Kaaas utworzono 19 maja 2012 utworzono 19 maja 2012 Witam. Otóż mój problem wygląda następująco: [url="https://vimeo.com/42468336"]https://vimeo.com/42468336[/url] Słyszałem, że trojany robią z kompem podobne rzeczy, skanowałem dysk avastem, trybem expresowym, lecz nic nie znalazł. Może to grafa? Kompa mam od niespełna miesiąca... Zdarzyło mi się to 3 razy w ciągu 1,5 tygodnia. Komp sie zwiesza i trzeba restartować. Wie ktoś może co to za świnstwo?
Igorrodz komentarz 19 maja 2012 komentarz 19 maja 2012 Pożycz od kogoś inną kartę graficzna, wsadź do swojego peceta i przetestuj czy błędy będą nadal - a swoją sprawdź u koleżanki. BTW- jaki masz zasilacz?
Igorrodz komentarz 19 maja 2012 komentarz 19 maja 2012 ewentualnie daj logi z OTL i RIST http://www.forumpc.pl/index.php?showtopic=104338
Doman komentarz 19 maja 2012 komentarz 19 maja 2012 Jeśli już skanowałeś ten dysk, to przy rozruchu, a nie trybem ekspresowym... Mi wygląda na wine grafiki. Sprawdź na innej.
Kaaas komentarz 20 maja 2012 Autor komentarz 20 maja 2012 Zasilacz to: TACENS RADIX V- 450 Grafa: ASUS GT440 Otóż przy instalowaniu sterów do grafiki, nie usunąłem wcześniej starych, podobno to przeciąża. Jak mi poszła ta karta to ja nie wiem co zrobię, bo wyrzuciłem gwarancję, razem z pudełkiem (nie wiedziałem, że w nim jest). Mam w domu też ASUSa 9500GT, więc moge sprawdzić, chociaż siedzieć na starej karcie bóg wie ile, żeby tylko zobaczyć czy stanie sie coś takiego, i kiedy, to też bedzie problematyczne. Igorrodz tu są logi: [log]OTL logfile created on: 2012-05-20 10:02:49 - Run 1 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Maciek\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,98 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 59,07% Memory free 7,96 Gb Paging File | 5,87 Gb Available in Paging File | 73,74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 107,42 Gb Total Space | 3,20 Gb Free Space | 2,98% Space Free | Partition Type: NTFS Drive D: | 358,34 Gb Total Space | 165,53 Gb Free Space | 46,19% Space Free | Partition Type: NTFS Drive E: | 5,12 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive G: | 7,32 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: MACIEK-PC | User Name: Maciek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-05-20 09:59:21 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Maciek\Desktop\OTL.exe PRC - [2012-05-19 22:34:46 | 000,283,304 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe PRC - [2012-05-17 12:47:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012-05-16 20:42:59 | 003,402,376 | ---- | M] (Electronic Arts) -- D:\Origin\Origin.exe PRC - [2012-05-09 05:04:54 | 001,240,048 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-03-07 01:15:13 | 000,134,920 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe PRC - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012-02-28 17:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-05-20 09:59:21 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Maciek\Desktop\OTL.exe MOD - [2012-05-16 20:43:00 | 018,604,544 | ---- | M] () -- D:\Origin\QtWebKit4.dll MOD - [2012-05-16 20:43:00 | 003,564,544 | ---- | M] () -- D:\Origin\QtXmlPatterns4.dll MOD - [2012-05-16 20:43:00 | 001,106,944 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\Origin\libeay32.dll MOD - [2012-05-16 20:43:00 | 000,413,184 | ---- | M] () -- D:\Origin\QtXml4.dll MOD - [2012-05-16 20:43:00 | 000,312,320 | ---- | M] () -- D:\Origin\imageformats\qtiff4.dll MOD - [2012-05-16 20:43:00 | 000,264,192 | ---- | M] () -- D:\Origin\imageformats\qmng4.dll MOD - [2012-05-16 20:43:00 | 000,237,568 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\Origin\ssleay32.dll MOD - [2012-05-16 20:43:00 | 000,211,456 | ---- | M] () -- D:\Origin\imageformats\qjpeg4.dll MOD - [2012-05-16 20:43:00 | 000,032,256 | ---- | M] () -- D:\Origin\imageformats\qico4.dll MOD - [2012-05-16 20:43:00 | 000,028,672 | ---- | M] () -- D:\Origin\imageformats\qgif4.dll MOD - [2012-05-16 20:42:59 | 029,974,664 | ---- | M] (Electronic Arts) -- D:\Origin\OriginClient.dll MOD - [2012-05-16 20:42:59 | 009,440,256 | ---- | M] () -- D:\Origin\QtGui4.dll MOD - [2012-05-16 20:42:59 | 003,402,376 | ---- | M] (Electronic Arts) -- D:\Origin\Origin.exe MOD - [2012-05-16 20:42:59 | 002,694,144 | ---- | M] () -- D:\Origin\QtCore4.dll MOD - [2012-05-16 20:42:59 | 001,152,512 | ---- | M] () -- D:\Origin\QtNetwork4.dll MOD - [2012-05-16 20:42:58 | 006,835,344 | ---- | M] (Electronic Arts) -- D:\Origin\IGO32.dll MOD - [2012-05-15 16:14:52 | 000,040,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12052000\uiext.dll MOD - [2012-05-09 05:04:54 | 001,240,048 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe MOD - [2012-05-09 05:04:52 | 000,441,840 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll MOD - [2012-05-09 05:04:51 | 003,921,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll MOD - [2012-05-09 05:03:36 | 000,553,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libglesv2.dll MOD - [2012-05-09 05:03:35 | 000,117,744 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libegl.dll MOD - [2012-05-09 05:03:34 | 009,962,480 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\icudt.dll MOD - [2012-05-09 05:03:28 | 035,876,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\chrome.dll MOD - [2012-05-09 05:03:25 | 000,134,656 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avutil-51.dll MOD - [2012-05-09 05:03:24 | 000,250,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avformat-54.dll MOD - [2012-05-09 05:03:23 | 002,375,680 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avcodec-54.dll MOD - [2012-04-27 07:12:11 | 000,120,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll MOD - [2012-04-21 06:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll MOD - [2012-04-11 16:25:07 | 004,470,432 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll MOD - [2012-04-07 21:34:15 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll MOD - [2012-04-07 21:34:14 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2012-04-07 21:34:14 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MOD - [2012-03-07 01:15:28 | 000,228,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll MOD - [2012-03-07 01:15:28 | 000,095,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll MOD - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe MOD - [2012-03-07 01:15:15 | 004,675,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll MOD - [2012-03-07 01:15:13 | 000,215,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2012-03-07 01:15:10 | 000,399,088 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll MOD - [2012-03-07 01:15:10 | 000,214,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll MOD - [2012-03-07 01:15:10 | 000,027,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll MOD - [2012-03-07 01:15:09 | 000,217,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll MOD - [2012-03-07 01:15:08 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll MOD - [2012-03-07 01:15:07 | 000,337,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll MOD - [2012-03-07 01:15:07 | 000,184,872 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll MOD - [2012-03-07 01:15:07 | 000,164,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll MOD - [2012-03-07 01:15:07 | 000,153,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll MOD - [2012-03-07 01:15:07 | 000,098,864 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll MOD - [2012-03-07 01:15:07 | 000,050,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll MOD - [2012-03-07 01:15:06 | 000,406,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll MOD - [2012-03-07 