x-kom hosting

Problem z BSOD - Probably caused by : csrss.exe

luko80
utworzono
utworzono (edytowane)

Witam,

chciałem dziś żonie pomóc i obrobić delikatnie nutki w photoshopie.. podczas próby zmiany kontrastu pojawił się BSOD. Po restarcie, ponownie podszedłem do zabiegu i dokładnie w tym samym momencie (nawet po wykonywaniu dokładnie tych samych czynności w programie) - znowu BSOD. Postanowiłem zatem napisać tutaj.. mam logi z OTL i mogę wkleić, tylko napiszcie proszę, czy z pliku OTL.txt, czy Extras.txt oraz czy wklejać całość, czy jakiś fragment.
Czy dodatkowo nie przeprowadzić testu WinDebugger'em?
Nadmienię, że sprzęt mam dość nowy, Core i5 podkręcony do 3.6 GHz (VCore=1.1625, IMC=1.1750). Testy stabilności robiłem Linxem na 20 przebiegów i przy w/w napięciach przechodziło. Ale w sumie teraz tak myślę, może napięcie jednak za niskie?
Reszta sprzętu (chociaż nie wiem czy ma znaczenie): ASUS P7P55D, 4x2GB Corsair XMS3 1600MHz, ATI HD 4870
Jeśli potrzebne są jeszcze jakieś informacje, w miarę możliwości podam.

Pozdrawiam,
Łukasz

Tomek01
komentarz
komentarz

Temat póki co nie jest związany z infekcją.
Przenoszę Cię do odpowiedniego działu.

luko80
komentarz
komentarz

[quote name='Tomek01' timestamp='1297117339' post='1193903']
Temat póki co nie jest związany z infekcją.
Przenoszę Cię do odpowiedniego działu.
[/quote]
Oczywiście, nie wiem dlaczego dałem go w "Bezpieczeństwie".. pomyłka z mojej strony. Przepraszam

raazor90
komentarz
komentarz

Wykonaj analizę pliku minidump: http://www.forumpc.pl/index.php?showtopic=16074

  • 3 tygodnie później...
luko80
komentarz
komentarz (edytowane)

<del>

Panowie, poproszę Was jeszcze raz o pomoc.. dziś BSOD pojawił się jeszcze przed załadowaniem Winodwsa. Poniżej wklejka z WinDebugera:
[log]
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\Mini022311-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6002.18327.amd64fre.vistasp2_gdr.101014-0432
Machine Name:
Kernel base = 0xfffff800`02800000 PsLoadedModuleList = 0xfffff800`029c4dd0
Debug session time: Wed Feb 23 09:07:00.353 2011 (GMT+1)
System Uptime: 0 days 0:00:34.025
Loading Kernel Symbols
...............................................................
..............................................................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1, {76d96cba, 0, fffe, fffffa6003970ca0}

Probably caused by : ntkrnlmp.exe ( nt!KiSystemServiceExit+209 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

APC_INDEX_MISMATCH (1)
This is a kernel internal error. The most common reason to see this
bugcheck is when a filesystem or a driver has a mismatched number of
calls to disable and re-enable APCs. The key data item is the
Thread->KernelApcDisable field. A negative value indicates that a driver
has disabled APC calls without re-enabling them. A positive value indicates
that the reverse is true. This check is made on exit from a system call.
Arguments:
Arg1: 0000000076d96cba, address of system function (system call)
Arg2: 0000000000000000, Thread->ApcStateIndex << 8 | Previous ApcStateIndex
Arg3: 000000000000fffe, Thread->KernelApcDisable
Arg4: fffffa6003970ca0, Previous KernelApcDisable

Debugging Details:
------------------


FAULTING_IP:
+5e9b952f02c7dde8
00000000`76d96cba ?? ???

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0x1

PROCESS_NAME: services.exe

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from fffff8000285a22e to fffff8000285a490

STACK_TEXT:
fffffa60`03970ad8 fffff800`0285a22e : 00000000`00000001 00000000`76d96cba 00000000`00000000 00000000`0000fffe : nt!KeBugCheckEx
fffffa60`03970ae0 fffff800`0285a144 : 00000000`0191f7a8 fffffa60`00080000 00000000`0191f850 00000000`00000000 : nt!KiBugCheckDispatch+0x6e
fffffa60`03970c20 00000000`76d96cba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExit+0x209
00000000`0191f768 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x76d96cba


STACK_COMMAND: kb

FOLLOWUP_IP:
nt!KiSystemServiceExit+209
fffff800`0285a144 4883ec50 sub rsp,50h

SYMBOL_STACK_INDEX: 2

SYMBOL_NAME: nt!KiSystemServiceExit+209

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 4cb7275f

FAILURE_BUCKET_ID: X64_0x1_nt!KiSystemServiceExit+209

BUCKET_ID: X64_0x1_nt!KiSystemServiceExit+209

Followup: MachineOwner
---------
[/log]

Panowie,

moglibyście coś poradzić? Dziś miałem to samo.. 2 BSODy pod rząd, znowu podczas uruchamiania, i znowu ten sam log z WinDebuggera ..za trzecim razem Windows zaskoczył, niemniej jednak staje się to trochę niepokojące..

Pozdrawiam,
Łukasz

MC Jay
komentarz
komentarz

A zasilacz to jaki ?

luko80
komentarz
komentarz

Zasilacz Corsair HX520W (pracuje mniej więcej 3 lata)

matxxx, przychodzi Ci coś do głowy, o co może chodzić?

EDIT
.. dziś podczas pracy w Photoshopie znowu BSOD :/
[log]
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\Mini030211-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6002.18327.amd64fre.vistasp2_gdr.101014-0432
Machine Name:
Kernel base = 0xfffff800`02816000 PsLoadedModuleList = 0xfffff800`029dadd0
Debug session time: Wed Mar 2 22:07:30.601 2011 (GMT+1)
System Uptime: 0 days 2:24:33.933
Loading Kernel Symbols
...............................................................
................................................................
......................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 124, {0, fffffa8009531030, b2000000, 10005}

*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: pshed!_WHEA_ERROR_RECORD_HEADER ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: pshed!_WHEA_ERROR_RECORD_SECTION_DESCRIPTOR ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: pshed!_WHEA_ERROR_RECORD_HEADER ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: pshed!_WHEA_ERROR_RECORD_HEADER ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: pshed!_WHEA_ERROR_RECORD_HEADER ***
*** ***
*************************************************************************
Probably caused by : hardware

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

WHEA_UNCORRECTABLE_ERROR (124)
A fatal hardware error has occurred. Parameter 1 identifies the type of error
source that reported the error. Parameter 2 holds the address of the
WHEA_ERROR_RECORD structure that describes the error conditon.
Arguments:
Arg1: 0000000000000000, Machine Check Exception
Arg2: fffffa8009531030, Address of the WHEA_ERROR_RECORD structure.
Arg3: 00000000b2000000, High order 32-bits of the MCi_STATUS value.
Arg4: 0000000000010005, Low order 32-bits of the MCi_STATUS value.

Debugging Details:
------------------

*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: pshed!_WHEA_ERROR_RECORD_HEADER ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: pshed!_WHEA_ERROR_RECORD_SECTION_DESCRIPTOR ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: pshed!_WHEA_ERROR_RECORD_HEADER ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: pshed!_WHEA_ERROR_RECORD_HEADER ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: pshed!_WHEA_ERROR_RECORD_HEADER ***
*** ***
*************************************************************************

BUGCHECK_STR: 0x124_GenuineIntel

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: Photoshop.exe

CURRENT_IRQL: f

STACK_TEXT:
fffffa60`005f3958 fffff800`02d358ba : 00000000`00000124 00000000`00000000 fffffa80`09531030 00000000`b2000000 : nt!KeBugCheckEx
fffffa60`005f3960 fffff800`02936fd3 : 00000000`00000001 00000000`00000001 00000000`00000000 00000000`00000001 : hal!HalBugCheckSystem+0x12e
fffffa60`005f39d0 fffff800`02d351bc : fffffa60`00000c3e fffffa60`005f3bb0 fffffa60`005f3c30 00000000`00000000 : nt!WheaReportHwError+0x243
fffffa60`005f3a30 fffff800`0286f6f1 : 00000000`00000140 fffffa60`005f3c30 00000000`00000000 00000000`00000000 : hal!HalpMcaExceptionHandler+0x114
fffffa60`005f3a70 fffff800`0286f535 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxMcheckAbort+0x71
fffffa60`005f3bb0 00000000`07e57375 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiMcheckAbort+0xf5
00000000`08e3f710 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7e57375


STACK_COMMAND: kb

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: hardware

IMAGE_NAME: hardware

DEBUG_FLR_IMAGE_TIMESTAMP: 0

FAILURE_BUCKET_ID: X64_0x124_GenuineIntel__UNKNOWN

BUCKET_ID: X64_0x124_GenuineIntel__UNKNOWN

Followup: MachineOwner
---------

1: kd> lmvm hardware
start end module name
[/log]

Kod błędu: BCCode: 124
BCP1: 0000000000000000
BCP2: FFFFFA8009531030
BCP3: 00000000B2000000
BCP4: 0000000000010005

raazor90
komentarz
komentarz

Przetestuj pamięć RAM bootowalnym MemTest86+

  • 1 rok później...
luko80
komentarz
komentarz

Witam ponownie... u mnie znowu BSOD :(
Wklejam wynik z Windebugger'a. Proszę uprzejmie o pomoc.
[spoiler]

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\Mini061812-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6002.18607.amd64fre.vistasp2_gdr.120402-0336
Machine Name:
Kernel base = 0xfffff800`02a15000 PsLoadedModuleList = 0xfffff800`02bd9dd0
Debug session time: Mon Jun 18 17:26:25.383 2012 (GMT+2)
System Uptime: 0 days 0:07:24.400
Loading Kernel Symbols
...............................................................
................................................................
................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck F4, {3, fffffa800a0c4c10, fffffa800a0c4e48, fffff80002cf3c90}

Probably caused by : csrss.exe

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

CRITICAL_OBJECT_TERMINATION (f4)
A process or thread crucial to system operation has unexpectedly exited or been
terminated.
Several processes and threads are necessary for the operation of the
system; when they are terminated (for any reason), the system can no
longer function.
Arguments:
Arg1: 0000000000000003, Process
Arg2: fffffa800a0c4c10, Terminating object
Arg3: fffffa800a0c4e48, Process image file name
Arg4: fffff80002cf3c90, Explanatory message (ascii)

Debugging Details:
------------------


PROCESS_OBJECT: fffffa800a0c4c10

IMAGE_NAME: csrss.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 0

MODULE_NAME: csrss

FAULTING_MODULE: 0000000000000000

PROCESS_NAME: csrss.exe

EXCEPTION_CODE: (Win32) 0xb760060 (192282720) - <Unable to get error code text>

BUGCHECK_STR: 0xF4_B760060

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

CURRENT_IRQL: 0

STACK_TEXT:
fffffa60`0a509b28 fffff800`02d6e8c3 : 00000000`000000f4 00000000`00000003 fffffa80`0a0c4c10 fffffa80`0a0c4e48 : nt!KeBugCheckEx
fffffa60`0a509b30 fffff800`02c88238 : fffffa80`0b760060 fffffa80`0b760060 00000000`01f8fa80 00000000`00006706 : nt!PspCatchCriticalBreak+0x93
fffffa60`0a509b70 fffff800`02cbb930 : fffffa80`0b760060 00000000`00000008 00000000`01f8fa80 00000000`00000008 : nt! ?? ::NNGAKEGL::`string'+0x10f76
fffffa60`0a509bc0 fffff800`02a6c573 : fffffa80`0a0c4c10 fffffa80`0b760060 fffffa60`0a509ca0 00000000`01f8fa80 : nt!NtTerminateProcess+0xd8
fffffa60`0a509c20 00000000`7779713a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`01f8df18 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7779713a


STACK_COMMAND: kb

FOLLOWUP_NAME: MachineOwner

FAILURE_BUCKET_ID: X64_0xF4_B760060_IMAGE_csrss.exe

BUCKET_ID: X64_0xF4_B760060_IMAGE_csrss.exe

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

CRITICAL_OBJECT_TERMINATION (f4)
A process or thread crucial to system operation has unexpectedly exited or been
terminated.
Several processes and threads are necessary for the operation of the
system; when they are terminated (for any reason), the system can no
longer function.
Arguments:
Arg1: 0000000000000003, Process
Arg2: fffffa800a0c4c10, Terminating object
Arg3: fffffa800a0c4e48, Process image file name
Arg4: fffff80002cf3c90, Explanatory message (ascii)

Debugging Details:
------------------


PROCESS_OBJECT: fffffa800a0c4c10

IMAGE_NAME: csrss.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 0

MODULE_NAME: csrss

FAULTING_MODULE: 0000000000000000

PROCESS_NAME: csrss.exe

EXCEPTION_CODE: (Win32) 0xb760060 (192282720) - <Unable to get error code text>

BUGCHECK_STR: 0xF4_B760060

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

CURRENT_IRQL: 0

STACK_TEXT:
fffffa60`0a509b28 fffff800`02d6e8c3 : 00000000`000000f4 00000000`00000003 fffffa80`0a0c4c10 fffffa80`0a0c4e48 : nt!KeBugCheckEx
fffffa60`0a509b30 fffff800`02c88238 : fffffa80`0b760060 fffffa80`0b760060 00000000`01f8fa80 00000000`00006706 : nt!PspCatchCriticalBreak+0x93
fffffa60`0a509b70 fffff800`02cbb930 : fffffa80`0b760060 00000000`00000008 00000000`01f8fa80 00000000`00000008 : nt! ?? ::NNGAKEGL::`string'+0x10f76
fffffa60`0a509bc0 fffff800`02a6c573 : fffffa80`0a0c4c10 fffffa80`0b760060 fffffa60`0a509ca0 00000000`01f8fa80 : nt!NtTerminateProcess+0xd8
fffffa60`0a509c20 00000000`7779713a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`01f8df18 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7779713a


STACK_COMMAND: kb

FOLLOWUP_NAME: MachineOwner

FAILURE_BUCKET_ID: X64_0xF4_B760060_IMAGE_csrss.exe

BUCKET_ID: X64_0xF4_B760060_IMAGE_csrss.exe

Followup: MachineOwner
---------

[/spoiler]

bub
komentarz
komentarz

[quote name='luko80' timestamp='1340048377' post='1523481'] Probably caused by : csrss.exe [/quote]
Przenoszę do Bezpieczeństwa. Wklej logi według instrukcji podanych w dziale.

luko80
komentarz
komentarz (edytowane)

Ok, tylko w instrukcji obsługi OTL ([url="http://www.forumpc.pl/index.php?showtopic=104338"]http://www.forumpc.p...howtopic=104338[/url]) brak punktu 1: "Dwuklik na" ... ??

