[Rozwiązane] Jak usunac przegladarke SearchCompletion Search

29 kwietnia 2012

Uruchom OTL i w oknie Własne opcje skanowania skrypt wklej:

[code]:OTL
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://startsear.ch/...&q={searchTerms}
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Browsers Protector] C:\Program Files (x86)\Browsers Protector\regmon32.exe ()
O15 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..Trusted Domains: zagraj.pl ([www] http in Zaufane witryny)

:Files
C:\Windows\SWREG.exe
C:\Windows\SWSC.exe
C:\Windows\NIRCMD.exe

:Commands
[emptyflash]
[emptytemp]
[/code]

Klikasz w [b]Wykonaj skrypt[/b].

2. Odinstaluj Combofix

[b]start > uruchom[/b] i wklej polecenie

[b]"C:\Users\as\Desktop\ComboFix.exe" /uninstall[/b]

29 kwietnia 2012

zrobiłem jak mówiłeś i nie ma tego wirusa,da sie ustawic przeglądarke.Uff dziekuję za pomoc i cierpliwość dla laika .Mam nadzieje ,ze rano nie wyskoczy:).Pozdrawiam .

29 kwietnia 2012

1. Uruchom OTL i kliknij opcję Sprzatanie. To usunie program i kwarantannę.

2. uruchom AdwCleaner i kliknij Uninstall.

To wszystko.

29 kwietnia 2012

zinstalowałem avasta i przy przenoszeniu OTL wrzucił go w kwarantanne,adwCleaner usunąłem tak jak mówiłeś.

Podziękowania za wszystko,teraz długo się zastanowie zanim coś zainstaluje nieznanego.

29 kwietnia 2012

[quote]zinstalowałem avasta i przy przenoszeniu OTL wrzucił go w kwarantanne[/quote]

Nie rozumiem? Z tego co wyprawiasz, aj widze co wyprawiałeś w trakcie usuwania powiem ci @merun jedno: najwiekszym zagrożeniem dla systemu jesteś ty sam.

29 kwietnia 2012

Wrócił po restarcie :/

30 kwietnia 2012

Co wróciło?

30 kwietnia 2012

W przegladarce searchcompletetion search ,czyli tak jak bylo na początku,może to przez to,że nieprawidłowo usunąłem OTS czyli jak mi avast go wrzucił w kwarantanne to go z tamtąd usunąłem:/

może jest inna przyczyna?

a jakby jeszcze raz tym comboFixem spróbować?

30 kwietnia 2012

Daj logi z OTL. Combofixa nie tykaj.

30 kwietnia 2012

[log] OTL logfile created on: 2012-04-30 21:30:01 - Run 12
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\as\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,92 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 50,61% Memory free
5,84 Gb Paging File | 4,15 Gb Available in Paging File | 71,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 27,43 Gb Free Space | 36,81% Space Free | Partition Type: NTFS
Drive D: | 214,19 Gb Total Space | 153,31 Gb Free Space | 71,57% Space Free | Partition Type: NTFS

Computer Name: AS-KOMPUTER | User Name: as | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-04-30 21:24:36 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe
PRC - [2011-11-30 07:45:39 | 000,642,424 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009-10-26 19:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009-06-24 21:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-12-23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008-08-14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-04-30 21:24:36 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
MOD - [2012-04-29 22:30:44 | 000,120,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MOD - [2012-04-27 14:20:22 | 008,778,400 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_233.ocx
MOD - [2012-04-26 14:49:48 | 000,040,648 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12043000\uiext.dll
MOD - [2012-03-07 01:15:28 | 000,228,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll
MOD - [2012-03-07 01:15:28 | 000,095,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll
MOD - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2012-03-07 01:15:15 | 004,675,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2012-03-07 01:15:13 | 000,215,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2012-03-07 01:15:10 | 000,399,088 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2012-03-07 01:15:10 | 000,214,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2012-03-07 01:15:10 | 000,027,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2012-03-07 01:15:09 | 002,111,448 | ---- | M] (AVAST! Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll
MOD - [2012-03-07 01:15:09 | 000,217,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2012-03-07 01:15:08 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2012-03-07 01:15:07 | 000,337,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2012-03-07 01:15:07 | 000,184,872 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2012-03-07 01:15:07 | 000,164,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2012-03-07 01:15:07 | 000,153,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2012-03-07 01:15:07 | 000,098,864 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2012-03-07 01:15:07 | 000,050,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2012-03-07 01:15:06 | 000,406,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2012-03-07 01:15:06 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2012-03-07 01:15:04 | 000,140,064 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AhAScr.dll
MOD - [2012-03-07 01:15:03 | 000,345,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2012-03-07 01:15:03 | 000,096,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2012-03-01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-03-01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-02-28 03:52:25 | 012,281,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012-02-28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-02-28 03:18:55 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2012-02-28 03:12:01 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-02-28 03:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-02-28 03:08:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
MOD - [2012-02-28 03:08:15 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll
MOD - [2012-02-28 03:06:48 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
MOD - [2012-02-28 03:04:32 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-02-28 02:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
MOD - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe
MOD - [2012-02-10 07:38:43 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-01-04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-01-04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011-12-16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-11-30 07:45:39 | 000,642,424 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
MOD - [2011-11-29 00:00:37 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2011-11-29 00:00:36 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2011-11-29 00:00:36 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2011-11-25 21:14:37 | 000,046,592 | ---- | M] (Sun Microsystems, Inc.) -- C:\PROGRA~2\Java\jre6\bin\zip.dll
MOD - [2011-11-25 21:14:37 | 000,031,744 | ---- | M] (Sun Microsystems, Inc.) -- C:\PROGRA~2\Java\jre6\bin\verify.dll
MOD - [2011-11-25 21:14:36 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Java\jre6\bin\MSVCR71.dll
MOD - [2011-11-25 21:14:36 | 000,077,824 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\net.dll
MOD - [2011-11-25 21:14:36 | 000,019,968 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\nio.dll
MOD - [2011-11-25 21:14:35 | 002,732,032 | ---- | M] (Sun Microsystems, Inc.) -- C:\PROGRA~2\Java\jre6\bin\client\jvm.dll
MOD - [2011-11-25 21:14:35 | 001,216,512 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\awt.dll
MOD - [2011-11-25 21:14:35 | 000,126,976 | ---- | M] (Sun Microsystems, Inc.) -- C:\PROGRA~2\Java\jre6\bin\java.dll
MOD - [2011-11-25 21:14:35 | 000,108,320 | ---- | M] () -- C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll
MOD - [2011-11-25 21:14:35 | 000,077,824 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\deploy.dll
MOD - [2011-11-25 21:14:35 | 000,042,272 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
MOD - [2011-11-25 21:14:35 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Java\jre6\bin\jp2native.dll
MOD - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
MOD - [2011-11-25 21:00:48 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2011-11-25 21:00:47 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll
MOD - [2011-11-25 21:00:47 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll
MOD - [2011-11-25 21:00:46 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll
MOD - [2011-11-25 21:00:46 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2011-11-25 21:00:45 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imgutil.dll
MOD - [2011-11-17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2011-11-17 07:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2011-11-17 07:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2011-11-17 07:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2011-10-18 18:55:12 | 000,278,528 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\regutils.dll
MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-07-16 06:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-07-16 06:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011-06-16 06:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2011-05-24 12:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-05-24 12:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011-05-24 12:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-05-04 06:34:43 | 001,549,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tquery.dll
MOD - [2011-03-11 07:33:59 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42u.dll
MOD - [2011-03-11 07:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-02-19 08:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011-01-17 07:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-20 14:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll
MOD - [2010-11-20 14:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-20 14:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-20 14:21:34 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-20 14:21:33 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\upnp.dll
MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-20 14:21:30 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-20 14:21:27 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll
MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-20 14:21:06 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SearchFolder.dll
MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-20 14:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\provsvc.dll
MOD - [2010-11-20 14:20:55 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll
MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-20 14:20:48 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010-11-20 14:20:46 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll
MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010-11-20 14:20:29 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010-11-20 14:20:27 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NaturalLanguage6.dll
MOD - [2010-11-20 14:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2010-11-20 14:19:56 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-20 14:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010-11-20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-20 14:18:38 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorAPI.dll
MOD - [2010-11-20 14:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010-11-20 14:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010-11-20 14:18:26 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll
MOD - [2010-11-20 14:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010-11-20 14:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-20 14:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll
MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-20 14:18:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-20 14:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-20 14:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-20 14:08:44 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-20 13:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
MOD - [2010-11-05 03:58:01 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
MOD - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
MOD - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009-12-17 11:12:59 | 003,056,640 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009-11-02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
MOD - [2009-11-02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009-11-02 23:17:54 | 000,509,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCP71.dll
MOD - [2009-11-02 23:17:42 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCR71.dll
MOD - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MOD - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MOD - [2009-08-20 05:31:50 | 000,055,936 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\ATKMETHOD.dll
MOD - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MOD - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 03:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 03:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll
MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009-07-14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009-07-14 03:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll
MOD - [2009-07-14 03:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:15 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ssdpapi.dll
MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 03:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 03:16:03 | 001,537,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NlsData0000.dll
MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-07-14 03:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll
MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2009-07-14 03:15:24 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hnetcfg.dll
MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FirewallAPI.dll
MOD - [2009-07-14 03:15:21 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fundisc.dll
MOD - [2009-07-14 03:15:20 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fdProxy.dll
MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll
MOD - [2009-07-14 03:15:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dispex.dll
MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009-07-14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009-07-14 03:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll
MOD - [2009-07-14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009-07-14 03:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll
MOD - [2009-07-14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009-07-14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWOW64\l3codeca.acm
MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 03:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-06-24 21:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
MOD - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MOD - [2009-02-26 17:45:38 | 000,043,392 | ---- | M] (Microsoft Corporation) -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
MOD - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MOD - [2009-01-26 15:30:58 | 001,287,000 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\advcheck.dll
MOD - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007-06-15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007-06-02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2005-09-22 02:30:42 | 000,036,864 | ---- | M] (ATK) -- C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
MOD - [2005-01-13 09:36:58 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
MOD - [2004-05-28 03:13:08 | 000,080,384 | ---- | M] (ACTIONTEC Electronics,Inc) -- C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-27 14:20:23 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011-10-21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox"]http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox[/url]
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]
IE - HKLM\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7[/url]

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://startsear.ch/?aff=1&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73"]http://startsear.ch/?aff=1&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms"]http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms[/url]}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-04-29 22:27:36 | 000,000,000 | ---D | M]

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Szukaj w Google = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2012-04-29 20:33:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Browsers Protector] C:\Program Files (x86)\Browsers Protector\regmon32.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..Trusted Domains: zagraj.pl ([www] http in Zaufane witryny)
O16 - DPF: {7818D12F-8769-4A58-AE82-81EBE897F4E4} [url="http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab"]http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab[/url] (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B9F9A3E-8D03-4B9D-A0B0-3139FDD94830}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-30 21:24:34 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
[2012-04-29 22:27:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012-04-29 22:27:27 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012-04-29 22:27:27 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-04-29 22:01:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-04-29 20:43:56 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012-04-29 20:21:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012-04-29 11:32:08 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\ElevatedDiagnostics
[2012-04-28 19:02:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012-04-28 10:52:33 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\VS Revo Group
[2012-04-28 08:20:11 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Malwarebytes
[2012-04-28 08:20:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-04-27 19:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browsers Protector
[2012-04-27 14:20:10 | 008,766,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012-04-27 13:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012-04-27 13:21:45 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Mozilla
[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\Mozilla
[2012-04-24 15:38:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-04-12 22:35:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-04-12 22:35:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-04-12 22:35:55 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-04-12 22:35:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-04-12 22:35:53 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-04-12 22:35:24 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-04-12 22:35:23 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-04-30 21:30:21 | 002,097,152 | -HS- | M] () -- C:\Users\as\NTUSER.DAT
[2012-04-30 21:24:36 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
[2012-04-30 21:20:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-30 21:16:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-30 15:03:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-30 07:34:44 | 000,000,005 | ---- | M] () -- C:\Program Files (x86)\is.dat
[2012-04-30 06:36:42 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-30 06:36:36 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-04-30 06:36:18 | 2350,288,896 | -HS- | M] () -- C:\hiberfil.sys
[2012-04-29 23:17:02 | 001,709,855 | -H-- | M] () -- C:\Users\as\AppData\Local\IconCache.db
[2012-04-29 22:27:52 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-04-29 22:27:45 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-04-29 20:33:52 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2012-04-27 14:20:23 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-04-27 14:20:23 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-04-27 14:20:10 | 008,766,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-29 22:27:52 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-04-29 18:57:19 | 001,709,855 | -H-- | C] () -- C:\Users\as\AppData\Local\IconCache.db
[2012-04-27 13:21:47 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011-12-19 19:25:46 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-11-25 19:55:05 | 000,016,384 | ---- | C] () -- C:\Program Files (x86)\uik.dat
[2011-11-25 19:32:38 | 000,000,005 | ---- | C] () -- C:\Program Files (x86)\is.dat
[2011-01-31 07:51:43 | 000,108,840 | ---- | C] () -- C:\Users\as\AppData\Local\GDIPFONTCACHEV1.DAT

