x-kom hosting

Długi czas włączania i zacinanie się Win 7

bombon
utworzono
utworzono

Witam.

Mam problem z komputerem, dość długo się włącza conajmniej 3- 4 minuty zanim można cokolwiek włączyć. Skacze użycie procesora od kilku procen do chwilowo 100% po czym nie można nic zrobić łapie taką zawieche, muzyka i filmy zacinają się,

Myslę że sprzęt nie najgorszy a jednak taki muł;/
- Win 7 Home Premium 64 bit
- i5
-6gb RAM
- 500 gb dysk twardy

Logi:
OTL
[log]OTL logfile created on: 1/30/2012 6:24:05 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Łukasz\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

5.86 Gb Total Physical Memory | 4.21 Gb Available Physical Memory | 71.82% Memory free
11.73 Gb Paging File | 10.00 Gb Available in Paging File | 85.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 81.12 Gb Total Space | 27.62 Gb Free Space | 34.05% Space Free | Partition Type: NTFS
Drive D: | 369.54 Gb Total Space | 78.23 Gb Free Space | 21.17% Space Free | Partition Type: NTFS

Computer Name: LUKI | User Name: Łukasz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012/01/30 18:05:47 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe
PRC - [2012/01/10 20:25:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/01/10 20:25:34 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2011/11/28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/11/28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/04/08 11:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2010/12/07 23:24:58 | 001,595,744 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe
PRC - [2010/01/19 03:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
PRC - [2009/12/14 08:17:48 | 000,091,136 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2009/11/04 05:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2009/10/13 11:03:04 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009/10/02 18:39:46 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/07/14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe
PRC - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\SysWOW64\Rezip.exe
PRC - [2009/01/23 02:46:14 | 000,203,280 | ---- | M] () -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
PRC - [2008/03/20 11:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files (x86)\Gadu-Gadu\gg.exe
PRC - [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012/01/30 18:09:07 | 000,257,024 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\winamp.lng
MOD - [2012/01/30 18:09:07 | 000,161,792 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\vis_milk2.lng
MOD - [2012/01/30 18:09:07 | 000,087,552 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\vis_avs.lng
MOD - [2012/01/30 18:09:07 | 000,007,680 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\vis_nsfs.lng
MOD - [2012/01/30 18:09:07 | 000,006,144 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\tagz.lng
MOD - [2012/01/30 18:09:07 | 000,003,584 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\winampa.lng
MOD - [2012/01/30 18:09:06 | 000,053,760 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_local.lng
MOD - [2012/01/30 18:09:06 | 000,047,616 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_disc.lng
MOD - [2012/01/30 18:09:06 | 000,046,080 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_pmp.lng
MOD - [2012/01/30 18:09:06 | 000,041,984 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\pmp_wifi.lng
MOD - [2012/01/30 18:09:06 | 000,036,864 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ombrowser.lng
MOD - [2012/01/30 18:09:06 | 000,022,528 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_mp3.lng
MOD - [2012/01/30 18:09:06 | 000,020,992 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_midi.lng
MOD - [2012/01/30 18:09:06 | 000,018,432 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_mod.lng
MOD - [2012/01/30 18:09:06 | 000,016,896 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\out_ds.lng
MOD - [2012/01/30 18:09:06 | 000,014,848 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_wm.lng
MOD - [2012/01/30 18:09:06 | 000,014,336 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_wire.lng
MOD - [2012/01/30 18:09:06 | 000,014,336 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_online.lng
MOD - [2012/01/30 18:09:06 | 000,013,312 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_playlists.lng
MOD - [2012/01/30 18:09:06 | 000,012,800 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_plg.lng
MOD - [2012/01/30 18:09:06 | 000,011,264 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_vorbis.lng
MOD - [2012/01/30 18:09:06 | 000,011,264 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_nsv.lng
MOD - [2012/01/30 18:09:06 | 000,010,752 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\pmp_usb.lng
MOD - [2012/01/30 18:09:06 | 000,010,752 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\pmp_android.lng
MOD - [2012/01/30 18:09:06 | 000,009,216 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_downloads.lng
MOD - [2012/01/30 18:09:06 | 000,008,704 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_history.lng
MOD - [2012/01/30 18:09:06 | 000,008,192 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_transcode.lng
MOD - [2012/01/30 18:09:06 | 000,008,192 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_devices.lng
MOD - [2012/01/30 18:09:06 | 000,007,680 | ---- | M] (Pawel Porwisz) -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_wav.lng
MOD - [2012/01/30 18:09:06 | 000,007,168 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\out_wave.lng
MOD - [2012/01/30 18:09:06 | 000,007,168 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_autotag.lng
MOD - [2012/01/30 18:09:06 | 000,007,168 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_dshow.lng
MOD - [2012/01/30 18:09:06 | 000,006,656 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\pmp_ipod.lng
MOD - [2012/01/30 18:09:06 | 000,006,144 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\out_disk.lng
MOD - [2012/01/30 18:09:06 | 000,006,144 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_flac.lng
MOD - [2012/01/30 18:09:06 | 000,005,632 | ---- | M] (Pawel Porwisz) -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_enqplay.lng
MOD - [2012/01/30 18:09:06 | 000,005,632 | ---- | M] (Pawel Porwisz) -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_wv.lng
MOD - [2012/01/30 18:09:06 | 000,005,632 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_rg.lng
MOD - [2012/01/30 18:09:06 | 000,005,632 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_wave.lng
MOD - [2012/01/30 18:09:06 | 000,005,120 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_impex.lng
MOD - [2012/01/30 18:09:06 | 000,005,120 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_bookmarks.lng
MOD - [2012/01/30 18:09:06 | 000,004,608 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\pmp_activesync.lng
MOD - [2012/01/30 18:09:06 | 000,004,608 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_mp4.lng
MOD - [2012/01/30 18:09:06 | 000,004,608 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_mkv.lng
MOD - [2012/01/30 18:09:06 | 000,004,096 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\pmp_p4s.lng
MOD - [2012/01/30 18:09:06 | 000,004,096 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_orb.lng
MOD - [2012/01/30 18:09:06 | 000,003,584 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\pmp_njb.lng
MOD - [2012/01/30 18:09:06 | 000,003,584 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_nowplaying.lng
MOD - [2012/01/30 18:09:06 | 000,003,584 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\ml_addons.lng
MOD - [2012/01/30 18:09:06 | 000,003,584 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_swf.lng
MOD - [2012/01/30 18:09:06 | 000,003,584 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_linein.lng
MOD - [2012/01/30 18:09:06 | 000,003,584 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_flv.lng
MOD - [2012/01/30 18:09:06 | 000,003,072 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\playlist.lng
MOD - [2012/01/30 18:09:05 | 000,066,560 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\burnlib.lng
MOD - [2012/01/30 18:09:05 | 000,040,448 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\gen_jumpex.lng
MOD - [2012/01/30 18:09:05 | 000,022,016 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\gen_ff.lng
MOD - [2012/01/30 18:09:05 | 000,021,504 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\gen_ml.lng
MOD - [2012/01/30 18:09:05 | 000,013,312 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_cdda.lng
MOD - [2012/01/30 18:09:05 | 000,012,800 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\dsp_sps.lng
MOD - [2012/01/30 18:09:05 | 000,012,288 | ---- | M] (Pawel Porwisz) -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\gen_skinmanager.lng
MOD - [2012/01/30 18:09:05 | 000,011,776 | ---- | M] (Pawel Porwisz) -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\gen_undo.lng
MOD - [2012/01/30 18:09:05 | 000,011,264 | ---- | M] (Pawel Porwisz) -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\gen_timerestore.lng
MOD - [2012/01/30 18:09:05 | 000,011,264 | ---- | M] (Pawel Porwisz) -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\gen_classicart.lng
MOD - [2012/01/30 18:09:05 | 000,011,264 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\gen_hotkeys.lng
MOD - [2012/01/30 18:09:05 | 000,011,264 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\auth.lng
MOD - [2012/01/30 18:09:05 | 000,010,752 | ---- | M] (Pawel Porwisz) -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\gen_nopro.lng
MOD - [2012/01/30 18:09:05 | 000,010,240 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\enc_aacplus.lng
MOD - [2012/01/30 18:09:05 | 000,007,680 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\gen_tray.lng
MOD - [2012/01/30 18:09:05 | 000,007,168 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\gen_orgler.lng
MOD - [2012/01/30 18:09:05 | 000,007,168 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\gen_crasher.lng
MOD - [2012/01/30 18:09:05 | 000,006,144 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\enc_wma.lng
MOD - [2012/01/30 18:09:05 | 000,005,632 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\enc_lame.lng
MOD - [2012/01/30 18:09:05 | 000,005,120 | ---- | M] (Pawel Porwisz) -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\gen_find_on_disk.lng
MOD - [2012/01/30 18:09:05 | 000,005,120 | ---- | M] (Pawel Porwisz) -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\enc_vorbis.lng
MOD - [2012/01/30 18:09:05 | 000,005,120 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\in_avi.lng
MOD - [2012/01/30 18:09:05 | 000,004,096 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\enc_wav.lng
MOD - [2012/01/30 18:09:05 | 000,004,096 | ---- | M] () -- C:\Users\UKASZ~1\AppData\Local\Temp\WLZE265.tmp\enc_flac.lng
MOD - [2012/01/30 18:05:47 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe
MOD - [2012/01/27 19:58:48 | 000,044,744 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\defs\12013000\uiext.dll
MOD - [2012/01/10 20:25:34 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/01/10 20:25:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MOD - [2012/01/10 20:25:34 | 000,814,040 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
MOD - [2012/01/10 20:25:34 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MOD - [2012/01/10 20:25:34 | 000,371,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MOD - [2012/01/10 20:25:34 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MOD - [2012/01/10 20:25:34 | 000,187,352 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
MOD - [2012/01/10 20:25:34 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
MOD - [2012/01/10 20:25:34 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MOD - [2012/01/10 20:25:34 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
MOD - [2012/01/10 20:25:34 | 000,043,992 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll
MOD - [2012/01/10 20:25:34 | 000,021,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll
MOD - [2012/01/10 20:25:34 | 000,020,440 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll
MOD - [2012/01/10 20:25:34 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
MOD - [2012/01/10 20:25:34 | 000,015,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MOD - [2012/01/10 20:25:33 | 016,096,216 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll
MOD - [2012/01/10 20:25:33 | 000,170,968 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MOD - [2012/01/10 20:25:33 | 000,154,584 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
MOD - [2012/01/10 20:25:33 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll
MOD - [2012/01/10 20:25:33 | 000,019,928 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
MOD - [2011/12/07 20:39:37 | 000,108,616 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll
MOD - [2011/12/03 11:14:07 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/11/28 19:01:33 | 000,199,280 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\1045\uiLangRes.dll
MOD - [2011/11/28 19:01:33 | 000,091,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\1045\Base.dll
MOD - [2011/11/28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
MOD - [2011/11/28 19:01:22 | 001,821,000 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\CommonRes.dll
MOD - [2011/11/28 19:01:22 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2011/11/28 19:01:20 | 000,398,576 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswSqLt.dll
MOD - [2011/11/28 19:01:20 | 000,220,880 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswProperty.dll
MOD - [2011/11/28 19:01:20 | 000,205,448 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswLog.dll
MOD - [2011/11/28 19:01:20 | 000,025,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswUtil.dll
MOD - [2011/11/28 19:01:19 | 000,048,888 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll
MOD - [2011/11/28 19:01:18 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswAux.dll
MOD - [2011/11/28 19:01:18 | 000,317,200 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll
MOD - [2011/11/28 19:01:18 | 000,167,832 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswData.dll
MOD - [2011/11/28 19:01:18 | 000,163,736 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll
MOD - [2011/11/28 19:01:18 | 000,097,840 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll
MOD - [2011/11/28 19:01:17 | 000,204,448 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\ashBase.dll
MOD - [2011/11/28 19:01:17 | 000,150,352 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\ashTask.dll
MOD - [2011/11/28 19:01:17 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll
MOD - [2011/11/28 19:01:14 | 000,319,784 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\Aavm4h.dll
MOD - [2011/11/28 19:01:14 | 000,116,368 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AhAScr.dll
MOD - [2011/11/28 19:01:13 | 000,072,584 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AavmRpch.dll
MOD - [2011/11/17 06:41:38 | 001,292,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011/11/11 06:50:43 | 010,990,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2011/11/05 05:35:50 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2011/11/05 05:35:47 | 001,230,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2011/11/05 05:34:40 | 005,997,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2011/11/05 05:34:00 | 002,072,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2011/11/05 05:34:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2011/10/14 05:42:33 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
MOD - [2011/08/27 05:43:07 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011/08/27 05:43:06 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011/07/16 05:30:27 | 001,048,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011/07/16 05:30:27 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011/06/20 04:04:30 | 000,961,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.DLL
MOD - [2011/06/16 05:35:50 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011/06/16 00:18:29 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2011/06/16 00:18:21 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2011/06/16 00:18:21 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2011/06/16 00:03:55 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2011/06/16 00:03:55 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2011/06/16 00:03:54 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
MOD - [2011/05/24 11:34:20 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011/05/24 11:34:00 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011/04/08 11:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2011/03/03 06:29:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011/02/19 06:32:48 | 001,074,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2010/12/21 06:36:17 | 001,389,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2010/12/21 06:36:16 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2010/12/21 06:34:12 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll
MOD - [2010/12/09 00:29:39 | 000,154,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jpeg.w5s
MOD - [2010/12/09 00:29:39 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\xml.w5s
MOD - [2010/12/09 00:29:39 | 000,086,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\png.w5s
MOD - [2010/12/09 00:29:39 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\playlist.w5s
MOD - [2010/12/09 00:29:39 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Winamp\tataki.dll
MOD - [2010/12/09 00:29:39 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\zlib.dll