Ok, poniżej przedstawiam wyniki pracy programów OTL i RSIT + jeszcze jeden dodatek :(

[b]OTL[/b]
OTL.txt:
[log]
OTL logfile created on: 2012-06-19 18:44:45 - Run 1
OTL by OldTimer - Version 3.2.49.0 Folder = F:\Instalacje\_NAPRAWA WINDOWS - BSOD\OTL
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

8,00 Gb Total Physical Memory | 5,48 Gb Available Physical Memory | 68,48% Memory free
16,04 Gb Paging File | 13,55 Gb Available in Paging File | 84,48% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 34,17 Gb Free Space | 34,99% Space Free | Partition Type: NTFS
Drive D: | 200,43 Gb Total Space | 107,65 Gb Free Space | 53,71% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 24,55 Gb Free Space | 50,28% Space Free | Partition Type: NTFS
Drive F: | 151,60 Gb Total Space | 43,22 Gb Free Space | 28,51% Space Free | Partition Type: NTFS
Drive G: | 97,65 Gb Total Space | 54,33 Gb Free Space | 55,63% Space Free | Partition Type: NTFS
Drive H: | 2,59 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LUCAS-PC | User Name: Lucas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-06-19 18:39:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- F:\Instalacje\_NAPRAWA WINDOWS - BSOD\OTL\OTL.exe
PRC - [2012-06-17 09:16:35 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012-06-17 09:16:34 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2012-05-01 10:50:14 | 000,400,344 | ---- | M] (Mozilla Messaging) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2012-03-07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-01-18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2012-01-03 15:10:42 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010-03-12 19:40:20 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2009-02-26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\OFFICE2007\Office12\ONENOTEM.EXE
PRC - [2009-01-26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007-09-02 14:58:52 | 000,495,616 | ---- | M] () -- F:\Programy\RocketDock\RocketDock.exe
PRC - [2006-11-02 17:04:16 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
PRC - [2006-02-28 12:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-06-19 18:39:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- F:\Instalacje\_NAPRAWA WINDOWS - BSOD\OTL\OTL.exe
MOD - [2012-06-17 09:16:35 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012-06-17 09:16:35 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MOD - [2012-06-17 09:16:35 | 000,829,920 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
MOD - [2012-06-17 09:16:35 | 000,637,920 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MOD - [2012-06-17 09:16:35 | 000,624,608 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
MOD - [2012-06-17 09:16:35 | 000,358,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MOD - [2012-06-17 09:16:35 | 000,258,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MOD - [2012-06-17 09:16:35 | 000,170,464 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
MOD - [2012-06-17 09:16:35 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
MOD - [2012-06-17 09:16:35 | 000,043,488 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
MOD - [2012-06-17 09:16:35 | 000,016,352 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MOD - [2012-06-17 09:16:34 | 015,757,792 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll
MOD - [2012-06-17 09:16:34 | 000,155,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MOD - [2012-06-17 09:16:34 | 000,145,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
MOD - [2012-06-17 09:16:34 | 000,095,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MOD - [2012-06-17 09:16:34 | 000,092,640 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
MOD - [2012-06-17 09:16:34 | 000,091,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll
MOD - [2012-06-17 09:16:34 | 000,021,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll
MOD - [2012-06-17 09:16:34 | 000,020,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll
MOD - [2012-06-17 09:16:34 | 000,019,424 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
MOD - [2012-06-17 09:16:34 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
MOD - [2012-06-14 16:48:15 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12061802\uiext.dll
MOD - [2012-06-07 09:41:57 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCR100.dll
MOD - [2012-06-07 09:41:57 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCP100.dll
MOD - [2012-05-16 00:04:50 | 000,834,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-05-01 10:50:15 | 001,952,728 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2012-05-01 10:50:15 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Thunderbird\nss3.dll
MOD - [2012-05-01 10:50:15 | 000,531,416 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Thunderbird\mozsqlite3.dll
MOD - [2012-05-01 10:50:15 | 000,371,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Thunderbird\nssckbi.dll
MOD - [2012-05-01 10:50:15 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Thunderbird\freebl3.dll
MOD - [2012-05-01 10:50:15 | 000,175,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Thunderbird\nspr4.dll
MOD - [2012-05-01 10:50:15 | 000,162,776 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
MOD - [2012-05-01 10:50:15 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Thunderbird\nssdbm3.dll
MOD - [2012-05-01 10:50:15 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Thunderbird\nssutil3.dll
MOD - [2012-05-01 10:50:15 | 000,033,240 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Thunderbird\mozglue.dll
MOD - [2012-05-01 10:50:15 | 000,021,976 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
MOD - [2012-05-01 10:50:15 | 000,016,344 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Thunderbird\mozalloc.dll
MOD - [2012-05-01 10:50:14 | 016,792,536 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Thunderbird\xul.dll
MOD - [2012-05-01 10:50:14 | 000,400,344 | ---- | M] (Mozilla Messaging) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
MOD - [2012-05-01 10:50:14 | 000,170,968 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Thunderbird\softokn3.dll
MOD - [2012-05-01 10:50:14 | 000,158,680 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Thunderbird\ssl3.dll
MOD - [2012-05-01 10:50:14 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Thunderbird\smime3.dll
MOD - [2012-05-01 10:50:14 | 000,021,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Thunderbird\plc4.dll
MOD - [2012-05-01 10:50:14 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Thunderbird\xpcom.dll
MOD - [2012-05-01 10:50:14 | 000,018,904 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Thunderbird\plds4.dll
MOD - [2012-04-26 21:41:34 | 000,120,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MOD - [2012-04-23 18:00:53 | 000,984,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012-04-23 18:00:53 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2012-04-19 17:54:20 | 001,176,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-04-19 17:52:20 | 006,118,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-04-19 17:52:20 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-04-04 22:45:58 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2012-04-04 22:45:55 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012-04-04 22:45:55 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012-04-04 22:38:43 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2012-04-04 22:38:43 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2012-03-08 19:55:48 | 008,527,520 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2012-03-07 02:15:28 | 000,228,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll
MOD - [2012-03-07 02:15:28 | 000,095,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll
MOD - [2012-03-07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2012-03-07 02:15:15 | 004,675,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2012-03-07 02:15:13 | 000,215,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2012-03-07 02:15:10 | 000,399,088 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2012-03-07 02:15:10 | 000,214,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2012-03-07 02:15:10 | 000,027,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2012-03-07 02:15:09 | 002,111,448 | ---- | M] (AVAST! Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll
MOD - [2012-03-07 02:15:09 | 000,217,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2012-03-07 02:15:08 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2012-03-07 02:15:07 | 000,337,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2012-03-07 02:15:07 | 000,184,872 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2012-03-07 02:15:07 | 000,164,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2012-03-07 02:15:07 | 000,153,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2012-03-07 02:15:07 | 000,098,864 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2012-03-07 02:15:07 | 000,050,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2012-03-07 02:15:06 | 000,406,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2012-03-07 02:15:06 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2012-03-07 02:15:03 | 000,345,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2012-03-07 02:15:03 | 000,096,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2012-03-01 16:46:01 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2012-03-01 16:46:01 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2012-03-01 02:02:00 | 015,009,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll
MOD - [2012-03-01 02:02:00 | 007,713,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvwgf2um.dll
MOD - [2012-03-01 02:02:00 | 002,301,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll
MOD - [2012-02-29 17:11:42 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-02-29 17:09:53 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-02-29 15:44:50 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2012-02-29 15:41:40 | 001,069,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-02-29 13:26:48 | 000,154,944 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll
MOD - [2012-02-29 13:26:42 | 000,691,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
MOD - [2012-02-29 13:26:28 | 000,360,768 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2012-02-03 17:11:07 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
MOD - [2012-01-18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2012-01-03 15:10:42 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MOD - [2011-12-15 13:08:30 | 006,727,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
MOD - [2011-12-14 18:17:47 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-11-18 22:55:05 | 001,167,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-16 18:24:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2011-11-16 18:23:05 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2011-10-14 18:03:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2011-08-25 18:14:01 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-25 18:14:01 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-06-15 18:12:11 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-05-17 10:27:52 | 000,413,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2011-04-12 18:11:05 | 000,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-03-02 17:44:26 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-01-21 18:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2011-01-21 18:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2011-01-20 18:08:16 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2011-01-20 18:08:06 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2011-01-20 18:08:06 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2011-01-20 18:07:42 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2011-01-20 18:07:03 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-08-31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010-08-31 17:43:52 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
MOD - [2010-08-26 18:37:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\t2embed.dll
MOD - [2010-06-28 19:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-06-18 19:31:29 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-05-04 21:13:07 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msshsq.dll
MOD - [2010-04-16 18:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-03-18 14:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100_clr0400.dll
MOD - [2010-03-12 19:40:20 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
MOD - [2009-11-08 11:55:32 | 001,130,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dfshim.dll
MOD - [2009-11-08 11:55:32 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll
MOD - [2009-10-01 03:02:04 | 000,334,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll
MOD - [2009-09-25 04:10:10 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009-09-04 13:41:59 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2009-07-17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-04-23 14:15:39 | 000,677,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-04-11 00:28:26 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-04-11 00:28:26 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-04-11 00:28:26 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009-04-11 00:28:26 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-04-11 00:28:26 | 000,250,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009-04-11 00:28:26 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-04-11 00:28:26 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2009-04-11 00:28:26 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-04-11 00:28:26 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-04-11 00:28:26 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-04-11 00:28:24 | 002,226,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
MOD - [2009-04-11 00:28:24 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-04-11 00:28:24 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2009-04-11 00:28:24 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-04-11 00:28:24 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SLC.dll
MOD - [2009-04-11 00:28:24 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2009-04-11 00:28:24 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009-04-11 00:28:24 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-04-11 00:28:24 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-04-11 00:28:24 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-04-11 00:28:24 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-04-11 00:28:22 | 002,241,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2009-04-11 00:28:22 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-04-11 00:28:22 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2009-04-11 00:28:22 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2009-04-11 00:28:22 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2009-04-11 00:28:22 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-04-11 00:28:22 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-04-11 00:28:20 | 001,324,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\browseui.dll
MOD - [2009-04-11 00:28:20 | 000,595,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2009-04-11 00:28:20 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-04-11 00:28:20 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-04-11 00:28:20 | 000,396,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioEng.dll
MOD - [2009-04-11 00:28:20 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-04-11 00:28:20 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009-04-11 00:28:20 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorAPI.dll
MOD - [2009-04-11 00:28:20 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2009-04-11 00:28:20 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-04-11 00:28:20 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2009-04-11 00:28:20 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-04-11 00:28:20 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll
MOD - [2009-04-11 00:28:20 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll
MOD - [2009-04-11 00:28:20 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2009-04-11 00:28:18 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-04-11 00:28:18 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-04-11 00:27:48 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-04-11 00:27:14 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2009-04-11 00:27:14 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-04-11 00:26:46 | 000,648,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-04-11 00:26:46 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-04-11 00:26:44 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-04-11 00:26:44 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-04-11 00:26:44 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009-02-27 08:36:50 | 002,907,568 | ---- | M] (Microsoft Corporation) -- C:\OFFICE2007\Office12\1045\ONINTL.DLL
MOD - [2009-02-26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\OFFICE2007\Office12\ONENOTEM.EXE
MOD - [2008-01-19 00:38:16 | 000,090,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll
MOD - [2008-01-19 00:37:12 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2008-01-19 00:37:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2008-01-19 00:37:12 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2008-01-19 00:37:12 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2008-01-19 00:37:10 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2008-01-19 00:37:10 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2008-01-19 00:36:58 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2008-01-19 00:36:56 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2008-01-19 00:36:50 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2008-01-19 00:36:42 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2008-01-19 00:36:38 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2008-01-19 00:36:36 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2008-01-19 00:36:16 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2008-01-19 00:36:08 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2008-01-19 00:36:02 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2008-01-19 00:36:00 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2008-01-19 00:36:00 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2008-01-19 00:36:00 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll
MOD - [2008-01-19 00:35:58 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2008-01-19 00:35:40 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2008-01-19 00:35:36 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2008-01-19 00:34:56 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2008-01-19 00:34:50 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2008-01-19 00:34:08 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2008-01-19 00:34:08 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2008-01-19 00:34:04 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2008-01-19 00:34:00 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2008-01-19 00:33:54 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2008-01-19 00:33:48 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2008-01-19 00:33:44 | 000,326,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2008-01-19 00:33:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2008-01-19 00:32:20 | 000,234,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2007-09-02 14:58:52 | 000,495,616 | ---- | M] () -- F:\Programy\RocketDock\RocketDock.exe
MOD - [2007-09-02 14:57:36 | 000,069,632 | ---- | M] () -- F:\Programy\RocketDock\RocketDock.dll
MOD - [2006-11-02 17:04:16 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
MOD - [2006-11-02 17:02:33 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2006-11-02 17:01:41 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2006-11-02 11:46:13 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tapi32.dll
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2006-11-02 11:46:12 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2006-11-02 11:46:12 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2006-11-02 11:46:07 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2006-11-02 11:46:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2006-11-02 11:46:04 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll
MOD - [2006-11-02 10:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2006-02-28 12:42:30 | 000,094,208 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2012-03-07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2011-09-08 18:48:36 | 006,583,160 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:[b]64bit:[/b] - [2011-09-08 18:48:36 | 000,528,760 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:[b]64bit:[/b] - [2010-05-20 16:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:[b]64bit:[/b] - [2008-01-19 01:06:52 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-06-17 09:16:35 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-03-09 20:11:13 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-01-07 20:44:02 | 001,143,032 | ---- | M] () [Auto | Running] -- F:\Programy\Comodo Backup\SynchronizationService.exe -- (SynchronizationService.exe)
SRV - [2009-03-29 22:42:16 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-03-07 02:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2012-03-07 02:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2012-03-07 02:02:05 | 000,043,864 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (AswRdr)
DRV:[b]64bit:[/b] - [2012-03-07 02:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2012-03-07 02:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2012-03-07 02:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2012-02-29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-09-08 18:49:36 | 000,013,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wacmoumonitor.sys -- (wacmoumonitor)
DRV:[b]64bit:[/b] - [2011-09-08 18:49:26 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacommousefilter.sys -- (wacommousefilter)
DRV:[b]64bit:[/b] - [2011-09-08 18:49:24 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacomvhid.sys -- (wacomvhid)
DRV:[b]64bit:[/b] - [2010-08-04 22:17:14 | 001,342,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2010-03-12 19:40:20 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VX1000.sys -- (VX1000)
DRV:[b]64bit:[/b] - [2009-06-10 12:14:36 | 000,043,264 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:[b]64bit:[/b] - [2009-06-10 12:14:36 | 000,016,000 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SaiMini.sys -- (SaiMini)
DRV:[b]64bit:[/b] - [2009-05-25 15:51:00 | 000,207,872 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:[b]64bit:[/b] - [2007-05-01 17:10:50 | 000,171,144 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SaiH075C.sys -- (SaiH075C)
DRV:[b]64bit:[/b] - [2005-03-29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV - [2010-09-30 01:13:48 | 000,028,032 | ---- | M] (REALiX™) [Kernel | System | Running] -- F:\Programy\overclocking\HWiNFO32\HWiNFO64A.SYS -- (HWiNFO32)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.live.com/results.aspx?q=%7BsearchTerms%7D&src=%7Breferrer:source?%7D"]http://search.live.c...ferrer:source?}[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.live.com/results.aspx?q=%7BsearchTerms%7D&src=%7Breferrer:source?%7D"]http://search.live.c...ferrer:source?}[/url]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4010295303-3994830961-2847114166-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.gazeta.pl/0,0.html?p=125"]http://www.gazeta.pl/0,0.html?p=125[/url]
IE - HKU\S-1-5-21-4010295303-3994830961-2847114166-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4010295303-3994830961-2847114166-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.live.com/results.aspx?q=%7BsearchTerms%7D&src=%7Breferrer:source?%7D"]http://search.live.c...ferrer:source?}[/url]
IE - HKU\S-1-5-21-4010295303-3994830961-2847114166-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4010295303-3994830961-2847114166-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.gazeta.pl/0,0.html?p=125"
FF - prefs.js..extensions.enabledItems: {e06bacc0-d6f8-11de-8a39-0800200c9a66}:3.6
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=ANT&o=102825&locale=en_US&apn_uid=84F40A5D-7512-440C-898B-11ECE2E81CA3&apn_ptnrs=4R&apn_sauid=5232222F-98F5-4597-A12B-40A1451D87C1&apn_dtid=YYYYYYYYPL&q="
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-08 07:05:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-17 09:16:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-03-08 22:09:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2012-03-08 18:49:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lucas\AppData\Roaming\mozilla\Extensions
[2012-06-17 18:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lucas\AppData\Roaming\mozilla\Firefox\Profiles\qocaamdg.default\extensions
[2012-06-17 18:06:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lucas\AppData\Roaming\mozilla\Firefox\Profiles\qocaamdg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012-06-17 18:06:01 | 000,000,000 | ---D | M] (FT GraphiteGlow) -- C:\Users\Lucas\AppData\Roaming\mozilla\Firefox\Profiles\qocaamdg.default\extensions\{99e34760-2754-11e0-91fa-0800200c9a66}
[2012-06-17 18:06:00 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Lucas\AppData\Roaming\mozilla\Firefox\Profiles\qocaamdg.default\extensions\2020Player_IKEA@2020Technologies.com
[2012-06-17 18:06:01 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Lucas\AppData\Roaming\mozilla\Firefox\Profiles\qocaamdg.default\extensions\IplextoALL@ALLPlayer.org
[2012-06-17 18:06:01 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Lucas\AppData\Roaming\mozilla\Firefox\Profiles\qocaamdg.default\extensions\toolbar@ask.com
[2011-08-23 22:16:36 | 000,002,333 | ---- | M] () -- C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\qocaamdg.default\searchplugins\askcom.xml
[2012-03-18 14:08:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-06-17 09:16:35 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-04-27 19:37:38 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-27 19:37:38 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-04-27 19:37:38 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-27 19:37:38 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-27 19:37:38 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-27 19:37:38 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2012-06-19 17:13:33 | 000,442,859 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15217 more lines...
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - F:\Programy\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4:[b]64bit:[/b] - HKLM..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4:[b]64bit:[/b] - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4010295303-3994830961-2847114166-1000..\Run: [ALLUpdate] F:\Programy\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-4010295303-3994830961-2847114166-1000..\Run: [RocketDock] F:\Programy\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\OFFICE2007\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Calendar.lnk = C:\Program Files (x86)\Windows Calendar\WinCal.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\OFFICE2007\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\OFFICE2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\OFFICE2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\OFFICE2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\OFFICE2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6B8593C-92EA-4DAD-A2F7-5AEC71BF7AB5}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: F:\Obrazki\Tapety\windows_vista_103.jpg
O24 - Desktop BackupWallPaper: F:\Obrazki\Tapety\windows_vista_103.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)



SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfPf - Driver
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-06-18 21:50:10 | 000,000,000 | ---D | C] -- C:\symbols
[2012-06-18 21:46:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)
[2012-06-18 17:28:01 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-06-13 17:29:49 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Desktop\zestaw 3
[2012-06-13 17:29:48 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Desktop\zestaw 2
[2012-06-13 17:29:43 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Desktop\zestaw 1
[2012-05-25 19:53:05 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Desktop\Kuba-kot
[2012-05-20 09:04:24 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012-05-11 21:19:12 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Documents\Adobe Scripts
[2012-05-11 19:06:13 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Desktop\filmik
[2012-05-01 13:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012-05-01 13:24:53 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012-05-01 13:23:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012-05-01 13:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012-05-01 13:19:02 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012-05-01 13:19:02 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012-05-01 13:18:13 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012-04-27 19:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-04-27 19:37:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012-04-26 17:40:34 | 000,000,000 | ---D | C] -- C:\Users\Lucas\AppData\Local\cache
[2012-04-26 17:39:18 | 000,000,000 | ---D | C] -- C:\Users\Lucas\AppData\Roaming\Gadu-Gadu 10
[2012-04-26 17:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10
[2012-04-22 22:00:57 | 000,286,720 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun506.exe
[2012-04-22 22:00:57 | 000,000,000 | ---D | C] -- C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UK2000 Scenery
[2012-04-22 22:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UK2000 Scenery
[2012-04-21 18:13:47 | 000,000,000 | ---D | C] -- C:\Users\Lucas\AppData\Roaming\vlc

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-06-19 18:44:56 | 006,553,600 | -HS- | M] () -- C:\Users\Lucas\NTUSER.DAT
[2012-06-19 17:57:52 | 001,495,264 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-19 17:57:52 | 000,671,902 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-06-19 17:57:52 | 000,595,798 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-19 17:57:52 | 000,130,310 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-06-19 17:57:52 | 000,103,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-19 17:13:33 | 000,442,859 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012-06-19 17:03:30 | 000,004,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-19 17:03:29 | 000,004,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-19 17:03:27 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-06-19 17:03:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-19 17:03:23 | 4292,927,487 | -HS- | M] () -- C:\hiberfil.sys
[2012-06-19 15:01:40 | 001,694,333 | ---- | M] () -- C:\Users\Lucas\Desktop\Zdjęcie0028.jpg
[2012-06-19 07:42:35 | 000,524,288 | -HS- | M] () -- C:\Users\Lucas\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2012-06-19 07:42:35 | 000,065,536 | -HS- | M] () -- C:\Users\Lucas\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2012-06-19 07:42:30 | 003,630,276 | -H-- | M] () -- C:\Users\Lucas\AppData\Local\IconCache.db
[2012-06-18 19:41:39 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\CBU taskID 63354006095 0.job
[2012-06-18 19:38:08 | 628,616,411 | ---- | M] () -- C:\Users\Lucas\Desktop\Into.the.Wild.2007.PL.DVDRip.XviD-GRG.avi
[2012-06-18 17:27:57 | 725,588,568 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-06-13 12:38:52 | 002,207,680 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-06-12 21:45:07 | 023,008,375 | ---- | M] () -- C:\Users\Lucas\Desktop\ADE-9x-Setup-Full-1.50.zip
[2012-06-11 20:57:19 | 036,328,437 | ---- | M] () -- C:\Users\Lucas\Desktop\lfbo_scenery_v1.zip
[2012-06-11 08:23:50 | 000,019,456 | ---- | M] () -- C:\Users\Lucas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-05-27 12:06:46 | 000,442,859 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120619-171333.backup
[2012-05-15 21:12:02 | 000,065,456 | ---- | M] () -- C:\Users\Lucas\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-05-15 06:10:39 | 000,043,530 | ---- | M] () -- C:\Windows\FontData.fdb
[2012-05-13 14:03:31 | 000,000,147 | ---- | M] () -- C:\Users\Lucas\Desktop\film 2.url
[2012-05-13 13:59:10 | 000,000,147 | ---- | M] () -- C:\Users\Lucas\Desktop\film.url
[2012-05-13 13:46:06 | 170,639,068 | ---- | M] () -- C:\Users\Lucas\Desktop\TENERIFE COMPLETA+LUCES EN LA NOCHE.rar
[2012-05-07 22:47:27 | 014,804,868 | ---- | M] () -- C:\Users\Lucas\Desktop\madeira.zip
[2012-05-06 20:04:27 | 000,442,787 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120527-120646.backup
[2012-05-01 13:14:30 | 000,000,680 | ---- | M] () -- C:\Users\Lucas\AppData\Local\d3d9caps.dat
[2012-05-01 13:14:05 | 000,000,732 | ---- | M] () -- C:\Users\Lucas\AppData\Local\d3d9caps64.dat
[2012-04-22 22:00:18 | 000,286,720 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun506.exe
[2012-04-22 14:37:56 | 000,442,689 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120506-200427.backup

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-06-19 17:55:42 | 001,694,333 | ---- | C] () -- C:\Users\Lucas\Desktop\Zdjęcie0028.jpg
[2012-06-18 17:27:57 | 725,588,568 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-06-12 21:44:11 | 023,008,375 | ---- | C] () -- C:\Users\Lucas\Desktop\ADE-9x-Setup-Full-1.50.zip
[2012-06-11 20:55:50 | 036,328,437 | ---- | C] () -- C:\Users\Lucas\Desktop\lfbo_scenery_v1.zip
[2012-06-04 18:11:57 | 000,000,592 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadu-Gadu 10.lnk
[2012-06-03 11:07:13 | 000,000,525 | ---- | C] () -- C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall Polish Airports vol.1.lnk
[2012-05-15 06:10:38 | 000,043,530 | ---- | C] () -- C:\Windows\FontData.fdb
[2012-05-13 14:03:27 | 000,000,147 | ---- | C] () -- C:\Users\Lucas\Desktop\film 2.url
[2012-05-13 13:59:06 | 000,000,147 | ---- | C] () -- C:\Users\Lucas\Desktop\film.url
[2012-05-13 13:36:00 | 170,639,068 | ---- | C] () -- C:\Users\Lucas\Desktop\TENERIFE COMPLETA+LUCES EN LA NOCHE.rar
[2012-05-11 12:18:14 | 628,616,411 | ---- | C] () -- C:\Users\Lucas\Desktop\Into.the.Wild.2007.PL.DVDRip.XviD-GRG.avi
[2012-05-11 12:16:49 | 732,534,784 | ---- | C] () -- C:\Users\Lucas\Desktop\salasamobojcow.dvdrip.avi
[2012-05-07 22:46:39 | 014,804,868 | ---- | C] () -- C:\Users\Lucas\Desktop\madeira.zip
[2012-05-01 13:28:59 | 4292,927,487 | -HS- | C] () -- C:\hiberfil.sys
[2012-05-01 13:19:02 | 000,011,770 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012-03-10 20:23:21 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012-03-10 20:23:21 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2012-03-09 22:07:05 | 000,000,090 | -HS- | C] () -- C:\Windows\cnerolf.bin
[2012-03-08 18:48:41 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2012-03-08 18:23:40 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012-03-08 07:06:24 | 000,000,680 | ---- | C] () -- C:\Users\Lucas\AppData\Local\d3d9caps.dat
[2012-03-07 23:40:02 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012-03-07 23:39:49 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2012-03-07 23:39:32 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2012-03-07 23:39:32 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2012-03-07 23:16:57 | 003,630,276 | -H-- | C] () -- C:\Users\Lucas\AppData\Local\IconCache.db
[2012-03-07 23:02:58 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2012-03-07 22:51:09 | 000,019,456 | ---- | C] () -- C:\Users\Lucas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-03-07 22:49:09 | 000,065,456 | ---- | C] () -- C:\Users\Lucas\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-03-07 22:48:48 | 000,000,732 | ---- | C] () -- C:\Users\Lucas\AppData\Local\d3d9caps64.dat
[2012-02-29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-12-07 08:53:24 | 004,770,816 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011-07-12 16:56:50 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011-01-04 14:28:18 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-01-03 22:56:28 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2010-12-18 23:06:06 | 000,000,590 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest

[color=#E56717]========== LOP Check ==========[/color]

[2012-03-30 14:59:19 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Ashampoo
[2012-03-13 22:25:42 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\EPSON
[2012-04-26 17:40:35 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Gadu-Gadu 10
[2012-03-09 23:50:04 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\HiFi
[2012-03-08 22:12:16 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Thunderbird
[2012-04-21 18:14:00 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\uTorrent
[2012-03-14 00:23:11 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\VAT-Spy
[2012-03-10 20:22:19 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\VistaCodecs
[2012-06-18 19:41:39 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\CBU taskID 63354006095 0.job
[2012-06-19 07:42:37 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-04-11 00:36:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2012-03-07 22:39:33 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2012-06-19 17:03:23 | 4292,927,487 | -HS- | M] () -- C:\hiberfil.sys
[2012-06-19 17:03:22 | 311,533,566 | -HS- | M] () -- C:\pagefile.sys
[2012-03-27 21:23:26 | 000,000,115 | ---- | M] () -- C:\T2Exe.log

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2006-11-02 14:03:16 | 000,062,056 | ---- | M] (Microsoft Corporation) MD5=5CCDD13BC602AE33CD8B62D33C29AB72 -- C:\Windows\SysNative\drivers\AGP440.sys
[2008-01-19 01:09:10 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008-01-19 01:09:10 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-01-19 01:07:48 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009-04-11 01:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys
[2009-04-11 01:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-01-18 23:29:06 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2009-04-10 23:34:40 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\SysNative\drivers\cdrom.sys
[2009-04-10 23:34:40 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-01-19 01:12:10 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[2009-04-11 00:15:36 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\symbols\ndis.sys\49E02DF31c3000\ndis.sys
[2009-04-11 01:15:36 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\SysNative\drivers\ndis.sys
[2009-04-11 01:15:36 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys
[2006-11-02 13:52:20 | 000,641,128 | ---- | M] (Microsoft Corporation) MD5=CCA69C9493A13AF86DCF0AE272AFBB72 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_01af054ed7816d7a\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-04-11 01:11:10 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009-04-11 01:11:10 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008-01-19 01:00:46 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009-04-11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009-04-11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006-11-02 13:16:20 | 000,397,312 | ---- | M] (Microsoft Corporation) MD5=9642EED809219A2F914DD8E40A09C48B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_c9aada9e9063dc57\winlogon.exe
[2006-11-02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008-01-19 00:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< End of report >
[/log]

Extras.txt:
[log]
OTL Extras logfile created on: 2012-06-19 18:44:45 - Run 1
OTL by OldTimer - Version 3.2.49.0 Folder = F:\Instalacje\_NAPRAWA WINDOWS - BSOD\OTL
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