[color=#E56717]========== LOP Check ==========[/color]

[2011-01-31 08:46:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Asus WebStorage
[2012-01-04 16:47:20 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\Asus WebStorage
[2012-04-26 11:36:45 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BESTplayer
[2011-11-25 19:08:31 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BitComet
[2012-03-05 09:03:05 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\DAEMON Tools Lite
[2012-01-04 16:47:14 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\EeeStorageUploader
[2012-03-29 13:59:06 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\gtk-2.0
[2011-12-20 08:16:26 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\ipla
[2012-02-25 00:14:09 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\MusicNet
[2012-04-30 21:23:37 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\uTorrent
[2012-02-16 06:37:59 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]

< End of report >
[/log] [log] OTL Extras logfile created on: 2012-04-30 21:30:01 - Run 12
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\as\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,92 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 50,61% Memory free
5,84 Gb Paging File | 4,15 Gb Available in Paging File | 71,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 27,43 Gb Free Space | 36,81% Space Free | Partition Type: NTFS
Drive D: | 214,19 Gb Total Space | 153,31 Gb Free Space | 71,57% Space Free | Partition Type: NTFS

Computer Name: AS-KOMPUTER | User Name: as | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10EC4359-FF01-40EC-AA1B-A5D41833A121}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{16090503-AD23-4141-86CD-C3CF45291E90}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3A70BF81-9C16-4B4E-AE49-9DF7C0EBDFBC}" = rport=139 | protocol=6 | dir=out | app=system |
"{3A7F8418-BE62-4549-9E90-F5570A0ADED0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{403325AF-92A2-4991-A912-2B5222F3F652}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{50DBF2FE-E063-463C-B367-65D1FD2ED369}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email="name=@firewallapi.dll,-28539"]name=@firewallapi.dll,-28539[/email] |
"{56C2EE8D-4AF1-4472-9426-639D805104B7}" = lport=139 | protocol=6 | dir=in | app=system |
"{59243D6B-8508-4F69-AFD2-7E5370105301}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7431A423-8652-4180-BABF-A3ABBDB4B214}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{78A0622F-0D02-4383-B454-046AF88859AE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7CDAE49B-B3F6-4761-9B61-AA015A64146F}" = lport=445 | protocol=6 | dir=in | app=system |
"{90A5D8B6-F1DB-4F01-B7CE-233805473832}" = lport=138 | protocol=17 | dir=in | app=system |
"{9737D331-1815-4C6B-A390-27EA8454FB48}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9C66F2AD-F922-445E-80A9-5521A38293FD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ACB3BB04-EC4B-4CAB-8705-9C2863265C4B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B6D18FDD-34E1-436E-A028-929D11872B9D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B6E5F2C4-42B8-4625-A6F1-659552935AA9}" = rport=445 | protocol=6 | dir=out | app=system |
"{B78937D7-6E3C-4CCB-B041-0B2D65A88710}" = rport=137 | protocol=17 | dir=out | app=system |
"{B99EB9E9-CBD7-47AC-9E88-1B16D06DB044}" = rport=138 | protocol=17 | dir=out | app=system |
"{C0A3575F-97B3-4D75-A4BC-C54126CEFA0B}" = lport=137 | protocol=17 | dir=in | app=system |
"{C52845F2-210A-4A31-89A8-BA9C5B5B862C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D8ACEFFD-67F6-4F56-9CF9-6296C316C97B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F1C07C4A-4426-4900-96D1-E39755D3D47E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F3A1A33E-7F05-426A-80C7-BB4FA61B828E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05D683A1-55D3-43D9-A129-43D38E729F55}" = protocol=6 | dir=out | app=system |
"{0AFA402C-4F57-48E4-8494-E04F2CEAA78E}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{11CD9564-A562-471B-9C4B-903C0E43C887}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{183024A2-0F33-4DDE-B911-8968B802B45E}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{1C61E99A-E5FB-4E22-AD7B-EA512E79B26A}" = protocol=58 | dir=in | [email="name=@firewallapi.dll,-28545"]name=@firewallapi.dll,-28545[/email] |
"{26272C67-89A7-4C26-B46A-B83AB775B9D8}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{2FFBA4EF-7E5C-4E1D-9313-DB09D3B076B5}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{35BC6742-EF7F-43A0-ACEF-B481058BDCC4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4C363F76-4255-4E90-A363-7D7057C3F5FC}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{55425FC5-89E0-4CA2-A398-8DDE19BF608A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{55DA7719-2E95-42A1-84B8-FC8B9E8FAC41}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{61491C44-7364-4FE0-8B09-99D57DD38E7D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7357BB76-99ED-41EC-849B-2ED4930258B7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7D7AF273-2324-4DE7-8052-4D7CF1C712BD}" = protocol=1 | dir=in | [email="name=@firewallapi.dll,-28543"]name=@firewallapi.dll,-28543[/email] |
"{7FFDFE51-B0EC-4C88-AB30-7194442C3810}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{830C1059-6EFA-4D33-BA06-2DDE0159013B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A9FD29A1-52DB-485C-8ED2-A35BA769E754}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B1B14552-7C60-4474-A830-73226B2F6B86}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C0076644-CB33-4155-8943-92DEE1AF03EE}" = protocol=58 | dir=in | app=system |
"{C022F311-DF66-418A-AD4B-8784ABC7894B}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{CBDDA3AE-B281-4F1E-BFE0-2518218931E4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CC5FC2B7-A6EE-4C62-8BBD-BDFB845071CB}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{CF2C4F49-7DC0-4B06-85AB-FE51699E217D}" = protocol=1 | dir=out | [email="name=@firewallapi.dll,-28544"]name=@firewallapi.dll,-28544[/email] |
"{D7A8F6A0-70CC-4326-97A3-36ECFB70CB8A}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{E1112EF7-847E-4861-9AD3-BEA04516C0EE}" = protocol=58 | dir=out | [email="name=@iphlpsvc.dll,-503"]name=@iphlpsvc.dll,-503[/email] |
"{E1DDD883-8699-48C4-AFDA-A17CE0D8A9F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E3FE4437-4BB9-4E8D-A9A1-5A1F0716E978}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{EA0BD973-A1FC-4B73-8A01-B06D88A8B4A7}" = protocol=58 | dir=out | [email="name=@firewallapi.dll,-28546"]name=@firewallapi.dll,-28546[/email] |
"{FB0C6C4B-F82F-49A0-B912-EBE7C9BE1C29}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FCEEC02A-03B5-4E90-9F6F-D50B627D01C0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{4239078E-0BE8-46B0-8942-5DD74FD2AC46}D:\gry\pd\psychic-doom 97j\psychicdoommustart.exe" = protocol=6 | dir=in | app=d:\gry\pd\psychic-doom 97j\psychicdoommustart.exe |
"TCP Query User{6F174E3B-0D5C-47A4-B365-48C5789933D9}D:\gry\pd\psychic-doom 97j\psychicdoommustart.exe" = protocol=6 | dir=in | app=d:\gry\pd\psychic-doom 97j\psychicdoommustart.exe |
"TCP Query User{C83927AE-79E1-47B6-AFEC-3F3F3347928D}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"UDP Query User{14B399C8-4180-479A-B187-3B60CCC6840F}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"UDP Query User{6FFD7939-D347-47C4-9413-57C1E6FE9434}D:\gry\pd\psychic-doom 97j\psychicdoommustart.exe" = protocol=17 | dir=in | app=d:\gry\pd\psychic-doom 97j\psychicdoommustart.exe |
"UDP Query User{81AF072D-673F-48FE-9CBD-9CAF232DC4B9}D:\gry\pd\psychic-doom 97j\psychicdoommustart.exe" = protocol=17 | dir=in | app=d:\gry\pd\psychic-doom 97j\psychicdoommustart.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0512FBC8-37F5-11E1-630E-0E4BF115179A}" = CCC Help Norwegian
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{07C4EA80-2F1F-B150-4CCC-0AD2E4F8FBAB}" = CCC Help Hungarian
"{07EC03E1-2831-C147-CAA7-7A900EE9FD8D}" = CCC Help Dutch
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B63BF75-9F0A-4E93-A69D-BDCC6A26C4B1}" = Podstawowe programy Windows Live
"{0D052F88-18D4-FC0A-BF33-318C4FDFF6FD}" = Catalyst Control Center Graphics Light
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1E356931-3A8D-77D4-4D08-2FB6A1C01361}" = CCC Help Thai
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A5FBE73-76DA-4A31-BD86-1B0E01DC33F8}" = Windows Live Messenger
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{33A9D3F0-C131-5CCF-3630-13FDAE4931E8}" = ccc-core-static
"{33D31A9E-7D50-1B38-7D5E-FB41C89A805A}" = CCC Help Turkish
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40CC0CC6-C1BA-476D-98CF-5430DA439B4F}" = Galeria fotografii usługi Windows Live
"{420897E0-9294-C91D-194A-C3D53B768AB7}" = Catalyst Control Center Core Implementation
"{43E49F45-70FB-31D8-2C9A-4C80A0694F28}" = CCC Help Finnish
"{4997619D-FA9C-1987-ADD9-292E7623A7AB}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4BD6767A-5250-4B4C-A9BA-64300A0A6914}" = WAC
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5E7B9D7C-0245-A5AF-9A7F-C2A74F8A4251}" = CCC Help French
"{641BFAC0-2527-FEF8-DA90-52F42A9C82AB}" = CCC Help Portuguese
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65CE0B7D-F67E-EE9C-A10F-85ECBDC7FF01}" = Catalyst Control Center Graphics Full New
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6EB8E500-1A08-5104-C0F4-B131C23BAC57}" = CCC Help Italian
"{74CC5B4D-CBB5-46F1-82B0-3169977B1D36}" = Asystent rejestracji usługi Windows Live
"{7C3B44A6-CA80-67A8-BD61-72AC2E367760}" = CCC Help Russian
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}" = Dream Day Wedding Married in Manhattan
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}" = Piggly FREE
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}" = Smileyville FREE
"{8385135C-A857-2F59-5226-03AF656DA9A5}" = Catalyst Control Center Localization All
"{856520DF-4018-0EAD-B02F-C506C0C52F02}" = CCC Help Swedish
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-040E-0000-0000000FF1CE}" = Microsoft Office Access MUI (Hungarian) 2007
"{90120000-0015-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0418-0000-0000000FF1CE}" = Microsoft Office Access MUI (Romanian) 2007
"{90120000-0015-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0424-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovenian) 2007
"{90120000-0015-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hungarian) 2007
"{90120000-0016-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0418-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Romanian) 2007
"{90120000-0016-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0424-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovenian) 2007
"{90120000-0016-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hungarian) 2007
"{90120000-0018-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0418-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Romanian) 2007
"{90120000-0018-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0424-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovenian) 2007
"{90120000-0018-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040E-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hungarian) 2007
"{90120000-0019-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0418-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Romanian) 2007
"{90120000-0019-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0424-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovenian) 2007
"{90120000-0019-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040E-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hungarian) 2007
"{90120000-001A-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0418-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Romanian) 2007
"{90120000-001A-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0424-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovenian) 2007
"{90120000-001A-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hungarian) 2007
"{90120000-001B-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0418-0000-0000000FF1CE}" = Microsoft Office Word MUI (Romanian) 2007
"{90120000-001B-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0424-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovenian) 2007
"{90120000-001B-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROHYBRIDR_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_PROHYBRIDR_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-0418-0000-0000000FF1CE}_PROHYBRIDR_{0E2DB3D7-94EA-4B12-A9C1-D3C52BDE07D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041A-0000-0000000FF1CE}" = Microsoft Office Proof (Croatian) 2007
"{90120000-001F-041A-0000-0000000FF1CE}_PROHYBRIDR_{9DECF714-4963-48E2-924A-B9075485AF6B}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0424-0000-0000000FF1CE}" = Microsoft Office Proof (Slovenian) 2007
"{90120000-001F-0424-0000-0000000FF1CE}_PROHYBRIDR_{8FF4ED5D-9EA1-4EC5-8F10-767E1705310C}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_PROHYBRIDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-040E-1000-0000000FF1CE}_PROHYBRIDR_{1E71F4A2-F832-4B10-8CA5-2B49A20AAD87}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0415-1000-0000000FF1CE}_PROHYBRIDR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0418-1000-0000000FF1CE}_PROHYBRIDR_{C618587E-CCC5-46B5-88C3-2E7C1195B3C7}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-041B-1000-0000000FF1CE}_PROHYBRIDR_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0424-1000-0000000FF1CE}_PROHYBRIDR_{455248D4-FBA8-4C55-AB56-3F209028D7B5}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040E-0000-0000000FF1CE}" = Microsoft Office Proofing (Hungarian) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-002C-0418-0000-0000000FF1CE}" = Microsoft Office Proofing (Romanian) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-002C-0424-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovenian) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hungarian) 2007
"{90120000-006E-040E-0000-0000000FF1CE}_PROHYBRIDR_{1E71F4A2-F832-4B10-8CA5-2B49A20AAD87}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_PROHYBRIDR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0418-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Romanian) 2007
"{90120000-006E-0418-0000-0000000FF1CE}_PROHYBRIDR_{C618587E-CCC5-46B5-88C3-2E7C1195B3C7}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROHYBRIDR_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0424-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovenian) 2007
"{90120000-006E-0424-0000-0000000FF1CE}_PROHYBRIDR_{455248D4-FBA8-4C55-AB56-3F209028D7B5}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90D9AF4D-8BA2-D322-E2B6-316CC4EEDEB9}" = CCC Help English
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{9B408981-8298-20FE-58E5-59113B371947}" = CCC Help Japanese
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9DB3F20E-EAE9-FE53-DC08-71BC5E5F18E3}" = Catalyst Control Center Graphics Previews Vista
"{9E3234AD-F86D-7ABE-EC5B-A1BDDC770FFE}" = CCC Help Danish
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A57039DB-8A82-0DA3-CFBD-888E88A50816}" = CCC Help Korean
"{A5981835-5A34-E723-BBB1-3A4556F93B14}" = CCC Help Greek
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9D0699A-714A-7AF0-7887-A880440CF1EE}" = CCC Help German
"{AB3C268A-E54B-4F6D-BF97-2DFCEEFA94F5}" = Catalyst Control Center - Branding
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.2 MUI
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B72E80DB-DF9B-DE1E-8899-CC74B6B9456A}" = Catalyst Control Center InstallProxy
"{BB1FCCCB-CF8E-87FE-B989-37041A118F29}" = CCC Help Chinese Traditional
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3335EFB-008F-44DB-A87A-9EC8EE53D045}" = Windows Live Sync
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C94ADF6E-B9F0-1221-AD6F-25D547EA0726}" = Catalyst Control Center Graphics Previews Common
"{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1" = Game Park Console
"{D221681D-9B40-2078-0119-4FD158DC571B}" = Catalyst Control Center Graphics Full Existing
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DB4690C5-9015-401D-A96C-A49909B7C372}" = Poczta usługi Windows Live
"{DD49053A-0140-44EF-AE75-C4BC1FDB8286}" = Windows Live Writer
"{E4C16219-48E5-B6BC-637B-F16412CE5DE5}" = CCC Help Spanish
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE83CCB4-1DDF-153A-3E73-242A687D8C58}" = CCC Help Polish
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F81722A1-2B1A-383B-1775-26BE96E14E4E}" = CCC Help Czech
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"ASUS AP Bank_is1" = ASUS AP Bank
"avast" = avast! Free Antivirus
"Browsers Protector" = Browsers Protector
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"ipla" = ipla 2.3.4
"K_Series_ScreenSaver_EN" = K_Series_ScreenSaver_EN
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic)
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"PROHYBRIDR" = 2007 Microsoft Office system
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"WinGimp-2.0_is1" = GIMP 2.6.12-1
"WinLiveSuite_Wave3" = Podstawowe programy Windows Live