01:15:06 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll MOD - [2012-03-07 01:15:04 | 000,042,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwRpc.dll MOD - [2012-03-07 01:15:03 | 000,345,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll MOD - [2012-03-07 01:15:03 | 000,164,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCoreClient.dll MOD - [2012-03-07 01:15:03 | 000,096,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll MOD - [2012-03-07 01:15:03 | 000,035,528 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCore.dll MOD - [2012-03-07 01:15:03 | 000,034,992 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwGeoIP.dll MOD - [2012-03-02 11:48:28 | 004,280,992 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Toolbars\Shared\SkypePnr.dll MOD - [2012-03-01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2012-03-01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll MOD - [2012-03-01 02:02:00 | 015,009,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll MOD - [2012-02-28 17:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe MOD - [2012-02-28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll MOD - [2012-02-28 03:12:01 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2012-02-28 03:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2012-02-28 03:04:32 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2012-02-23 17:23:15 | 002,111,448 | ---- | M] (AVAST! Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll MOD - [2012-02-01 10:18:26 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Origin Games\Battlefield 3\Core\MSVCR100.dll MOD - [2012-02-01 10:18:26 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Origin Games\Battlefield 3\Core\MSVCP100.dll MOD - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe MOD - [2012-01-04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2012-01-04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2011-12-16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2011-11-17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2011-11-17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll MOD - [2011-11-17 07:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll MOD - [2011-11-17 07:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2011-11-17 07:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2011-07-16 06:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2011-07-16 06:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2011-06-16 06:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll MOD - [2011-05-24 12:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2011-05-24 12:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll MOD - [2011-05-24 12:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2010-11-20 14:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2010-11-20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll MOD - [2010-11-20 14:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll MOD - [2010-11-20 14:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2010-11-20 14:21:34 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2010-11-20 14:21:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sqmapi.dll MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2010-11-20 14:21:03 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll MOD - [2010-11-20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2010-11-20 14:19:33 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010-11-20 14:19:05 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll MOD - [2010-11-20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll MOD - [2010-11-20 14:19:01 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll MOD - [2010-11-20 14:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2010-11-20 14:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2010-11-20 14:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv MOD - [2010-11-20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2010-11-20 14:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2010-11-20 14:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2010-11-20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-05-26 11:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DCompiler_43.dll MOD - [2010-05-26 11:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DX9_43.dll MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009-07-14 03:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009-07-14 03:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll MOD - [2009-07-14 03:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PeerDist.dll MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll MOD - [2009-07-14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll MOD - [2009-07-14 03:15:46 | 002,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll MOD - [2009-07-14 03:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll MOD - [2009-07-14 03:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll MOD - [2009-07-14 03:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll MOD - [2009-07-14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll MOD - [2009-07-14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll MOD - [2009-07-14 03:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 03:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWOW64\l3codeca.acm MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll MOD - [2009-07-14 03:05:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icmp.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2012-03-07 01:15:13 | 000,134,920 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-05-19 22:34:46 | 000,283,304 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB) SRV - [2012-05-17 12:47:51 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-02-28 17:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-02-14 18:55:04 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R) SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-04-07 16:26:50 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2012-03-07 01:04:31 | 000,141,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW) DRV:[b]64bit:[/b] - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2012-03-07 01:03:29 | 000,258,904 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2) DRV:[b]64bit:[/b] - [2012-03-07 01:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd) DRV:[b]64bit:[/b] - [2012-03-07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-23 16:54:51 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis) DRV:[b]64bit:[/b] - [2012-02-14 18:47:38 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2012-01-17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2011-07-13 13:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol) DRV:[b]64bit:[/b] - [2011-07-13 13:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp) DRV:[b]64bit:[/b] - [2011-06-10 08:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-04-08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:[b]64bit:[/b] - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3072253 IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A} IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\SearchScopes\{1CF28E44-71E2-4F49-9B56-28F2F8A987D0}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-04-07 14:57:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-07 17:22:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-04-16 18:58:46 | 000,000,000 | ---D | M] [2012-04-07 15:30:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maciek\AppData\Roaming\mozilla\Extensions [2012-05-02 11:10:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maciek\AppData\Roaming\mozilla\Firefox\Profiles\3l1olj9a.default\extensions [2012-04-25 19:13:28 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Maciek\AppData\Roaming\mozilla\Firefox\Profiles\3l1olj9a.