8,00 Gb Total Physical Memory | 5,48 Gb Available Physical Memory | 68,48% Memory free
16,04 Gb Paging File | 13,55 Gb Available in Paging File | 84,48% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 34,17 Gb Free Space | 34,99% Space Free | Partition Type: NTFS
Drive D: | 200,43 Gb Total Space | 107,65 Gb Free Space | 53,71% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 24,55 Gb Free Space | 50,28% Space Free | Partition Type: NTFS
Drive F: | 151,60 Gb Total Space | 43,22 Gb Free Space | 28,51% Space Free | Partition Type: NTFS
Drive G: | 97,65 Gb Total Space | 54,33 Gb Free Space | 55,63% Space Free | Partition Type: NTFS
Drive H: | 2,59 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LUCAS-PC | User Name: Lucas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-4010295303-3994830961-2847114166-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\OFFICE2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\OFFICE2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [OneNote.Open] -- C:\OFFICE~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "F:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "F:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "F:\Programy\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\OFFICE2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\OFFICE2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [OneNote.Open] -- C:\OFFICE~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "F:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "F:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "F:\Programy\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = EF 6F 60 34 AA FC CC 01 [binary data]
"VistaSp2" = 7C 98 C3 13 AD FC CC 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A82691A-4A45-4364-8777-7D0CF86B60BE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{12E930E1-04FA-4A69-A075-D71A11C1603B}" = rport=139 | protocol=6 | dir=out | app=system |
"{1554CD7E-6C44-498D-8E41-4C80D7038069}" = rport=137 | protocol=17 | dir=out | app=system |
"{24526877-89DC-431A-8167-5F69C3A5A9EA}" = lport=139 | protocol=6 | dir=in | app=system |
"{2ED73A4F-FFE2-4C7A-8040-767E1D65224D}" = lport=138 | protocol=17 | dir=in | app=system |
"{4EF0965A-5854-4838-9BBF-BDAAE1A5C29F}" = rport=138 | protocol=17 | dir=out | app=system |
"{92DE1D97-ABB2-49BD-A288-0F8F68188206}" = lport=445 | protocol=6 | dir=in | app=system |
"{BF4BB0EE-89B6-4BB9-B784-1D064E17D085}" = lport=137 | protocol=17 | dir=in | app=system |
"{C001EAFD-C9B0-4433-A945-839586CABE0E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DA5BC316-260F-4384-93AA-DE7294FCC891}" = rport=445 | protocol=6 | dir=out | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{026F5FF6-93A7-4D6E-9209-58AE3636803A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{060D7AE6-1F89-43C9-94AC-17A8D5D935B6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{0DDB8DD3-5B82-4C08-9B36-ACA4732B570C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1EC25F2A-BB4B-46ED-8A4A-A85D476D0CFE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2426364E-9296-41C3-945A-F91411C9619F}" = protocol=17 | dir=in | app=f:\programy\utorrent\utorrent.exe |
"{620C4887-E56D-49BA-AAA7-5012C2C1232A}" = protocol=6 | dir=in | app=f:\programy\utorrent\utorrent.exe |
"{692CF2DD-16C8-4D77-BA08-0527423D6369}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{6F696EEE-7924-4113-901B-A1C0C1D889F3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7B7623C9-9C3F-4435-9C17-1724A02D1327}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{B60F325A-B420-4353-A221-CCA5170CF5D0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{BA297069-D7E2-4230-BC16-468003EED6DB}" = protocol=17 | dir=in | app=c:\office2007\office12\onenote.exe |
"{C0D25E77-6CC0-4BD8-A3ED-0585DA21BFA9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{C7A60B06-FAC4-435B-83AF-E3244482F1F7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{DFD37AA5-4034-4DD4-B52D-051AE835AB36}" = protocol=6 | dir=in | app=c:\office2007\office12\onenote.exe |
"{E0713287-52CB-4457-8108-2F6479574927}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{E0A59177-5F87-4235-A60E-BD8C1030C6AE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{19C5FA0E-0837-44DF-B22B-5B688125B7A4}G:\fsx\fsx.exe" = protocol=6 | dir=in | app=g:\fsx\fsx.exe |
"TCP Query User{2B2ADA59-10F2-4FAB-ABC9-BC5DF3FB7A95}G:\fsfdt\fwinn\fwinn.exe" = protocol=6 | dir=in | app=g:\fsfdt\fwinn\fwinn.exe |
"TCP Query User{363137EB-AF6A-4120-990F-382C664168A7}G:\fsfdt\fwinn\fwinn.exe" = protocol=6 | dir=in | app=g:\fsfdt\fwinn\fwinn.exe |
"TCP Query User{9A8F47F5-E3F6-4029-97D6-7E6B46B5B1C2}F:\gry\shift2 unleashed\shift2u.exe" = protocol=6 | dir=in | app=f:\gry\shift2 unleashed\shift2u.exe |
"TCP Query User{9C6D0EA2-AC26-41E5-9185-D95092A7A32C}F:\programy\gadu-gadu\gg.exe" = protocol=6 | dir=in | app=f:\programy\gadu-gadu\gg.exe |
"TCP Query User{A3BB0CF2-C2D6-4395-B5A1-B5F4C232CD4C}H:\easysetupassistant\wr941n\easysetupassistant.exe" = protocol=6 | dir=in | app=h:\easysetupassistant\wr941n\easysetupassistant.exe |
"TCP Query User{B38559F0-C0D5-403B-AAFE-682F94F9D727}G:\fsx\fsx.exe" = protocol=6 | dir=in | app=g:\fsx\fsx.exe |
"TCP Query User{BEC9F8A0-A40D-46DE-966F-3FAC8587D600}F:\gry\shift2 unleashed\shift2u.exe" = protocol=6 | dir=in | app=f:\gry\shift2 unleashed\shift2u.exe |
"TCP Query User{D8929273-9FAA-49A6-ADA4-30446F5E88AF}G:\fsfdt\control panel\fsfdtcp.exe" = protocol=6 | dir=in | app=g:\fsfdt\control panel\fsfdtcp.exe |
"TCP Query User{FEA23483-054B-4828-A90A-F85C445FA19E}G:\fsfdt\control panel\fsfdtcp.exe" = protocol=6 | dir=in | app=g:\fsfdt\control panel\fsfdtcp.exe |
"UDP Query User{1F5FA9D1-4451-400C-8525-C437D778F65E}G:\fsfdt\control panel\fsfdtcp.exe" = protocol=17 | dir=in | app=g:\fsfdt\control panel\fsfdtcp.exe |
"UDP Query User{2E5FCDAC-BF21-4559-81BE-93E426E10DCA}H:\easysetupassistant\wr941n\easysetupassistant.exe" = protocol=17 | dir=in | app=h:\easysetupassistant\wr941n\easysetupassistant.exe |
"UDP Query User{44447D17-C607-4C77-BAF6-F40E96EF93E3}G:\fsx\fsx.exe" = protocol=17 | dir=in | app=g:\fsx\fsx.exe |
"UDP Query User{6C3CC463-27E0-4795-A6B8-BB58D82D4E6D}G:\fsx\fsx.exe" = protocol=17 | dir=in | app=g:\fsx\fsx.exe |
"UDP Query User{86EF2108-1B36-48C8-8529-8288742BA3A5}F:\gry\shift2 unleashed\shift2u.exe" = protocol=17 | dir=in | app=f:\gry\shift2 unleashed\shift2u.exe |
"UDP Query User{89FBE8D7-CAE1-42C6-A5C3-C79B1213B087}G:\fsfdt\fwinn\fwinn.exe" = protocol=17 | dir=in | app=g:\fsfdt\fwinn\fwinn.exe |
"UDP Query User{987B6DE8-20E1-4016-A566-88D776722BD1}G:\fsfdt\fwinn\fwinn.exe" = protocol=17 | dir=in | app=g:\fsfdt\fwinn\fwinn.exe |
"UDP Query User{CF961853-E457-493F-9A31-F8049837E18C}G:\fsfdt\control panel\fsfdtcp.exe" = protocol=17 | dir=in | app=g:\fsfdt\control panel\fsfdtcp.exe |
"UDP Query User{E14126E0-D9DA-4230-947E-018987A00694}F:\programy\gadu-gadu\gg.exe" = protocol=17 | dir=in | app=f:\programy\gadu-gadu\gg.exe |
"UDP Query User{EFBBA270-F26A-41C6-951B-05858E127850}F:\gry\shift2 unleashed\shift2u.exe" = protocol=17 | dir=in | app=f:\gry\shift2 unleashed\shift2u.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300" = Canon iP4300
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{7F05E704-30A6-421A-97A7-8EEB1C7FF011}" = Corel Shell Extension - 64Bit
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EB7C6F78-2A27-4FEF-A98B-5F2698DC4CBF}" = Saitek SD6 Programming Software 6.6.6.9
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Pen Tablet Driver" = Bamboo
"WinRAR archiver" = Archiwizator WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW® Graphics Suite X4
"_{80FDAE30-CDB6-4015-AFC7-86A762A5AD9B}" = CorelDRAW® Graphics Suite X4 - Extra Content
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension
"{0372FD44-1579-45C9-96E9-4B2CAEE8BF84}" = NL2000V4_installer
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1A9DAB4D-46CD-4CBF-A9FC-28D8AA8D2FCF}" = CorelDRAW Graphics Suite X4 - Lang BR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20708FD5-E94D-4097-A21E-E28564CDBC06}" = PMDG 737 8900 NGX
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{300A2961-B2B5-4889-9CB9-5C2A570D08AD}" = Debugging Tools for Windows (x86)
"{30E21AA5-8C85-4155-8D2B-525EEF63171A}" = Microsoft Flight Simulator X Service Pack 2
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{40FC81EA-21F7-44FB-A6F2-A4D6328F4C4F}" = CorelDRAW Graphics Suite X4 - Lang SU
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{6834B8AE-D23B-4B26-A919-6515844CF2BA}" = CorelDRAW Graphics Suite X4 - Lang PL
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D6A26D5-492A-49BD-B30D-546B2F3E4793}" = Real Environment Xtreme - Overdrive
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7F05E704-30A6-421A-97A7-8EEB1C7FF000}" = CorelDRAW Graphics Suite X4
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{7F05E704-30A6-421A-97A7-8EEB1C7FF100}" = CorelDRAW Graphics Suite X4 - Lang EN
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80FDAE30-CDB6-4015-AFC7-86A762A5AD9B}" = CorelDRAW Graphics Suite X4 - Extra Content
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_HOMESTUDENTR_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0415-1000-0000000FF1CE}_HOMESTUDENTR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_HOMESTUDENTR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.1
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C8C8E51-4A2A-476D-9B0C-C7EF3440F8F0}" = COMODO BackUp
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CDA415B-974B-4384-8CA6-9327D5B4270B}" = CorelDRAW Graphics Suite X4 - Lang SV
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{9D306690-3173-42CD-94C6-9EF9318AF24B}" = CorelDRAW Graphics Suite X4 - Lang FR
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A6C27FFF-75EF-4B5B-A64E-F9E128994908}" = CorelDRAW Graphics Suite X4 - Lang NL
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AEFBAC58-2DDD-4CEF-BDFD-52A5A5F432ED}" = CorelDRAW Graphics Suite X4 - Lang DE
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications ® Core - English
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C2FB0D87-206A-4EFE-9195-B4BDA1D97AEB}" = CLOUD9 Xclass World 1.00
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension
"{D0160DD3-6F62-4F1E-B999-6C68D3AE7390}" = CorelDRAW Graphics Suite X4 - Lang IT
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2827848-7D2A-4547-9AD1-C965FB3E6344}" = CorelDRAW Graphics Suite X4 - Lang ES
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications ® Core
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F32F502E-4398-4159-B3C9-3336AEDE6FEB}" = Real Environment Xtreme 2.0
"{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FB56079B-7D0C-4D1D-864A-09BA159CC31B}" = Active Sky Evolution
"{FB647DBE-2231-405D-AC36-C73246CBE305}" = PMDG BAe JS4100
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"{FFFE7261-2318-4227-B827-E9E05E16DFE5}" = CorelDRAW Graphics Suite X4 - Lang CZ
"Aarhus Airport X" = Aarhus Airport X
"Adobe AIR" = Adobe AIR
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"Afterburner" = MSI Afterburner 2.1.0
"ALLPlayer_is1" = ALLPlayer V5.X
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"avast" = avast! Free Antivirus
"Ben Gurion Airport 2006" = Ben Gurion Airport 2006
"Carenado CT210M Centurion II FSX" = Carenado CT210M Centurion II FSX
"EPSON Scanner" = EPSON Scan
"FSFDT FSCopilot" = FSFDT FSCopilot
"FSFDT FSInn" = FSFDT FSInn
"Gadu-Gadu 10" = Gadu-Gadu 10
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń
"InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"MozBackup" = MozBackup 1.4.9
"Mozilla Firefox 13.0.1 (x86 pl)" = Mozilla Firefox 13.0.1 (x86 pl)
"Mozilla Thunderbird 12.0.1 (x86 pl)" = Mozilla Thunderbird 12.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"RocketDock_is1" = RocketDock 1.3.5
"SP1_F535B2CF-C9BB-4162-B03A-02D6971F32CC" = Microsoft Flight Simulator X Service Pack 1
"UK2000 Gatwick FREE" = Remove UK2000 Gatwick FREE files
"uTorrent" = µTorrent
"VATSpy" = VAT-Spy
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Winamp" = Winamp

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-4010295303-3994830961-2847114166-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"e16201be0cba039f" = vroute.info premium
"FreeTrack v2.2.0.279" = FreeTrack v2.2.0.279
"Torino Caselle FSX" = Torino Caselle FSX
"Ultimate Terrain X - Europe" = Ultimate Terrain X - Europe

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-06-03 16:16:42 | Computer Name = Lucas-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 2012-06-03 17:03:01 | Computer Name = Lucas-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd fsx.exe, wersja 10.0.61472.0, sygnatura
czasowa 0x475e17d3, moduł powodujący błąd unknown, wersja 0.0.0.0, sygnatura czasowa
0x00000000, kod wyjątku 0xc0000005, przesunięcie błędu 0x04246c81, identyfikator
procesu 0x1350, godzina rozpoczęcia aplikacji 0x01cd41cb72b843c0.

Error - 2012-06-07 13:45:01 | Computer Name = Lucas-PC | Source = Application Hang | ID = 1002
Description = Program fsx.exe w wersji 10.0.61472.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: d98 Godzina rozpoczęcia: 01cd44d44bbe8e76
Godzina
zakończenia: 278

Error - 2012-06-10 11:27:28 | Computer Name = Lucas-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd fsx.exe, wersja 10.0.61472.0, sygnatura
czasowa 0x475e17d3, moduł powodujący błąd unknown, wersja 0.0.0.0, sygnatura czasowa
0x00000000, kod wyjątku 0xc0000005, przesunięcie błędu 0x04246c81, identyfikator
procesu 0x7dc, godzina rozpoczęcia aplikacji 0x01cd471bbda4bc73.

Error - 2012-06-10 15:51:31 | Computer Name = Lucas-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd fsx.exe, wersja 10.0.61472.0, sygnatura
czasowa 0x475e17d3, moduł powodujący błąd unknown, wersja 0.0.0.0, sygnatura czasowa
0x00000000, kod wyjątku 0xc0000005, przesunięcie błędu 0x04246c81, identyfikator
procesu 0x1304, godzina rozpoczęcia aplikacji 0x01cd473566b8b98d.

Error - 2012-06-11 16:20:26 | Computer Name = Lucas-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd fsx.exe, wersja 10.0.61472.0, sygnatura
czasowa 0x475e17d3, moduł powodujący błąd unknown, wersja 0.0.0.0, sygnatura czasowa
0x00000000, kod wyjątku 0xc0000005, przesunięcie błędu 0x04246c81, identyfikator
procesu 0xa4c, godzina rozpoczęcia aplikacji 0x01cd480f6eb21bc0.

Error - 2012-06-12 14:42:45 | Computer Name = Lucas-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd fsx.exe, wersja 10.0.61472.0, sygnatura
czasowa 0x475e17d3, moduł powodujący błąd unknown, wersja 0.0.0.0, sygnatura czasowa
0x00000000, kod wyjątku 0xc0000005, przesunięcie błędu 0x04246c81, identyfikator
procesu 0x5dc, godzina rozpoczęcia aplikacji 0x01cd48c91536c36a.

Error - 2012-06-13 16:16:15 | Computer Name = Lucas-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd fsx.exe, wersja 10.0.61472.0, sygnatura
czasowa 0x475e17d3, moduł powodujący błąd d3d9.dll, wersja 1.0.0.1, sygnatura czasowa
0x48751493, kod wyjątku 0xc0000005, przesunięcie błędu 0x00006d1c, identyfikator
procesu 0xd30, godzina rozpoczęcia aplikacji 0x01cd498fbee979f5.

Error - 2012-06-18 12:13:20 | Computer Name = Lucas-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd fsx.exe, wersja 10.0.61472.0, sygnatura
czasowa 0x475e17d3, moduł powodujący błąd unknown, wersja 0.0.0.0, sygnatura czasowa
0x00000000, kod wyjątku 0xc0000005, przesunięcie błędu 0x04246c81, identyfikator
procesu 0x1334, godzina rozpoczęcia aplikacji 0x01cd4d6a8322b950.

Error - 2012-06-18 15:19:38 | Computer Name = Lucas-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd fsx.exe, wersja 10.0.61472.0, sygnatura
czasowa 0x475e17d3, moduł powodujący błąd unknown, wersja 0.0.0.0, sygnatura czasowa
0x00000000, kod wyjątku 0xc0000005, przesunięcie błędu 0x04246c81, identyfikator
procesu 0x13ac, godzina rozpoczęcia aplikacji 0x01cd4d79d9e85330.