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-04-26 02:41:20 | Computer Name = as-Komputer | Source = System Restore | ID = 8193
Description =

Error - 2012-04-26 02:41:51 | Computer Name = as-Komputer | Source = System Restore | ID = 8193
Description =

Error - 2012-04-26 02:42:24 | Computer Name = as-Komputer | Source = System Restore | ID = 8193
Description =

Error - 2012-04-26 02:42:57 | Computer Name = as-Komputer | Source = System Restore | ID = 8193
Description =

Error - 2012-04-26 02:43:30 | Computer Name = as-Komputer | Source = System Restore | ID = 8193
Description =

Error - 2012-04-26 02:44:03 | Computer Name = as-Komputer | Source = System Restore | ID = 8193
Description =

Error - 2012-04-26 02:44:32 | Computer Name = as-Komputer | Source = System Restore | ID = 8193
Description =

Error - 2012-04-26 02:45:00 | Computer Name = as-Komputer | Source = System Restore | ID = 8193
Description =

Error - 2012-04-26 02:45:30 | Computer Name = as-Komputer | Source = System Restore | ID = 8193
Description =

Error - 2012-04-27 03:34:57 | Computer Name = as-Komputer | Source = System Restore | ID = 8193
Description =

[ System Events ]
Error - 2012-04-12 02:34:35 | Computer Name = as-Komputer | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description = Błąd CBS 0x80073701 '' podczas pracy z pakietem języka interfejsu
użytkownika (sk-SK)

Error - 2012-04-12 02:34:35 | Computer Name = as-Komputer | Source = Microsoft-Windows-LanguagePackSetup | ID = 1043
Description = CBS: nie można usunąć pakietu językowego (sk-SK). Zwrócony kod błędu
CBS: 0x80073701.

Error - 2012-04-12 02:35:04 | Computer Name = as-Komputer | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description = Błąd CBS 0x80073701 '' podczas pracy z pakietem języka interfejsu
użytkownika (sl-SI)

Error - 2012-04-12 02:35:04 | Computer Name = as-Komputer | Source = Microsoft-Windows-LanguagePackSetup | ID = 1043
Description = CBS: nie można usunąć pakietu językowego (sl-SI). Zwrócony kod błędu
CBS: 0x80073701.

Error - 2012-04-12 02:35:36 | Computer Name = as-Komputer | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description = Błąd CBS 0x80073701 '' podczas pracy z pakietem języka interfejsu
użytkownika (hu-HU)

Error - 2012-04-12 02:35:36 | Computer Name = as-Komputer | Source = Microsoft-Windows-LanguagePackSetup | ID = 1043
Description = CBS: nie można usunąć pakietu językowego (hu-HU). Zwrócony kod błędu
CBS: 0x80073701.

Error - 2012-04-12 06:06:40 | Computer Name = as-Komputer | Source = ACPI | ID = 327690
Description = ACPI: System ACPI BIOS próbuje zapisać dane w niedozwolonym regionie
działania PCI (0x4). Skontaktuj się z dostawcą systemu w celu uzyskania pomocy
technicznej.

Error - 2012-04-12 06:06:40 | Computer Name = as-Komputer | Source = ACPI | ID = 327690
Description = ACPI: System ACPI BIOS próbuje zapisać dane w niedozwolonym regionie
działania PCI (0x4). Skontaktuj się z dostawcą systemu w celu uzyskania pomocy
technicznej.

Error - 2012-04-12 07:45:13 | Computer Name = as-Komputer | Source = ACPI | ID = 327690
Description = ACPI: System ACPI BIOS próbuje zapisać dane w niedozwolonym regionie
działania PCI (0x4). Skontaktuj się z dostawcą systemu w celu uzyskania pomocy
technicznej.

Error - 2012-04-12 07:45:13 | Computer Name = as-Komputer | Source = ACPI | ID = 327690
Description = ACPI: System ACPI BIOS próbuje zapisać dane w niedozwolonym regionie
działania PCI (0x4). Skontaktuj się z dostawcą systemu w celu uzyskania pomocy
technicznej.

< End of report >
[/log]

1 maja 2012

Uruchom OTL i w oknie [b]Własne opcje skanowania/skrypt[/b] wklej:

[code]:OTL
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://startsear.ch/...&q={searchTerms}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = http://www.google.co...1I7ASUT_plPL459
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/...c8-f46d04540a73
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Browsers Protector] C:\Program Files (x86)\Browsers Protector\regmon32.exe ()

:Files
C:\Program Files (x86)\Browsers Protector

:Commands
[emptyflash]
[emptytemp][/code]

Kliknij w [b]Wykonaj skrypt.[/b]

2. Po usuwaniu zrób nowy skan [b]OTL[/b] i przedstaw log. Extras juz nie potrzebny.

1 maja 2012

[log] OTL logfile created on: 2012-05-01 06:31:09 - Run 13
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\as\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,92 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 64,21% Memory free
5,84 Gb Paging File | 4,61 Gb Available in Paging File | 78,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 27,43 Gb Free Space | 36,81% Space Free | Partition Type: NTFS
Drive D: | 214,19 Gb Total Space | 153,31 Gb Free Space | 71,57% Space Free | Partition Type: NTFS

Computer Name: AS-KOMPUTER | User Name: as | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-04-30 21:24:36 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe
PRC - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2011-10-21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
PRC - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009-10-26 19:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009-10-03 13:08:38 | 000,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
PRC - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-12-23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008-08-14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-04-30 21:24:36 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
MOD - [2012-04-30 19:09:30 | 000,040,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12043001\uiext.dll
MOD - [2012-04-29 22:30:44 | 000,120,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MOD - [2012-04-27 14:20:22 | 008,778,400 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_233.ocx
MOD - [2012-03-07 01:15:28 | 000,228,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll
MOD - [2012-03-07 01:15:28 | 000,095,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll
MOD - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2012-03-07 01:15:15 | 004,675,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2012-03-07 01:15:13 | 000,215,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2012-03-07 01:15:10 | 000,399,088 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2012-03-07 01:15:10 | 000,214,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2012-03-07 01:15:10 | 000,027,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2012-03-07 01:15:09 | 002,111,448 | ---- | M] (AVAST! Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll
MOD - [2012-03-07 01:15:09 | 000,217,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2012-03-07 01:15:08 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2012-03-07 01:15:07 | 000,337,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2012-03-07 01:15:07 | 000,184,872 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2012-03-07 01:15:07 | 000,164,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2012-03-07 01:15:07 | 000,153,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2012-03-07 01:15:07 | 000,098,864 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2012-03-07 01:15:07 | 000,050,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2012-03-07 01:15:06 | 000,406,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2012-03-07 01:15:06 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2012-03-07 01:15:04 | 000,140,064 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AhAScr.dll
MOD - [2012-03-07 01:15:03 | 000,345,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2012-03-07 01:15:03 | 000,096,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2012-03-01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-03-01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-02-28 03:52:25 | 012,281,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012-02-28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-02-28 03:18:55 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2012-02-28 03:12:01 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-02-28 03:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-02-28 03:08:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
MOD - [2012-02-28 03:08:15 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll
MOD - [2012-02-28 03:06:48 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
MOD - [2012-02-28 03:04:32 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-02-28 02:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
MOD - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe
MOD - [2012-02-10 07:38:43 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-01-04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-01-04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011-12-16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-11-29 00:00:37 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2011-11-29 00:00:36 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2011-11-29 00:00:36 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2011-11-25 21:14:36 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Java\jre6\bin\MSVCR71.dll
MOD - [2011-11-25 21:14:35 | 000,042,272 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
MOD - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
MOD - [2011-11-25 21:00:48 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2011-11-25 21:00:47 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll
MOD - [2011-11-25 21:00:47 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll
MOD - [2011-11-25 21:00:46 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll
MOD - [2011-11-25 21:00:46 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2011-11-17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-17 07:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2011-11-17 07:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2011-11-17 07:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-07-16 06:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-07-16 06:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011-06-16 06:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2011-05-24 12:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-05-24 12:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011-05-24 12:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-03-11 07:33:59 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42u.dll
MOD - [2011-03-11 07:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-02-19 08:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011-01-17 07:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-20 14:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll
MOD - [2010-11-20 14:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-20 14:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-20 14:21:34 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-20 14:20:48 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010-11-20 14:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-20 14:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010-11-20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-20 14:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010-11-20 14:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010-11-20 14:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-20 14:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll
MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-20 14:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-20 14:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-20 14:08:44 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-20 13:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
MOD - [2010-11-05 03:58:01 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
MOD - [2010-11-05 03:58:00 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll
MOD - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
MOD - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009-12-17 11:12:59 | 003,056,640 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009-11-02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
MOD - [2009-11-02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009-11-02 23:17:54 | 000,509,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCP71.dll
MOD - [2009-11-02 23:17:42 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCR71.dll
MOD - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MOD - [2009-10-03 13:08:38 | 000,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
MOD - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MOD - [2009-08-20 05:31:50 | 000,055,936 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\ATKMETHOD.dll
MOD - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MOD - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 03:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll
MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009-07-14 03:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll
MOD - [2009-07-14 03:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009-07-14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009-07-14 03:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll
MOD - [2009-07-14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009-07-14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 03:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MOD - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MOD - [2009-01-26 15:30:58 | 001,287,000 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\advcheck.dll
MOD - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007-06-15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007-06-02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2005-09-22 02:30:42 | 000,036,864 | ---- | M] (ATK) -- C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
MOD - [2005-01-13 09:36:58 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
MOD - [2004-05-28 03:13:08 | 000,080,384 | ---- | M] (ACTIONTEC Electronics,Inc) -- C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-27 14:20:23 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011-10-21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox"]http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox[/url]
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]
IE - HKLM\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7[/url]