MOD - [2010/12/09 00:29:39 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\timer.w5s
MOD - [2010/12/09 00:29:39 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\tagz.w5s
MOD - [2010/12/09 00:29:39 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\primo.w5s
MOD - [2010/12/09 00:29:38 | 000,623,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jnetlib.w5s
MOD - [2010/12/09 00:29:38 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\devices.w5s
MOD - [2010/12/09 00:29:38 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gif.w5s
MOD - [2010/12/09 00:29:38 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\dlmgr.w5s
MOD - [2010/12/09 00:29:38 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gracenote.w5s
MOD - [2010/12/09 00:29:38 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\filereader.w5s
MOD - [2010/12/09 00:29:37 | 000,237,056 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\aacPlusDecoder.w5s
MOD - [2010/12/09 00:29:37 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_ds.dll
MOD - [2010/12/09 00:29:37 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\albumart.w5s
MOD - [2010/12/09 00:29:37 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_disk.dll
MOD - [2010/12/09 00:29:37 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\bmp.w5s
MOD - [2010/12/09 00:29:37 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_wave.dll
MOD - [2010/12/09 00:29:36 | 000,313,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wm.dll
MOD - [2010/12/09 00:29:36 | 000,288,256 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
MOD - [2010/12/09 00:29:36 | 000,252,416 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
MOD - [2010/12/09 00:29:36 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll
MOD - [2010/12/09 00:29:36 | 000,240,128 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll
MOD - [2010/12/09 00:29:36 | 000,165,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mod.dll
MOD - [2010/12/09 00:29:36 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll
MOD - [2010/12/09 00:29:36 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
MOD - [2010/12/09 00:29:36 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_swf.dll
MOD - [2010/12/09 00:29:36 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wave.dll
MOD - [2010/12/09 00:29:35 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_midi.dll
MOD - [2010/12/09 00:29:35 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll
MOD - [2010/12/09 00:29:35 | 000,060,416 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flac.dll
MOD - [2010/12/09 00:29:35 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll
MOD - [2010/12/09 00:29:35 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flv.dll
MOD - [2010/12/09 00:29:34 | 001,737,216 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll
MOD - [2010/12/09 00:29:34 | 000,307,200 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll
MOD - [2010/12/09 00:29:34 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
MOD - [2010/12/09 00:29:34 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_avi.dll
MOD - [2010/12/09 00:29:33 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\libsndfile.dll
MOD - [2010/12/09 00:29:33 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Winamp\nde.dll
MOD - [2010/12/09 00:29:33 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Winamp\nsutil.dll
MOD - [2010/12/07 23:24:58 | 001,595,744 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe
MOD - [2010/09/21 14:03:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MOD - [2010/08/26 05:39:58 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\t2embed.dll
MOD - [2010/08/21 06:36:24 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2010/08/21 06:33:24 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll
MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010/07/27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2010/06/29 06:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010/06/26 06:14:29 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010/06/19 07:23:50 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010/05/05 07:46:55 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll
MOD - [2010/02/11 03:17:24 | 001,069,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll
MOD - [2010/01/19 03:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
MOD - [2009/12/29 07:55:34 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2009/12/14 08:17:48 | 000,091,136 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
MOD - [2009/12/11 08:39:06 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2009/12/11 08:36:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2009/11/04 05:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
MOD - [2009/10/13 11:03:04 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
MOD - [2009/10/02 18:39:46 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
MOD - [2009/08/29 07:57:31 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2009/07/20 00:17:06 | 000,027,704 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\Sabi3.dll
MOD - [2009/07/20 00:17:06 | 000,027,704 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Program Files (x86)\Samsung\Easy Display Manager\SABI3.dll
MOD - [2009/07/14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009/07/14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2009/07/14 02:16:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2009/07/14 02:16:20 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll
MOD - [2009/07/14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009/07/14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009/07/14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009/07/14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009/07/14 02:16:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2009/07/14 02:16:19 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2009/07/14 02:16:19 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2009/07/14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009/07/14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009/07/14 02:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009/07/14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009/07/14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009/07/14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009/07/14 02:16:17 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2009/07/14 02:16:17 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2009/07/14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009/07/14 02:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009/07/14 02:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009/07/14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009/07/14 02:16:17 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vdmdbg.dll
MOD - [2009/07/14 02:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009/07/14 02:16:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2009/07/14 02:16:15 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2009/07/14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009/07/14 02:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2009/07/14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009/07/14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009/07/14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009/07/14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009/07/14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009/07/14 02:16:13 | 000,643,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SearchFolder.dll
MOD - [2009/07/14 02:16:13 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009/07/14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009/07/14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2009/07/14 02:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2009/07/14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009/07/14 02:16:13 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched32.dll
MOD - [2009/07/14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009/07/14 02:16:12 | 000,547,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll
MOD - [2009/07/14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009/07/14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009/07/14 02:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009/07/14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009/07/14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009/07/14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009/07/14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009/07/14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009/07/14 02:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2009/07/14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009/07/14 02:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009/07/14 02:16:11 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll
MOD - [2009/07/14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009/07/14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009/07/14 02:16:03 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
MOD - [2009/07/14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009/07/14 02:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2009/07/14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2009/07/14 02:16:02 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2009/07/14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009/07/14 02:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2009/07/14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009/07/14 02:15:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2009/07/14 02:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009/07/14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009/07/14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009/07/14 02:15:42 | 000,481,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2009/07/14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009/07/14 02:15:41 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2009/07/14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009/07/14 02:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll
MOD - [2009/07/14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009/07/14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009/07/14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009/07/14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009/07/14 02:15:33 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2009/07/14 02:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009/07/14 02:15:21 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2009/07/14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll
MOD - [2009/07/14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009/07/14 02:15:14 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorAPI.dll
MOD - [2009/07/14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009/07/14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009/07/14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009/07/14 02:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll
MOD - [2009/07/14 02:15:09 | 000,854,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2009/07/14 02:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll
MOD - [2009/07/14 02:15:07 | 001,151,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2009/07/14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009/07/14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009/07/14 02:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2009/07/14 02:15:07 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2009/07/14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009/07/14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009/07/14 02:14:57 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2009/07/14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/07/14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009/07/14 02:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009/07/14 02:14:52 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009/07/14 02:14:08 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2009/07/14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009/07/14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009/07/14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009/07/14 02:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009/07/14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009/07/14 02:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009/07/14 02:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009/07/14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009/07/14 02:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
MOD - [2009/02/12 15:19:38 | 000,178,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
MOD - [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
MOD - [2009/01/23 02:46:18 | 000,013,840 | ---- | M] () -- C:\Program Files (x86)\McAfee\SiteAdvisor\saHook.dll
MOD - [2008/10/25 11:44:34 | 000,022,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.DLL
MOD - [2008/03/25 03:32:42 | 002,991,488 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash9f.ocx
MOD - [2008/03/20 11:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files (x86)\Gadu-Gadu\gg.exe
MOD - [2008/03/20 10:18:58 | 002,158,592 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files (x86)\Gadu-Gadu\Lang.PL.dll
MOD - [2008/03/20 10:18:44 | 000,516,096 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files (x86)\Gadu-Gadu\GGMedia.dll
MOD - [2008/03/20 10:17:48 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu\libiax2.dll
MOD - [2008/03/20 10:17:44 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu\libjb.dll
MOD - [2007/10/25 12:51:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Gadu-Gadu\MSVCR71.dll
MOD - [2007/10/25 12:51:16 | 000,198,656 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu\libcurl.dll
MOD - [2007/10/25 12:51:16 | 000,196,608 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files (x86)\Gadu-Gadu\libssl32.dll
MOD - [2007/10/25 12:51:14 | 001,040,384 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files (x86)\Gadu-Gadu\LIBEAY32.dll
MOD - [2007/10/25 12:51:14 | 000,196,608 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files (x86)\Gadu-Gadu\SSLEAY32.dll
MOD - [2007/10/25 12:51:14 | 000,139,264 | ---- | M] (sms-express.com) -- C:\Program Files (x86)\Gadu-Gadu\Crypto.dll
MOD - [2006/12/21 13:32:12 | 000,176,128 | ---- | M] (n0ne) -- C:\Program Files (x86)\Gadu-Gadu\archives.dll
MOD - [2006/12/21 13:31:32 | 000,813,568 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Gadu-Gadu\dbghelp.dll
MOD - [2006/12/21 13:30:44 | 000,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files (x86)\Gadu-Gadu\ggwhook.dll
MOD - [2006/10/26 13:40:34 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\pdm.dll
MOD - [2006/08/12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2011/11/28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2011/04/13 15:23:25 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:[b]64bit:[/b] - [2009/10/02 18:39:44 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:[b]64bit:[/b] - [2009/09/29 17:25:48 | 000,126,392 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/05/27 16:28:39 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\Rezip.exe -- (Rezip)
SRV - [2009/01/23 02:46:14 | 000,203,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2011/11/28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2011/11/28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2011/11/28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2011/11/28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2011/11/28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2011/11/28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2011/03/11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/12/12 14:09:54 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2010/11/09 14:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:[b]64bit:[/b] - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010/02/26 19:32:58 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2010/02/11 00:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2009/12/14 21:46:56 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009/11/20 07:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009/10/02 17:47:38 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:[b]64bit:[/b] - [2009/09/29 17:25:50 | 000,012,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:[b]64bit:[/b] - [2009/09/28 10:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:[b]64bit:[/b] - [2009/08/29 04:15:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2009/08/29 04:15:26 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/01 21:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:[b]64bit:[/b] - [2009/06/27 15:55:10 | 000,083,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2009/06/10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/05/28 07:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:[b]64bit:[/b] - [2009/04/08 00:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2011/03/18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2010/07/29 08:51:26 | 000,015,144 | ---- | M] (Windows ® 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn"]http://www.google.co...=smsn&bmod=smsn[/url]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn"]http://www.google.co...=smsn&bmod=smsn[/url]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "onet.pl"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2010/12/07 19:56:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/01/10 20:25:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/08/01 10:26:58 | 000,000,000 | ---D | M]