[ System Events ]
Error - 2012-04-22 15:25:18 | Computer Name = Lucas-PC | Source = Print | ID = 19
Description = Bufor wydruku nie może udostępnić drukarki Canon iP4300 z nazwą udostępnionego
zasobu Canon iP4300. Błąd 2114. Inne osoby w sieci nie mogą korzystać z drukarki.

Error - 2012-04-23 13:27:02 | Computer Name = Lucas-PC | Source = Print | ID = 19
Description = Bufor wydruku nie może udostępnić drukarki Canon iP4300 z nazwą udostępnionego
zasobu Canon iP4300. Błąd 2114. Inne osoby w sieci nie mogą korzystać z drukarki.

Error - 2012-04-25 12:46:45 | Computer Name = Lucas-PC | Source = Print | ID = 19
Description = Bufor wydruku nie może udostępnić drukarki Canon iP4300 z nazwą udostępnionego
zasobu Canon iP4300. Błąd 2114. Inne osoby w sieci nie mogą korzystać z drukarki.

Error - 2012-04-26 07:39:20 | Computer Name = Lucas-PC | Source = Print | ID = 19
Description = Bufor wydruku nie może udostępnić drukarki Canon iP4300 z nazwą udostępnionego
zasobu Canon iP4300. Błąd 2114. Inne osoby w sieci nie mogą korzystać z drukarki.

Error - 2012-04-26 16:17:29 | Computer Name = Lucas-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-26 16:19:12 | Computer Name = Lucas-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-29 14:58:21 | Computer Name = Lucas-PC | Source = Print | ID = 19
Description = Bufor wydruku nie może udostępnić drukarki Canon iP4300 z nazwą udostępnionego
zasobu Canon iP4300. Błąd 2114. Inne osoby w sieci nie mogą korzystać z drukarki.

Error - 2012-05-01 04:44:39 | Computer Name = Lucas-PC | Source = Print | ID = 19
Description = Bufor wydruku nie może udostępnić drukarki Canon iP4300 z nazwą udostępnionego
zasobu Canon iP4300. Błąd 2114. Inne osoby w sieci nie mogą korzystać z drukarki.

Error - 2012-05-01 06:33:44 | Computer Name = Lucas-PC | Source = Print | ID = 19
Description = Bufor wydruku nie może udostępnić drukarki Canon iP4300 z nazwą udostępnionego
zasobu Canon iP4300. Błąd 2114. Inne osoby w sieci nie mogą korzystać z drukarki.

Error - 2012-05-01 09:01:08 | Computer Name = Lucas-PC | Source = DCOM | ID = 10010
Description =


< End of report >
[/log]

[b]RSIT[/b]
log.txt
[log]
Logfile of random's system information tool 1.09 (written by random/random)
Run by Lucas at 2012-06-19 18:59:45
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 35 GB (35%) free of 100 GB
Total RAM: 8189 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:59:58, on 2012-06-19
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\vVX1000.exe
F:\Programy\RocketDock\RocketDock.exe
C:\OFFICE2007\Office12\ONENOTEM.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
F:\Instalacje\_NAPRAWA WINDOWS - BSOD\RSIT\RSIT.exe
C:\Program Files (x86)\trend micro\Lucas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.gazeta.pl/0,0.html?p=125"]http://www.gazeta.pl/0,0.html?p=125[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - F:\Programy\ALLPlayer\Iplex\IplexToALLPlayer.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RocketDock] "F:\Programy\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ALLUpdate] "F:\Programy\ALLPlayer\ALLUpdate.exe" "sleep"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA')
O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\OFFICE2007\Office12\ONENOTEM.EXE
O4 - Startup: Windows Calendar.lnk = D:\Program Files\Windows Calendar\WinCal.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\OFFICE~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\OFFICE~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\OFFICE~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\OFFICE~1\Office12\REFIEBAR.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Comodo BackUp Service (SynchronizationService.exe) - Unknown owner - F:\Programy\Comodo Backup\SynchronizationService.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8734 bytes

======Scheduled tasks folder======

C:\Windows\tasks\CBU taskID 63354006095 0.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\qocaamdg.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.gazeta.pl/0, 0.html?p=125"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17, {e06bacc0-d6f8-11de-8a39-0800200c9a66}:3.6"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?client=ff&src=kw&tb=ANT&o=102825&locale=en_US&apn_uid=84F40A5D-7512-440C-898B-11ECE2E81CA3&apn_ptnrs=4R&apn_sauid=5232222F-98F5-4597-A12B-40A1451D87C1&apn_dtid=YYYYYYYYPL&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
allegro-pl.xml
fbc-pl.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\qocaamdg.default\extensions\
2020Player_IKEA@2020Technologies.com
IplextoALL@ALLPlayer.org
toolbar@ask.com
{20a82645-c095-46ed-80e3-08825760534b}
{99e34760-2754-11e0-91fa-0800200c9a66}

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\qocaamdg.default\searchplugins\
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-03-11 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-03-11 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
IplexToALLPlayer - F:\Programy\ALLPlayer\Iplex\IplexToALLPlayer.dll [2011-02-09 400384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2010-08-11 2472048]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"RocketDock"=F:\Programy\RocketDock\RocketDock.exe [2007-09-02 495616]
"ALLUpdate"=F:\Programy\ALLPlayer\ALLUpdate.exe [2011-08-16 1379840]

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - C:\OFFICE2007\Office12\ONENOTEM.EXE
Windows Calendar.lnk - C:\Program Files (x86)\Windows Calendar\WinCal.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw32.dll
"msacm.lameacm"=lameACM.acm
"msacm.ac3acm"=ac3acm.acm
""=
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3filter"=ac3filter.acm
"vidc.x264"=x264vfw.dll
"msacm.avis"=ff_acm.acm
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv

======List of files/folders created in the last 2 months======

2012-06-19 18:59:45 ----D---- C:\rsit
2012-06-19 18:59:45 ----D---- C:\Program Files (x86)\trend micro
2012-06-19 17:07:33 ----A---- C:\Windows\SysWOW64\wuwebv.dll
2012-06-19 17:07:32 ----A---- C:\Windows\SysWOW64\wuapp.exe
2012-06-18 21:50:10 ----D---- C:\symbols
2012-06-18 17:28:01 ----D---- C:\Windows\Minidump
2012-06-12 19:54:41 ----A---- C:\Windows\SysWOW64\mshtml.dll
2012-06-12 19:54:41 ----A---- C:\Windows\SysWOW64\ieframe.dll
2012-06-12 19:54:40 ----A---- C:\Windows\SysWOW64\wininet.dll
2012-06-12 19:54:40 ----A---- C:\Windows\SysWOW64\urlmon.dll
2012-06-12 19:54:40 ----A---- C:\Windows\SysWOW64\mstime.dll
2012-06-12 19:54:40 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2012-06-12 19:54:40 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2012-06-12 19:54:39 ----A---- C:\Windows\SysWOW64\url.dll
2012-06-12 19:54:39 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2012-06-12 19:54:39 ----A---- C:\Windows\SysWOW64\ieui.dll
2012-06-12 19:54:39 ----A---- C:\Windows\SysWOW64\iertutil.dll
2012-06-12 19:54:39 ----A---- C:\Windows\SysWOW64\iepeers.dll
2012-06-12 19:54:39 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2012-06-12 19:54:36 ----A---- C:\Windows\SysWOW64\cryptsvc.dll
2012-06-12 19:54:36 ----A---- C:\Windows\SysWOW64\cryptnet.dll
2012-06-12 19:54:36 ----A---- C:\Windows\SysWOW64\crypt32.dll
2012-05-20 09:04:24 ----D---- C:\Windows\Sun
2012-05-09 18:13:52 ----A---- C:\Windows\SysWOW64\DWrite.dll
2012-05-09 18:13:52 ----A---- C:\Windows\SysWOW64\d3d10warp.dll
2012-05-09 18:13:52 ----A---- C:\Windows\SysWOW64\d3d10_1core.dll
2012-05-09 18:13:51 ----A---- C:\Windows\SysWOW64\d3d10_1.dll
2012-05-09 18:13:51 ----A---- C:\Windows\SysWOW64\d2d1.dll
2012-05-01 13:28:59 ----ASH---- C:\hiberfil.sys
2012-05-01 13:24:53 ----D---- C:\ProgramData\NVIDIA
2012-05-01 13:23:09 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2012-05-01 13:20:26 ----D---- C:\ProgramData\NVIDIA Corporation
2012-05-01 13:19:02 ----A---- C:\Windows\SysWOW64\OpenCL.dll
2012-05-01 13:19:02 ----A---- C:\Windows\SysWOW64\nvwgf2um.dll
2012-05-01 13:19:02 ----A---- C:\Windows\SysWOW64\nvoglv32.dll
2012-05-01 13:19:02 ----A---- C:\Windows\SysWOW64\nvd3dum.dll
2012-05-01 13:19:02 ----A---- C:\Windows\SysWOW64\nvcuvid.dll
2012-05-01 13:19:02 ----A---- C:\Windows\SysWOW64\nvcuvenc.dll
2012-05-01 13:19:02 ----A---- C:\Windows\SysWOW64\nvcuda.dll
2012-05-01 13:19:02 ----A---- C:\Windows\SysWOW64\nvcompiler.dll
2012-05-01 13:19:02 ----A---- C:\Windows\SysWOW64\nvapi.dll
2012-04-27 19:37:54 ----D---- C:\ProgramData\Mozilla
2012-04-27 19:37:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-04-26 17:39:18 ----D---- C:\Users\Lucas\AppData\Roaming\Gadu-Gadu 10
2012-04-26 17:38:26 ----D---- C:\ProgramData\Gadu-Gadu 10
2012-04-22 22:00:57 ----A---- C:\Windows\iun506.exe
2012-04-21 18:13:47 ----D---- C:\Users\Lucas\AppData\Roaming\vlc

======List of files/folders modified in the last 2 months======

2012-06-19 18:59:58 ----D---- C:\Windows\Prefetch
2012-06-19 18:59:50 ----D---- C:\Windows\Temp
2012-06-19 18:59:45 ----RD---- C:\Program Files (x86)
2012-06-19 18:09:27 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2012-06-19 17:57:52 ----D---- C:\Windows\System32
2012-06-19 17:57:52 ----D---- C:\Windows\inf
2012-06-19 17:23:30 ----D---- C:\Windows\rescache
2012-06-19 17:17:33 ----SHD---- C:\System Volume Information
2012-06-19 17:09:05 ----D---- C:\Windows\winsxs
2012-06-19 17:09:05 ----D---- C:\Windows\SysWOW64
2012-06-18 21:46:13 ----SHD---- C:\Windows\Installer
2012-06-18 21:24:33 ----A---- C:\Windows\SysWOW64\log.txt
2012-06-18 17:28:01 ----D---- C:\Windows
2012-06-17 09:16:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-06-13 12:52:39 ----D---- C:\Windows\Microsoft.NET
2012-06-13 12:52:29 ----RSD---- C:\Windows\assembly
2012-06-12 23:27:07 ----D---- C:\Windows\SysWOW64\pl-PL
2012-06-12 23:27:06 ----D---- C:\Windows\SysWOW64\migration
2012-06-12 23:27:06 ----D---- C:\Program Files (x86)\Internet Explorer
2012-05-17 22:58:00 ----SD---- C:\ProgramData\Microsoft
2012-05-15 21:11:45 ----RSD---- C:\Windows\Fonts
2012-05-11 21:19:11 ----D---- C:\Users\Lucas\AppData\Roaming\Adobe
2012-05-09 18:39:28 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-05-09 18:38:26 ----D---- C:\Windows\SysWOW64\XPSViewer
2012-05-09 18:25:43 ----D---- C:\Windows\Debug
2012-05-09 18:25:27 ----D---- C:\ProgramData\Microsoft Help
2012-05-05 18:14:59 ----D---- C:\ProgramData\Solidshield
2012-05-01 13:24:53 ----HD---- C:\ProgramData
2012-05-01 13:21:38 ----D---- C:\Windows\Help
2012-05-01 13:21:01 ----D---- C:\NVIDIA
2012-05-01 13:18:13 ----RD---- C:\Program Files
2012-04-26 22:20:21 ----D---- C:\Windows\LiveKernelReports
2012-04-22 15:52:24 ----D---- C:\Users\Lucas\AppData\Roaming\Winamp
2012-04-22 14:36:58 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-04-21 18:14:00 ----D---- C:\Users\Lucas\AppData\Roaming\uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 bdisk;C.O.M.O.D.O. Disk Raw Access Filter; C:\Windows\SysWOW64\drivers\bdisk.sys [2010-01-07 74328]
R0 CBUfs;CBUFS; C:\Windows\sysWOW64\DRIVERS\CBUFS.sys [2010-01-07 140248]
R1 AswRdr;aswRdr; C:\Windows\SysWOW64\drivers\AswRdr.sys []
R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\F:\Programy\overclocking\HWiNFO32\HWiNFO64A.SYS [2010-09-30 28032]
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
R3 SaiH075C;SaiH075C; C:\Windows\system32\DRIVERS\SaiH075C.sys []
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys []
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys []
R3 usbaudio;Sterownik audio USB (WDM); C:\Windows\system32\drivers\usbaudio.sys []
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys []
R3 VX1000;VX-1000; C:\Windows\system32\DRIVERS\VX1000.sys []
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys []
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []
S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys []
S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-05-20 199536]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
R2 SynchronizationService.exe;Comodo BackUp Service; F:\Programy\Comodo Backup\SynchronizationService.exe [2010-01-07 1143032]
R2 TabletServicePen;TabletServicePen; C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 6583160]
R2 TouchServicePen;Wacom Consumer Touch Service; C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 528760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-03-09 1044816]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]

-----------------EOF-----------------

[/log]


Info.txt
[log]
info.txt logfile of random's system information tool 1.09 2012-06-19 19:00:00

