Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

ATRAPS.GEN/GEN2 trojan problem

Started by aoshika , Jun 27 2012 05:02 PM

  • Please log in to reply

#1
aoshika
Posted 27 June 2012 - 05:02 PM

aoshika

    New Member

  • Member
  • Pip
  • 2 posts
So I've got this problem with ATRAPS.GEN2 and ATRAPS.GEN viruses. It started suddenly, just as i was browsing the Internet now Avira keeps popping up with detections after every delete attempt. I just can't get rid of this annyoing virus. Please help! Plus i think I've got generally unclean computer.

OTL logfile created on: 2012-06-28 00:49:14 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Tomek\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,95 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 46,80% Memory free
7,90 Gb Paging File | 5,02 Gb Available in Paging File | 63,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 184,04 Gb Total Space | 45,61 Gb Free Space | 24,78% Space Free | Partition Type: NTFS
Drive D: | 14,81 Gb Total Space | 1,62 Gb Free Space | 10,93% Space Free | Partition Type: NTFS
Drive E: | 196,76 Gb Total Space | 92,85 Gb Free Space | 47,19% Space Free | Partition Type: NTFS
Drive F: | 302,73 Gb Total Space | 125,64 Gb Free Space | 41,50% Space Free | Partition Type: NTFS
Drive I: | 98,87 Mb Total Space | 84,61 Mb Free Space | 85,58% Space Free | Partition Type: FAT32

Computer Name: PAVILION | User Name: Tomek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-06-28 00:43:03 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe
PRC - [2012-06-23 19:30:29 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
PRC - [2012-06-16 17:37:55 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012-05-26 06:32:44 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Tomek\AppData\Local\Akamai\netsession_win.exe
PRC - [2012-05-24 23:20:51 | 001,241,184 | ---- | M] (Aeria Games & Entertainment) -- C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
PRC - [2012-05-09 08:07:54 | 000,498,176 | ---- | M] (LOL Replay) -- C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
PRC - [2012-05-08 22:00:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012-05-08 22:00:22 | 000,466,896 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files (x86)\avira\antivir desktop\avscan.exe
PRC - [2012-05-08 22:00:22 | 000,391,632 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\program files (x86)\avira\antivir desktop\avcenter.exe
PRC - [2012-05-08 22:00:22 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012-05-08 22:00:22 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012-05-04 10:12:58 | 010,591,232 | ---- | M] (Creative Team S.A.) -- C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe
PRC - [2012-05-03 04:54:42 | 003,553,176 | ---- | M] (Xfire Inc.) -- C:\Program Files (x86)\Xfire\Xfire.exe
PRC - [2012-04-24 11:15:46 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-01-03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-12-14 13:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011-09-01 18:06:50 | 000,227,896 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011-08-19 15:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011-07-06 20:13:48 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011-02-17 22:48:24 | 000,265,544 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011-02-17 22:48:12 | 000,642,888 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011-02-17 22:47:58 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011-02-15 15:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011-01-24 15:34:06 | 000,991,296 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011-01-24 15:34:04 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011-01-24 15:33:30 | 000,901,184 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011-01-24 15:33:24 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
PRC - [2011-01-13 04:00:42 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011-01-13 04:00:38 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010-12-22 22:25:02 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010-12-22 22:24:58 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010-11-17 19:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010-11-09 15:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010-11-09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010-04-23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010-04-23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010-04-23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe


========== Modules (No Company Name) ==========

MOD - [2012-06-23 19:30:28 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
MOD - [2012-06-16 17:37:54 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012-06-14 22:06:51 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\b1acb6d21dd13ae76f360354dc8f8de3\IAStorUtil.ni.dll
MOD - [2012-06-14 10:03:01 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012-06-14 10:02:46 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012-06-14 10:02:39 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012-06-14 10:02:32 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012-06-13 16:45:58 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
MOD - [2012-06-13 16:45:45 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
MOD - [2012-06-13 16:45:41 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012-06-13 16:45:33 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
MOD - [2012-06-13 16:45:31 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012-05-11 16:04:49 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\05787d96761cf20b76b927ace10ef1d3\UIAutomationProvider.ni.dll
MOD - [2012-05-11 16:04:31 | 000,787,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll
MOD - [2012-05-11 16:04:31 | 000,236,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.Wrapper.dll
MOD - [2012-05-11 16:04:30 | 000,649,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll
MOD - [2012-05-11 16:04:28 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
MOD - [2012-05-11 16:03:52 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012-05-11 16:03:41 | 000,044,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\62c1a496dff99a6e5f5e4278d31ca4c1\Accessibility.ni.dll
MOD - [2012-05-11 16:02:52 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ed560b26f2f86b3f07b7f6d384f92275\System.ServiceModel.Web.ni.dll
MOD - [2012-05-11 16:01:30 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012-05-11 16:00:40 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
MOD - [2012-05-11 16:00:37 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9e7bf69d97febe4ed1a288c787e5d9ca\SMDiagnostics.ni.dll
MOD - [2012-05-11 16:00:36 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\107779ca2708d2b31b2e1560e47f6d15\System.ServiceModel.ni.dll
MOD - [2012-05-11 15:59:47 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012-05-11 15:59:46 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e2ed613308593613ac154671c7549c26\IAStorCommon.ni.dll
MOD - [2012-05-11 14:53:55 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012-05-11 14:53:40 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012-05-11 14:52:59 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012-05-11 14:52:54 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012-05-11 14:52:52 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012-05-11 14:52:51 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012-05-11 14:52:47 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012-05-11 04:15:30 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll
MOD - [2012-05-11 04:12:40 | 006,815,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
MOD - [2012-05-11 04:12:34 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012-05-11 04:12:31 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012-05-11 04:12:27 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012-05-11 04:12:26 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012-05-11 04:12:21 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012-05-09 08:07:50 | 000,279,552 | ---- | M] () -- C:\Program Files (x86)\LOLReplay\LOLUtils.dll
MOD - [2012-05-04 09:24:38 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\SMS.dll
MOD - [2012-05-04 09:16:48 | 000,310,272 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\Contact.dll
MOD - [2012-04-30 11:26:10 | 001,178,624 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\GGNet.dll
MOD - [2012-04-04 18:47:24 | 000,015,760 | ---- | M] () -- C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2native.dll
MOD - [2012-02-24 04:01:44 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\LOLReplay\Compression.dll
MOD - [2011-06-24 02:40:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pl_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010-11-13 04:03:49 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011-12-06 05:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011-05-27 12:20:12 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011-03-11 12:23:16 | 000,297,984 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011-02-16 22:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2011-02-04 16:34:20 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV:64bit: - [2011-02-04 16:24:24 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011-02-04 16:19:50 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV:64bit: - [2010-10-11 02:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010-09-22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\svchost.exe -- (SharedAccess)
SRV:64bit: - [2009-03-03 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012-06-23 19:30:32 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-06-16 17:37:55 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-06-01 13:18:16 | 000,736,104 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012-05-08 22:00:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012-05-08 22:00:22 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012-04-24 11:15:46 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-04-15 13:35:53 | 000,674,400 | ---- | M] (Wellbia.com Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\xsherlock.xem -- (xsherlock)