[2010/12/08 15:54:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\Extensions
[2012/01/05 23:13:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\Firefox\Profiles\6foyz7y2.default\extensions
[2011/11/10 19:28:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) -- C:\USERS\ŁUKASZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FOYZ7Y2.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/01/10 20:25:34 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/08/01 00:45:41 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/04 19:40:39 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2011/10/04 19:40:39 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2011/10/04 19:40:39 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2011/10/04 19:40:39 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2011/10/04 19:40:39 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011/10/04 19:40:39 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll ()
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ()
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll ()
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] C:\windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - Startup: C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MoorHunt.lnk = C:\Program Files (x86)\MoorHunt\MoorHunt.exe (moorhunt.pl)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.53.0.1 208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A2586F9-5D94-4F73-98D5-13685ABE3956}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9F14570-CB0A-45C0-A2FB-7DB9705DF452}: DhcpNameServer = 10.53.0.1 208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB0415BB-D972-42DF-8757-A0D6C3F40B60}: DhcpNameServer = 10.53.0.1 208.67.222.222
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll ()
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/05/14 08:15:55 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{53cc83d8-05f1-11e0-8d53-b482fe674cbd}\Shell - "" = AutoRun
O33 - MountPoints2\{53cc83d8-05f1-11e0-8d53-b482fe674cbd}\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe ()
MsConfig:64bit - StartUpReg: [b]CLMLServer[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
MsConfig:64bit - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: [b]PDVD8LanguageShortcut[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: [b]RemoteControl8[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: [b]UpdateLBPShortCut[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]UpdatePSTShortCut[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] MCODS - Reg Error: Value error.
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] MCODS - Reg Error: Value error.
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012/01/30 18:05:43 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe
[2012/01/21 21:42:47 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/01/21 21:42:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/01/21 21:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/01/21 21:39:54 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Desktop\nA CD
[2012/01/18 21:49:54 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/01/18 21:47:28 | 003,562,624 | ---- | C] (Piriform Ltd) -- C:\Users\Łukasz\Desktop\ccsetup314.exe
[2012/01/16 23:00:07 | 000,000,000 | ---D | C] -- C:\windows\SysNative\SPReview
[2012/01/12 21:47:53 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\{DCEC3BDC-4E99-4B42-B9CC-2B7E7D7C5BF6}
[2012/01/11 14:46:49 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2012/01/11 14:46:49 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2012/01/11 14:46:49 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2012/01/11 14:46:48 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2012/01/11 14:46:25 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/01/11 14:46:25 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/01/11 14:46:02 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2012/01/11 14:45:36 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2012/01/11 14:45:36 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2012/01/09 23:07:50 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\{1AFF1815-8FD4-4C9F-856A-B0979BECDFB2}
[2012/01/06 14:41:39 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\{3E39AFFE-46A8-4CD1-9983-E143F27D2D68}
[2012/01/03 21:01:38 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\{E7085BAA-6E21-43C2-9EAC-3008DDDCF607}
[2012/01/03 20:57:38 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\{6F8C9444-50DB-4A0A-AA76-52F076174BA9}
[2012/01/03 20:57:20 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\{4002ACD4-9998-46F8-96BB-5418C65EA9AB}
[2012/01/03 20:55:19 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\{F0B69F0F-3C11-4D83-89FC-94089976EA66}
[2012/01/03 20:54:12 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\{024A4AAF-F363-4551-9F81-95D3972F83DE}
[2012/01/03 20:47:54 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\{9BF91F73-C086-4F3B-8585-1C285478CFBD}
[2011/12/14 17:08:40 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2011/12/14 17:08:27 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2011/12/14 17:08:27 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2011/12/14 17:08:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2011/12/14 17:08:26 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2011/12/14 17:08:26 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2011/12/14 17:08:26 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2011/12/14 17:08:26 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2011/12/14 17:08:26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2011/12/14 17:08:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2011/12/14 17:08:26 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2011/12/14 17:08:25 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2011/12/14 17:08:25 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2011/12/14 17:08:25 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2011/12/14 17:08:25 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2011/12/14 17:08:25 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2011/12/14 17:08:03 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll
[2011/12/14 17:08:03 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2011/12/09 16:54:26 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Desktop\Zagrożenia Eksploatacja
[2011/12/07 14:59:33 | 000,591,192 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2011/12/04 23:55:33 | 000,000,000 | ---D | C] -- C:\windows\SysNative\EventProviders
[2011/12/03 11:14:02 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Macromed