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->MsiExec /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
µTorrent-->"F:\Programy\uTorrent\uTorrent.exe" /UNINSTALL
Aarhus Airport X-->G:\FSX\Addon Scenery\uninstall_aarhus_airport_x.exe
Active Sky Evolution-->MsiExec.exe /I{FB56079B-7D0C-4D1D-864A-09BA159CC31B}
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files (x86)\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Reader X (10.1.2)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001}
Adobe Setup-->MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {04E205D6-88B1-4652-B162-42DF2C3B1228}
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {128A36ED-21BE-4547-9FFE-5B85AEC735DD}
ALLConverter PRO 1.1-->"C:\Program Files (x86)\ALLConverter PRO\unins000.exe"
ALLPlayer V5.X-->"F:\Programy\ALLPlayer\unins000.exe"
Ashampoo Burning Studio 6 FREE v.6.80-->"F:\Programy\Ashampoo Burning Studio 6 FREE\unins000.exe"
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Ben Gurion Airport 2006-->G:\FSX\Uninstal.exe
Carenado CT210M Centurion II FSX-->G:\FSX\uninstall.exe
CLOUD9 Xclass World 1.00-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C2FB0D87-206A-4EFE-9195-B4BDA1D97AEB}\Setup.exe" -l0x9
COMODO BackUp-->MsiExec.exe /X{9C8C8E51-4A2A-476D-9B0C-C7EF3440F8F0}
CorelDRAW Graphics Suite X4 - Capture-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF012}
CorelDRAW Graphics Suite X4 - Content-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF016}
CorelDRAW Graphics Suite X4 - Draw-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF013}
CorelDRAW Graphics Suite X4 - Extra Content-->MsiExec.exe /I{80FDAE30-CDB6-4015-AFC7-86A762A5AD9B}
CorelDRAW Graphics Suite X4 - Filters-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF017}
CorelDRAW Graphics Suite X4 - FontNav-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF019}
CorelDRAW Graphics SUite X4 - ICA-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF010}
CorelDRAW Graphics Suite X4 - IPM-->MsiExec.exe /I{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}
CorelDRAW Graphics Suite X4 - Lang BR-->MsiExec.exe /I{1A9DAB4D-46CD-4CBF-A9FC-28D8AA8D2FCF}
CorelDRAW Graphics Suite X4 - Lang CZ-->MsiExec.exe /I{FFFE7261-2318-4227-B827-E9E05E16DFE5}
CorelDRAW Graphics Suite X4 - Lang DE-->MsiExec.exe /I{AEFBAC58-2DDD-4CEF-BDFD-52A5A5F432ED}
CorelDRAW Graphics Suite X4 - Lang EN-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF100}
CorelDRAW Graphics Suite X4 - Lang ES-->MsiExec.exe /I{D2827848-7D2A-4547-9AD1-C965FB3E6344}
CorelDRAW Graphics Suite X4 - Lang FR-->MsiExec.exe /I{9D306690-3173-42CD-94C6-9EF9318AF24B}
CorelDRAW Graphics Suite X4 - Lang IT-->MsiExec.exe /I{D0160DD3-6F62-4F1E-B999-6C68D3AE7390}
CorelDRAW Graphics Suite X4 - Lang NL-->MsiExec.exe /I{A6C27FFF-75EF-4B5B-A64E-F9E128994908}
CorelDRAW Graphics Suite X4 - Lang PL-->MsiExec.exe /I{6834B8AE-D23B-4B26-A919-6515844CF2BA}
CorelDRAW Graphics Suite X4 - Lang SU-->MsiExec.exe /I{40FC81EA-21F7-44FB-A6F2-A4D6328F4C4F}
CorelDRAW Graphics Suite X4 - Lang SV-->MsiExec.exe /I{9CDA415B-974B-4384-8CA6-9327D5B4270B}
CorelDRAW Graphics Suite X4 - PP-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF014}
CorelDRAW Graphics Suite X4 - VBA-->MsiExec.exe /I{BF439B41-0252-48DE-8B8B-0430CB26A181}
CorelDRAW Graphics Suite X4-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF000}
CorelDRAW® Graphics Suite X4 - Extra Content-->f:\Programy\CorelDRAW X4 Extras\Setup\SetupARP.exe /arp
CorelDRAW® Graphics Suite X4 - Windows Shell Extension-->C:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\Uninst.exe
CorelDRAW® Graphics Suite X4 - Windows Shell Extension-->MsiExec.exe /X{CE2DA11A-917F-4CF5-AB55-755EC115DD10}
CorelDRAW® Graphics Suite X4-->f:\Programy\CorelDRAW Graphics Suite X4\Setup\SetupARP.exe /arp
Debugging Tools for Windows (x86)-->MsiExec.exe /I{300A2961-B2B5-4889-9CB9-5C2A570D08AD}
EPSON Scan-->C:\Program Files (x86)\epson\escndv\setup\setup.exe /r
FSFDT FSCopilot-->G:\FSFDT\uninstallFSCopilot.exe
FSFDT FSInn-->G:\FSFDT\uninstallFSInn.exe
Gadu-Gadu 10-->F:\Programy\Gadu-Gadu\Uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
Java™ 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF}
Microsoft Corporation-->MsiExec.exe /I{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}
Microsoft Flight Simulator X Service Pack 1-->C:\Windows\SysWOW64\msiexec.exe /qb /l*vx "%TEMP%\FlightSimPatchUninstall.log" /uninstall {C949DAF3-9079-4EFF-92B4-345A83313158} /package {F535B2CF-C9BB-4162-B03A-02D6971F32CC}
Microsoft Flight Simulator X Service Pack 2-->MsiExec.exe /X{30E21AA5-8C85-4155-8D2B-525EEF63171A}
Microsoft Flight Simulator X-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F535B2CF-C9BB-4162-B03A-02D6971F32CC}
Microsoft Flight Simulator X-->MsiExec.exe /X{F535B2CF-C9BB-4162-B03A-02D6971F32CC}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {01CC3B2D-70DB-49DC-839A-A923D2A39EA4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {01CC3B2D-70DB-49DC-839A-A923D2A39EA4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {01CC3B2D-70DB-49DC-839A-A923D2A39EA4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0415-1000-0000000FF1CE} /uninstall {0C8AB602-A234-45AB-B355-4C863C1D2FA8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0415-0000-0000000FF1CE} /uninstall {0C8AB602-A234-45AB-B355-4C863C1D2FA8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0415-0000-0000000FF1CE} /uninstall {01CC3B2D-70DB-49DC-839A-A923D2A39EA4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}
Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}
Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
MozBackup 1.4.9-->F:\Programy\MozBackup\Uninstall.exe
Mozilla Firefox 13.0.1 (x86 pl)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Mozilla Thunderbird 12.0.1 (x86 pl)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
MSI Afterburner 2.1.0-->"F:\Programy\MSI Afterburner\uninstall.exe"
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
NapiProjekt 2.0.0 (build 2151)-->"C:\Program Files (x86)\NapiProjekt\unins000.exe"
NL2000V4_installer-->MsiExec.exe /I{0372FD44-1579-45C9-96E9-4B2CAEE8BF84}
NVIDIA PhysX-->MsiExec.exe /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PMDG 737 8900 NGX-->"C:\Program Files (x86)\InstallShield Installation Information\{20708FD5-E94D-4097-A21E-E28564CDBC06}\setup.exe" -runfromtemp -l0x0409 -removeonly
PMDG BAe JS4100-->C:\Program Files (x86)\InstallShield Installation Information\{FB647DBE-2231-405D-AC36-C73246CBE305}\setup.exe -runfromtemp -l0x0009 -removeonly
Real Environment Xtreme - Overdrive-->MsiExec.exe /I{6D6A26D5-492A-49BD-B30D-546B2F3E4793}
Real Environment Xtreme 2.0-->MsiExec.exe /I{F32F502E-4398-4159-B3C9-3336AEDE6FEB}
Realtek 8136 8168 8169 Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly
Remove UK2000 Gatwick FREE files-->C:\Windows\iun506.exe G:\FSX\Addon Scenery\EGKK UK2000 Free\UK2000 Gatwick FREE\irunin.ini
RocketDock 1.3.5-->"F:\Programy\RocketDock\unins000.exe"
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {480E8A87-3B8C-3ECE-8CEA-6B2349AE1C1F} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {897A5D64-963A-3C11-A176-F6766BD09D16} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {31C0F635-15AD-4AA3-A3C6-B542B403D0EE}
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3069CE04-082C-4669-9BA1-E6AA66330C1F}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {ABB5F56F-FC55-4C7E-9622-B8A1E670BAFC}
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B4C12F08-B0EF-4CC4-AD5F-381DD62BF640}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {075C2272-0881-46D3-B3A5-1D83D6940270}
Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
SHIFT 2 UNLEASHED™-->MsiExec.exe /X{E8C37E27-5205-4C8A-BECB-B00533045AAE}
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
VAT-Spy-->"G:\VATSpy\uninstall.exe"
VIA Platforma Menedżera urządzeń-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
WebTablet FB Plugin-->"C:\Program Files (x86)\TabletPlugins\fbWTPUninstall.exe"
WebTablet IE Plugin-->"C:\Program Files (x86)\TabletPlugins\ieUninstall.exe" /S
WebTablet Netscape Plugin-->"C:\Program Files (x86)\TabletPlugins\npUninstall.exe" /S
Winamp-->"F:\Programy\Winamp\UninstWA.exe"

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AS: Spybot - Search and Destroy (disabled)
AS: Windows Defender

======System event log======

Computer Name: Lucas-PC
Event Code: 4372
Message: Obsługa systemu Windows nadaje pakietowi KB2518866(Security Update) stan Żądana instalacja(Install Requested).
Record Number: 15064
Source Name: Microsoft-Windows-Servicing
Time Written: 20120308173541.000000-000
Event Type: Informacje
User: Lucas-PC\Lucas

Computer Name: Lucas-PC
Event Code: 4372
Message: Obsługa systemu Windows nadaje pakietowi KB2518866(Security Update) stan Żądana instalacja(Install Requested).
Record Number: 15063
Source Name: Microsoft-Windows-Servicing
Time Written: 20120308173541.000000-000
Event Type: Informacje
User: Lucas-PC\Lucas

Computer Name: Lucas-PC
Event Code: 4372
Message: Obsługa systemu Windows nadaje pakietowi KB2518866(Security Update) stan Żądana instalacja(Install Requested).
Record Number: 15062
Source Name: Microsoft-Windows-Servicing
Time Written: 20120308173541.000000-000
Event Type: Informacje
User: Lucas-PC\Lucas

Computer Name: Lucas-PC
Event Code: 4372
Message: Obsługa systemu Windows nadaje pakietowi KB2518866(Security Update) stan Żądana instalacja(Install Requested).
Record Number: 15061
Source Name: Microsoft-Windows-Servicing
Time Written: 20120308173541.000000-000
Event Type: Informacje
User: Lucas-PC\Lucas

Computer Name: Lucas-PC
Event Code: 4386
Message: Obsługa systemu Windows zażądała ponownego uruchomienia w celu ukończenia zmieniania stanu aktualizacji 2518866-82_neutral_GDR z pakietu KB2518866(Security Update) na Przemieszczanie(Staging).
Record Number: 15060
Source Name: Microsoft-Windows-Servicing
Time Written: 20120308173540.000000-000
Event Type: Informacje
User: Lucas-PC\Lucas

=====Application event log=====

Computer Name: 26L2233C5-02
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 5
Source Name: Microsoft-Windows-WMI
Time Written: 20120307204203.000000-000
Event Type: Informacje
User:

Computer Name: LH-GL3GDNRSLBV4
Event Code: 4625
Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 4
Source Name: Microsoft-Windows-EventSystem
Time Written: 20120307204159.000000-000
Event Type: Informacje
User:

Computer Name: LH-GL3GDNRSLBV4
Event Code: 900
Message: Usługa licencjonowania oprogramowania jest uruchamiana.

Record Number: 3
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20120307204159.000000-000
Event Type: Informacje
User:

Computer Name: LH-GL3GDNRSLBV4
Event Code: 1531
Message: Usługa profilów użytkowników została uruchomiona pomyślnie.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120307204159.000000-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: 26L2233C5-02
Event Code: 2
Message: Klient usług certyfikatów został zatrzymany.
Record Number: 1
Source Name: Microsoft-Windows-CertificateServicesClient
Time Written: 20061102160326.622800-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

=====Security event log=====

Computer Name: 26L2233C5-02
Event Code: 4902
Message: Utworzono tabelę zasad inspekcji użytkownika.

Liczba elementów: 0
Identyfikator zasad: 0x76b89
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120307204136.943677-000
Event Type: Sukces inspekcji
User:

Computer Name: 26L2233C5-02
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-0-0
Nazwa konta: -
Domena konta: -
Identyfikator logowania: 0x0

Typ logowania: 0

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x4
Nazwa procesu:

Informacje o sieci:
Nazwa stacji roboczej: -
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: -
Pakiet uwierzytelniania: -
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120307204135.477267-000
Event Type: Sukces inspekcji
User:

Computer Name: 26L2233C5-02
Event Code: 4608
Message: Trwa uruchamianie systemu Windows.

To zdarzenie jest rejestrowane w momencie uruchamiania programu LSASS.EXE i inicjowania podsystemu inspekcji.
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120307204135.461667-000
Event Type: Sukces inspekcji
User:

Computer Name: 26L2233C5-02
Event Code: 4647
Message: Użytkownik zainicjował wylogowanie:

Podmiot:
Identyfikator zabezpieczeń: S-1-5-21-648475608-3785308014-1074865891-500
Nazwa konta: Administrator
Domena konta: 26L2233C5-02
Identyfikator logowania: 0x9015a

To zdarzenie jest generowane, gdy zostanie zainicjowane wylogowanie, ale liczba odwołań do tokenu nie jest równa zero i nie można zniszczyć sesji logowania. Nie mogą występować dalsze działania inicjowane przez użytkownika. To zdarzenie można interpretować jako zdarzenie wylogowania.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20061102160327.543200-000
Event Type: Sukces inspekcji
User:

Computer Name: 26L2233C5-02
Event Code: 4634
Message: Użytkownik wylogował się z konta.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-7
Nazwa konta: ANONYMOUS LOGON
Domena konta: NT AUTHORITY
Identyfikator logowania: 0x1e48e

Typ logowania: 3

To zdarzenie jest generowane w przypadku zniszczenia sesji logowania.. Można je jednoznacznie skorelować ze zdarzeniem logowania przy użyciu wartości identyfikatora logowania. Identyfikatory logowania są unikatowe tylko między ponownymi rozruchami na tym samym komputerze.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20061102160326.794400-000
Event Type: Sukces inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=1e05
"NUMBER_OF_PROCESSORS"=4
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------

[/log]

I wspomniany dodatek:
[url="http://www.fotoszok.pl/show.php/1101644_zdja-cie0028.jpg.html"][img]http://www.fotoszok.pl/out.php/t1101644_zdja-cie0028.jpg[/img][/url]

Dziś wystąpiło podczas uruchamiania. Nastąpiło przy tym zawieszenie komp. i konieczny był reset.
Kika dni temu miałem podobny objaw podczas zwykłego użytkowania komputera.
Nie wiem czy ma to coś wspólnego z niniejszym BSOD...

Gość
komentarz
komentarz

Tu nie ma żadnej infekcji. Temat powinien zmienic dział.

1. Odinstaluj Spybota. Program nierozwijany i kompletna pomyłka na systemie 64bit

2. Pobierz [b]Adwcleaner[/b] i wykonaj skan z opcji [b]Search[/b]. przedstaw raport.

http://general-changelog-team.fr/outils/289-adwcleaner

luko80
komentarz
komentarz (edytowane)

S&B odinstalowany.
Raport z ADWCleaner:
[log]
# AdwCleaner v1.609 - Logfile created 06/20/2012 at 19:53:09
# Updated 10/06/2012 by Xplode
# Operating system : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# User : Lucas - LUCAS-PC
# Running from : C:\Users\Lucas\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\qocaamdg.default\extensions\toolbar@ask.com
File Found : C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\qocaamdg.default\searchplugins\Askcom.xml

***** [Registry] *****

Key Found : HKCU\Software\Softonic
[x64] Key Found : HKCU\Software\Softonic

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6002.18005

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (pl)

Profile name : default
File : C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\qocaamdg.default\prefs.js

Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.defaultenginename", "Ask.com");
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("extensions.asktb.cbid", "4R");
Found : user_pref("extensions.asktb.crumb", "2011.04.09+07.05.16-toolbar008iad-PL-V2Fyc2F3LFBvbGFuZA%3D%3D")[...]
Found : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&amp;o={o}&amp;l={l}[...]
Found : user_pref("extensions.asktb.dtid", "YYYYYYYYPL");
Found : user_pref("extensions.asktb.first-launch-url", "hxxp://forum.pclab.pl/index.php?showtopic=639758&amp;vie[...]
Found : user_pref("extensions.asktb.l", "dis");
Found : user_pref("extensions.asktb.last-config-req", "1302357917751");
Found : user_pref("extensions.asktb.locale", "en_US");
Found : user_pref("extensions.asktb.o", "102825");
Found : user_pref("extensions.asktb.qsrc", "2871");
Found : user_pref("extensions.asktb.search-plugin-suggestions-url", "hxxp://ss.websearch.ask.com/query?qsrc=[...]
Found : user_pref("extensions.asktb.search-suggestions-enabled", true);
Found : user_pref("extensions.opensearch@ask.com.install-event-fired", true);
Found : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&amp;src=kw&amp;tb=ANT&amp;o=102825&amp;locale=[...]