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://startsear.ch/?aff=1&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73"]http://startsear.ch/?aff=1&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms"]http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms[/url]}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-04-29 22:27:36 | 000,000,000 | ---D | M]

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Szukaj w Google = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2012-04-29 20:33:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Browsers Protector] C:\Program Files (x86)\Browsers Protector\regmon32.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..Trusted Domains: zagraj.pl ([www] http in Zaufane witryny)
O16 - DPF: {7818D12F-8769-4A58-AE82-81EBE897F4E4} [url="http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab"]http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab[/url] (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B9F9A3E-8D03-4B9D-A0B0-3139FDD94830}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-30 21:24:34 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
[2012-04-29 22:27:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012-04-29 22:27:27 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012-04-29 22:27:27 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-04-29 22:01:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-04-29 20:43:56 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012-04-29 20:21:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012-04-29 11:32:08 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\ElevatedDiagnostics
[2012-04-28 19:02:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012-04-28 10:52:33 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\VS Revo Group
[2012-04-28 08:20:11 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Malwarebytes
[2012-04-28 08:20:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-04-27 19:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browsers Protector
[2012-04-27 14:20:10 | 008,766,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012-04-27 13:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012-04-27 13:21:45 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Mozilla
[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\Mozilla
[2012-04-24 15:38:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-04-12 22:35:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-04-12 22:35:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-04-12 22:35:55 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-04-12 22:35:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-04-12 22:35:53 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-04-12 22:35:24 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-04-12 22:35:23 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-05-01 06:28:52 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-05-01 06:28:50 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-05-01 06:28:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-05-01 06:28:31 | 2350,288,896 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-01 06:27:59 | 002,097,152 | -HS- | M] () -- C:\Users\as\NTUSER.DAT
[2012-05-01 06:27:57 | 001,711,460 | -H-- | M] () -- C:\Users\as\AppData\Local\IconCache.db
[2012-04-30 22:20:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-30 22:16:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-30 21:24:36 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
[2012-04-30 07:34:44 | 000,000,005 | ---- | M] () -- C:\Program Files (x86)\is.dat
[2012-04-29 22:27:52 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-04-29 22:27:45 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-04-29 20:33:52 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2012-04-27 14:20:23 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-04-27 14:20:23 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-04-27 14:20:10 | 008,766,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-29 22:27:52 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-04-29 18:57:19 | 001,711,460 | -H-- | C] () -- C:\Users\as\AppData\Local\IconCache.db
[2012-04-27 13:21:47 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011-12-19 19:25:46 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-11-25 19:55:05 | 000,016,384 | ---- | C] () -- C:\Program Files (x86)\uik.dat
[2011-11-25 19:32:38 | 000,000,005 | ---- | C] () -- C:\Program Files (x86)\is.dat
[2011-01-31 07:51:43 | 000,108,840 | ---- | C] () -- C:\Users\as\AppData\Local\GDIPFONTCACHEV1.DAT

[color=#E56717]========== LOP Check ==========[/color]

[2011-01-31 08:46:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Asus WebStorage
[2012-01-04 16:47:20 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\Asus WebStorage
[2012-04-26 11:36:45 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BESTplayer
[2011-11-25 19:08:31 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BitComet
[2012-03-05 09:03:05 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\DAEMON Tools Lite
[2012-01-04 16:47:14 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\EeeStorageUploader
[2012-03-29 13:59:06 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\gtk-2.0
[2011-12-20 08:16:26 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\ipla
[2012-02-25 00:14:09 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\MusicNet
[2012-04-30 22:37:10 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\uTorrent
[2012-02-16 06:37:59 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]

< End of report >
[/log]

1 maja 2012

Nic sie nie usunęło. Spróbuj w trybie awaryjnym Windows, albo odinstaluj tego zwariowanego Avasta.

1 maja 2012

usunąłem avasta [log] OTL logfile created on: 2012-05-01 07:31:01 - Run 14
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\as\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,92 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 67,02% Memory free
5,84 Gb Paging File | 4,70 Gb Available in Paging File | 80,51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 27,73 Gb Free Space | 37,22% Space Free | Partition Type: NTFS
Drive D: | 214,19 Gb Total Space | 153,31 Gb Free Space | 71,57% Space Free | Partition Type: NTFS

Computer Name: AS-KOMPUTER | User Name: as | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-04-30 21:24:36 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
PRC - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe
PRC - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2011-10-21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
PRC - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009-10-26 19:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009-10-03 13:08:38 | 000,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
PRC - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-12-23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008-08-14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-04-30 21:24:36 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
MOD - [2012-04-27 14:20:22 | 008,778,400 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_233.ocx
MOD - [2012-03-01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-03-01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-02-28 03:52:25 | 012,281,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012-02-28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-02-28 03:18:55 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2012-02-28 03:12:01 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-02-28 03:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-02-28 03:08:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
MOD - [2012-02-28 03:08:15 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll
MOD - [2012-02-28 03:06:48 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
MOD - [2012-02-28 03:04:32 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-02-28 02:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
MOD - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe
MOD - [2012-02-10 07:38:43 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-01-04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-01-04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011-12-16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-11-25 21:14:36 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Java\jre6\bin\MSVCR71.dll
MOD - [2011-11-25 21:14:35 | 000,042,272 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
MOD - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
MOD - [2011-11-25 21:00:48 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2011-11-25 21:00:47 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll
MOD - [2011-11-25 21:00:47 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll
MOD - [2011-11-25 21:00:46 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll
MOD - [2011-11-25 21:00:46 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2011-11-17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-17 07:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2011-11-17 07:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2011-11-17 07:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-07-16 06:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-07-16 06:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011-06-16 06:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2011-05-24 12:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-05-24 12:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011-05-24 12:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-03-11 07:33:59 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42u.dll
MOD - [2011-03-11 07:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-02-19 08:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011-01-17 07:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-20 14:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll
MOD - [2010-11-20 14:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-20 14:21:34 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-20 14:20:48 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010-11-20 14:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-20 14:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010-11-20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-20 14:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010-11-20 14:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-20 14:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll
MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-20 14:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-20 14:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-20 14:08:44 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-20 13:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
MOD - [2010-11-05 03:58:01 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
MOD - [2010-11-05 03:58:00 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll
MOD - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
MOD - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009-12-17 11:12:59 | 003,056,640 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009-11-02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
MOD - [2009-11-02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009-11-02 23:17:54 | 000,509,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCP71.dll
MOD - [2009-11-02 23:17:42 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCR71.dll
MOD - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MOD - [2009-10-03 13:08:38 | 000,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
MOD - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MOD - [2009-08-20 05:31:50 | 000,055,936 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\ATKMETHOD.dll
MOD - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MOD - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 03:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll
MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009-07-14 03:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll
MOD - [2009-07-14 03:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009-07-14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009-07-14 03:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll
MOD - [2009-07-14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009-07-14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 03:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MOD - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MOD - [2009-01-26 15:30:58 | 001,287,000 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\advcheck.dll
MOD - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007-06-15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007-06-02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2005-09-22 02:30:42 | 000,036,864 | ---- | M] (ATK) -- C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
MOD - [2005-01-13 09:36:58 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
MOD - [2004-05-28 03:13:08 | 000,080,384 | ---- | M] (ACTIONTEC Electronics,Inc) -- C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-27 14:20:23 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011-10-21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox"]http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox[/url]
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]
IE - HKLM\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7[/url]

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://startsear.ch/?aff=1&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73"]http://startsear.ch/?aff=1&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms"]http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms[/url]}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Szukaj w Google = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2012-04-29 20:33:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [Browsers Protector] C:\Program Files (x86)\Browsers Protector\regmon32.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..Trusted Domains: zagraj.pl ([www] http in Zaufane witryny)
O16 - DPF: {7818D12F-8769-4A58-AE82-81EBE897F4E4} [url="http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab"]http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab[/url] (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B9F9A3E-8D03-4B9D-A0B0-3139FDD94830}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-30 21:24:34 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
[2012-04-29 22:01:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-04-29 20:43:56 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012-04-29 20:21:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012-04-29 11:32:08 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\ElevatedDiagnostics
[2012-04-28 19:02:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012-04-28 10:52:33 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\VS Revo Group
[2012-04-28 08:20:11 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Malwarebytes
[2012-04-28 08:20:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-04-27 19:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browsers Protector
[2012-04-27 14:20:10 | 008,766,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012-04-27 13:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012-04-27 13:21:45 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Mozilla
[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\Mozilla
[2012-04-24 15:38:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-04-12 22:35:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-04-12 22:35:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-04-12 22:35:55 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-04-12 22:35:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-04-12 22:35:53 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-04-12 22:35:24 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-04-12 22:35:23 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-05-01 07:29:20 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-05-01 07:29:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-05-01 07:29:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-05-01 07:29:01 | 2350,288,896 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-01 07:28:31 | 002,097,152 | -HS- | M] () -- C:\Users\as\NTUSER.DAT
[2012-05-01 07:28:29 | 001,720,004 | -H-- | M] () -- C:\Users\as\AppData\Local\IconCache.db
[2012-05-01 07:20:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-05-01 07:16:01 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-05-01 06:49:27 | 000,000,005 | ---- | M] () -- C:\Program Files (x86)\is.dat
[2012-04-30 21:24:36 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
[2012-04-29 22:27:45 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-04-29 20:33:52 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2012-04-27 14:20:23 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-04-27 14:20:23 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-04-27 14:20:10 | 008,766,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-29 18:57:19 | 001,720,004 | -H-- | C] () -- C:\Users\as\AppData\Local\IconCache.db
[2012-04-27 13:21:47 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011-12-19 19:25:46 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-11-25 19:55:05 | 000,016,384 | ---- | C] () -- C:\Program Files (x86)\uik.dat
[2011-11-25 19:32:38 | 000,000,005 | ---- | C] () -- C:\Program Files (x86)\is.dat
[2011-01-31 07:51:43 | 000,108,840 | ---- | C] () -- C:\Users\as\AppData\Local\GDIPFONTCACHEV1.DAT

[color=#E56717]========== LOP Check ==========[/color]

[2011-01-31 08:46:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Asus WebStorage
[2012-01-04 16:47:20 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\Asus WebStorage
[2012-04-26 11:36:45 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BESTplayer
[2011-11-25 19:08:31 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BitComet
[2012-03-05 09:03:05 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\DAEMON Tools Lite
[2012-01-04 16:47:14 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\EeeStorageUploader
[2012-03-29 13:59:06 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\gtk-2.0
[2011-12-20 08:16:26 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\ipla
[2012-02-25 00:14:09 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\MusicNet
[2012-04-30 22:37:10 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\uTorrent
[2012-02-16 06:37:59 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]

< End of report >
[/log]

1 maja 2012

Powtórzyłeś usuwanie po deinstalacji Avasta? Bo wszystko dalej siedzi. Trzeba powtórzyć skrypt. Podaj mi log po usuwaniu.