SRV - [2012-04-04 18:26:35 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-01-03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-12-14 13:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011-09-09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011-09-01 18:06:50 | 000,227,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011-08-15 10:02:12 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011-03-28 21:51:25 | 004,323,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011-02-17 22:48:24 | 000,265,544 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011-02-15 15:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011-01-24 15:34:06 | 000,991,296 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011-01-24 15:34:04 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011-01-24 15:33:30 | 000,901,184 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011-01-13 04:00:42 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010-12-22 22:25:02 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010-12-22 22:24:58 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010-11-09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010-10-12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007-11-06 22:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-06-16 23:46:47 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2012-06-16 23:46:47 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2012-05-08 22:00:23 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012-05-08 22:00:23 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011-12-12 03:19:26 | 000,051,776 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pssdk41.sys -- (PsSdk41)
DRV:64bit: - [2011-12-12 03:15:36 | 000,044,480 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2011-12-06 05:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011-12-06 04:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011-09-16 16:09:16 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011-09-13 19:59:47 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011-05-27 12:20:12 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011-05-27 12:20:12 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011-04-16 03:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011-03-11 12:23:16 | 000,521,728 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-24 11:40:20 | 008,591,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Sterownik karty Intel®
DRV:64bit: - [2011-02-17 03:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-02-16 17:46:36 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2011-01-24 02:24:52 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011-01-24 02:22:48 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011-01-24 01:56:06 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011-01-13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011-01-13 02:10:44 | 000,333,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010-12-17 04:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010-12-10 23:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010-12-10 23:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-11-09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010-10-20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010-10-15 11:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010-07-28 09:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2009-11-16 08:28:46 | 000,093,184 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HPIR.sys -- (HPIR)
DRV:64bit: - [2009-10-19 05:35:40 | 000,511,104 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HPAF35.sys -- (AVerAF35)
DRV:64bit: - [2009-09-16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (1394hub)
DRV:64bit: - [2009-07-14 02:09:10 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\loop.sys -- (msloop)
DRV:64bit: - [2009-06-10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009-06-10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009-06-10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009-06-10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009-06-10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-03-18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007-11-06 22:23:14 | 000,040,464 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV - [2012-06-20 02:03:02 | 000,089,560 | ---- | M] () [Kernel | On_Demand | Stopped] -- f:\AeriaGames\EdenEternal\avital\ussjcs64.sys -- (usj)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005-01-02 23:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/we...&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://pl.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{EC25EA9A-63F7-42F6-A76C-29C817088386}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/we...&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://pl.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{EC25EA9A-63F7-42F6-A76C-29C817088386}: "URL" = http://www.amazon.co...s={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000ff87251ba7
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/we...&l=dis&o=HPNTDF
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://pl.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{EC25EA9A-63F7-42F6-A76C-29C817088386}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Tomek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-16 17:37:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Tomek\AppData\Roaming\IDM\idmmzcc5