*************************

AdwCleaner[R1].txt - [2307 octets] - [20/06/2012 19:53:09]

########## EOF - C:\AdwCleaner[R1].txt - [2435 octets] ##########

[/log]

Gość
komentarz
komentarz

Zamknij przegladarki. Uruchom AdwCleaner i kliknij [b]Delete[/b]

Po usuwaniu AdwCleanerem zrób nowy skan OTL i przedstaw raport. Extras juz nie potrzebny

luko80
komentarz
komentarz

Raport z ADWCleanera po usuwaniu:
[log]
# AdwCleaner v1.609 - Logfile created 06/20/2012 at 20:45:07
# Updated 10/06/2012 by Xplode
# Operating system : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# User : Lucas - LUCAS-PC
# Running from : C:\Users\Lucas\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\qocaamdg.default\extensions\toolbar@ask.com
File Deleted : C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\qocaamdg.default\searchplugins\Askcom.xml

***** [Registry] *****

Key Deleted : HKCU\Software\Softonic

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6002.18005

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (pl)

Profile name : default
File : C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\qocaamdg.default\prefs.js

Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("extensions.asktb.cbid", "4R");
Deleted : user_pref("extensions.asktb.crumb", "2011.04.09+07.05.16-toolbar008iad-PL-V2Fyc2F3LFBvbGFuZA%3D%3D")[...]
Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Deleted : user_pref("extensions.asktb.dtid", "YYYYYYYYPL");
Deleted : user_pref("extensions.asktb.first-launch-url", "hxxp://forum.pclab.pl/index.php?showtopic=639758&vie[...]
Deleted : user_pref("extensions.asktb.l", "dis");
Deleted : user_pref("extensions.asktb.last-config-req", "1302357917751");
Deleted : user_pref("extensions.asktb.locale", "en_US");
Deleted : user_pref("extensions.asktb.o", "102825");
Deleted : user_pref("extensions.asktb.qsrc", "2871");
Deleted : user_pref("extensions.asktb.search-plugin-suggestions-url", "hxxp://ss.websearch.ask.com/query?qsrc=[...]
Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Deleted : user_pref("extensions.opensearch@ask.com.install-event-fired", true);
Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ANT&o=102825&locale=[...]

*************************

AdwCleaner[R1].txt - [2434 octets] - [20/06/2012 19:53:09]
AdwCleaner[S1].txt - [2366 octets] - [20/06/2012 20:45:07]

########## EOF - C:\AdwCleaner[S1].txt - [2494 octets] ##########

[/log]

...wykonany po tym test OTL i raport:
[log]
OTL logfile created on: 2012-06-20 20:51:00 - Run 2
OTL by OldTimer - Version 3.2.49.0 Folder = F:\Instalacje\_NAPRAWA WINDOWS - BSOD\OTL
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

8,00 Gb Total Physical Memory | 6,32 Gb Available Physical Memory | 78,98% Memory free
16,04 Gb Paging File | 14,35 Gb Available in Paging File | 89,46% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 35,04 Gb Free Space | 35,88% Space Free | Partition Type: NTFS
Drive D: | 200,43 Gb Total Space | 107,65 Gb Free Space | 53,71% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 24,55 Gb Free Space | 50,28% Space Free | Partition Type: NTFS
Drive F: | 151,60 Gb Total Space | 42,80 Gb Free Space | 28,23% Space Free | Partition Type: NTFS
Drive G: | 97,65 Gb Total Space | 51,87 Gb Free Space | 53,12% Space Free | Partition Type: NTFS

Computer Name: LUCAS-PC | User Name: Lucas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-06-19 18:39:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- F:\Instalacje\_NAPRAWA WINDOWS - BSOD\OTL\OTL.exe
PRC - [2012-03-07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-01-18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2012-01-03 15:10:42 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010-03-12 19:40:20 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2009-04-11 00:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2009-02-26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\OFFICE2007\Office12\ONENOTEM.EXE
PRC - [2007-09-02 14:58:52 | 000,495,616 | ---- | M] () -- F:\Programy\RocketDock\RocketDock.exe
PRC - [2006-11-02 17:04:16 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
PRC - [2006-02-28 12:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-06-20 05:20:43 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12062001\uiext.dll
MOD - [2012-06-19 18:39:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- F:\Instalacje\_NAPRAWA WINDOWS - BSOD\OTL\OTL.exe
MOD - [2012-05-16 00:04:50 | 000,834,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-04-23 18:00:53 | 000,984,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012-04-23 18:00:53 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2012-04-19 17:54:20 | 001,176,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-04-19 17:52:20 | 006,118,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-04-19 17:52:20 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-04-04 22:45:58 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2012-04-04 22:45:55 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012-04-04 22:45:55 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012-04-04 22:38:43 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2012-03-07 02:15:28 | 000,228,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll
MOD - [2012-03-07 02:15:28 | 000,095,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll
MOD - [2012-03-07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2012-03-07 02:15:15 | 004,675,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2012-03-07 02:15:13 | 000,215,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2012-03-07 02:15:10 | 000,399,088 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2012-03-07 02:15:10 | 000,214,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2012-03-07 02:15:10 | 000,027,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2012-03-07 02:15:09 | 002,111,448 | ---- | M] (AVAST! Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll
MOD - [2012-03-07 02:15:09 | 000,217,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2012-03-07 02:15:08 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2012-03-07 02:15:07 | 000,337,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2012-03-07 02:15:07 | 000,184,872 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2012-03-07 02:15:07 | 000,164,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2012-03-07 02:15:07 | 000,153,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2012-03-07 02:15:07 | 000,098,864 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2012-03-07 02:15:07 | 000,050,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2012-03-07 02:15:06 | 000,406,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2012-03-07 02:15:06 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2012-03-07 02:15:03 | 000,345,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2012-03-07 02:15:03 | 000,096,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2012-03-01 02:02:00 | 015,009,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll
MOD - [2012-02-29 17:11:42 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-02-29 17:09:53 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-02-03 17:11:07 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
MOD - [2012-01-18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2012-01-03 15:10:42 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MOD - [2011-12-14 18:17:47 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-11-18 22:55:05 | 001,167,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-16 18:24:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2011-11-16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2011-10-14 18:03:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2011-08-25 18:14:01 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-25 18:14:01 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-06-15 18:12:11 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-04-12 18:11:05 | 000,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-03-02 17:44:26 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-01-21 18:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2011-01-21 18:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2011-01-20 18:07:42 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2011-01-20 18:07:03 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-08-31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010-08-31 17:43:52 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
MOD - [2010-06-28 19:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-04-16 18:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-03-12 19:40:20 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
MOD - [2009-09-25 04:10:10 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009-09-04 13:41:59 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2009-07-17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-04-23 14:15:39 | 000,677,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-04-11 00:28:26 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-04-11 00:28:26 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-04-11 00:28:26 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009-04-11 00:28:26 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-04-11 00:28:26 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-04-11 00:28:26 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2009-04-11 00:28:26 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-04-11 00:28:26 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-04-11 00:28:26 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-04-11 00:28:24 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-04-11 00:28:24 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2009-04-11 00:28:24 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SLC.dll
MOD - [2009-04-11 00:28:24 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2009-04-11 00:28:24 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009-04-11 00:28:24 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-04-11 00:28:24 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-04-11 00:28:24 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-04-11 00:28:22 | 002,241,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2009-04-11 00:28:22 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-04-11 00:28:22 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2009-04-11 00:28:22 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2009-04-11 00:28:22 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-04-11 00:28:20 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-04-11 00:28:20 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-04-11 00:28:20 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-04-11 00:28:20 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009-04-11 00:28:20 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-04-11 00:28:20 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2009-04-11 00:28:20 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-04-11 00:28:18 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-04-11 00:28:18 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-04-11 00:27:48 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-04-11 00:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
MOD - [2009-04-11 00:26:46 | 000,648,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-04-11 00:26:46 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-04-11 00:26:44 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-04-11 00:26:44 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-04-11 00:26:44 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009-02-27 08:36:50 | 002,907,568 | ---- | M] (Microsoft Corporation) -- C:\OFFICE2007\Office12\1045\ONINTL.DLL
MOD - [2009-02-26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\OFFICE2007\Office12\ONENOTEM.EXE
MOD - [2008-01-19 00:37:12 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2008-01-19 00:37:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2008-01-19 00:37:12 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2008-01-19 00:37:12 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2008-01-19 00:37:10 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2008-01-19 00:36:58 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2008-01-19 00:36:56 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2008-01-19 00:36:50 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2008-01-19 00:36:38 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2008-01-19 00:36:36 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2008-01-19 00:36:08 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2008-01-19 00:36:02 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2008-01-19 00:35:58 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2008-01-19 00:35:40 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2008-01-19 00:35:36 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2008-01-19 00:34:08 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2008-01-19 00:34:04 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2008-01-19 00:33:54 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2008-01-19 00:33:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2008-01-19 00:32:20 | 000,234,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2007-09-02 14:58:52 | 000,495,616 | ---- | M] () -- F:\Programy\RocketDock\RocketDock.exe
MOD - [2007-09-02 14:57:36 | 000,069,632 | ---- | M] () -- F:\Programy\RocketDock\RocketDock.dll
MOD - [2006-11-02 17:04:16 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2006-11-02 11:46:12 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2006-11-02 11:46:12 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2006-11-02 11:46:07 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2006-11-02 10:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2006-02-28 12:42:30 | 000,094,208 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2012-03-07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2011-09-08 18:48:36 | 006,583,160 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:[b]64bit:[/b] - [2011-09-08 18:48:36 | 000,528,760 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:[b]64bit:[/b] - [2010-05-20 16:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:[b]64bit:[/b] - [2008-01-19 01:06:52 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-06-17 09:16:35 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-03-09 20:11:13 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-01-07 20:44:02 | 001,143,032 | ---- | M] () [Auto | Running] -- F:\Programy\Comodo Backup\SynchronizationService.exe -- (SynchronizationService.exe)
SRV - [2009-03-29 22:42:16 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-03-07 02:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2012-03-07 02:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2012-03-07 02:02:05 | 000,043,864 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (AswRdr)
DRV:[b]64bit:[/b] - [2012-03-07 02:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2012-03-07 02:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2012-03-07 02:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2012-02-29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-09-08 18:49:36 | 000,013,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacmoumonitor.sys -- (wacmoumonitor)
DRV:[b]64bit:[/b] - [2011-09-08 18:49:26 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacommousefilter.sys -- (wacommousefilter)
DRV:[b]64bit:[/b] - [2011-09-08 18:49:24 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacomvhid.sys -- (wacomvhid)
DRV:[b]64bit:[/b] - [2010-08-04 22:17:14 | 001,342,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2010-03-12 19:40:20 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VX1000.sys -- (VX1000)
DRV:[b]64bit:[/b] - [2009-06-10 12:14:36 | 000,043,264 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:[b]64bit:[/b] - [2009-06-10 12:14:36 | 000,016,000 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SaiMini.sys -- (SaiMini)
DRV:[b]64bit:[/b] - [2009-05-25 15:51:00 | 000,207,872 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:[b]64bit:[/b] - [2007-05-01 17:10:50 | 000,171,144 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SaiH075C.sys -- (SaiH075C)
DRV:[b]64bit:[/b] - [2005-03-29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV - [2010-09-30 01:13:48 | 000,028,032 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- F:\Programy\overclocking\HWiNFO32\HWiNFO64A.SYS -- (HWiNFO32)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4010295303-3994830961-2847114166-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=125
IE - HKU\S-1-5-21-4010295303-3994830961-2847114166-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4010295303-3994830961-2847114166-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-4010295303-3994830961-2847114166-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4010295303-3994830961-2847114166-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: {e06bacc0-d6f8-11de-8a39-0800200c9a66}:3.6
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-08 07:05:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-17 09:16:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-03-08 22:09:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2012-03-08 18:49:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lucas\AppData\Roaming\mozilla\Extensions
[2012-06-20 20:47:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lucas\AppData\Roaming\mozilla\Firefox\Profiles\qocaamdg.default\extensions
[2012-06-17 18:06:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lucas\AppData\Roaming\mozilla\Firefox\Profiles\qocaamdg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012-06-17 18:06:01 | 000,000,000 | ---D | M] (FT GraphiteGlow) -- C:\Users\Lucas\AppData\Roaming\mozilla\Firefox\Profiles\qocaamdg.default\extensions\{99e34760-2754-11e0-91fa-0800200c9a66}
[2012-06-17 18:06:00 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Lucas\AppData\Roaming\mozilla\Firefox\Profiles\qocaamdg.default\extensions\2020Player_IKEA@2020Technologies.com
[2012-06-17 18:06:01 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Lucas\AppData\Roaming\mozilla\Firefox\Profiles\qocaamdg.default\extensions\IplextoALL@ALLPlayer.org
[2012-03-18 14:08:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-06-17 09:16:35 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-04-27 19:37:38 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-27 19:37:38 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-04-27 19:37:38 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-27 19:37:38 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-27 19:37:38 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-27 19:37:38 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2012-06-19 17:13:33 | 000,442,859 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15217 more lines...
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - F:\Programy\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4:[b]64bit:[/b] - HKLM..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4:[b]64bit:[/b] - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4010295303-3994830961-2847114166-1000..\Run: [ALLUpdate] F:\Programy\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-4010295303-3994830961-2847114166-1000..\Run: [RocketDock] F:\Programy\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\OFFICE2007\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Calendar.lnk = C:\Program Files (x86)\Windows Calendar\WinCal.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\OFFICE2007\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\OFFICE2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\OFFICE2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\OFFICE2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\OFFICE2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6B8593C-92EA-4DAD-A2F7-5AEC71BF7AB5}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: F:\Obrazki\Tapety\windows_vista_103.jpg
O24 - Desktop BackupWallPaper: F:\Obrazki\Tapety\windows_vista_103.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)



SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfPf - Driver
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-06-19 20:19:27 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Desktop\ADE-9x-Setup-Full-1.50
[2012-06-19 19:29:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drzewiecki Design
[2012-06-19 18:59:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012-06-19 17:08:02 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012-06-19 17:08:02 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012-06-19 17:08:02 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012-06-19 17:07:41 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012-06-19 17:07:41 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2012-06-19 17:07:41 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012-06-19 17:07:41 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2012-06-19 17:07:41 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012-06-19 17:07:41 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2012-06-19 17:07:33 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2012-06-19 17:07:32 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012-06-19 17:07:32 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012-06-19 17:07:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2012-06-18 21:50:10 | 000,000,000 | ---D | C] -- C:\symbols
[2012-06-18 21:46:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)
[2012-06-18 17:28:01 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-06-13 17:29:49 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Desktop\zestaw 3
[2012-06-13 17:29:48 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Desktop\zestaw 2
[2012-06-13 17:29:43 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Desktop\zestaw 1
[2012-06-12 19:54:41 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012-06-12 19:54:40 | 000,760,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-06-12 19:54:40 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012-06-12 19:54:40 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-06-12 19:54:40 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012-06-12 19:54:40 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012-06-12 19:54:40 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-06-12 19:54:39 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012-06-12 19:54:39 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012-06-12 19:54:39 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012-06-12 19:54:39 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-06-12 19:54:39 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-06-12 19:54:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-06-12 19:54:37 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012-06-12 19:54:36 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012-05-20 09:04:24 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012-05-11 21:19:12 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Documents\Adobe Scripts
[2012-05-09 18:13:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jnwmon.dll
[2012-05-09 18:13:52 | 002,002,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012-05-09 18:13:52 | 001,556,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012-05-09 18:13:51 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012-05-09 18:13:51 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012-05-09 18:13:51 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012-05-09 18:11:49 | 004,699,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012-05-01 13:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012-05-01 13:24:53 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012-05-01 13:23:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012-05-01 13:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012-05-01 13:19:02 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012-05-01 13:19:02 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012-05-01 13:18:13 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012-04-27 19:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-04-27 19:37:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012-04-26 17:40:34 | 000,000,000 | ---D | C] -- C:\Users\Lucas\AppData\Local\cache
[2012-04-26 17:39:18 | 000,000,000 | ---D | C] -- C:\Users\Lucas\AppData\Roaming\Gadu-Gadu 10
[2012-04-26 17:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10
[2012-04-22 22:00:57 | 000,286,720 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun506.exe
[2012-04-22 22:00:57 | 000,000,000 | ---D | C] -- C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UK2000 Scenery
[2012-04-22 22:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UK2000 Scenery