1 maja 2012

[log] Error: Unable to interpret <OTL logfile created on: 2012-05-01 07:31:01 - Run 14> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\as\Desktop> in the current context!
Error: Unable to interpret <64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 9.0.8112.16421)> in the current context!
Error: Unable to interpret <Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <2,92 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 67,02% Memory free> in the current context!
Error: Unable to interpret <5,84 Gb Paging File | 4,70 Gb Available in Paging File | 80,51% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)> in the current context!
Error: Unable to interpret <Drive C: | 74,52 Gb Total Space | 27,73 Gb Free Space | 37,22% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive D: | 214,19 Gb Total Space | 153,31 Gb Free Space | 71,57% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: AS-KOMPUTER | User Name: as | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: All users> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Processes (All) ==========[/color]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <PRC - [2012-04-30 21:24:36 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe> in the current context!
Error: Unable to interpret <PRC - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe> in the current context!
Error: Unable to interpret <PRC - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe> in the current context!
Error: Unable to interpret <PRC - [2011-10-21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE> in the current context!
Error: Unable to interpret <PRC - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE> in the current context!
Error: Unable to interpret <PRC - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe> in the current context!
Error: Unable to interpret <PRC - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe> in the current context!
Error: Unable to interpret <PRC - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe> in the current context!
Error: Unable to interpret <PRC - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe> in the current context!
Error: Unable to interpret <PRC - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe> in the current context!
Error: Unable to interpret <PRC - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe> in the current context!
Error: Unable to interpret <PRC - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe> in the current context!
Error: Unable to interpret <PRC - [2009-10-26 19:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe> in the current context!
Error: Unable to interpret <PRC - [2009-10-03 13:08:38 | 000,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe> in the current context!
Error: Unable to interpret <PRC - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe> in the current context!
Error: Unable to interpret <PRC - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe> in the current context!
Error: Unable to interpret <PRC - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe> in the current context!
Error: Unable to interpret <PRC - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe> in the current context!
Error: Unable to interpret <PRC - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe> in the current context!
Error: Unable to interpret <PRC - [2009-06-19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe> in the current context!
Error: Unable to interpret <PRC - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe> in the current context!
Error: Unable to interpret <PRC - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe> in the current context!
Error: Unable to interpret <PRC - [2008-12-23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe> in the current context!
Error: Unable to interpret <PRC - [2008-08-14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe> in the current context!
Error: Unable to interpret <PRC - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe> in the current context!
Error: Unable to interpret <PRC - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Modules (All) ==========[/color]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <MOD - [2012-04-30 21:24:36 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe> in the current context!
Error: Unable to interpret <MOD - [2012-04-27 14:20:22 | 008,778,400 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_233.ocx> in the current context!
Error: Unable to interpret <MOD - [2012-03-01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll> in the current context!
Error: Unable to interpret <MOD - [2012-03-01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll> in the current context!
Error: Unable to interpret <MOD - [2012-02-28 03:52:25 | 012,281,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll> in the current context!
Error: Unable to interpret <MOD - [2012-02-28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll> in the current context!
Error: Unable to interpret <MOD - [2012-02-28 03:18:55 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll> in the current context!
Error: Unable to interpret <MOD - [2012-02-28 03:12:01 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll> in the current context!
Error: Unable to interpret <MOD - [2012-02-28 03:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll> in the current context!
Error: Unable to interpret <MOD - [2012-02-28 03:08:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll> in the current context!
Error: Unable to interpret <MOD - [2012-02-28 03:08:15 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll> in the current context!
Error: Unable to interpret <MOD - [2012-02-28 03:06:48 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll> in the current context!
Error: Unable to interpret <MOD - [2012-02-28 03:04:32 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll> in the current context!
Error: Unable to interpret <MOD - [2012-02-28 02:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll> in the current context!
Error: Unable to interpret <MOD - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe> in the current context!
Error: Unable to interpret <MOD - [2012-02-10 07:38:43 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll> in the current context!
Error: Unable to interpret <MOD - [2012-01-04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll> in the current context!
Error: Unable to interpret <MOD - [2012-01-04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll> in the current context!
Error: Unable to interpret <MOD - [2011-12-16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll> in the current context!
Error: Unable to interpret <MOD - [2011-11-25 21:14:36 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Java\jre6\bin\MSVCR71.dll> in the current context!
Error: Unable to interpret <MOD - [2011-11-25 21:14:35 | 000,042,272 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll> in the current context!
Error: Unable to interpret <MOD - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe> in the current context!
Error: Unable to interpret <MOD - [2011-11-25 21:00:48 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll> in the current context!
Error: Unable to interpret <MOD - [2011-11-25 21:00:47 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll> in the current context!
Error: Unable to interpret <MOD - [2011-11-25 21:00:47 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll> in the current context!
Error: Unable to interpret <MOD - [2011-11-25 21:00:46 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll> in the current context!
Error: Unable to interpret <MOD - [2011-11-25 21:00:46 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll> in the current context!
Error: Unable to interpret <MOD - [2011-11-17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll> in the current context!
Error: Unable to interpret <MOD - [2011-11-17 07:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll> in the current context!
Error: Unable to interpret <MOD - [2011-11-17 07:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll> in the current context!
Error: Unable to interpret <MOD - [2011-11-17 07:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll> in the current context!
Error: Unable to interpret <MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll> in the current context!
Error: Unable to interpret <MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll> in the current context!
Error: Unable to interpret <MOD - [2011-07-16 06:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll> in the current context!
Error: Unable to interpret <MOD - [2011-07-16 06:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll> in the current context!
Error: Unable to interpret <MOD - [2011-06-16 06:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll> in the current context!
Error: Unable to interpret <MOD - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe> in the current context!
Error: Unable to interpret <MOD - [2011-05-24 12:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll> in the current context!
Error: Unable to interpret <MOD - [2011-05-24 12:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll> in the current context!
Error: Unable to interpret <MOD - [2011-05-24 12:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll> in the current context!
Error: Unable to interpret <MOD - [2011-03-11 07:33:59 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42u.dll> in the current context!
Error: Unable to interpret <MOD - [2011-03-11 07:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll> in the current context!
Error: Unable to interpret <MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll> in the current context!
Error: Unable to interpret <MOD - [2011-02-19 08:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll> in the current context!
Error: Unable to interpret <MOD - [2011-01-17 07:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:34 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:20:48 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 14:08:44 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-20 13:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-05 03:58:01 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll> in the current context!
Error: Unable to interpret <MOD - [2010-11-05 03:58:00 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll> in the current context!
Error: Unable to interpret <MOD - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe> in the current context!
Error: Unable to interpret <MOD - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe> in the current context!
Error: Unable to interpret <MOD - [2009-12-17 11:12:59 | 003,056,640 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll> in the current context!
Error: Unable to interpret <MOD - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe> in the current context!
Error: Unable to interpret <MOD - [2009-11-02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll> in the current context!
Error: Unable to interpret <MOD - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe> in the current context!
Error: Unable to interpret <MOD - [2009-11-02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll> in the current context!
Error: Unable to interpret <MOD - [2009-11-02 23:17:54 | 000,509,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCP71.dll> in the current context!
Error: Unable to interpret <MOD - [2009-11-02 23:17:42 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCR71.dll> in the current context!
Error: Unable to interpret <MOD - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe> in the current context!
Error: Unable to interpret <MOD - [2009-10-03 13:08:38 | 000,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe> in the current context!
Error: Unable to interpret <MOD - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe> in the current context!
Error: Unable to interpret <MOD - [2009-08-20 05:31:50 | 000,055,936 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\ATKMETHOD.dll> in the current context!
Error: Unable to interpret <MOD - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe> in the current context!
Error: Unable to interpret <MOD - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll> in the current context!
Error: Unable to interpret <MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll> in the current context!
Error: Unable to interpret <MOD - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe> in the current context!
Error: Unable to interpret <MOD - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe> in the current context!
Error: Unable to interpret <MOD - [2009-01-26 15:30:58 | 001,287,000 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\advcheck.dll> in the current context!
Error: Unable to interpret <MOD - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe> in the current context!
Error: Unable to interpret <MOD - [2007-06-15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll> in the current context!
Error: Unable to interpret <MOD - [2007-06-02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll> in the current context!
Error: Unable to interpret <MOD - [2005-09-22 02:30:42 | 000,036,864 | ---- | M] (ATK) -- C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll> in the current context!
Error: Unable to interpret <MOD - [2005-01-13 09:36:58 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll> in the current context!
Error: Unable to interpret <MOD - [2004-05-28 03:13:08 | 000,080,384 | ---- | M] (ACTIONTEC Electronics,Inc) -- C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Win32 Services (SafeList) ==========[/color]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SRV - [2012-04-27 14:20:23 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)> in the current context!
Error: Unable to interpret <SRV - [2011-10-21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)> in the current context!
Error: Unable to interpret <SRV - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)> in the current context!
Error: Unable to interpret <SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)> in the current context!
Error: Unable to interpret <SRV - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)> in the current context!
Error: Unable to interpret <SRV - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)> in the current context!
Error: Unable to interpret <SRV - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)> in the current context!
Error: Unable to interpret <SRV - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)> in the current context!
Error: Unable to interpret <SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)> in the current context!
Error: Unable to interpret <SRV - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Driver Services (SafeList) ==========[/color]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)> in the current context!
Error: Unable to interpret <DRV - [2009-07-03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Standard Registry (SafeList) ==========[/color]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Internet Explorer ==========[/color]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com"]http://www.google.com[/url]> in the current context!
Error: Unable to interpret <IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox"]http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox[/url]> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7[/url]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://startsear.ch/?aff=1&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73"]http://startsear.ch/?aff=1&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73[/url]> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms"]http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms[/url]}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459[/url]> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== FireFox ==========[/color]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Chrome ==========[/color]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <CHR - default_search_provider: Google (Enabled)> in the current context!
Error: Unable to interpret <CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}> in the current context!
Error: Unable to interpret <CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}> in the current context!
Error: Unable to interpret <CHR - Extension: YouTube = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\> in the current context!
Error: Unable to interpret <CHR - Extension: Szukaj w Google = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\> in the current context!
Error: Unable to interpret <CHR - Extension: avast! WebRep = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\> in the current context!
Error: Unable to interpret <CHR - Extension: Gmail = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <O1 HOSTS File: ([2012-04-29 20:33:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 localhost> in the current context!
Error: Unable to interpret <O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [Browsers Protector] C:\Program Files (x86)\Browsers Protector\regmon32.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)> in the current context!
Error: Unable to interpret <O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3> in the current context!
Error: Unable to interpret <O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present> in the current context!
Error: Unable to interpret <O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present> in the current context!
Error: Unable to interpret <O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present> in the current context!
Error: Unable to interpret <O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present> in the current context!
Error: Unable to interpret <O7 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found> in the current context!
Error: Unable to interpret <O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O15 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..Trusted Domains: zagraj.pl ([www] http in Zaufane witryny)> in the current context!
Error: Unable to interpret <O16 - DPF: {7818D12F-8769-4A58-AE82-81EBE897F4E4} [url="http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab"]http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab[/url] (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B9F9A3E-8D03-4B9D-A0B0-3139FDD94830}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found> in the current context!
Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *)> in the current context!
Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012-04-30 21:24:34 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe> in the current context!
Error: Unable to interpret <[2012-04-29 22:01:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN> in the current context!
Error: Unable to interpret <[2012-04-29 20:43:56 | 000,000,000 | ---D | C] -- C:\Windows\temp> in the current context!
Error: Unable to interpret <[2012-04-29 20:21:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT> in the current context!
Error: Unable to interpret <[2012-04-29 11:32:08 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\ElevatedDiagnostics> in the current context!
Error: Unable to interpret <[2012-04-28 19:02:48 | 000,000,000 | ---D | C] -- C:\_OTL> in the current context!
Error: Unable to interpret <[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy> in the current context!
Error: Unable to interpret <[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy> in the current context!
Error: Unable to interpret <[2012-04-28 10:52:33 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\VS Revo Group> in the current context!
Error: Unable to interpret <[2012-04-28 08:20:11 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Malwarebytes> in the current context!
Error: Unable to interpret <[2012-04-28 08:20:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes> in the current context!
Error: Unable to interpret <[2012-04-27 19:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browsers Protector> in the current context!
Error: Unable to interpret <[2012-04-27 14:20:10 | 008,766,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe> in the current context!
Error: Unable to interpret <[2012-04-27 13:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee> in the current context!
Error: Unable to interpret <[2012-04-27 13:21:45 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe> in the current context!
Error: Unable to interpret <[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Mozilla> in the current context!
Error: Unable to interpret <[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\Mozilla> in the current context!
Error: Unable to interpret <[2012-04-24 15:38:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox> in the current context!
Error: Unable to interpret <[2012-04-12 22:35:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll> in the current context!
Error: Unable to interpret <[2012-04-12 22:35:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll> in the current context!
Error: Unable to interpret <[2012-04-12 22:35:55 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll> in the current context!
Error: Unable to interpret <[2012-04-12 22:35:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll> in the current context!
Error: Unable to interpret <[2012-04-12 22:35:53 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl> in the current context!
Error: Unable to interpret <[2012-04-12 22:35:24 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe> in the current context!
Error: Unable to interpret <[2012-04-12 22:35:23 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012-05-01 07:29:20 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job> in the current context!
Error: Unable to interpret <[2012-05-01 07:29:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT> in the current context!
Error: Unable to interpret <[2012-05-01 07:29:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat> in the current context!
Error: Unable to interpret <[2012-05-01 07:29:01 | 2350,288,896 | -HS- | M] () -- C:\hiberfil.sys> in the current context!
Error: Unable to interpret <[2012-05-01 07:28:31 | 002,097,152 | -HS- | M] () -- C:\Users\as\NTUSER.DAT> in the current context!
Error: Unable to interpret <[2012-05-01 07:28:29 | 001,720,004 | -H-- | M] () -- C:\Users\as\AppData\Local\IconCache.db> in the current context!
Error: Unable to interpret <[2012-05-01 07:20:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job> in the current context!
Error: Unable to interpret <[2012-05-01 07:16:01 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job> in the current context!
Error: Unable to interpret <[2012-05-01 06:49:27 | 000,000,005 | ---- | M] () -- C:\Program Files (x86)\is.dat> in the current context!
Error: Unable to interpret <[2012-04-30 21:24:36 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe> in the current context!
Error: Unable to interpret <[2012-04-29 22:27:45 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt> in the current context!
Error: Unable to interpret <[2012-04-29 20:33:52 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini> in the current context!
Error: Unable to interpret <[2012-04-27 14:20:23 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe> in the current context!
Error: Unable to interpret <[2012-04-27 14:20:23 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl> in the current context!
Error: Unable to interpret <[2012-04-27 14:20:10 | 008,766,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Files Created - No Company Name ==========[/color]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012-04-29 18:57:19 | 001,720,004 | -H-- | C] () -- C:\Users\as\AppData\Local\IconCache.db> in the current context!
Error: Unable to interpret <[2012-04-27 13:21:47 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job> in the current context!
Error: Unable to interpret <[2011-12-19 19:25:46 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll> in the current context!
Error: Unable to interpret <[2011-11-25 19:55:05 | 000,016,384 | ---- | C] () -- C:\Program Files (x86)\uik.dat> in the current context!
Error: Unable to interpret <[2011-11-25 19:32:38 | 000,000,005 | ---- | C] () -- C:\Program Files (x86)\is.dat> in the current context!
Error: Unable to interpret <[2011-01-31 07:51:43 | 000,108,840 | ---- | C] () -- C:\Users\as\AppData\Local\GDIPFONTCACHEV1.DAT> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== LOP Check ==========[/color]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2011-01-31 08:46:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Asus WebStorage> in the current context!
Error: Unable to interpret <[2012-01-04 16:47:20 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\Asus WebStorage> in the current context!
Error: Unable to interpret <[2012-04-26 11:36:45 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BESTplayer> in the current context!
Error: Unable to interpret <[2011-11-25 19:08:31 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BitComet> in the current context!
Error: Unable to interpret <[2012-03-05 09:03:05 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\DAEMON Tools Lite> in the current context!
Error: Unable to interpret <[2012-01-04 16:47:14 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\EeeStorageUploader> in the current context!
Error: Unable to interpret <[2012-03-29 13:59:06 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\gtk-2.0> in the current context!
Error: Unable to interpret <[2011-12-20 08:16:26 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\ipla> in the current context!
Error: Unable to interpret <[2012-02-25 00:14:09 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\MusicNet> in the current context!
Error: Unable to interpret <[2012-04-30 22:37:10 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\uTorrent> in the current context!
Error: Unable to interpret <[2012-02-16 06:37:59 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Purity Check ==========[/color]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << End of report >> in the current context!