[2011-09-13 19:49:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomek\AppData\Roaming\mozilla\Extensions
[2012-06-27 15:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomek\AppData\Roaming\mozilla\Firefox\Profiles\5f3pi7ef.default\extensions
[2012-06-03 14:59:20 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\Tomek\AppData\Roaming\mozilla\Firefox\Profiles\5f3pi7ef.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2012-01-27 22:06:55 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Tomek\AppData\Roaming\mozilla\Firefox\Profiles\5f3pi7ef.default\extensions\[email protected]
[2012-06-27 15:13:38 | 000,000,000 | ---D | M] (Better Battlelog (BBLog)) -- C:\Users\Tomek\AppData\Roaming\mozilla\Firefox\Profiles\5f3pi7ef.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack
[2012-03-18 20:30:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011-09-13 20:01:12 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\mozilla firefox\extensions\[email protected]
[2012-06-16 17:37:55 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-02-18 19:09:21 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-03-01 19:47:12 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012-02-18 19:09:21 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-02-18 19:09:21 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-02-18 19:09:21 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-18 19:09:21 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-02-18 19:09:21 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Tomek\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (Trend Media Group)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ProxyCap] C:\PROGRA~1\PROXYL~1\ProxyCap\pcapui.exe File not found
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Aeria Ignite] C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe File not found
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun File not found
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Tomek\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe (Creative Team S.A.)
O4 - HKCU..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun File not found
O4 - HKCU..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [PlayNC Launcher] File not found
O4 - HKCU..\Run: [uTorrent] C:\Users\Tomek\Desktop\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm ()
O8:64bit: - Extra context menu item: Download by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm ()
O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Oci1gnij przez IDM - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: Oci1gnij wszystkie linki przez IDM - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: Sciagnij przez IDM - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: Sciagnij wszystkie linki przez IDM - Reg Error: Value error. File not found
O8 - Extra context menu item: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm ()
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Oci1gnij przez IDM - Reg Error: Value error. File not found
O8 - Extra context menu item: Oci1gnij wszystkie linki przez IDM - Reg Error: Value error. File not found
O8 - Extra context menu item: Sciagnij przez IDM - Reg Error: Value error. File not found
O8 - Extra context menu item: Sciagnij wszystkie linki przez IDM - Reg Error: Value error. File not found
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} http://clients.futur...y/FMSI_v420.cab (FuturemarkSystemInfoX Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...ri_4.4.26.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D4BB9B5-89A7-452B-B77D-1B9CBA93B517}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{87251BA7-DA5A-4F06-9B73-B75B7935175D}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EBC2E423-F2BC-4871-861E-4C4D9E9C0A14}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{485e8686-de32-11e0-87f6-ac728978c8ef}\Shell - "" = AutoRun
O33 - MountPoints2\{485e8686-de32-11e0-87f6-ac728978c8ef}\Shell\AutoRun\command - "" = H:\AutoStarter.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-06-28 00:42:59 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe
[2012-06-28 00:38:20 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Tomek\Desktop\mbam-setup-1.61.0.1400.exe
[2012-06-20 14:22:54 | 000,000,000 | --SD | C] -- C:\Users\Tomek\GG dysk
[2012-06-20 14:18:55 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\GG
[2012-06-20 14:18:54 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\GG
[2012-06-20 14:17:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Aeria Games
[2012-06-20 01:49:44 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Aeria Games
[2012-06-20 00:39:39 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2012-06-20 00:34:15 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2012-06-20 00:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2012-06-20 00:34:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aeria Games
[2012-06-20 00:34:10 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Aeria Games & Entertainment
[2012-06-19 23:22:06 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Akamai
[2012-06-19 23:22:04 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2012-06-17 12:58:51 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012-06-17 11:32:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\STALKER-STCS
[2012-06-17 01:17:21 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\XRay Engine
[2012-06-16 14:07:57 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2012-06-16 14:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2012-06-16 01:34:34 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\ArmA 2 OA
[2012-06-16 01:34:34 | 000,000,000 | ---D | C] -- C:\Users\Tomek\Documents\ArmA 2
[2012-06-16 01:33:55 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Spirited_Machine
[2012-06-16 01:33:35 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Spirited Machine
[2012-06-15 15:41:45 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Activision
[2012-06-10 13:21:52 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Macromedia
[2012-06-09 13:21:45 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Toribash
[2012-06-09 02:19:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics
[2012-06-07 23:24:17 | 000,000,000 | ---D | C] -- C:\Users\Tomek\Documents\Syndicate