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012/01/30 18:06:42 | 000,781,383 | ---- | M] () -- C:\Users\Łukasz\Desktop\RSIT.exe
[2012/01/30 18:05:47 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe
[2012/01/30 15:20:46 | 000,014,144 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/30 15:20:46 | 000,014,144 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/30 15:11:30 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/01/30 15:11:24 | 2001,260,543 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/30 00:41:49 | 000,007,646 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\resmon.resmoncfg
[2012/01/28 14:17:42 | 000,027,281 | ---- | M] () -- C:\Users\Łukasz\Desktop\audi_s_line_by_dasef.jpg
[2012/01/28 14:14:59 | 000,667,819 | ---- | M] () -- C:\Users\Łukasz\Desktop\Armin Van Buuren - Sunrise Festival 08.mp3
[2012/01/28 14:11:30 | 000,022,066 | ---- | M] () -- C:\Users\Łukasz\Desktop\Bach SMS.mp3
[2012/01/28 13:56:15 | 001,663,412 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/01/28 13:56:15 | 000,738,192 | ---- | M] () -- C:\windows\SysNative\perfh015.dat
[2012/01/28 13:56:15 | 000,652,360 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/01/28 13:56:15 | 000,154,848 | ---- | M] () -- C:\windows\SysNative\perfc015.dat
[2012/01/28 13:56:15 | 000,121,292 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/01/26 19:44:40 | 000,632,883 | ---- | M] () -- C:\Users\Łukasz\Desktop\Wilk_Leszek.pdf
[2012/01/25 17:35:03 | 001,684,723 | ---- | M] () -- C:\Users\Łukasz\Desktop\Łukasz_Jencz.pdf
[2012/01/22 01:55:23 | 000,000,168 | ---- | M] () -- C:\windows\usdthank.ini
[2012/01/18 21:54:39 | 000,437,102 | ---- | M] () -- C:\Users\Łukasz\Desktop\cc_20120118_215353.reg
[2012/01/18 21:49:56 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/01/18 21:48:25 | 003,562,624 | ---- | M] (Piriform Ltd) -- C:\Users\Łukasz\Desktop\ccsetup314.exe
[2012/01/17 17:49:09 | 000,476,088 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/01/17 17:42:59 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msclmd.dll
[2012/01/17 17:42:58 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msclmd.dll
[2012/01/15 19:21:48 | 000,000,000 | ---- | M] () -- C:\Users\Łukasz\Desktop\Urządzenia i napędy elektryczne.rar
[2012/01/15 19:21:11 | 000,000,020 | -H-- | M] () -- C:\Users\Łukasz\Desktop\Urządzenia i napędy elektryczne.rar.sha
[2012/01/14 15:42:16 | 000,009,231 | ---- | M] () -- C:\Users\Łukasz\Desktop\Pytania przykładowe z laboratorium semV.pdf
[2012/01/12 15:02:58 | 001,639,550 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/01/09 20:46:20 | 000,430,568 | ---- | M] () -- C:\Users\Łukasz\Desktop\Audi_A3_8L_Jak_naprawic_wyswietlacz_ FIS-Dash_Display_Dead_Pixel_Repair.pdf
[2012/01/09 17:47:09 | 000,026,025 | ---- | M] () -- C:\Users\Łukasz\Desktop\1b9d08cd000065a9
[2012/01/09 14:03:22 | 000,286,944 | ---- | M] () -- C:\Users\Łukasz\Desktop\WB-04.JPG
[2012/01/08 21:44:41 | 000,330,194 | ---- | M] () -- C:\Users\Łukasz\Desktop\GZW-A-01.JPG
[2012/01/06 14:46:26 | 000,689,547 | ---- | M] () -- C:\Users\Łukasz\Desktop\korall.jpg
[2012/01/06 14:45:20 | 000,705,458 | ---- | M] () -- C:\Users\Łukasz\Desktop\jantar 22.jpg
[2012/01/03 21:05:46 | 001,441,413 | ---- | M] () -- C:\Users\Łukasz\Desktop\Jantar.JPG
[2012/01/03 20:58:18 | 001,489,724 | ---- | M] () -- C:\Users\Łukasz\Desktop\Koral.JPG
[2012/01/03 20:50:33 | 000,338,419 | ---- | M] () -- C:\Users\Łukasz\Desktop\schemat (2).jpg
[2012/01/03 20:50:27 | 000,338,419 | ---- | M] () -- C:\Users\Łukasz\Desktop\schemat.JPG
[2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2011/12/07 14:59:33 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
[2011/12/06 16:38:37 | 000,361,764 | ---- | M] () -- C:\Users\Łukasz\Desktop\Łukasz Jencz.dwg