OTL by OldTimer - Version 3.2.42.2 log created on 05012012_082332
[/log]

skan OTL [log] OTL logfile created on: 2012-05-01 08:26:26 - Run 15
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\as\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,92 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 60,73% Memory free
5,84 Gb Paging File | 4,32 Gb Available in Paging File | 74,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 27,37 Gb Free Space | 36,72% Space Free | Partition Type: NTFS
Drive D: | 214,19 Gb Total Space | 153,31 Gb Free Space | 71,57% Space Free | Partition Type: NTFS

Computer Name: AS-KOMPUTER | User Name: as | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-04-30 21:24:36 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
PRC - [2012-03-31 21:10:09 | 001,898,632 | ---- | M] (Netinus Sp. z o.o.) -- C:\Program Files (x86)\Casino\Netinus\wejscie\wejscie.exe
PRC - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe
PRC - [2011-11-27 09:27:33 | 001,258,976 | ---- | M] (Netinus Sp. z o. o.) -- C:\Program Files (x86)\Casino\Netinus\jb2\jb2.exe
PRC - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009-10-26 19:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-12-23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008-08-14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-04-30 21:24:36 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
MOD - [2012-04-27 14:20:22 | 008,778,400 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_233.ocx
MOD - [2012-03-31 21:10:09 | 001,898,632 | ---- | M] (Netinus Sp. z o.o.) -- C:\Program Files (x86)\Casino\Netinus\wejscie\wejscie.exe
MOD - [2012-03-01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-03-01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-02-28 03:52:25 | 012,281,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012-02-28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-02-28 03:18:55 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2012-02-28 03:12:01 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-02-28 03:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-02-28 03:08:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
MOD - [2012-02-28 03:08:15 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll
MOD - [2012-02-28 03:06:48 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
MOD - [2012-02-28 03:04:32 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-02-28 02:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
MOD - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe
MOD - [2012-02-10 07:38:43 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-01-04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-01-04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011-12-16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-11-27 09:27:33 | 001,258,976 | ---- | M] (Netinus Sp. z o. o.) -- C:\Program Files (x86)\Casino\Netinus\jb2\jb2.exe
MOD - [2011-11-25 21:14:36 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Java\jre6\bin\MSVCR71.dll
MOD - [2011-11-25 21:14:35 | 000,042,272 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
MOD - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
MOD - [2011-11-25 21:00:48 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2011-11-25 21:00:47 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll
MOD - [2011-11-25 21:00:47 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll
MOD - [2011-11-25 21:00:46 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll
MOD - [2011-11-25 21:00:46 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2011-11-25 19:32:31 | 000,559,244 | ---- | M] () -- C:\Program Files (x86)\Casino\Netinus\db\sqlite3.dll
MOD - [2011-11-25 19:32:31 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\Casino\Netinus\commondlls\SKCSound.dll
MOD - [2011-11-17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-17 07:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2011-11-17 07:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2011-11-17 07:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-07-16 06:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-07-16 06:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011-06-16 06:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2011-05-24 12:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-05-24 12:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011-05-24 12:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-03-11 07:33:59 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42u.dll
MOD - [2011-03-11 07:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-02-19 08:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011-01-17 07:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-20 14:21:38 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-20 14:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll
MOD - [2010-11-20 14:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-20 14:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-20 14:21:34 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-20 14:20:48 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010-11-20 14:20:28 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2010-11-20 14:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2010-11-20 14:19:56 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-20 14:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010-11-20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-20 14:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010-11-20 14:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-20 14:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll
MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-20 14:18:04 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\asycfilt.dll
MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-20 14:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-20 14:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-20 14:08:44 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-20 13:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
MOD - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
MOD - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009-12-17 11:12:59 | 003,056,640 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2009-12-17 10:45:21 | 013,489,152 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysWOW64\atioglxx.dll
MOD - [2009-12-17 10:25:45 | 000,225,280 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWOW64\atiadlxy.dll
MOD - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009-11-02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
MOD - [2009-11-02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009-11-02 23:17:54 | 000,509,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCP71.dll
MOD - [2009-11-02 23:17:42 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCR71.dll
MOD - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MOD - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MOD - [2009-08-20 05:31:50 | 000,055,936 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\ATKMETHOD.dll
MOD - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MOD - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 03:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll
MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009-07-14 03:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll
MOD - [2009-07-14 03:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 03:16:12 | 000,791,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\opengl32.dll
MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netbios.dll
MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2009-07-14 03:15:22 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\glu32.dll
MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009-07-14 03:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll
MOD - [2009-07-14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009-07-14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 03:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MOD - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MOD - [2009-01-26 15:30:58 | 001,287,000 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\advcheck.dll
MOD - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007-06-15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007-06-02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2005-09-22 02:30:42 | 000,036,864 | ---- | M] (ATK) -- C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
MOD - [2005-01-13 09:36:58 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
MOD - [2004-05-28 03:13:08 | 000,080,384 | ---- | M] (ACTIONTEC Electronics,Inc) -- C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-27 14:20:23 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011-10-21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox"]http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox[/url]
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]
IE - HKLM\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7[/url]

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://startsear.ch/?aff=1&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73"]http://startsear.ch/?aff=1&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms"]http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms[/url]}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Szukaj w Google = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2012-04-29 20:33:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [Browsers Protector] C:\Program Files (x86)\Browsers Protector\regmon32.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..Trusted Domains: zagraj.pl ([www] http in Zaufane witryny)
O16 - DPF: {7818D12F-8769-4A58-AE82-81EBE897F4E4} [url="http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab"]http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab[/url] (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B9F9A3E-8D03-4B9D-A0B0-3139FDD94830}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-30 21:24:34 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
[2012-04-29 22:01:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-04-29 20:43:56 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012-04-29 20:21:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012-04-29 11:32:08 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\ElevatedDiagnostics
[2012-04-28 19:02:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012-04-28 10:52:33 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\VS Revo Group
[2012-04-28 08:20:11 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Malwarebytes
[2012-04-28 08:20:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-04-27 19:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browsers Protector
[2012-04-27 14:20:10 | 008,766,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012-04-27 13:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012-04-27 13:21:45 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Mozilla
[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\Mozilla
[2012-04-24 15:38:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-04-12 22:35:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-04-12 22:35:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-04-12 22:35:55 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-04-12 22:35:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-04-12 22:35:53 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-04-12 22:35:24 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-04-12 22:35:23 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-05-01 08:26:42 | 002,097,152 | -HS- | M] () -- C:\Users\as\NTUSER.DAT
[2012-05-01 08:20:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-05-01 08:16:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-05-01 07:49:54 | 000,000,005 | ---- | M] () -- C:\Program Files (x86)\is.dat
[2012-05-01 07:29:20 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-05-01 07:29:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-05-01 07:29:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-05-01 07:29:01 | 2350,288,896 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-01 07:28:29 | 001,720,004 | -H-- | M] () -- C:\Users\as\AppData\Local\IconCache.db
[2012-04-30 21:24:36 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
[2012-04-29 22:27:45 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-04-29 20:33:52 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2012-04-27 14:20:23 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-04-27 14:20:23 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-04-27 14:20:10 | 008,766,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-29 18:57:19 | 001,720,004 | -H-- | C] () -- C:\Users\as\AppData\Local\IconCache.db
[2012-04-27 13:21:47 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011-12-19 19:25:46 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-11-25 19:55:05 | 000,016,384 | ---- | C] () -- C:\Program Files (x86)\uik.dat
[2011-11-25 19:32:38 | 000,000,005 | ---- | C] () -- C:\Program Files (x86)\is.dat
[2011-01-31 07:51:43 | 000,108,840 | ---- | C] () -- C:\Users\as\AppData\Local\GDIPFONTCACHEV1.DAT

[color=#E56717]========== LOP Check ==========[/color]

[2011-01-31 08:46:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Asus WebStorage
[2012-01-04 16:47:20 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\Asus WebStorage
[2012-04-26 11:36:45 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BESTplayer
[2011-11-25 19:08:31 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BitComet
[2012-03-05 09:03:05 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\DAEMON Tools Lite
[2012-01-04 16:47:14 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\EeeStorageUploader
[2012-03-29 13:59:06 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\gtk-2.0
[2011-12-20 08:16:26 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\ipla
[2012-02-25 00:14:09 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\MusicNet
[2012-04-30 22:37:10 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\uTorrent
[2012-02-16 06:37:59 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]

< End of report >
[/log]

1 maja 2012

Pobierz najnowszy OTL stąd http://oldtimer.geekstogo.com/OTL.exe

Stary usuń do kosza. Opróznij kosz.
Uruchom nowy OTL i ponów wykonanie skryptu. Cały problem polega na tym, że OTL żle interpretuje skrypt.

Tu masz skrypt

[code]:OTL
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://startsear.ch/...&q={searchTerms}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = http://www.google.co...1I7ASUT_plPL459
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/...c8-f46d04540a73
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Browsers Protector] C:\Program Files (x86)\Browsers Protector\regmon32.exe ()

:Files
C:\Program Files (x86)\Browsers Protector

:Commands
[reboot]
[/code]

1 maja 2012

[log] Error: Unable to interpret <:OTLIE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://startsear.ch/...&q={searchTerms}IE"]http://startsear.ch/...&q={searchTerms}IE[/url] - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.co...1I7ASUT_plPL459IE"]http://www.google.co...1I7ASUT_plPL459IE[/url] - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://startsear.ch/...c8-f46d04540a73IE"]http://startsear.ch/...c8-f46d04540a73IE[/url] - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x> in the current context!
Error: Unable to interpret <86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)O4 - HKLM..\Run: [Browsers Protector] C:\Program Files (x86)\Browsers Protector\regmon32.exe ():FilesC:\Program Files (x86)\Browsers Protector:Commands[reboot]> in the current context!