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} [2012-04-07 23:00:55 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Maciek\AppData\Roaming\mozilla\Firefox\Profiles\3l1olj9a.default\extensions\ffxtlbr@Facemoods.com [2012-04-07 22:52:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012-04-07 22:52:25 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-04-16 18:14:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-04-07 15:32:07 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-04-16 18:14:46 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012-04-07 15:32:04 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-04-07 15:32:04 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2010-12-13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml [2012-04-07 15:32:04 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-04-07 15:32:04 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-04-07 15:32:04 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-04-07 15:32:04 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: YouTube = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\ CHR - Extension: Skype Click to Call = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\ CHR - Extension: Gmail = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO) O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com) O3 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000..\Run: [EADM] D:\Origin\Origin.exe (Electronic Arts) O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDFE84E1-D405-43C1-B049-F795ADE67950}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-03-28 22:09:19 | 000,131,720 | R--- | M] (InstallShield Software Corporation) - E:\autorun.exe -- [ UDF ] O32 - AutoRun File - [2008-02-22 18:08:27 | 000,058,601 | R--- | M] () - E:\autorun.ico -- [ UDF ] O32 - AutoRun File - [2008-02-22 18:08:27 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2008-02-22 18:08:44 | 000,000,382 | R--- | M] () - E:\autorun.ini -- [ UDF ] O32 - AutoRun File - [2009-10-26 18:45:39 | 000,779,496 | R--- | M] (BioWare) - G:\autorun.exe -- [ UDF ] O32 - AutoRun File - [2009-10-26 23:21:41 | 000,000,054 | R--- | M] () - G:\autorun.inf -- [ UDF ] O33 - MountPoints2\{37be76c0-80c4-11e1-87ed-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{37be76c0-80c4-11e1-87ed-806e6f6e6963}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2009-10-26 18:45:39 | 000,779,496 | R--- | M] (BioWare) O33 - MountPoints2\{f13dbdcb-809f-11e1-95d5-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{f13dbdcb-809f-11e1-95d5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2008-03-28 22:09:19 | 000,131,720 | R--- | M] (InstallShield Software Corporation) O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpReg: [b]facemoods[/b] - hkey= - key= - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com) MsConfig:64bit - StartUpReg: [b]LogMeIn Hamachi Ui[/b] - hkey= - key= - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-05-20 09:59:13 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Maciek\Desktop\OTL.exe [2012-05-17 12:43:19 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\PunkBuster [2012-05-17 12:43:13 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Battlefield 3 [2012-05-17 12:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins [2012-05-17 01:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3 [2012-05-17 01:11:22 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller [2012-05-16 20:43:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games [2012-05-16 20:43:03 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Origin [2012-05-16 20:42:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2012-05-12 09:06:32 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\ME2 ENG [2012-05-12 09:01:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2012-05-12 09:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2 [2012-05-09 21:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012-05-09 21:34:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012-05-09 21:34:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012-05-07 19:44:06 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\Music [2012-04-28 09:12:02 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Nero [2012-04-22 21:52:02 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Diablo III [2012-04-22 20:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Beta [2012-04-22 20:36:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [2012-04-22 14:47:10 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\mama [2012-04-17 16:24:32 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\GRY BABCI [2012-04-16 19:22:53 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\.minecraft [2012-04-16 18:14:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012-04-16 18:14:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012-04-15 16:43:33 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft Games [2012-04-15 16:38:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games [2012-04-15 16:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games [2012-04-14 19:08:16 | 000,000,000 | ---D | C] -- C:\Users\Maciek\riotsGamesLogs [2012-04-14 19:08:01 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\LolClient [2012-04-14 14:27:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2012-04-14 08:55:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012-04-14 08:40:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2012-04-13 16:05:05 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Ubisoft [2012-04-13 16:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2012-04-13 15:45:23 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\InstallShield [2012-04-12 21:13:15 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2012-04-12 21:13:10 | 000,000,000 | ---D | C] -- C:\Fraps [2012-04-11 20:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\GG [2012-04-11 17:15:10 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Rockstar Games [2012-04-11 17:14:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2012-04-11 16:50:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012-04-11 16:27:47 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012-04-11 16:24:43 | 000,000,000 | RH-D | C] -- C:\Users\Maciek\AppData\Roaming\SecuROM [2012-04-11 15:35:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-04-11 14:57:45 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2012-04-11 14:54:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2012-04-11 14:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2012-04-11 13:57:34 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Rockstar Games [2012-04-11 13:57:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2012-04-10 20:08:37 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys [2012-04-10 20:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012-04-10 20:08:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2012-04-10 15:00:41 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Media Player Classic [2012-04-09 23:29:57 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\NVIDIA [2012-04-09 23:18:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\LogMeIn Hamachi [2012-04-09 20:42:25 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\PMB Files [2012-04-09 20:42:24 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2012-04-09 20:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2012-04-08 22:45:31 