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012/01/30 18:06:40 | 000,781,383 | ---- | C] () -- C:\Users\Łukasz\Desktop\RSIT.exe
[2012/01/28 14:17:42 | 000,027,281 | ---- | C] () -- C:\Users\Łukasz\Desktop\audi_s_line_by_dasef.jpg
[2012/01/28 14:14:59 | 000,667,819 | ---- | C] () -- C:\Users\Łukasz\Desktop\Armin Van Buuren - Sunrise Festival 08.mp3
[2012/01/28 14:11:29 | 000,022,066 | ---- | C] () -- C:\Users\Łukasz\Desktop\Bach SMS.mp3
[2012/01/26 19:44:39 | 000,632,883 | ---- | C] () -- C:\Users\Łukasz\Desktop\Wilk_Leszek.pdf
[2012/01/25 17:35:00 | 001,684,723 | ---- | C] () -- C:\Users\Łukasz\Desktop\Łukasz_Jencz.pdf
[2012/01/18 21:54:01 | 000,437,102 | ---- | C] () -- C:\Users\Łukasz\Desktop\cc_20120118_215353.reg
[2012/01/18 21:49:56 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/01/15 19:21:11 | 000,000,020 | -H-- | C] () -- C:\Users\Łukasz\Desktop\Urządzenia i napędy elektryczne.rar.sha
[2012/01/15 19:21:11 | 000,000,000 | ---- | C] () -- C:\Users\Łukasz\Desktop\Urządzenia i napędy elektryczne.rar
[2012/01/14 15:42:15 | 000,009,231 | ---- | C] () -- C:\Users\Łukasz\Desktop\Pytania przykładowe z laboratorium semV.pdf
[2012/01/09 20:46:19 | 000,430,568 | ---- | C] () -- C:\Users\Łukasz\Desktop\Audi_A3_8L_Jak_naprawic_wyswietlacz_ FIS-Dash_Display_Dead_Pixel_Repair.pdf
[2012/01/09 17:47:45 | 000,026,025 | ---- | C] () -- C:\Users\Łukasz\Desktop\1b9d08cd000065a9
[2012/01/09 14:03:22 | 000,286,944 | ---- | C] () -- C:\Users\Łukasz\Desktop\WB-04.JPG
[2012/01/08 21:44:40 | 000,330,194 | ---- | C] () -- C:\Users\Łukasz\Desktop\GZW-A-01.JPG
[2012/01/06 14:46:25 | 000,689,547 | ---- | C] () -- C:\Users\Łukasz\Desktop\korall.jpg
[2012/01/06 14:45:20 | 000,705,458 | ---- | C] () -- C:\Users\Łukasz\Desktop\jantar 22.jpg
[2012/01/03 20:50:26 | 000,338,419 | ---- | C] () -- C:\Users\Łukasz\Desktop\schemat (2).jpg
[2012/01/03 20:43:07 | 000,338,419 | ---- | C] () -- C:\Users\Łukasz\Desktop\schemat.JPG
[2012/01/03 20:41:25 | 001,489,724 | ---- | C] () -- C:\Users\Łukasz\Desktop\Koral.JPG
[2012/01/03 20:41:10 | 001,441,413 | ---- | C] () -- C:\Users\Łukasz\Desktop\Jantar.JPG
[2011/12/06 16:38:37 | 000,361,764 | ---- | C] () -- C:\Users\Łukasz\Desktop\Łukasz Jencz.dwg
[2011/04/13 15:23:39 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/04/13 15:19:46 | 001,639,550 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2010/12/26 21:33:39 | 000,000,083 | ---- | C] () -- C:\windows\wwp.INI
[2010/12/22 01:22:37 | 000,000,168 | ---- | C] () -- C:\windows\usdthank.ini
[2010/12/22 01:22:37 | 000,000,031 | ---- | C] () -- C:\windows\idc.ini
[2010/12/20 21:45:42 | 000,007,646 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\resmon.resmoncfg
[2010/12/17 22:00:59 | 000,258,048 | ---- | C] () -- C:\windows\SysWow64\libFLAC.dll
[2010/12/09 01:59:06 | 000,165,376 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
[2010/12/07 16:58:06 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/04/25 06:31:59 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2010/04/25 06:19:15 | 000,000,426 | ---- | C] () -- C:\windows\HotFixList.ini
[2010/04/25 05:51:09 | 000,311,296 | ---- | C] () -- C:\windows\SysWow64\Rezip.exe
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:59:36 | 000,982,196 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin
[2009/07/13 22:59:36 | 000,139,824 | ---- | C] () -- C:\windows\SysWow64\igfcg500.bin
[2009/07/13 22:59:36 | 000,097,448 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin
[2009/07/13 22:59:35 | 000,417,344 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2006/10/08 19:33:54 | 000,000,000 | ---- | C] () -- C:\windows\R-series.ini

[color=#E56717]========== LOP Check ==========[/color]

[2011/05/26 22:24:57 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Autodesk
[2012/01/18 21:51:06 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\DAEMON Tools Lite
[2011/02/04 20:29:37 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Design Science
[2010/12/22 17:51:24 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Gadu-Gadu
[2010/12/12 18:37:10 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Leadertech
[2011/04/18 22:33:08 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Opanda
[2011/03/27 13:45:55 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\PrimoPDF
[2011/02/04 20:52:36 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Thinstall
[2012/01/30 00:41:22 | 000,032,604 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2012/01/30 15:11:24 | 2001,260,543 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/30 15:11:28 | 2001,260,543 | -HS- | M] () -- C:\pagefile.sys
[2010/04/25 05:48:58 | 000,002,162 | ---- | M] () -- C:\RHDSetup.log
[2010/12/07 17:23:56 | 000,000,166 | ---- | M] () -- C:\Setup.log


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009/07/14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\windows\SysNative\drivers\beep.sys
[2009/07/14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\windows\SysNative\drivers\cdrom.sys
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2010/11/20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\windows\SysNative\drivers\ndis.sys
[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\windows\SysNative\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:268F887D
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:ACCEFF0E
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:4A0829E0

< End of report >[/log]

Extras[log]OTL Extras logfile created on: 1/30/2012 6:24:05 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Łukasz\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

5.86 Gb Total Physical Memory | 4.21 Gb Available Physical Memory | 71.82% Memory free
11.73 Gb Paging File | 10.00 Gb Available in Paging File | 85.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 81.12 Gb Total Space | 27.62 Gb Free Space | 34.05% Space Free | Partition Type: NTFS
Drive D: | 369.54 Gb Total Space | 78.23 Gb Free Space | 21.17% Space Free | Partition Type: NTFS

Computer Name: LUKI | User Name: Łukasz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java™ 6 Update 23 (64-bit)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost Technology Monitor
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java™ SE Development Kit 6 Update 23 (64-bit)
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C02C2C22-2EB1-47C8-B74F-8AB1A62FAE31}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"3932CA781A7894D20116FDF60F878301800EA8AB" = Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.17
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-bitowy)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{0A353130-D22C-41DD-8C67-1B02A05F2CE0}" = Samsung Support Center
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F796312-289C-40CA-856C-9FBCF5E83342}" = REALTEK Wireless LAN Software
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java™ 6 Update 26
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}" = Windows Live Sync
"{306B39C9-3AB1-4161-8567-9C7E50B41AE3}" = Microsoft Works
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34B76DCB-BF7C-440F-B058-C84172C1E338}" = Easy Network Manager
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3EED7541-55F8-4DC6-B9CD-28762D71310E}" = Samsung R-Series
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{543E6ACA-51B7-4283-82F2-57C0582A53C5}" = Windows Live UX Platform Language Pack
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed™ Hot Pursuit
"{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish)
"{9A200E68-D5F4-4E70-910F-2871753A0E2B}" = Worms World Party
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1045-7B44-A91000000001}" = Adobe Reader 9.1 - Polish
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ALLPlayer_is1" = ALLPlayer V4.X
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"avast" = avast! Free Antivirus
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"Counter-Strike 1.6_is1" = Counter-Strike 1.6
"CWK" = CWK (Czasowy Wyłącznik Komputera)
"DSMT6" = MathType 6
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Gadu-Gadu" = Gadu-Gadu 7.7
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.60.0.1800
"Marvell Miniport Driver" = Marvell Miniport Driver
"MoorHunt_is1" = MoorHunt 0.6.7.2
"Mozilla Firefox 9.0.1 (x86 pl)" = Mozilla Firefox 9.0.1 (x86 pl)
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"ShockwaveFlash" = Macromedia Flash Player 8
"SpeedFan" = SpeedFan (remove only)
"Winamp" = Winamp
"WinLiveSuite" = Podstawowe programy Windows Live

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"JDownloader" = JDownloader
"Pokrywa 3D" = Pokrywa 3D

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 1/17/2012 10:45:02 AM | Computer Name = Luki | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .

Error - 1/17/2012 10:45:03 AM | Computer Name = Luki | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .

Error - 1/17/2012 10:45:57 AM | Computer Name = Luki | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .

Error - 1/17/2012 10:45:58 AM | Computer Name = Luki | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .

Error - 1/17/2012 10:46:04 AM | Computer Name = Luki | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .

Error - 1/17/2012 10:46:04 AM | Computer Name = Luki | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .

Error - 1/17/2012 10:50:21 AM | Computer Name = Luki | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .

Error - 1/17/2012 10:50:21 AM | Computer Name = Luki | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .

Error - 1/17/2012 10:50:29 AM | Computer Name = Luki | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .

Error - 1/17/2012 10:50:29 AM | Computer Name = Luki | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .

[ System Events ]
Error - 1/30/2012 10:54:34 AM | Computer Name = Luki | Source = ipnathlp | ID = 34001
Description =

Error - 1/30/2012 11:19:07 AM | Computer Name = Luki | Source = DCOM | ID = 10016
Description =

Error - 1/30/2012 11:32:19 AM | Computer Name = Luki | Source = ipnathlp | ID = 34001
Description =

Error - 1/30/2012 11:44:27 AM | Computer Name = Luki | Source = ipnathlp | ID = 34001
Description =

Error - 1/30/2012 12:22:11 PM | Computer Name = Luki | Source = ipnathlp | ID = 34001
Description =

Error - 1/30/2012 12:25:55 PM | Computer Name = Luki | Source = ipnathlp | ID = 31004
Description =

Error - 1/30/2012 12:34:19 PM | Computer Name = Luki | Source = ipnathlp | ID = 34001
Description =

Error - 1/30/2012 12:43:16 PM | Computer Name = Luki | Source = DCOM | ID = 10016
Description =

Error - 1/30/2012 1:12:03 PM | Computer Name = Luki | Source = ipnathlp | ID = 34001
Description =

Error - 1/30/2012 1:24:11 PM | Computer Name = Luki | Source = ipnathlp | ID = 34001
Description =


< End of report >
[/log]

log
[log]Logfile of random's system information tool 1.09 (written by random/random)
Run by Łukasz at 2012-01-30 18:34:41
Microsoft Windows 7 Home Premium
System drive C: has 28 GB (34%) free of 83 GB
Total RAM: 6005 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:34:50, on 2012-01-30
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal

Running processes:
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Gadu-Gadu\gg.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Łukasz\Desktop\OTL.exe
C:\Users\Łukasz\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Łukasz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O4 - Startup: MoorHunt.lnk = C:\Program Files (x86)\MoorHunt\MoorHunt.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Rezip - Unknown owner - C:\windows\SysWOW64\Rezip.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9608 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\6foyz7y2.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "onet.pl"
prefs.js - "extensions.enabledItems" - "{B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.8, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{B7082FAA-CB62-4872-9106-E42DD88EDE45}"=C:\Program Files (x86)\McAfee\SiteAdvisor


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFF12.DLL

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
allegro-pl.xml
fbc-pl.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocnik logowania za pomocą identyfikatora Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-08-01 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-11-28 3744552]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MoorHunt.lnk - C:\Program Files (x86)\MoorHunt\MoorHunt.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-01-30 18:34:41 ----D---- C:\rsit
2012-01-30 18:34:41 ----D---- C:\Program Files (x86)\trend micro
2012-01-11 14:46:49 ----A---- C:\windows\SysWOW64\quartz.dll
2012-01-11 14:46:49 ----A---- C:\windows\SysWOW64\qdvd.dll
2012-01-11 14:46:25 ----A---- C:\windows\SysWOW64\jscript.dll
2012-01-11 14:46:02 ----A---- C:\windows\SysWOW64\ntdll.dll
2012-01-11 14:45:36 ----A---- C:\windows\SysWOW64\packager.dll

======List of files/folders modified in the last 1 month======

2012-01-30 18:34:50 ----D---- C:\windows\Prefetch
2012-01-30 18:34:44 ----D---- C:\windows\Temp
2012-01-30 18:34:41 ----RD---- C:\Program Files (x86)
2012-01-28 13:56:15 ----D---- C:\windows\System32
2012-01-28 13:56:15 ----D---- C:\windows\inf
2012-01-27 14:12:21 ----SHD---- C:\System Volume Information
2012-01-25 15:52:45 ----D---- C:\windows\winsxs
2012-01-22 18:06:04 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-22 18:05:50 ----D---- C:\windows\SysWOW64\drivers
2012-01-22 01:55:23 ----A---- C:\windows\usdthank.ini
2012-01-22 01:09:14 ----D---- C:\Program Files (x86)\MoorHunt
2012-01-21 21:43:01 ----D---- C:\Users\Łukasz\AppData\Roaming\WinRAR
2012-01-21 21:42:43 ----RD---- C:\Program Files
2012-01-21 21:40:01 ----SHD---- C:\$Recycle.Bin
2012-01-18 23:36:38 ----D---- C:\Windows
2012-01-18 22:00:00 ----D---- C:\Users\Łukasz\AppData\Roaming\Winamp
2012-01-18 21:51:06 ----D---- C:\Users\Łukasz\AppData\Roaming\DAEMON Tools Lite
2012-01-18 21:51:03 ----D---- C:\Users\Łukasz\AppData\Roaming\Skype
2012-01-18 21:50:56 ----D---- C:\windows\Panther
2012-01-18 21:50:55 ----D---- C:\windows\Minidump
2012-01-18 21:50:55 ----D---- C:\windows\Logs
2012-01-18 21:50:55 ----D---- C:\windows\debug
2012-01-18 18:33:28 ----D---- C:\windows\rescache
2012-01-17 18:15:50 ----RSD---- C:\windows\assembly
2012-01-17 18:13:18 ----D---- C:\windows\Microsoft.NET
2012-01-17 17:46:40 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-01-17 17:46:40 ----D---- C:\Program Files (x86)\Windows Portable Devices
2012-01-17 17:46:40 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-01-17 17:46:40 ----D---- C:\Program Files (x86)\Windows Media Player
2012-01-17 17:46:40 ----D---- C:\Program Files (x86)\Windows Mail
2012-01-17 17:46:40 ----D---- C:\Program Files (x86)\Internet Explorer
2012-01-17 17:46:38 ----D---- C:\windows\servicing
2012-01-17 17:46:38 ----D---- C:\windows\ehome
2012-01-17 17:46:38 ----D---- C:\Program Files (x86)\Common Files\System
2012-01-17 17:46:37 ----D---- C:\windows\SysWOW64\Setup
2012-01-17 17:46:37 ----D---- C:\windows\SysWOW64\oobe
2012-01-17 17:46:37 ----D---- C:\windows\SysWOW64\migration
2012-01-17 17:46:37 ----D---- C:\windows\SysWOW64\manifeststore
2012-01-17 17:46:37 ----D---- C:\windows\SysWOW64\es-ES
2012-01-17 17:46:37 ----D---- C:\windows\SysWOW64\da-DK
2012-01-17 17:46:37 ----D---- C:\windows\SysWOW64\cs-CZ
2012-01-17 17:46:37 ----D---- C:\windows\SysWOW64\AdvancedInstallers
2012-01-17 17:46:36 ----D---- C:\windows\SysWOW64\wbem
2012-01-17 17:46:36 ----D---- C:\windows\SysWOW64\sppui
2012-01-17 17:46:36 ----D---- C:\windows\SysWOW64\pl-PL
2012-01-17 17:46:33 ----D---- C:\windows\SysWOW64\migwiz
2012-01-17 17:46:33 ----D---- C:\windows\SysWOW64\Dism
2012-01-17 17:46:33 ----D---- C:\windows\SysWOW64
2012-01-17 17:46:32 ----D---- C:\windows\PolicyDefinitions
2012-01-17 17:46:29 ----RSD---- C:\windows\Fonts
2012-01-17 17:46:29 ----D---- C:\windows\AppPatch
2012-01-17 17:42:59 ----A---- C:\windows\SysWOW64\msclmd.dll
2012-01-12 15:03:12 ----SHD---- C:\windows\Installer
2012-01-12 15:02:58 ----A---- C:\windows\SysWOW64\PerfStringBackup.INI
2012-01-12 14:57:27 ----D---- C:\ProgramData\Microsoft Help
2012-01-10 20:25:35 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys []
R0 speedfan;speedfan; C:\windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys []
R1 aswRdr;aswRdr; C:\windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; C:\windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\windows\SysWOW64\drivers\aswTdi.sys []
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys []
R2 aswFsBlk;aswFsBlk; C:\windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys []
R2 cpuz135;cpuz135; \??\C:\windows\system32\drivers\cpuz135_x64.sys []
R2 TurboB;Turbo Boost UI Monitor driver; C:\windows\system32\DRIVERS\TurboB.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys []
R3 BthEnum;Sterownik Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys []
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys []
R3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys []
R3 btwaudio;Urz¹dzenie dŸwiêkowe Bluetooth; C:\windows\system32\drivers\btwaudio.sys []
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys []
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys []
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys []
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys []
S3 ar69835k;ar69835k; C:\windows\SysWOW64\drivers\ar69835k.sys []
S3 BTHPORT;Sterownik portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys []
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys []
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys []
S3 rtport;rtport; \??\C:\windows\SysWOW64\drivers\rtport.sys [2010-07-29 15144]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-10-02 873248]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe []
R2 Rezip;Rezip; C:\windows\SysWOW64\Rezip.exe [2009-03-05 311296]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;„Usługa stanu ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-05-27 85096]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-04-13 1431888]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-09-29 126392]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe []
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[/log]

info
[log]info.txt logfile of random's system information tool 1.09 2012-01-30 18:34:51