[2012-06-06 13:18:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\07th_Expansion
[2012-06-05 23:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gPotato.com
[2012-06-04 21:21:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012-06-04 21:20:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012-06-01 21:48:42 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Xilisoft
[2012-06-01 21:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2012-06-01 21:47:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Xilisoft
[2012-06-01 21:47:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xilisoft
[2012-06-01 21:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2012-06-01 21:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
[2012-06-01 21:36:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Combined Community Codec Pack
[2012-06-01 21:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\River Past
[2012-06-01 21:18:42 | 000,000,000 | ---D | C] -- C:\Program Files\River Past
[2012-06-01 21:18:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\River Past
[2012-06-01 20:48:29 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\River Past G5
[2012-06-01 20:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\River Past G5
[2012-06-01 20:29:24 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo
[2012-06-01 20:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\MediaInfo
[2012-06-01 19:36:14 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Apple Computer
[2012-06-01 16:08:42 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Matroska Pack
[2012-06-01 16:08:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Matroska Pack
[2012-06-01 16:08:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Matroska Pack
[2012-06-01 16:05:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2012-06-01 16:05:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2012-06-01 15:25:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haali
[2012-06-01 01:44:38 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2012-06-01 01:44:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2012-06-01 01:44:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2012-05-29 22:05:30 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\SniperV2
[2012-03-01 19:37:58 | 002,371,152 | ---- | C] (DownVision ) -- C:\Users\Tomek\AppData\Local\setup.exe
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Windows\SysNative\
[2012-06-28 00:43:03 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe
[2012-06-28 00:38:32 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Tomek\Desktop\mbam-setup-1.61.0.1400.exe
[2012-06-28 00:34:12 | 000,165,376 | ---- | M] () -- C:\Users\Tomek\Desktop\SystemLook_x64.exe
[2012-06-28 00:30:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-06-28 00:20:05 | 000,077,419 | ---- | M] () -- C:\Users\Tomek\Desktop\Fate_Zero_ep25_RyuuTsuru_Teikoku_AnimeSubInfo_id44243.zip
[2012-06-27 21:08:02 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTomek.job
[2012-06-27 14:38:10 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-27 14:38:10 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-27 14:35:29 | 001,663,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-27 14:35:29 | 000,738,192 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-06-27 14:35:29 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-27 14:35:29 | 000,154,848 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-06-27 14:35:29 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-27 14:30:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-27 14:30:21 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2012-06-26 17:41:18 | 000,000,452 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2012-06-26 17:40:14 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[2012-06-24 01:18:51 | 205,691,505 | ---- | M] () -- C:\Users\Tomek\Desktop\cs_graphics_quality_mod_v1.0.rar
[2012-06-24 01:08:42 | 011,900,374 | ---- | M] () -- C:\Users\Tomek\Desktop\better_lighting_depth_of_field_and_fps.7z
[2012-06-24 00:57:16 | 000,006,102 | ---- | M] () -- C:\Users\Tomek\Desktop\user.ltx
[2012-06-23 22:13:00 | 000,051,093 | ---- | M] () -- C:\Users\Tomek\Desktop\Fate_Zero_ep24_RyuuTsuru_Teikoku_AnimeSubInfo_id44172.zip
[2012-06-23 22:12:53 | 000,094,377 | ---- | M] () -- C:\Users\Tomek\Desktop\Fate_Zero_ep23_RyuuTsuru_Teikoku_AnimeSubInfo_id44100.zip
[2012-06-23 14:18:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForPAVILION$.job
[2012-06-22 11:42:28 | 494,332,236 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-06-20 00:39:40 | 000,000,850 | ---- | M] () -- C:\Users\Tomek\Desktop\Eden Eternal.lnk
[2012-06-17 11:33:39 | 000,001,224 | ---- | M] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Clear Sky.lnk
[2012-06-16 23:46:47 | 000,088,480 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2012-06-16 23:46:47 | 000,046,400 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2012-06-16 01:12:06 | 001,639,550 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-06-14 11:57:09 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-06-14 11:57:09 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-06-14 11:56:56 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-06-14 09:56:50 | 000,451,680 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-06-12 19:12:49 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012-06-10 02:39:08 | 000,098,926 | ---- | M] () -- C:\Users\Tomek\Desktop\Fate_Zero_ep22_RyuuTsuru_Teikoku_AnimeSubInfo_id44006.zip
[2012-06-10 02:39:00 | 000,096,301 | ---- | M] () -- C:\Users\Tomek\Desktop\Fate_Zero_ep21_RyuuTsuru_Teikoku_AnimeSubInfo_id43913.zip
[2012-06-09 01:02:42 | 000,016,380 | ---- | M] () -- C:\Users\Tomek\Desktop\Hellsing_Ultimate_ep09_Diablo_AnimeSubInfo_id42716.zip
[2012-06-08 15:10:55 | 000,001,808 | ---- | M] () -- C:\Users\Tomek\Desktop\Borderlands.lnk
[2012-06-07 23:57:00 | 000,001,088 | ---- | M] () -- C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2012-06-07 23:36:40 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012-06-07 23:36:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2012-06-01 21:18:43 | 000,165,342 | ---- | M] () -- C:\Windows\Video Cleaner Pro Uninstaller.exe
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