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Skyrim [2012-04-08 22:45:31 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\My Games [2012-04-08 22:36:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911 [2012-04-08 21:44:01 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\BioWare [2012-04-08 21:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs [2012-04-08 21:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect [2012-04-08 21:41:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare [2012-04-08 17:53:03 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Microsoft Games [2012-04-08 15:51:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit [2012-04-08 15:51:54 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Conduit [2012-04-08 15:51:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrentControl2 [2012-04-08 15:51:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent [2012-04-08 15:51:19 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\uTorrent [2012-04-08 11:41:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\ToD [2012-04-08 11:40:09 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ToD Team [2012-04-08 11:39:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Deployment [2012-04-08 11:39:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Apps [2012-04-08 11:04:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2012-04-08 11:04:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment [2012-04-08 10:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft [2012-04-08 10:45:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2012-04-08 10:45:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard [2012-04-08 09:41:00 | 000,000,000 | --SD | C] -- C:\Users\Maciek\GG dysk [2012-04-08 09:38:08 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\GG [2012-04-08 09:38:07 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG [2012-04-08 09:38:04 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\GG [2012-04-08 00:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saints Row The Third [2012-04-08 00:55:13 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012-04-08 00:44:39 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Syndicate [2012-04-07 23:58:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\SKIDROW [2012-04-07 23:58:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\DarknessII [2012-04-07 23:55:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2k Games [2012-04-07 23:34:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2012-04-07 23:34:03 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Origin [2012-04-07 23:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2012-04-07 23:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs [2012-04-07 23:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2012-04-07 23:05:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab [2012-04-07 23:05:26 | 000,000,000 | ---D | C] -- C:\Users\Maciek\SystemRequirementsLab [2012-04-07 23:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader [2012-04-07 23:00:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\facemoods.com [2012-04-07 23:00:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2012-04-07 22:52:16 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Skype [2012-04-07 22:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-04-07 22:52:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012-04-07 22:52:03 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012-04-07 22:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012-04-07 22:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2012-04-07 22:43:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012-04-07 22:43:24 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012-04-07 22:43:24 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012-04-07 22:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012-04-07 22:42:46 | 000,000,000 | ---D | C] -- C:\NVIDIA [2012-04-07 22:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012-04-07 22:38:15 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2012-04-07 20:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero [2012-04-07 20:49:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2012-04-07 20:49:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2012-04-07 20:45:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero [2012-04-07 20:45:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012-04-07 20:07:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012-04-07 20:06:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012-04-07 20:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2012-04-07 20:05:40 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-04-07 20:05:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012-04-07 20:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2012-04-07 20:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2012-04-07 20:03:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2012-04-07 20:03:35 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Microsoft Help [2012-04-07 20:03:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012-04-07 20:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012-04-07 20:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2012-04-07 20:03:07 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012-04-07 20:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 [2012-04-07 20:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2012-04-07 18:50:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2012-04-07 18:50:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2012-04-07 17:27:05 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Alcohol 120% [2012-04-07 17:26:21 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\Obrazy [2012-04-07 17:25:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2012-04-07 17:25:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012-04-07 17:24:35 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2012-04-07 17:24:34 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2012-04-07 17:24:34 | 000,220,512 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll [2012-04-07 17:24:34 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2012-04-07 17:24:34 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2012-04-07 17:24:34 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2012-04-07 17:24:34 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll [2012-04-07 17:24:34 | 000,078,176 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll [2012-04-07 17:24:34 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2012-04-07 17:24:27 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2012-04-07 17:24:27 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2012-04-07 17:24:27 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2012-04-07 17:24:26 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2012-04-07 17:24:26 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2012-04-07 17:24:26 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2012-04-07 17:24:21 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2012-04-07 17:24:21 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2012-04-07 17:24:21 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2012-04-07 17:24:21 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2012-04-07 17:24:20 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2012-04-07 17:24:20 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2012-04-07 17:24:18 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll [2012-04-07 17:24:17 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2012-04-07 17:24:17 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2012-04-07 17:24:17 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2012-04-07 17:24:16 | 000,603,472 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll [2012-04-07 17:24:09 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2012-04-07 17:24:07 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2012-04-07 17:24:07 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2012-04-07 17:24:06 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2012-04-07 17:24:06 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2012-04-07 17:24:06 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2012-04-07 17:24:04 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2012-04-07 17:24:04 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2012-04-07 17:24:04 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2012-04-07 17:24:03 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2012-04-07 17:24:03 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2012-04-07 17:24:03 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2012-04-07 17:24:03 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2012-04-07 17:23:38 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2012-04-07 17:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012-04-07 17:22:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative [2012-04-07 17:22:39 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll [2012-04-07 17:22:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real Alternative [2012-04-07 17:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120% [2012-04-07 17:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft [2012-04-07 17:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime Alternative [2012-04-07 17:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012-04-07 17:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime Alternative [2012-04-07 17:16:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2012-04-07 17:16:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack [2012-04-07 17:01:38 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll [2012-04-07 17:01:05 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll [2012-04-07 16:40:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012-04-07 16:39:21 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-07 16:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-07 16:38:37 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\WinRAR [2012-04-07 16:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2012-04-07 16:15:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2012-04-07 16:15:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2012-04-07 15:43:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe [2012-04-07 15:42:45 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-04-07 15:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012-04-07 15:41:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2012-04-07 15:41:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012-04-07 15:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012-04-07 15:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2012-04-07 15:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012-04-07 15:40:40 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Macromedia [2012-04-07 15:40:40 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Adobe [2012-04-07 15:40:40 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Adobe [2012-04-07 15:38:21 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\Programy [2012-04-07 15:32:33 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Google [2012-04-07 15:30:44 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Mozilla [2012-04-07 15:30:44 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Mozilla [2012-04-07 15:30:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012-04-07 14:41:51 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012-04-07 14:41:51 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012-04-07 14:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security [2012-04-07 14:41:50 | 000,141,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys [2012-04-07 14:41:41 | 000,258,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys [2012-04-07 14:41:41 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012-04-07 14:41:41 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2012-04-07 14:41:41 | 000,028,504 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys [2012-04-07 14:41:40 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012-04-07 14:41:38 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012-04-07 14:41:37 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012-04-07 14:41:21 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012-04-07 14:41:18 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys [2012-04-07 14:41:15 | 000,539,240 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2012-04-07 14:41:10 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012-04-07 14:41:10 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012-04-07 14:41:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2012-04-07 14:41:08 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012-04-07 14:40:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012-04-07 14:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012-04-07 13:53:04 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012-04-07 13:52:50 | 000,000,000 | -HSD | C] -- C:\Boot [2012-04-07 13:48:25 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2012-04-07 13:48:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2012-04-07 13:01:51 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012-04-07 13:00:40 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-04-07 13:00:40 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Searches [2012-04-07 13:00:40 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-04-07 13:00:27 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Identities [2012-04-07 13:00:19 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Contacts [2012-04-07 13:00:15 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\VirtualStore [2012-04-07 12:59:58 | 000,000,000 | --SD | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft [2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Favorites [2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Downloads [2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Documents [2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Desktop [2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Ustawienia lokalne [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\AppData\Local\Temporary Internet Files [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Szablony [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\SendTo [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Recent [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\PrintHood [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\NetHood [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Documents\Moje wideo [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Documents\Moje obrazy [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Moje dokumenty [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Documents\Moja muzyka [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Menu Start [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\AppData\Local\Historia [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Dane aplikacji [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\AppData\Local\Dane aplikacji [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Cookies [2012-04-07 12:59:58 | 000,000,000 | -H-D | C] -- C:\Users\Maciek\AppData [2012-04-07 12:59:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Temp [2012-04-07 12:59:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Microsoft [2012-04-07 12:59:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Media Center Programs [2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Videos [2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Saved Games [2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Pictures [2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Music [2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Links [2012-04-07 12:59:49 | 000,000,000 | -HSD | C] -- C:\Recovery [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2012-04-07 12:54:05 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012-04-07 12:53:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-05-20 10:04:16 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-05-20 10:04:16 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-05-20 09:59:21 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Maciek\Desktop\OTL.exe [2012-05-20 09:59:17 | 000,781,383 | ---- | M] () -- C:\Users\Maciek\Desktop\RSIT.exe [2012-05-20 09:49:25 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-05-20 09:48:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-05-19 23:32:54 | 000,067,994 | ---- | M] () -- C:\Users\Maciek\Desktop\Przechwytywanie.PNG [2012-05-19 22:34:46 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012-05-19 22:34:46 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-05-19 22:34:30 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012-05-19 21:59:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-05-19 21:52:12 | 001,672,256 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-05-19 21:52:12 | 000,741,328 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-05-19 21:52:12 | 000,655,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-05-19 21:52:12 | 000,155,924 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-05-19 21:52:12 | 000,121,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-05-19 21:45:32 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-05-19 21:45:16 | 3207,315,456 | -HS- | M] () -- C:\hiberfil.sys [2012-05-19 21:43:00 | 000,319,589 | ---- | M] () -- C:\Users\Maciek\Desktop\Film0109.mp4 [2012-05-17 12:47:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012-05-17 01:11:24 | 000,001,180 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [2012-05-16 20:42:13 | 000,000,536 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk [2012-05-12 09:04:30 | 000,001,224 | ---- | M] () -- C:\Users\Maciek\Documents\ax_files.xml [2012-05-09 19:50:56 | 000,415,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-05-07 07:39:49 | 000,532,538 | ---- | M] () -- C:\Users\Maciek\Desktop\forum13_14.pdf [2012-04-25 20:01:16 | 001,638,614 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-04-24 08:53:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01007.Wdf [2012-04-11 17:12:29 | 375,767,249 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012-04-11 14:57:45 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2012-04-07 17:23:24 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini [2012-04-07 17:22:43 | 000,026,782 | ---- | M] () -- C:\Windows\Ascd_tmp.ini [2012-04-07 16:26:50 | 000,530,488 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys [2012-04-07 15:38:15 | 000,000,351 | ---- | M] () -- C:\Users\Maciek\Desktop\Gry.lnk [2012-04-07 15:32:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012-04-07 15:32:02 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012-04-07 14:57:57 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012-04-07 13:52:52 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-04-07 13:20:24 | 000,407,946 | RHS- | M] () -- C:\SFVXZ [2012-04-07 13:19:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-07 12:57:25 | 000,067,908 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012-04-07 12:57:25 | 000,067,908 | ---- | M] () -- C:\Windows\SysNative\license.rtf [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-05-20 09:58:47 | 000,781,383 | ---- | C] () -- C:\Users\Maciek\Desktop\RSIT.exe [2012-05-19 23:32:54 | 000,067,994 | ---- | C] () -- C:\Users\Maciek\Desktop\Przechwytywanie.PNG [2012-05-19 22:00:21 | 000,319,589 | ---- | C] () -- C:\Users\Maciek\Desktop\Film0109.mp4 [2012-05-19 21:59:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-05-17 12:43:24 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012-05-17 01:11:24 | 000,001,180 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [2012-05-17 01:10:39 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-05-17 01:10:39 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012-05-17 01:10:35 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012-05-16 20:42:13 | 000,000,536 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk [2012-05-07 07:40:59 | 000,532,538 | ---- | C] () -- C:\Users\Maciek\Desktop\forum13_14.pdf [2012-04-24 08:55:22 | 001,638,614 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-04-24 08:53:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01007.Wdf [2012-04-11 16:39:39 | 002,515,790 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin [2012-04-11 16:27:35 | 375,767,249 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012-04-11 15:34:51 | 000,001,060 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-11 15:34:50 | 000,001,056 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-07 22:43:24 | 000,011,770 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2012-04-07 17:23:58 | 000,001,224 | ---- | C] () -- C:\Users\Maciek\Documents\ax_files.xml [2012-04-07 17:03:00 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe [2012-04-07 17:02:47 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd [2012-04-07 17:00:35 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml [2012-04-07 17:00:16 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml [2012-04-07 17:00:16 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml [2012-04-07 16:58:37 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc [2012-04-07 16:58:37 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml [2012-04-07 16:41:10 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012-04-07 16:26:50 | 000,530,488 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys [2012-04-07 15:38:15 | 000,000,351 | ---- | C] () -- C:\Users\Maciek\Desktop\Gry.lnk [2012-04-07 15:32:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012-04-07 15:32:02 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012-04-07 15:30:41 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012-04-07 14:41:38 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2012-04-07 14:41:15 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2012-04-07 13:52:52 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2012-04-07 13:52:51 | 000,383,786 | RHS- | C] () -- C:\bootmgr [2012-04-07 13:47:45 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012-04-07 13:47:39 | 000,026,782 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2012-04-07 13:20:24 | 000,407,946 | RHS- | C] () -- C:\SFVXZ [2012-04-07 13:19:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-07 13:00:50 | 000,001,427 | ---- | C] () -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012-04-07 13:00:42 | 000,001,461 | ---- | C] () -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012-04-07 12:57:17 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012-04-07 12:57:11 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012-04-07 12:53:47 | 3207,315,456 | -HS- | C] () -- C:\hiberfil.sys [2012-02-29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012-02-14 18:47:06 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012-02-14 18:47:06 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012-02-14 18:47:06 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2012-02-14 18:44:24 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012-02-14 17:59:56 | 013,209,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [color=#E56717]========== LOP Check ==========[/color] [2012-04-21 22:31:06 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\.minecraft [2012-04-14 19:06:36 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\DarknessII [2012-05-19 22:01:50 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\GG [2012-04-14 19:08:01 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\LolClient [2012-04-07 23:34:43 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\Origin [2012-04-08 11:43:38 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\ToD [2012-04-13 16:05:05 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\Ubisoft [2012-05-14 17:46:48 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\uTorrent [2012-05-07 19:37:15 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-11-20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2012-04-07 13:52:52 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-05-19 21:45:16 | 3207,315,456 | -HS- | M] () -- C:\hiberfil.sys [2012-05-19 21:45:18 | 4276,424,704 | -HS- | M] () -- C:\pagefile.sys [2012-04-07 13:20:24 | 000,407,946 | RHS- | M] () -- C:\SFVXZ [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2010-11-20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010-11-20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010-11-20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2010-11-20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys [2010-11-20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010-11-20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010-11-20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe < End of report >[/log] [log]Logfile of random's system information tool 1.09 (written by random/random) Run by Maciek at 2012-05-20 10:13:13 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 3 GB (3%) free of 110 GB Total RAM: 4078 MB (52% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:14:22, on 2012-05-20 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe D:\Origin\Origin.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Maciek\Desktop\OTL.exe C:\Users\Maciek\Desktop\RSIT.exe C:\Program Files (x86)\trend micro\Maciek.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3072253 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [EADM] "D:\Origin\Origin.exe" -AutoStart O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-21-2626984496-4133979409-3266373985-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2626984496-4133979409-3266373985-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10400 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job =========Mozilla firefox========= ProfilePath - C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\3l1olj9a.default prefs.js - "browser.startup.homepage" - "http://www.google.pl/" prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=" "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 10.1 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4] "Description"=ESN Sonar browser plugin "Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.118.0] "Description"= "Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] "Description"=Picasa3 plugin "Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] "Description"=This plugin detects and launches Pando Media Booster "Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450] "Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In "Path"=C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448] "Description"=6.0.12.448 "Path"=C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=] "Description"= "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} {972ce4c6-7e08-4474-a285-3208198ce6fd} {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} C:\Program Files (x86)\Mozilla Firefox\components\ binary.manifest browsercomps.dll nppl3260.xpt nsIQTScriptablePlugin.xpt nsJSRealPlayerPlugin.xpt C:\Program Files (x86)\Mozilla Firefox\plugins\ np-mswmp.dll npdeployJava1.dll nppdf32.dll nppl3260.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll npqtplugin6.dll nprpjplug.dll QuickTimePlugin.class WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Program Files (x86)\Mozilla Firefox\searchplugins\ allegro-pl.xml fbc-pl.xml fcmdSrchddr.xml google.xml merlin-pl.xml pwn-pl.xml wikipedia-pl.xml wp-pl.xml C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\3l1olj9a.default\extensions\ ffxtlbr@Facemoods.com {687578b9-7132-4a7a-80e4-30ee31099e03} C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\3l1olj9a.default\searchplugins\ conduit.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}] CescrtHlpr Object - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll [2010-10-26 262144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}] uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-04-16 325408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02 4296864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-04-16 42272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704] {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll [2010-10-26 217088] {687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120] "OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2011-07-21 910208] "EADM"=D:\Origin\Origin.exe [2012-05-16 3402376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "VIDC.FPS1"=frapsvid.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2012-05-20 10:13:16 ----D---- C:\Program Files (x86)\trend micro 2012-05-20 10:13:13 ----D---- C:\rsit 2012-05-17 12:42:41 ----D---- C:\Program Files (x86)\Battlelog Web Plugins 2012-05-17 01:11:22 ----HD---- C:\Program Files (x86)\Common Files\EAInstaller 2012-05-17 01:10:39 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe 2012-05-17 01:10:35 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe 2012-05-16 20:43:03 ----D---- C:\Program Files (x86)\Origin Games 2012-05-12 09:01:55 ----D---- C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP 2012-05-12 09:01:51 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2012-05-09 21:34:25 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2012-05-09 19:08:17 ----A---- C:\Windows\SysWOW64\DWrite.dll 2012-05-09 19:08:11 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe 2012-05-09 19:08:11 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe 2012-04-28 09:12:02 ----D---- C:\Users\Maciek\AppData\Roaming\Nero 2012-04-24 08:55:22 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI 2012-04-22 20:36:06 ----D---- C:\ProgramData\Battle.net ======List of files/folders modified in the last 1 month====== 2012-05-20 10:13:45 ----D---- C:\Windows\Temp 2012-05-20 10:13:16 ----RD---- C:\Program Files (x86) 2012-05-20 10:12:31 ----D---- C:\Windows\Prefetch 2012-05-19 22:34:51 ----D---- C:\Windows\SysWOW64 2012-05-19 22:01:50 ----D---- C:\Users\Maciek\AppData\Roaming\GG 2012-05-19 21:59:29 ----D---- C:\Windows\System32 2012-05-19 21:52:12 ----D---- C:\Windows\inf 2012-05-19 21:45:21 ----D---- C:\ProgramData\NVIDIA 2012-05-19 21:35:41 ----D---- C:\Users\Maciek\AppData\Roaming\Skype 2012-05-19 13:48:25 ----D---- C:\Program Files (x86)\Mozilla Firefox 2012-05-17 15:04:03 ----D---- C:\ProgramData\EA Logs 2012-05-17 12:41:23 ----D---- C:\ProgramData\Electronic