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
7-Zip 9.20-->"C:\Program Files (x86)\7-Zip\Uninstall.exe"
Adobe Flash Player ActiveX-->C:\windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.1 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A91000000001}
Adobe Shockwave Player 11.6-->"C:\windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {04E205D6-88B1-4652-B162-42DF2C3B1228}
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {128A36ED-21BE-4547-9FFE-5B85AEC735DD}
ALLPlayer V4.X-->"C:\Program Files (x86)\ALLPlayer\unins000.exe"
Atheros Client Installation Program-->"C:\Program Files (x86)\InstallShield Installation Information\{D1434266-0486-4469-B338-A60082CC04E1}\setup.exe" -runfromtemp -l0x0009 -removeonly
Autodesk DWF Viewer-->C:\PROGRA~2\Autodesk\AUTODE~1\Setup.exe /remove /q0
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
BatteryLifeExtender-->MsiExec.exe /I{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}
Call of Duty: Black Ops-->"D:\Call of Duty\Call of Duty - Black Ops\unins000.exe"
ChargeableUSB-->"C:\Program Files (x86)\InstallShield Installation Information\{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}\Setup.exe" -runfromtemp -l0x0009Remove -removeonly
Counter-Strike 1.6-->"D:\Counter-Strike 1.6\unins000.exe"
CWK (Czasowy Wyłącznik Komputera)-->"C:\Program Files (x86)\Damian Pasternak\CWK\CWK.exe" /uninstall
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink PowerDVD 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall
CyberLink PowerDVD 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Easy Display Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe" -runfromtemp -l0x0009 -removeonly
Easy Network Manager-->MsiExec.exe /I{34B76DCB-BF7C-440F-B058-C84172C1E338}
Easy SpeedUp Manager-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EF367AA4-070B-493C-9575-85BE59D789C9}\setup.exe" -l0x9 Remove
EasyBatteryManager-->"C:\Program Files (x86)\InstallShield Installation Information\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}\setup.exe" -runfromtemp -l0x0009 -removeonly
EVEREST Home Edition v2.20-->"C:\Program Files (x86)\Lavalys\EVEREST Home Edition\unins000.exe"
FIFA 11-->MsiExec.exe /X{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}
Gadu-Gadu 7.7-->C:\Program Files (x86)\Gadu-Gadu\Setup.exe
Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Intel(R) Turbo Boost Technology Driver-->C:\Program Files (x86)\Intel\Intel(R) Turbo Boost Technology Driver\Uninstall\setup.exe -uninstall -iips
Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216026FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Macromedia Flash Player 8-->RunDll32 advpack.dll,LaunchINFSection C:\windows\INF\swflash.inf,DefaultUninstall,5
Malwarebytes Anti-Malware wersja 1.60.0.1800-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->C:\Program Files (x86)\Marvell\Miniport Driver\Uninst.exe
MathType 6-->"C:\Program Files (x86)\MathType\Setup.exe" -R
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0415-1000-0000000FF1CE} /uninstall {D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0415-0000-0000000FF1CE} /uninstall {D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (Polish) 2007-->MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Polish) 2007-->MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (Polish)-->MsiExec.exe /X{95120000-00AF-0415-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {E9EA2604-8AC9-47D2-8F4B-6BF60787A357}
Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE}
Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Works-->MsiExec.exe /I{306B39C9-3AB1-4161-8567-9C7E50B41AE3}
MoorHunt 0.6.7.2-->"C:\Program Files (x86)\MoorHunt\unins000.exe"
Mozilla Firefox 9.0.1 (x86 pl)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NapiProjekt 1.0.6.9-->"C:\Program Files (x86)\NAPI-PROJEKT\unins000.exe"
Narzędzie do przekazywania usługi Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Need for Speed(TM) Hot Pursuit-->MsiExec.exe /X{83A606F5-BF6F-42ED-9F33-B9F74297CDED}
Pakiet zgodności dla systemu Office 2007-->MsiExec.exe /X{90120000-0020-0415-0000-0000000FF1CE}
Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1}
Podstawowe programy Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383}
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
REALTEK Wireless LAN Software-->C:\Program Files (x86)\InstallShield Installation Information\{0F796312-289C-40CA-856C-9FBCF5E83342}\Install.exe -uninst -l0x9
Samsung Recovery Solution 4-->"C:\Program Files (x86)\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe" -runfromtemp -l0x0009 -removeonly
Samsung R-Series-->MsiExec.exe /X{3EED7541-55F8-4DC6-B9CD-28762D71310E}
Samsung Support Center-->MsiExec.exe /I{0A353130-D22C-41DD-8C67-1B02A05F2CE0}
Samsung Update Plus-->"C:\Program Files (x86)\InstallShield Installation Information\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}\setup.exe" -runfromtemp -l0x0009 -removeonly
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB2553089)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
Security Update for 2007 Microsoft Office System (KB2553090)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
Security Update for 2007 Microsoft Office System (KB2584063)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {3162617C-537F-3BB6-8D0C-C6021F442391} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Groove 2007 (KB2552997)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A1CBF7D-4704-40BC-B31C-AA761884A3E4}
Security Update for Microsoft Office InfoPath 2007 (KB2510061)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5D930261-AA5B-48D1-931F-425C9D767490}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
SpeedFan (remove only)-->"C:\Program Files (x86)\SpeedFan\uninstall.exe"
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Update for 2007 Microsoft Office System (KB2284654)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7873DF5-9E1C-45EE-8895-D29C6AE01202}
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {48202D27-A6D4-4264-A184-51A6E8AD7C40}
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C20964A7-5181-45E5-9E82-72F5D400DEBF}
Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {567103D1-96CD-4B76-93B9-2681A187DEFF}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Outlook 2007 (KB2583910)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BDC21583-5601-4B2B-88F3-7919F6DE8FB1}
Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Messenger-->MsiExec.exe /X{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}
Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live Sync-->MsiExec.exe /X{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{543E6ACA-51B7-4283-82F2-57C0582A53C5}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80}
Worms World Party-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9A200E68-D5F4-4E70-910F-2871753A0E2B}\setup.exe"

======System event log======

Computer Name: Luki
Event Code: 7036
Message: Usługa Dostęp do urządzeń interfejsu HID weszła w stan uruchomienia.
Record Number: 147803
Source Name: Service Control Manager
Time Written: 20111008094638.106317-000
Event Type: Informacje
User:

Computer Name: Luki
Event Code: 7036
Message: Usługa Udostępnianie połączenia internetowego (ICS) weszła w stan uruchomienia.
Record Number: 147802
Source Name: Service Control Manager
Time Written: 20111008094634.984138-000
Event Type: Informacje
User:

Computer Name: Luki
Event Code: 7036
Message: Usługa Rozpoznawanie lokalizacji w sieci weszła w stan uruchomienia.
Record Number: 147801
Source Name: Service Control Manager
Time Written: 20111008094631.636947-000
Event Type: Informacje
User:

Computer Name: Luki
Event Code: 7036
Message: Usługa Menedżer połączeń usługi Dostęp zdalny weszła w stan uruchomienia.
Record Number: 147800
Source Name: Service Control Manager
Time Written: 20111008094631.408933-000
Event Type: Informacje
User:

Computer Name: Luki
Event Code: 7036
Message: Usługa Serwer weszła w stan uruchomienia.
Record Number: 147799
Source Name: Service Control Manager
Time Written: 20111008094628.817785-000
Event Type: Informacje
User:

=====Application event log=====

Computer Name: Luki
Event Code: 1531
Message: Usługa profilów użytkowników została uruchomiona pomyślnie.