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-06-20 20:55:13 | 001,495,264 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-20 20:55:13 | 000,671,902 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-06-20 20:55:13 | 000,595,798 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-20 20:55:13 | 000,130,310 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-06-20 20:55:13 | 000,103,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-20 20:47:13 | 000,004,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-20 20:47:13 | 000,004,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-20 20:47:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-20 20:47:07 | 4292,927,487 | -HS- | M] () -- C:\hiberfil.sys
[2012-06-20 20:44:21 | 000,042,335 | ---- | M] () -- C:\Users\Lucas\Desktop\62637547.png
[2012-06-20 18:45:40 | 000,601,715 | ---- | M] () -- C:\Users\Lucas\Desktop\adwcleaner.exe
[2012-06-19 17:13:33 | 000,442,859 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012-06-18 19:41:39 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\CBU taskID 63354006095 0.job
[2012-06-18 19:38:08 | 628,616,411 | ---- | M] () -- C:\Users\Lucas\Desktop\Into.the.Wild.2007.PL.DVDRip.XviD-GRG.avi
[2012-06-18 17:27:57 | 725,588,568 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-06-13 12:38:52 | 002,207,680 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-06-11 20:57:19 | 036,328,437 | ---- | M] () -- C:\Users\Lucas\Desktop\lfbo_scenery_v1.zip
[2012-06-11 08:23:50 | 000,019,456 | ---- | M] () -- C:\Users\Lucas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-06-03 00:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012-06-03 00:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012-06-03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012-06-03 00:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2012-06-03 00:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012-06-03 00:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2012-06-03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012-06-03 00:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012-06-03 00:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2012-06-02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012-06-02 15:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2012-06-02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012-06-02 15:12:20 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2012-05-27 12:06:46 | 000,442,859 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120619-171333.backup
[2012-05-15 06:10:39 | 000,043,530 | ---- | M] () -- C:\Windows\FontData.fdb
[2012-05-13 14:03:31 | 000,000,147 | ---- | M] () -- C:\Users\Lucas\Desktop\film 2.url
[2012-05-13 13:59:10 | 000,000,147 | ---- | M] () -- C:\Users\Lucas\Desktop\film.url
[2012-05-13 13:46:06 | 170,639,068 | ---- | M] () -- C:\Users\Lucas\Desktop\TENERIFE COMPLETA+LUCES EN LA NOCHE.rar
[2012-05-07 22:47:27 | 014,804,868 | ---- | M] () -- C:\Users\Lucas\Desktop\madeira.zip
[2012-05-06 20:04:27 | 000,442,787 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120527-120646.backup
[2012-05-01 13:14:30 | 000,000,680 | ---- | M] () -- C:\Users\Lucas\AppData\Local\d3d9caps.dat
[2012-05-01 13:14:05 | 000,000,732 | ---- | M] () -- C:\Users\Lucas\AppData\Local\d3d9caps64.dat
[2012-04-23 18:25:30 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012-04-23 18:25:30 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012-04-22 22:00:18 | 000,286,720 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun506.exe
[2012-04-22 14:37:56 | 000,442,689 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120506-200427.backup

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-06-20 20:44:20 | 000,042,335 | ---- | C] () -- C:\Users\Lucas\Desktop\62637547.png
[2012-06-20 18:45:35 | 000,601,715 | ---- | C] () -- C:\Users\Lucas\Desktop\adwcleaner.exe
[2012-06-18 17:27:57 | 725,588,568 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-06-11 20:55:50 | 036,328,437 | ---- | C] () -- C:\Users\Lucas\Desktop\lfbo_scenery_v1.zip
[2012-06-04 18:11:57 | 000,000,592 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadu-Gadu 10.lnk
[2012-06-03 11:07:13 | 000,000,525 | ---- | C] () -- C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall Polish Airports vol.1.lnk
[2012-05-15 06:10:38 | 000,043,530 | ---- | C] () -- C:\Windows\FontData.fdb
[2012-05-13 14:03:27 | 000,000,147 | ---- | C] () -- C:\Users\Lucas\Desktop\film 2.url
[2012-05-13 13:59:06 | 000,000,147 | ---- | C] () -- C:\Users\Lucas\Desktop\film.url
[2012-05-13 13:36:00 | 170,639,068 | ---- | C] () -- C:\Users\Lucas\Desktop\TENERIFE COMPLETA+LUCES EN LA NOCHE.rar
[2012-05-11 12:18:14 | 628,616,411 | ---- | C] () -- C:\Users\Lucas\Desktop\Into.the.Wild.2007.PL.DVDRip.XviD-GRG.avi
[2012-05-11 12:16:49 | 732,534,784 | ---- | C] () -- C:\Users\Lucas\Desktop\salasamobojcow.dvdrip.avi
[2012-05-07 22:46:39 | 014,804,868 | ---- | C] () -- C:\Users\Lucas\Desktop\madeira.zip
[2012-05-01 13:28:59 | 4292,927,487 | -HS- | C] () -- C:\hiberfil.sys
[2012-05-01 13:19:02 | 000,011,770 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012-03-10 20:23:21 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012-03-10 20:23:21 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2012-03-09 22:07:05 | 000,000,090 | -HS- | C] () -- C:\Windows\cnerolf.bin
[2012-03-08 18:48:41 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2012-03-08 18:23:40 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012-03-08 07:06:24 | 000,000,680 | ---- | C] () -- C:\Users\Lucas\AppData\Local\d3d9caps.dat
[2012-03-07 23:40:02 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012-03-07 23:39:49 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2012-03-07 23:39:32 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2012-03-07 23:39:32 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2012-03-07 23:02:58 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2012-03-07 22:51:09 | 000,019,456 | ---- | C] () -- C:\Users\Lucas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-03-07 22:48:48 | 000,000,732 | ---- | C] () -- C:\Users\Lucas\AppData\Local\d3d9caps64.dat
[2012-02-29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-12-07 08:53:24 | 004,770,816 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011-07-12 16:56:50 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011-01-04 14:28:18 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-01-03 22:56:28 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini

[color=#E56717]========== LOP Check ==========[/color]

[2012-03-30 14:59:19 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Ashampoo
[2012-03-13 22:25:42 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\EPSON
[2012-04-26 17:40:35 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Gadu-Gadu 10
[2012-03-09 23:50:04 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\HiFi
[2012-03-08 22:12:16 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Thunderbird
[2012-04-21 18:14:00 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\uTorrent
[2012-03-14 00:23:11 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\VAT-Spy
[2012-03-10 20:22:19 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\VistaCodecs
[2012-06-18 19:41:39 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\CBU taskID 63354006095 0.job
[2012-06-20 20:46:14 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2012-06-20 19:53:15 | 000,002,434 | ---- | M] () -- C:\AdwCleaner[R1].txt
[2012-06-20 20:45:30 | 000,002,495 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2009-04-11 00:36:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2012-03-07 22:39:33 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2012-06-20 20:47:07 | 4292,927,487 | -HS- | M] () -- C:\hiberfil.sys
[2012-06-20 20:47:05 | 311,533,566 | -HS- | M] () -- C:\pagefile.sys
[2012-03-27 21:23:26 | 000,000,115 | ---- | M] () -- C:\T2Exe.log

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2006-11-02 14:03:16 | 000,062,056 | ---- | M] (Microsoft Corporation) MD5=5CCDD13BC602AE33CD8B62D33C29AB72 -- C:\Windows\SysNative\drivers\AGP440.sys
[2008-01-19 01:09:10 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008-01-19 01:09:10 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-01-19 01:07:48 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009-04-11 01:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys
[2009-04-11 01:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-01-18 23:29:06 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2009-04-10 23:34:40 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\SysNative\drivers\cdrom.sys
[2009-04-10 23:34:40 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-01-19 01:12:10 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[2009-04-11 00:15:36 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\symbols\ndis.sys\49E02DF31c3000\ndis.sys
[2009-04-11 01:15:36 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\SysNative\drivers\ndis.sys
[2009-04-11 01:15:36 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys
[2006-11-02 13:52:20 | 000,641,128 | ---- | M] (Microsoft Corporation) MD5=CCA69C9493A13AF86DCF0AE272AFBB72 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_01af054ed7816d7a\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-04-11 01:11:10 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009-04-11 01:11:10 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008-01-19 01:00:46 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009-04-11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009-04-11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006-11-02 13:16:20 | 000,397,312 | ---- | M] (Microsoft Corporation) MD5=9642EED809219A2F914DD8E40A09C48B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_c9aada9e9063dc57\winlogon.exe
[2006-11-02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008-01-19 00:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< End of report >

[/log]

Gość
komentarz
komentarz

Uruchom OTL i w oknie [b]Własne opcje skanowania /skrypt[/b] wklej

[code]:Files
C:\Windows\Tasks\CBU taskID 63354006095 0.job

:Commands
[emptytemp]
[resethosts][/code]

Kliknij w [b]Wykonaj skrypt.[/b]


2. po usuwaniu uruchom OTL i kliknij [b]Sprzatanie.[/b]

3. Uruchom AdwCleaner i kliknij [b]Uninstall[/b]


Co do BSOD, w Dzienniku figuruje ciagle powtarzajacy sie bład

[code]Error - 2012-06-13 16:16:15 | Computer Name = Lucas-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd fsx.exe, wersja 10.0.61472.0, sygnatura
czasowa 0x475e17d3, moduł powodujący błąd d3d9.dll, wersja 1.0.0.1, sygnatura czasowa
0x48751493, kod wyjątku 0xc0000005, przesunięcie błędu 0x00006d1c, identyfikator
procesu 0xd30, godzina rozpoczęcia aplikacji 0x01cd498fbee979f5.[/code]

jest to błąd biblioteki direct, poszukaj najnowszysch sterowników do grafiki albo wróć do starszej wersji

luko80
komentarz
komentarz

Bardzo Ci dziękuję za pomoc, ale co dalej...to już? :)
Czy to normalne, ze po [b]Sprzątaniu [/b]w OTL znika plik wykonawczy OTL.exe, a po [b]Uninstall [/b]wAdwCleaner - adwcleaner.exe?
Nie rozumiem nic co do tej pory zrobiłem ;) ..trzymałem się po prostu Ciebie "za rączkę". Powiedz, czy ten BSOD należy powiązać z tym zawieszeniem ekranu na różowo (vide wcześniej wklejone zdjęcie)? Jaka była faktyczna przyczyna BSOD?
Co do błędu..owszem... niemal za każdym razem pojawia się jakiś błąd (nie BSOD) gdy zamykam symulator Microsoftu FSX, ale nie wyświetlają się żadne szczegóły. Już raz aktualizowałem sterowniki do karty. Aktualnie mam wersję 296.10 - błędy podczas zamykania FSX'a były zarówno na wcześniejszej wersji sterownika, jak i na tej. Z tego co widzę, jest nowsza wersja - mogę zaktualizować.

Gość
komentarz
komentarz (edytowane)

[quote]Co do błędu..owszem... niemal za każdym razem pojawia się jakiś błąd (nie BSOD) gdy zamykam symulator Microsoftu FSX, ale nie wyświetlają się żadne szczegóły. Już raz aktualizowałem sterowniki do karty. Aktualnie mam wersję 296.10 - błędy podczas zamykania FSX'a były zarówno na wcześniejszej wersji sterownika, jak i na tej. Z tego co widzę, jest nowsza wersja - mogę zaktualizować. [/quote]

Odinstaluj starą wersję i zainstaluj nową.

Obserwuj system. Ja nie twierdze że rozwiązałem problem. Usuń z dysku folder Minidump, jesli sie pojawi Bsod folder zostanie utworzony na nowo. Wtedy bedziesz mógł zrobić analizę najnowszych plików dump

[quote]Czy to normalne, ze po [b]Sprzątaniu [/b]w OTL znika plik wykonawczy OTL.exe, a po [b]Uninstall [/b]wAdwCleaner - adwcleaner.exe?[/quote]

Tak, to jest normalne.

Co do wadliwego obrazu na monitorze, mozliwe ze masz za wysokie temperatury pracy grafiki. Nalezałoby monitorować np HWinfo. Kiedy ostatnio sprzet był czyszczony i wymieniana pasta na procku i karcie. Nie mozna też wykluczyć że grafika się kończy.

luko80
komentarz
komentarz (edytowane)

Grafika, prawie nówka - może ma 2 m-ce (GTX560 od Asusa). Temperatury raczej w normie (teraz np. w spoczynku 36 st., mierzone MSI Afterburnerem). W budzie czysto, staram się dbać, aczkolwiek pasta na CPU ma już blisko 2 lata, a proc. (i5 760) podkręcony do 3,6GHz.

Gość
komentarz
komentarz

[quote]aczkolwiek pasta na CPU ma już blisko 2 lata, a proc. (i5 760) podkręcony do 3,6GHz. [/quote]

No właśnie. 2 lata i krecony proc. Profilaktycznie bym zmienił paste.

To że grafika nówka - mało znaczy. Prosiłbym o log z [b]HWinfo[/b] podający kompletną specyfikację sprzętu.

luko80
komentarz
komentarz (edytowane)

Nie wiem czy to jest to o co chodziło... dziwne, bo HWInfo nie rozpoznaje grafiki. Dlatego dane dot. grafiki zrobiłem w GPU-Z.
Ps. Niedługo planuję zmienić CPU i płytę, więc raczej nie ma co bawić się z pastą.

[url="http://www.fotoszok.pl/show.php/1105355_fsscr004.jpg.html"][img]http://www.fotoszok.pl/out.php/t1105355_fsscr004.jpg[/img][/url]

[url="http://www.fotoszok.pl/show.php/1105354_fsscr003.jpg.html"][img]http://www.fotoszok.pl/out.php/t1105354_fsscr003.jpg[/img][/url]

[url="http://www.fotoszok.pl/show.php/1105353_fsscr002.jpg.html"][img]http://www.fotoszok.pl/out.php/t1105353_fsscr002.jpg[/img][/url]

[url="http://www.fotoszok.pl/show.php/1105352_fsscr001.jpg.html"][img]http://www.fotoszok.pl/out.php/t1105352_fsscr001.jpg[/img][/url]

[url="http://www.fotoszok.pl/show.php/1105351_fsscr000.jpg.html"][img]http://www.fotoszok.pl/out.php/t1105351_fsscr000.jpg[/img][/url]

Gość
komentarz
komentarz

Zaktualizuj bios.

Sprawdź w biosie jakie masz napiecie dla pamieci Ram. Powinno być 1,65

luko80
komentarz
komentarz

napięcie DRAM jest 1.65

Gość
komentarz
komentarz

Zaaktualizowałeś BIOS?

luko80
komentarz
komentarz

Jeszcze nie, ale zacznę od instalacji najnowszych sterów nVidii. Poza tym niedługo - mam nadzieję - zmienię w końcu CPU i płytę, więc daruję sobie update biosu.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.