OTL by OldTimer - Version 3.2.42.2 log created on 05012012_084323[/log] skan OTL [log] OTL logfile created on: 2012-05-01 08:45:29 - Run 16
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\as\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,92 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 59,61% Memory free
5,84 Gb Paging File | 4,29 Gb Available in Paging File | 73,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 27,37 Gb Free Space | 36,73% Space Free | Partition Type: NTFS
Drive D: | 214,19 Gb Total Space | 154,88 Gb Free Space | 72,31% Space Free | Partition Type: NTFS

Computer Name: AS-KOMPUTER | User Name: as | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-05-01 08:42:13 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
PRC - [2012-03-31 21:10:09 | 001,898,632 | ---- | M] (Netinus Sp. z o.o.) -- C:\Program Files (x86)\Casino\Netinus\wejscie\wejscie.exe
PRC - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe
PRC - [2011-11-27 09:27:33 | 001,258,976 | ---- | M] (Netinus Sp. z o. o.) -- C:\Program Files (x86)\Casino\Netinus\jb2\jb2.exe
PRC - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009-10-26 19:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-12-23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008-08-14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-05-01 08:42:13 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
MOD - [2012-04-27 14:20:22 | 008,778,400 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_233.ocx
MOD - [2012-03-31 21:10:09 | 001,898,632 | ---- | M] (Netinus Sp. z o.o.) -- C:\Program Files (x86)\Casino\Netinus\wejscie\wejscie.exe
MOD - [2012-03-01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-03-01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-02-28 03:52:25 | 012,281,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012-02-28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-02-28 03:18:55 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2012-02-28 03:12:01 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-02-28 03:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-02-28 03:08:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
MOD - [2012-02-28 03:08:15 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll
MOD - [2012-02-28 03:06:48 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
MOD - [2012-02-28 03:04:32 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-02-28 02:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
MOD - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe
MOD - [2012-02-10 07:38:43 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-01-04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-01-04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011-12-16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-11-27 09:27:33 | 001,258,976 | ---- | M] (Netinus Sp. z o. o.) -- C:\Program Files (x86)\Casino\Netinus\jb2\jb2.exe
MOD - [2011-11-25 21:14:36 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Java\jre6\bin\MSVCR71.dll
MOD - [2011-11-25 21:14:35 | 000,042,272 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
MOD - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
MOD - [2011-11-25 21:00:48 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2011-11-25 21:00:47 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll
MOD - [2011-11-25 21:00:47 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll
MOD - [2011-11-25 21:00:46 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll
MOD - [2011-11-25 21:00:46 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2011-11-25 19:32:31 | 000,559,244 | ---- | M] () -- C:\Program Files (x86)\Casino\Netinus\db\sqlite3.dll
MOD - [2011-11-25 19:32:31 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\Casino\Netinus\commondlls\SKCSound.dll
MOD - [2011-11-17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-17 07:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2011-11-17 07:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2011-11-17 07:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-07-16 06:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-07-16 06:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011-06-16 06:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2011-05-24 12:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-05-24 12:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011-05-24 12:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-03-11 07:33:59 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42u.dll
MOD - [2011-03-11 07:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-02-19 08:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011-01-17 07:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-20 14:21:38 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-20 14:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll
MOD - [2010-11-20 14:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-20 14:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-20 14:21:34 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-20 14:21:30 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-20 14:21:27 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll
MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-20 14:21:06 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SearchFolder.dll
MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-20 14:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\provsvc.dll
MOD - [2010-11-20 14:20:55 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll
MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-20 14:20:48 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010-11-20 14:20:46 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll
MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010-11-20 14:20:29 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010-11-20 14:20:28 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2010-11-20 14:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2010-11-20 14:19:56 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-20 14:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010-11-20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-20 14:18:38 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorAPI.dll
MOD - [2010-11-20 14:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010-11-20 14:18:26 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll
MOD - [2010-11-20 14:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-20 14:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll
MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-20 14:18:04 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\asycfilt.dll
MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-20 14:18:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-20 14:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-20 14:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-20 14:08:44 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-20 13:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
MOD - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
MOD - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009-12-17 11:12:59 | 003,056,640 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2009-12-17 10:45:21 | 013,489,152 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysWOW64\atioglxx.dll
MOD - [2009-12-17 10:25:45 | 000,225,280 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWOW64\atiadlxy.dll
MOD - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009-11-02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
MOD - [2009-11-02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009-11-02 23:17:54 | 000,509,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCP71.dll
MOD - [2009-11-02 23:17:42 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCR71.dll
MOD - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MOD - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MOD - [2009-08-20 05:31:50 | 000,055,936 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\ATKMETHOD.dll
MOD - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MOD - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 03:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll
MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009-07-14 03:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll
MOD - [2009-07-14 03:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 03:16:12 | 000,791,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\opengl32.dll
MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netbios.dll
MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-07-14 03:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll
MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2009-07-14 03:15:22 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\glu32.dll
MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 03:15:21 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fundisc.dll
MOD - [2009-07-14 03:15:20 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fdProxy.dll
MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll
MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009-07-14 03:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll
MOD - [2009-07-14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009-07-14 03:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll
MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009-07-14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 03:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MOD - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MOD - [2009-01-26 15:30:58 | 001,287,000 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\advcheck.dll
MOD - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007-06-15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007-06-02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2005-09-22 02:30:42 | 000,036,864 | ---- | M] (ATK) -- C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
MOD - [2005-01-13 09:36:58 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
MOD - [2004-05-28 03:13:08 | 000,080,384 | ---- | M] (ACTIONTEC Electronics,Inc) -- C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-27 14:20:23 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011-10-21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox"]http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox[/url]
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]
IE - HKLM\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7[/url]

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://startsear.ch/?aff=1&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73"]http://startsear.ch/?aff=1&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms"]http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms[/url]}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Szukaj w Google = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2012-04-29 20:33:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [Browsers Protector] C:\Program Files (x86)\Browsers Protector\regmon32.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..Trusted Domains: zagraj.pl ([www] http in Zaufane witryny)
O16 - DPF: {7818D12F-8769-4A58-AE82-81EBE897F4E4} [url="http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab"]http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab[/url] (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B9F9A3E-8D03-4B9D-A0B0-3139FDD94830}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-05-01 08:42:13 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
[2012-04-29 22:01:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-04-29 20:43:56 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012-04-29 20:21:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012-04-29 11:32:08 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\ElevatedDiagnostics
[2012-04-28 19:02:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012-04-28 10:52:33 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\VS Revo Group
[2012-04-28 08:20:11 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Malwarebytes
[2012-04-28 08:20:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-04-27 19:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browsers Protector
[2012-04-27 14:20:10 | 008,766,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012-04-27 13:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012-04-27 13:21:45 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Mozilla
[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\Mozilla
[2012-04-24 15:38:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-04-12 22:35:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-04-12 22:35:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-04-12 22:35:55 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-04-12 22:35:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-04-12 22:35:53 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-04-12 22:35:24 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-04-12 22:35:23 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-05-01 08:45:12 | 002,097,152 | -HS- | M] () -- C:\Users\as\NTUSER.DAT
[2012-05-01 08:42:13 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
[2012-05-01 08:20:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-05-01 08:16:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-05-01 07:49:54 | 000,000,005 | ---- | M] () -- C:\Program Files (x86)\is.dat
[2012-05-01 07:29:20 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-05-01 07:29:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-05-01 07:29:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-05-01 07:29:01 | 2350,288,896 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-01 07:28:29 | 001,720,004 | -H-- | M] () -- C:\Users\as\AppData\Local\IconCache.db
[2012-04-29 22:27:45 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-04-29 20:33:52 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2012-04-27 14:20:23 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-04-27 14:20:23 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-04-27 14:20:10 | 008,766,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-29 18:57:19 | 001,720,004 | -H-- | C] () -- C:\Users\as\AppData\Local\IconCache.db
[2012-04-27 13:21:47 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011-12-19 19:25:46 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-11-25 19:55:05 | 000,016,384 | ---- | C] () -- C:\Program Files (x86)\uik.dat
[2011-11-25 19:32:38 | 000,000,005 | ---- | C] () -- C:\Program Files (x86)\is.dat
[2011-01-31 07:51:43 | 000,108,840 | ---- | C] () -- C:\Users\as\AppData\Local\GDIPFONTCACHEV1.DAT

[color=#E56717]========== LOP Check ==========[/color]

[2011-01-31 08:46:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Asus WebStorage
[2012-01-04 16:47:20 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\Asus WebStorage
[2012-04-26 11:36:45 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BESTplayer
[2011-11-25 19:08:31 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BitComet
[2012-03-05 09:03:05 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\DAEMON Tools Lite
[2012-01-04 16:47:14 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\EeeStorageUploader
[2012-03-29 13:59:06 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\gtk-2.0
[2011-12-20 08:16:26 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\ipla
[2012-02-25 00:14:09 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\MusicNet
[2012-04-30 22:37:10 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\uTorrent
[2012-02-16 06:37:59 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]

< End of report >
[/log] wykonaj skrypt na tych ustawieniach OTL jak były po otwarciu

1 maja 2012

TWejdź do panelu Dodaj Usuń i odinstaluj [b]Browser Protector.[/b]

Potem zrób nowy skan OTL i przedstaw raport.

1 maja 2012

[log] OTL logfile created on: 2012-05-01 09:03:00 - Run 17
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\as\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,92 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 62,46% Memory free
5,84 Gb Paging File | 4,49 Gb Available in Paging File | 76,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 27,37 Gb Free Space | 36,73% Space Free | Partition Type: NTFS
Drive D: | 214,19 Gb Total Space | 154,88 Gb Free Space | 72,31% Space Free | Partition Type: NTFS

Computer Name: AS-KOMPUTER | User Name: as | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-05-01 08:42:13 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
PRC - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009-10-26 19:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-12-23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008-08-14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-05-01 08:42:13 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
MOD - [2012-04-27 14:20:22 | 008,778,400 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_233.ocx
MOD - [2012-03-01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-03-01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-02-28 03:52:25 | 012,281,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012-02-28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-02-28 03:18:55 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2012-02-28 03:12:01 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-02-28 03:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-02-28 03:08:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
MOD - [2012-02-28 03:08:15 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll
MOD - [2012-02-28 03:06:48 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
MOD - [2012-02-28 03:04:32 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-02-28 02:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
MOD - [2012-02-10 07:38:43 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-01-04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-01-04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011-12-16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-11-25 21:14:36 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Java\jre6\bin\MSVCR71.dll
MOD - [2011-11-25 21:14:35 | 000,042,272 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
MOD - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
MOD - [2011-11-25 21:00:48 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2011-11-25 21:00:47 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll
MOD - [2011-11-25 21:00:47 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll
MOD - [2011-11-25 21:00:46 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll
MOD - [2011-11-25 21:00:46 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2011-11-17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-17 07:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2011-11-17 07:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2011-11-17 07:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-07-16 06:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-07-16 06:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011-06-16 06:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2011-05-24 12:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-05-24 12:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011-05-24 12:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-03-11 07:33:59 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42u.dll
MOD - [2011-03-11 07:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-02-19 08:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011-01-17 07:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-20 14:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll
MOD - [2010-11-20 14:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-20 14:21:34 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-20 14:20:48 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010-11-20 14:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-20 14:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010-11-20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-20 14:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010-11-20 14:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-20 14:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll
MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-20 14:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-20 14:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-20 14:08:44 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-20 13:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
MOD - [2010-11-05 03:58:01 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
MOD - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
MOD - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009-12-17 11:12:59 | 003,056,640 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009-11-02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
MOD - [2009-11-02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009-11-02 23:17:54 | 000,509,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCP71.dll
MOD - [2009-11-02 23:17:42 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCR71.dll
MOD - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MOD - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MOD - [2009-08-20 05:31:50 | 000,055,936 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\ATKMETHOD.dll
MOD - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MOD - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 03:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 03:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll
MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009-07-14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009-07-14 03:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll
MOD - [2009-07-14 03:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009-07-14 03:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll
MOD - [2009-07-14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009-07-14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 03:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MOD - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MOD - [2009-01-26 15:30:58 | 001,287,000 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\advcheck.dll
MOD - [2008-12-08 18:01:58 | 000,034,144 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Family Safety\fsapi.dll
MOD - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007-06-15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007-06-02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2005-09-22 02:30:42 | 000,036,864 | ---- | M] (ATK) -- C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
MOD - [2005-01-13 09:36:58 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
MOD - [2004-05-28 03:13:08 | 000,080,384 | ---- | M] (ACTIONTEC Electronics,Inc) -- C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-27 14:20:23 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011-10-21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox"]http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox[/url]
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]
IE - HKLM\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7[/url]