Record Number: 803
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101207145028.012466-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: Luki
Event Code: 1532
Message: Usługa profilów użytkowników została zatrzymana.


Record Number: 802
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100729080853.238720-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: WIN-FQ0ML6EVISB
Event Code: 1003
Message: Usługa Windows Search została uruchomiona.

Record Number: 801
Source Name: Microsoft-Windows-Search
Time Written: 20100729080849.000000-000
Event Type: Informacje
User:

Computer Name: WIN-FQ0ML6EVISB
Event Code: 1013
Message: Usługa Windows Search została normalnie zatrzymana.

Record Number: 800
Source Name: Microsoft-Windows-Search
Time Written: 20100729080848.000000-000
Event Type: Informacje
User:

Computer Name: WIN-FQ0ML6EVISB
Event Code: 103
Message: Windows (740) Windows: Aparat bazy danych zatrzymał wystąpienie (0).
Record Number: 799
Source Name: ESENT
Time Written: 20100729080848.000000-000
Event Type: Informacje
User:

=====Security event log=====

Computer Name: Luki
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: LUKI$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 5

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x270
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Nazwa stacji roboczej:
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: Advapi
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 33539
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110814194315.457229-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Luki
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-19
Nazwa konta: USŁUGA LOKALNA
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e5

Uprawnienia: SeAssignPrimaryTokenPrivilege
SeAuditPrivilege
SeImpersonatePrivilege
Record Number: 33538
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110814194315.192029-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Luki
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: LUKI$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 5

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-19
Nazwa konta: USŁUGA LOKALNA
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e5
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x270
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Nazwa stacji roboczej:
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: Advapi
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 33537
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110814194315.192029-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Luki
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-20
Nazwa konta: USŁUGA SIECIOWA
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e4

Uprawnienia: SeAssignPrimaryTokenPrivilege
SeAuditPrivilege
SeImpersonatePrivilege
Record Number: 33536
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110814194315.051629-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Luki
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: LUKI$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 5

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-20
Nazwa konta: USŁUGA SIECIOWA
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e4
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x270
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Nazwa stacji roboczej:
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: Advapi
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 33535
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110814194315.051629-000
Event Type: Sukcesy inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=2505

-----------------EOF-----------------

[/log]

Z góry dziekuję za pomoc:)
Pozdrawiam

Natsuki Kuga
komentarz
komentarz

Do OTL wklej:
[code]
:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:268F887D
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:ACCEFF0E
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:4A0829E0

:Commands
[emptytemp]
[/code]
[b]Wykonaj skrypt,[/b] pokaż raport.

Do [url="http://jpshortstuff.247fixes.com/SystemLook_x64.exe"][b]SystemLook[/b][/url] wklej:
[code]
:file
C:\windows\system32\DRIVERS\Impcd.sys
C:\windows\SysWOW64\drivers\ar69835k.sys

:service
Impcd
ar69835k
[/code]
[b]Look,[/b] pokaż raport.

bombon
komentarz
komentarz

OTl
[log]
Error: Unable to interpret <:file> in the current context!
Error: Unable to interpret <C:\windows\system32\DRIVERS\Impcd.sys> in the current context!
Error: Unable to interpret <C:\windows\SysWOW64\drivers\ar69835k.sys> in the current context!
Error: Unable to interpret <:service> in the current context!
Error: Unable to interpret <Impcd> in the current context!
Error: Unable to interpret <ar69835k> in the current context!

OTL by OldTimer - Version 3.2.31.0 log created on 01312012_213644[/log]
SystemLook
[log]SystemLook 30.07.11 by jpshortstuff
Log created at 21:34 on 31/01/2012 by Łukasz
Administrator - Elevation successful

========== file ==========

C:\windows\system32\DRIVERS\Impcd.sys - File found and opened.
MD5: 4B6363CD4610BB848531BB260B15DFCC
Created at 17:58 on 26/05/2010
Modified at 23:02 on 10/02/2010
Size: 158720 bytes
Attributes: --a----
FileDescription: Intel(R) Turbo Boost Technology Driver
FileVersion: 1.1.1.1007
ProductVersion: 1.1.1.1007
OriginalFilename: Impcd.sys
InternalName: Impcd.sys
ProductName: Intel(R) Turbo Boost Technology Driver
CompanyName: Intel Corporation
LegalCopyright: Copyright(C) 2008 Intel Corporation

C:\windows\SysWOW64\drivers\ar69835k.sys - Unable to find/read file.

========== service ==========

Impcd
Impcd
(No Description)
Current Status: Started
Startup Type: Demand
Error Control: Critical
Binary: system32\DRIVERS\Impcd.sys
Group: (none)
SafeBoot:
Dependencies:
(none)
Dependant Services:
(none)

ar69835k - Unable to open Service Handle.

-= EOF =-[/log]

Natsuki Kuga
komentarz
komentarz

Do OTL miało być wklejone to:
[code]
:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:268F887D
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:ACCEFF0E
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:4A0829E0

:Commands
[emptytemp]
[/code]
Pokaż raport.

bombon
komentarz
komentarz

[log]All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
ADS C:\ProgramData\Temp:268F887D deleted successfully.
ADS C:\ProgramData\Temp:ACCEFF0E deleted successfully.
ADS C:\ProgramData\Temp:4A0829E0 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Łukasz
->Temp folder emptied: 294172 bytes
->Temporary Internet Files folder emptied: 14794535 bytes
->Java cache emptied: 3145197 bytes
->FireFox cache emptied: 54777503 bytes
->Flash cache emptied: 6695 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 170462 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 84416 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 751 bytes
RecycleBin emptied: 34747838 bytes

Total Files Cleaned = 103.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 02022012_180021

Files\Folders moved on Reboot...
C:\Users\Łukasz\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\windows\temp\_avast_\unp3919708.tmp moved successfully.
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
C:\windows\temp\sqlite_Qf9xH6zDKg4C9yp moved successfully.
C:\windows\temp\sqlite_QNWPHvaU1p2pLZW moved successfully.
C:\windows\temp\sqlite_sEwmW3NRGvNx06W moved successfully.

Registry entries deleted on Reboot...

[/log]

Natsuki Kuga
komentarz
komentarz

Wykonaj pełny skan [url=http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html][b]MBAMem.[/b][/url] Pokaż raport.

bombon
komentarz
komentarz

Znaleziono 1 infekcje
[log]Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Wersja bazy: v2012.02.05.01

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Łukasz :: LUKI [administrator]

2012-02-05 14:00:13
mbam-log-2012-02-05 (15-09-40).txt

Typ skanowania: Pełne skanowanie
Zaznaczone opcje skanowania: Pamięć | Rozruch | Rejestr | System plików | Heurystyka/Dodatkowe | Heuristyka/Shuriken | PUP | PUM
Odznaczone opcje skanowania: P2P
Przeskanowano obiektów: 370728
Upłynęło: 1 godzin(y), 8 minut(y), 8 sekund(y)

Wykrytych procesów w pamięci: 0
(Nie znaleziono zagrożeń)

Wykrytych modułów w pamięci: 0
(Nie znaleziono zagrożeń)

Wykrytych kluczy rejestru: 0
(Nie znaleziono zagrożeń)

Wykrytych wartości rejestru: 0
(Nie znaleziono zagrożeń)

Wykryte wpisy rejestru systemowego: 0
(Nie znaleziono zagrożeń)

wykrytych folderów: 0
(Nie znaleziono zagrożeń)

Wykrytych plików: 1
C:\Users\Łukasz\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\300000005700002i\WINWORD.EXE (Rootkit.Dropper) -> Nie wykonano akcji.

(zakończone)

[/log]

Natsuki Kuga
komentarz
komentarz

Usuń to, co wykrył MBAM.

W OTL kliknij [b]Sprzątanie[/b] - to usunie go wraz z jego kwarantanną. Inne narzędzia też możesz usunąć.

Ze strony wirusowej to by było na tyle, czy problem nadal występuje?

bombon
komentarz
komentarz

Zrobiłem zgodnie z poleceniem, jednak nic się nie zmieniło.
Komputer dalej długo się włącza, muzyka się laguje.
Użycie procesora skacze momentami kilka % by znowu za chwilę skoczyc do poziomu 50 - 100% przy włączonej przeglądarce i komunikatorze.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.