File not found -- C:\Windows\SysNative\
[2012-06-28 00:46:26 | 000,022,016 | ---- | C] () -- C:\Windows\Installer\{6ba5fb4a-2e75-cbec-7ca4-eb32854a6f6b}\U\800000cb.@
[2012-06-28 00:46:26 | 000,001,648 | ---- | C] () -- C:\Windows\Installer\{6ba5fb4a-2e75-cbec-7ca4-eb32854a6f6b}\U\00000001.@
[2012-06-28 00:46:25 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{6ba5fb4a-2e75-cbec-7ca4-eb32854a6f6b}\U\80000000.@
[2012-06-28 00:34:11 | 000,165,376 | ---- | C] () -- C:\Users\Tomek\Desktop\SystemLook_x64.exe
[2012-06-28 00:19:57 | 000,077,419 | ---- | C] () -- C:\Users\Tomek\Desktop\Fate_Zero_ep25_RyuuTsuru_Teikoku_AnimeSubInfo_id44243.zip
[2012-06-24 01:12:59 | 205,691,505 | ---- | C] () -- C:\Users\Tomek\Desktop\cs_graphics_quality_mod_v1.0.rar
[2012-06-24 01:08:28 | 000,006,102 | ---- | C] () -- C:\Users\Tomek\Desktop\user.ltx
[2012-06-24 01:08:17 | 011,900,374 | ---- | C] () -- C:\Users\Tomek\Desktop\better_lighting_depth_of_field_and_fps.7z
[2012-06-23 22:13:00 | 000,051,093 | ---- | C] () -- C:\Users\Tomek\Desktop\Fate_Zero_ep24_RyuuTsuru_Teikoku_AnimeSubInfo_id44172.zip
[2012-06-23 22:12:53 | 000,094,377 | ---- | C] () -- C:\Users\Tomek\Desktop\Fate_Zero_ep23_RyuuTsuru_Teikoku_AnimeSubInfo_id44100.zip
[2012-06-20 00:39:40 | 000,000,850 | ---- | C] () -- C:\Users\Tomek\Desktop\Eden Eternal.lnk
[2012-06-17 11:33:39 | 000,001,224 | ---- | C] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Clear Sky.lnk
[2012-06-10 02:39:07 | 000,098,926 | ---- | C] () -- C:\Users\Tomek\Desktop\Fate_Zero_ep22_RyuuTsuru_Teikoku_AnimeSubInfo_id44006.zip
[2012-06-10 02:39:00 | 000,096,301 | ---- | C] () -- C:\Users\Tomek\Desktop\Fate_Zero_ep21_RyuuTsuru_Teikoku_AnimeSubInfo_id43913.zip
[2012-06-09 01:02:42 | 000,016,380 | ---- | C] () -- C:\Users\Tomek\Desktop\Hellsing_Ultimate_ep09_Diablo_AnimeSubInfo_id42716.zip
[2012-06-08 15:10:55 | 000,001,808 | ---- | C] () -- C:\Users\Tomek\Desktop\Borderlands.lnk
[2012-06-07 23:57:00 | 000,001,088 | ---- | C] () -- C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2012-06-01 21:40:23 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012-06-01 21:18:43 | 000,165,342 | ---- | C] () -- C:\Windows\Video Cleaner Pro Uninstaller.exe
[2012-06-01 20:56:23 | 000,696,832 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2012-06-01 20:56:23 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012-06-01 20:56:23 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2012-06-01 20:56:23 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012-06-01 20:56:23 | 000,173,568 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2012-06-01 20:56:23 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2012-05-03 04:54:46 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012-04-19 15:45:57 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012-04-19 15:45:56 | 000,000,452 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012-04-14 23:22:18 | 000,000,204 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2012-04-14 23:02:25 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2012-04-09 00:53:36 | 001,078,360 | ---- | C] () -- C:\Windows\DarkSteam Uninstaller.exe
[2012-04-07 23:56:13 | 000,000,044 | ---- | C] () -- C:\Users\Tomek\jagex_cl_runescape_LIVE.dat
[2012-04-07 23:56:13 | 000,000,024 | ---- | C] () -- C:\Users\Tomek\random.dat
[2012-03-01 19:55:59 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012-02-04 00:43:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-01-14 16:44:57 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{6ba5fb4a-2e75-cbec-7ca4-eb32854a6f6b}\@
[2012-01-14 16:44:57 | 000,002,048 | -HS- | C] () -- C:\Users\Tomek\AppData\Local\{6ba5fb4a-2e75-cbec-7ca4-eb32854a6f6b}\@
[2011-12-27 16:08:54 | 000,148,276 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011-12-13 22:44:10 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011-12-06 04:35:10 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011-12-06 04:35:10 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011-12-05 23:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011-12-05 23:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011-11-30 19:11:48 | 000,000,058 | ---- | C] () -- C:\Users\Tomek\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011-10-05 22:23:47 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011-10-02 00:16:20 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2011-09-25 15:41:05 | 000,000,565 | ---- | C] () -- C:\Users\Tomek\AppData\Roaming\myMPQ.ini
[2011-09-20 23:59:36 | 000,007,605 | ---- | C] () -- C:\Users\Tomek\AppData\Local\Resmon.ResmonCfg
[2011-09-14 21:14:07 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-09-14 21:14:05 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011-09-14 21:14:05 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-09-14 19:57:05 | 001,639,550 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-09-13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-08-31 18:32:59 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011-08-31 18:28:31 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011-08-27 16:32:12 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\sbcrreag.dll
[2011-06-23 17:10:54 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011-04-16 03:05:50 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011-04-16 03:05:48 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011-04-16 02:59:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011-04-16 02:33:40 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-02-22 16:40:34 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2010-12-17 04:26:22 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll

========== LOP Check ==========

[2012-06-20 00:34:10 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Aeria Games & Entertainment
[2012-05-06 23:17:45 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Azureus
[2012-03-01 19:47:10 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Babylon
[2012-06-01 21:14:56 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\BESTplayer
[2012-01-15 19:29:45 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Bioshock
[2012-04-15 02:55:08 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\BITS
[2012-04-19 16:41:31 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Command & Conquer 3 Kane's Wrath
[2011-09-13 23:00:35 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\DAEMON Tools Lite
[2012-04-14 22:59:50 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\DMCache
[2011-11-30 19:11:48 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\DonationCoder
[2012-04-14 23:22:18 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\FlashGet
[2012-04-14 23:02:07 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\FlashGetBHO
[2012-04-14 23:02:12 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\FlashgetSetup
[2012-05-25 19:40:27 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\GameRanger
[2012-06-22 11:44:43 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\GG
[2011-09-13 16:21:33 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\IDT
[2011-09-19 21:07:47 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\LolClient
[2012-05-24 15:20:30 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\LolClient2
[2012-05-21 04:07:13 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Might & Magic Heroes VI
[2011-11-30 23:50:44 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\mp3DirectCut
[2011-12-15 23:31:42 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\NapiProjekt
[2012-01-24 23:57:25 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\NeopleLauncherDFO
[2011-11-28 21:29:20 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\OnLive App
[2011-10-24 13:49:30 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Origin
[2012-04-17 17:20:44 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\PunkBuster
[2011-10-07 20:43:19 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Red Alert 3
[2012-06-01 21:06:50 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\River Past G5
[2011-09-16 13:19:09 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\SoftGrid Client
[2012-06-16 01:33:35 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Spirited Machine
[2011-09-13 15:53:50 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Synaptics
[2011-10-23 02:00:28 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\TeamViewer
[2012-01-11 02:10:03 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\The Creative Assembly
[2011-09-14 19:57:46 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\TP
[2011-12-08 15:58:22 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Trine2
[2012-06-08 03:26:15 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Tunngle
[2012-03-30 19:08:22 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Ubisoft
[2011-10-26 14:48:45 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Unity
[2012-06-28 00:32:40 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\uTorrent
[2012-02-03 03:53:05 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Windows Live Writer
[2012-06-01 21:48:42 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Xilisoft
[2012-01-16 19:27:17 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\XLink Kai
[2012-06-17 01:17:21 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\XRay Engine
[2011-10-30 13:41:21 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\_MDLogs
[2012-05-04 22:36:17 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012-04-08 23:09:27 | 000,000,000 | ---D | M](C:\Users\Tomek\Documents\????) -- C:\Users\Tomek\Documents\마비노기
[2012-04-08 23:09:27 | 000,000,000 | ---D | C](C:\Users\Tomek\Documents\????) -- C:\Users\Tomek\Documents\마비노기

========== Alternate Data Streams ==========

@Alternate Data Stream - 5632 bytes -> C:\ProgramData:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\Tomek\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\Tomek\Desktop\desktop.ini:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\Public\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:B2AA1B61

< End of report >
  • 0

Advertisements

#2
aoshika
Posted 28 June 2012 - 09:01 AM

aoshika

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Sorry for double post but it's important. So I turned off my computer for a night and now I can't turn it on. Every time I try to turn on it keeps restarting with a BSOD. Also i can't open in safe mode. Plus I've got Windows 7 pre-installed and forgot to create recovery discs. :( What can i do????!!!

EDIT
Ok I managed to get on computer normally now is the problem of cleaning it :(

Edited by aoshika, 28 June 2012 - 11:08 AM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP