:23:24 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014-06-19 01:22:40 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014-06-19 01:16:33 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014-06-19 01:12:01 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014-06-19 01:06:10 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014-06-19 01:01:50 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014-06-19 00:58:08 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014-06-19 00:52:58 | 000,595,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014-06-19 00:52:18 | 004,254,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014-06-19 00:49:52 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014-06-19 00:46:23 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014-06-19 00:45:59 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014-06-19 00:07:42 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014-06-18 03:51:32 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2014-06-18 02:52:00 | 002,350,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Czarek\AppData\Local\*.tmp files -> C:\Users\Czarek\AppData\Local\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014-07-17 03:43:30 | 000,220,370 | ---- | C] () -- C:\Users\Czarek\Desktop\wf.jpg
[2014-07-17 02:41:12 | 000,000,831 | ---- | C] () -- C:\Users\Public\Desktop\Wolfenstein The New Order.lnk
[2014-07-16 02:18:44 | 000,001,817 | ---- | C] () -- C:\Users\Czarek\Desktop\Spotify.lnk
[2014-07-16 02:18:44 | 000,001,803 | ---- | C] () -- C:\Users\Czarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2014-07-08 03:00:03 | 000,002,204 | ---- | C] () -- C:\Users\Czarek\Desktop\SpyHunter.lnk
[2014-07-07 01:26:10 | 000,003,584 | ---- | C] () -- C:\Users\Czarek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-06-19 09:24:59 | 000,000,024 | ---- | C] () -- C:\Users\Czarek\AppData\Roaming\temp.ini
[2013-10-30 13:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013-10-30 13:06:54 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013-10-30 13:06:54 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013-10-30 13:06:54 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013-10-30 13:06:54 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2013-09-17 22:27:16 | 000,005,856 | ---- | C] () -- C:\ProgramData\NanoRepository.bin.bak
[2013-09-14 21:29:53 | 000,000,000 | ---- | C] () -- C:\ProgramData\0x0304A000.sfl
[2013-09-06 19:22:02 | 000,000,055 | ---- | C] () -- C:\Users\Czarek\AppData\Roaming\WB.CFG
[2013-09-06 19:22:02 | 000,000,005 | ---- | C] () -- C:\Users\Czarek\AppData\Roaming\WBPU-TTL.DAT
[2013-08-15 14:55:12 | 000,200,704 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2013-08-15 09:01:18 | 000,038,912 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2013-08-04 23:15:43 | 000,000,892 | RHS- | C] () -- C:\Users\Czarek\ntuser.pol
[2013-07-18 17:47:16 | 000,231,856 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat
[2013-07-18 17:38:38 | 000,233,396 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat
[2013-07-15 18:29:22 | 000,082,944 | ---- | C] () -- C:\Windows\System32\ativce02.dat
[2013-05-13 00:15:35 | 000,000,835 | ---- | C] () -- C:\Users\Czarek\.recently-used.xbel
[2013-04-10 17:34:24 | 000,662,785 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2013-03-29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\System32\amdocl_ld32.exe
[2013-03-29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\System32\amdocl_as32.exe
[2012-12-19 21:42:42 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012-12-19 21:42:42 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012-12-02 13:53:12 | 000,000,258 | ---- | C] () -- C:\Users\Czarek\SciTE.session
[2011-11-27 16:40:46 | 000,000,044 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011-11-03 20:50:49 | 000,139,152 | ---- | C] () -- C:\Users\Czarek\AppData\Roaming\PnkBstrK.sys
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-03-25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 207 bytes -> C:\ProgramData\TEMP:6BE50C2B
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:373E1720

< End of report >