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://startsear.ch/?aff=1&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73"]http://startsear.ch/?aff=1&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms"]http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms[/url]}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Szukaj w Google = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2012-04-29 20:33:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..Trusted Domains: zagraj.pl ([www] http in Zaufane witryny)
O16 - DPF: {7818D12F-8769-4A58-AE82-81EBE897F4E4} [url="http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab"]http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab[/url] (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B9F9A3E-8D03-4B9D-A0B0-3139FDD94830}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-05-01 08:42:13 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
[2012-04-29 22:01:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-04-29 20:43:56 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012-04-29 20:21:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012-04-29 11:32:08 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\ElevatedDiagnostics
[2012-04-28 19:02:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012-04-28 10:52:33 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\VS Revo Group
[2012-04-28 08:20:11 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Malwarebytes
[2012-04-28 08:20:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-04-27 14:20:10 | 008,766,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012-04-27 13:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012-04-27 13:21:45 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Mozilla
[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\Mozilla
[2012-04-24 15:38:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-04-12 22:35:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-04-12 22:35:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-04-12 22:35:55 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-04-12 22:35:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-04-12 22:35:53 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-04-12 22:35:24 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-04-12 22:35:23 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-05-01 09:02:56 | 002,097,152 | -HS- | M] () -- C:\Users\as\NTUSER.DAT
[2012-05-01 08:42:13 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
[2012-05-01 08:20:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-05-01 08:16:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-05-01 07:49:54 | 000,000,005 | ---- | M] () -- C:\Program Files (x86)\is.dat
[2012-05-01 07:29:20 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-05-01 07:29:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-05-01 07:29:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-05-01 07:29:01 | 2350,288,896 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-01 07:28:29 | 001,720,004 | -H-- | M] () -- C:\Users\as\AppData\Local\IconCache.db
[2012-04-29 22:27:45 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-04-29 20:33:52 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2012-04-27 14:20:23 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-04-27 14:20:23 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-04-27 14:20:10 | 008,766,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-29 18:57:19 | 001,720,004 | -H-- | C] () -- C:\Users\as\AppData\Local\IconCache.db
[2012-04-27 13:21:47 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011-12-19 19:25:46 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-11-25 19:55:05 | 000,016,384 | ---- | C] () -- C:\Program Files (x86)\uik.dat
[2011-11-25 19:32:38 | 000,000,005 | ---- | C] () -- C:\Program Files (x86)\is.dat
[2011-01-31 07:51:43 | 000,108,840 | ---- | C] () -- C:\Users\as\AppData\Local\GDIPFONTCACHEV1.DAT

[color=#E56717]========== LOP Check ==========[/color]

[2011-01-31 08:46:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Asus WebStorage
[2012-01-04 16:47:20 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\Asus WebStorage
[2012-04-26 11:36:45 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BESTplayer
[2011-11-25 19:08:31 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BitComet
[2012-03-05 09:03:05 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\DAEMON Tools Lite
[2012-01-04 16:47:14 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\EeeStorageUploader
[2012-03-29 13:59:06 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\gtk-2.0
[2011-12-20 08:16:26 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\ipla
[2012-02-25 00:14:09 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\MusicNet
[2012-04-30 22:37:10 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\uTorrent
[2012-02-16 06:37:59 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]

< End of report >
[/log]

pomogło,przegladarka działa,co dalej?

1 maja 2012

Uruchom OTL i w oknie [b]Własne opcje skanowania /skrypt[/b] wklej:

[code]:OTL
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/...c8-f46d04540a73
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://startsear.ch/...&q={searchTerms}
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

:Commands
[emptytemp][/code]

Kliknij w [b]Wykonaj skrypt.[/b]

Przedstaw log z usuwania

1 maja 2012

[log] All processes killed
Error: Unable to interpret <:OTLIE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.co...ng}&rlz=1I7ASUTIE"]http://www.google.co...ng}&rlz=1I7ASUTIE[/url] - HKLM\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.co...g}&sourceid=ie7IE"]http://www.google.co...g}&sourceid=ie7IE[/url] - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://startsear.ch/...c8-f46d04540a73IE"]http://startsear.ch/...c8-f46d04540a73IE[/url] - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://startsear.ch/...&q={searchTerms}O3"]http://startsear.ch/...&q={searchTerms}O3[/url] - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)O3 - HKU\S-1-5-21-1809622533> in the current context!
Error: Unable to interpret <-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.):Commands[emptytemp]> in the current context!

OTL by OldTimer - Version 3.2.42.2 log created on 05012012_092000
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
[/log] skan OTL [log] OTL logfile created on: 2012-05-01 09:23:32 - Run 18
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\as\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,92 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 66,54% Memory free
5,84 Gb Paging File | 4,68 Gb Available in Paging File | 80,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 27,16 Gb Free Space | 36,45% Space Free | Partition Type: NTFS
Drive D: | 214,19 Gb Total Space | 154,88 Gb Free Space | 72,31% Space Free | Partition Type: NTFS

Computer Name: AS-KOMPUTER | User Name: as | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-05-01 08:42:13 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
PRC - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2011-10-21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
PRC - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009-10-26 19:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009-10-03 13:08:38 | 000,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
PRC - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-12-23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008-08-14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-05-01 08:42:13 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
MOD - [2012-04-27 14:20:22 | 008,778,400 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_233.ocx
MOD - [2012-03-01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-03-01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-02-28 03:52:25 | 012,281,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012-02-28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-02-28 03:18:55 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2012-02-28 03:12:01 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-02-28 03:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-02-28 03:08:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
MOD - [2012-02-28 03:08:15 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll
MOD - [2012-02-28 03:06:48 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
MOD - [2012-02-28 03:04:32 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-02-28 02:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
MOD - [2012-02-10 07:38:43 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-01-04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-01-04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011-12-16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-11-25 21:14:36 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Java\jre6\bin\MSVCR71.dll
MOD - [2011-11-25 21:14:35 | 000,042,272 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
MOD - [2011-11-25 21:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
MOD - [2011-11-25 21:00:48 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2011-11-25 21:00:47 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll
MOD - [2011-11-25 21:00:47 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll
MOD - [2011-11-25 21:00:46 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll
MOD - [2011-11-25 21:00:46 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2011-11-17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-17 07:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2011-11-17 07:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2011-11-17 07:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-07-16 06:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-07-16 06:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011-06-16 06:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2011-05-24 12:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-05-24 12:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011-05-24 12:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-03-11 07:33:59 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42u.dll
MOD - [2011-03-11 07:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-02-19 08:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011-01-17 07:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-20 14:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll
MOD - [2010-11-20 14:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-20 14:21:34 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-20 14:20:48 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010-11-20 14:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2010-11-20 14:19:56 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-20 14:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010-11-20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-20 14:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010-11-20 14:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-20 14:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll
MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-20 14:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-20 14:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-20 14:08:44 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-20 13:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
MOD - [2010-11-05 03:58:01 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
MOD - [2010-11-05 03:58:00 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll
MOD - [2010-03-19 10:28:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
MOD - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009-12-17 11:12:59 | 003,056,640 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009-11-02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
MOD - [2009-11-02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009-11-02 23:17:54 | 000,509,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCP71.dll
MOD - [2009-11-02 23:17:42 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCR71.dll
MOD - [2009-10-27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MOD - [2009-10-03 13:08:38 | 000,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
MOD - [2009-09-04 13:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MOD - [2009-08-20 05:31:50 | 000,055,936 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\ATKMETHOD.dll
MOD - [2009-08-20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MOD - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 03:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll
MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009-07-14 03:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll
MOD - [2009-07-14 03:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009-07-14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009-07-14 03:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll
MOD - [2009-07-14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009-07-14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 03:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MOD - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MOD - [2009-01-26 15:30:58 | 001,287,000 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\advcheck.dll
MOD - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007-06-15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007-06-02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2005-09-22 02:30:42 | 000,036,864 | ---- | M] (ATK) -- C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
MOD - [2005-01-13 09:36:58 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
MOD - [2004-05-28 03:13:08 | 000,080,384 | ---- | M] (ACTIONTEC Electronics,Inc) -- C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-27 14:20:23 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011-10-21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-11-10 04:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox"]http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox[/url]
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]
IE - HKLM\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7[/url]

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com/"]http://www.google.com/[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT"]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms"]http://startsear.ch/?aff=1&src=sp&cf=9ccbdc66-908c-11e1-8ac8-f46d04540a73&q={searchTerms[/url]}
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_plPL459[/url]
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Szukaj w Google = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\as\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2012-04-29 20:33:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..Trusted Domains: zagraj.pl ([www] http in Zaufane witryny)
O16 - DPF: {7818D12F-8769-4A58-AE82-81EBE897F4E4} [url="http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab"]http://sip.asus.com/Windows7_Activation/DllFloder/WinActivateCom.cab[/url] (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B9F9A3E-8D03-4B9D-A0B0-3139FDD94830}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-05-01 08:42:13 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
[2012-04-29 22:01:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-04-29 20:43:56 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012-04-29 20:21:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012-04-29 11:32:08 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\ElevatedDiagnostics
[2012-04-28 19:02:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-04-28 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012-04-28 10:52:33 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\VS Revo Group
[2012-04-28 08:20:11 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Malwarebytes
[2012-04-28 08:20:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-04-27 14:20:10 | 008,766,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012-04-27 13:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012-04-27 13:21:45 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Roaming\Mozilla
[2012-04-24 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\as\AppData\Local\Mozilla
[2012-04-24 15:38:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-04-12 22:35:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-04-12 22:35:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-04-12 22:35:55 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-04-12 22:35:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-04-12 22:35:53 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-04-12 22:35:24 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-04-12 22:35:23 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-05-01 09:21:03 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-05-01 09:20:58 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-05-01 09:20:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-05-01 09:20:46 | 2350,288,896 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-01 09:20:19 | 002,097,152 | -HS- | M] () -- C:\Users\as\NTUSER.DAT
[2012-05-01 09:20:17 | 001,738,223 | -H-- | M] () -- C:\Users\as\AppData\Local\IconCache.db
[2012-05-01 09:20:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-05-01 09:16:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-05-01 08:42:13 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\as\Desktop\OTL.exe
[2012-05-01 07:49:54 | 000,000,005 | ---- | M] () -- C:\Program Files (x86)\is.dat
[2012-04-29 22:27:45 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-04-29 20:33:52 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2012-04-27 14:20:23 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-04-27 14:20:23 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-04-27 14:20:10 | 008,766,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-29 18:57:19 | 001,738,223 | -H-- | C] () -- C:\Users\as\AppData\Local\IconCache.db
[2012-04-27 13:21:47 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011-12-19 19:25:46 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-11-25 19:55:05 | 000,016,384 | ---- | C] () -- C:\Program Files (x86)\uik.dat
[2011-11-25 19:32:38 | 000,000,005 | ---- | C] () -- C:\Program Files (x86)\is.dat
[2011-01-31 07:51:43 | 000,108,840 | ---- | C] () -- C:\Users\as\AppData\Local\GDIPFONTCACHEV1.DAT

[color=#E56717]========== LOP Check ==========[/color]

[2011-01-31 08:46:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Asus WebStorage
[2012-01-04 16:47:20 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\Asus WebStorage
[2012-04-26 11:36:45 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BESTplayer
[2011-11-25 19:08:31 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\BitComet
[2012-03-05 09:03:05 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\DAEMON Tools Lite
[2012-01-04 16:47:14 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\EeeStorageUploader
[2012-03-29 13:59:06 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\gtk-2.0
[2011-12-20 08:16:26 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\ipla
[2012-02-25 00:14:09 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\MusicNet
[2012-04-30 22:37:10 | 000,000,000 | ---D | M] -- C:\Users\as\AppData\Roaming\uTorrent
[2012-02-16 06:37:59 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]

< End of report >
[/log]

1 maja 2012

Odinstaluj [b]uTorrentBar Toolbar[/b]

Wejdź do rejestru.

Start > uruchom > wpisz [b]regedit[/b]

znajdź klucz [b]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes[/b]

usuń z niego te wpisy
[code]IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{E95DD5D6-2912-4212-B412-547971D025F1}: "URL" = http://www.google.co...g}&sourceid=ie7[/code]

Następnie przejdx do klucza [b]HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\[/b]

znajdź wpisy

[code]IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/...c8-f46d04540a73
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1809622533-4270462956-2512580984-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://startsear.ch/...&q={searchTerms}
[/code]

[b]i je usun.[/b]

[color=#0000ff][b]Potem wykonaj restart[/b] [b]systemu[/b][/color]

1 maja 2012

nie da się usnąć w panelu sterowania u TorrentBar Toolbar,klucze zanalazłem ale juz tych wpisów nie moge znależć klikałem we wszystkie tam foldery :/

w [b]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes[/b]
są tylko 2 wpisy {0633EE93-d776 .....................} i {6A1806CD_94.................}

1 maja 2012

Dalej masz tą wyszukiwarke?

Zaloguj się

[Rozwiązane] Jak usunac przegladarke SearchCompletion Search

Gość

merun

Gość

merun

Gość

merun

Gość

merun

Gość

merun

Gość

merun

Gość

merun

Gość

merun

Gość

merun

Gość

merun

Gość

merun

Gość

merun

Gość

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Strona główna

Powiadomienie o plikach cookie