Arts 2012-05-17 12:41:14 ----D---- C:\ProgramData\Origin 2012-05-17 01:11:22 ----D---- C:\Program Files (x86)\Common Files 2012-05-17 01:10:01 ----RSD---- C:\Windows\assembly 2012-05-14 17:46:48 ----D---- C:\Users\Maciek\AppData\Roaming\uTorrent 2012-05-12 20:41:59 ----D---- C:\Windows\LiveKernelReports 2012-05-12 09:01:55 ----SHD---- C:\Windows\Installer 2012-05-12 09:01:55 ----D---- C:\Windows 2012-05-12 09:01:44 ----D---- C:\Program Files (x86)\Common Files\BioWare 2012-05-10 07:53:46 ----D---- C:\Windows\Microsoft.NET 2012-05-09 21:34:25 ----RD---- C:\Program Files 2012-05-09 19:51:13 ----D---- C:\Windows\winsxs 2012-05-09 19:15:45 ----D---- C:\ProgramData\Microsoft Help 2012-04-28 09:15:02 ----D---- C:\Program Files (x86)\JDownloader 2012-04-25 16:56:00 ----SD---- C:\Users\Maciek\AppData\Roaming\Microsoft 2012-04-24 08:55:54 ----D---- C:\Windows\SysWOW64\pl-PL 2012-04-22 21:52:02 ----D---- C:\ProgramData\Blizzard Entertainment 2012-04-22 20:38:17 ----D---- C:\Program Files (x86)\Common Files\Blizzard Entertainment 2012-04-22 20:36:06 ----HD---- C:\ProgramData 2012-04-21 22:31:06 ----D---- C:\Users\Maciek\AppData\Roaming\.minecraft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [] R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\SysWOW64\drivers\aswNdis2.sys [] R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [] R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [] R1 aswFW;avast! TDI Firewall driver; C:\Windows\SysWOW64\drivers\aswFW.sys [] R1 aswKbd;aswKbd; C:\Windows\SysWOW64\drivers\aswKbd.sys [] R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [] R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [] S3 akzfpaj8;akzfpaj8; C:\Windows\SysWOW64\drivers\akzfpaj8.sys [] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] S3 xnacc;Usługa sterownika kontrolera konsoli XBOX 360 dla systemu Windows; C:\Windows\system32\DRIVERS\xnacc.sys [] S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768] R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-03-07 134920] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-05-17 76888] R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2012-05-19 283304] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-11 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 aspnet_state;„Usługa stanu ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-14 276248] S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-11 136176] S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------[/log] [log]info.txt logfile of random's system information tool 1.09 2012-05-20 10:14:28 ======Uninstall list====== -->MsiExec /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9} µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{47FA2C44-D148-4DBC-AF60-B91934AA4842} Adobe Reader X (10.1.3) - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-AA1000000001} Adobe Shockwave Player 11.6-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe" Assassin's Creed-->C:\Program Files (x86)\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x0015 -removeonly avast! Internet Security-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup Battlefield 3™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe Crysis® 2-->MsiExec.exe /X{6033673D-2530-4587-8AD0-EB059FC263F9} Diablo III Beta-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\Diablo III Beta\Uninstall.exe ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe facemoods-->"C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\uninstall.exe" Fraps (remove only)-->"C:\Fraps\uninstall.exe" Gears of War - spolszczenie-->C:\Program Files (x86)\Microsoft Games\Gears of War\Uninstal.exe Gears of War-->C:\Program Files (x86)\InstallShield Installation Information\{1170D24F-42B7-40CF-AA1B-6395CE562354}\setup.exe -runfromtemp -l0x0409 Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} High-Definition Video Playback-->MsiExec.exe /X{9193490D-5229-4FC4-9BB9-A6D63C09574A} Java(TM) 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF} JDownloader-->C:\Program Files (x86)\JDownloader\uninstall.exe K-Lite Codec Pack 8.4.0 (Full)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe" League of Legends-->"C:\Program Files (x86)\InstallShield Installation Information\{918A9082-6287-4D25-9002-5E5D5E4971CB}\setup.exe" -runfromtemp -l0x0415 -removeonly LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {E2494AD8-314D-44F8-B39C-4358A60DC184} REMOVE=ALL LogMeIn Hamachi-->MsiExec.exe /I{E2494AD8-314D-44F8-B39C-4358A60DC184} Mass Effect 2-->C:\Program Files (x86)\Common Files\BioWare\Uninstall Mass Effect 2.exe Mass Effect-->C:\Program Files (x86)\Common Files\BioWare\Uninstall Mass Effect.exe Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{59E4543A-D49D-4489-B445-473D763C79AF} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Mozilla Firefox 11.0 (x86 pl)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe Nero 11 Cliparts-->MsiExec.exe /X{B160A672-F326-4414-9BB0-A056C61B357C} Nero 11 Disc Menus 1-->MsiExec.exe /X{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8} Nero 11 Disc Menus 2-->MsiExec.exe /X{7DF2B5EE-2C16-4E86-9C71-8678068AD805} Nero 11 Disc Menus 3-->MsiExec.exe /X{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382} Nero 11 Disc Menus Basic-->MsiExec.exe /X{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD} Nero 11 Effects Basic-->MsiExec.exe /X{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22} Nero 11 Image Samples-->MsiExec.exe /X{F3743A2C-5D5F-4456-8F98-5DF36A954C50} Nero 11 Kwik Themes 1-->MsiExec.exe /X{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574} Nero 11 Kwik Themes 2-->MsiExec.exe /X{A4F6BE36-4826-45BA-A396-04F265A3B61D} Nero 11 Kwik Themes 3-->MsiExec.exe /X{BA499CC0-12C0-4BA5-9007-76844B721158} Nero 11 Kwik Themes 4-->MsiExec.exe /X{ACD6B383-EC5B-4000-A455-CCB308B447FE} Nero 11 Kwik Themes Basic-->MsiExec.exe /X{5A212B2D-140D-46F4-B625-2D1CA5A00594} Nero 11 PiP Effects 1-->MsiExec.exe /X{3B418709-D688-4E3A-BE0E-7D71FA84C948} Nero 11 PiP Effects Basic-->MsiExec.exe /X{2CA7225D-CB12-462A-9DD1-50319E158BA5} Nero 11 Video Samples-->MsiExec.exe /X{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9} Nero 11 Video Transitions 1-->MsiExec.exe /X{4382FC76-8100-4951-8658-31834E625E88} Nero 11-->MsiExec.exe /I{8A7ABBD4-A617-4AE8-9C6D-1510DE46EC35} Nero Audio Pack 1-->MsiExec.exe /X{A7A0BF2E-31CC-49E3-9913-52C503EB969D} Nero BackItUp 11 Help (CHM)-->MsiExec.exe /X{6AB2427E-A18F-4809-9A12-29F5EBABBB3A} Nero Burning ROM 11 Help (CHM)-->MsiExec.exe /X{53F7746A-96AA-49A5-86B8-59989680DAC5} Nero Burning ROM 11-->MsiExec.exe /X{B1846721-A8E6-46C7-83B6-0DCF7ADB4267} Nero ControlCenter 11 Help (CHM)-->MsiExec.exe /X{D4D66270-9147-4BDF-9946-FCA2B303AA8F} Nero ControlCenter 11-->MsiExec.exe /X{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51} Nero Core Components 11-->MsiExec.exe /X{BEBEE34D-84A2-4EDD-8BEA-96CC54371263} Nero CoverDesigner 11 Help (CHM)-->MsiExec.exe /X{55C2143E-FBA5-442F-9AFA-726FF068F39D} Nero CoverDesigner 11-->MsiExec.exe /X{FF44BCE5-5A18-4051-85F0-BC172D7B4695} Nero Express 11 Help (CHM)-->MsiExec.exe /X{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC} Nero Express 11-->MsiExec.exe /X{E10AAE4A-98B8-420A-BD93-E0520C23D624} Nero Kwik Media Help (CHM)-->MsiExec.exe /X{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B} Nero Recode 11 Help (CHM)-->MsiExec.exe /X{57F80ECF-E27C-4EEE-AB58-E971BACE2639} Nero Recode 11-->MsiExec.exe /X{F69FB940-5031-4FE8-AFAD-085802D0BF63} Nero RescueAgent 11 Help (CHM)-->MsiExec.exe /X{D01CE99A-8802-483C-A79F-298B691EB432} Nero SoundTrax 11 Help (CHM)-->MsiExec.exe /X{390757AA-8830-43DC-AEE0-4E5B6F8439EB} Nero Video 11 Help (CHM)-->MsiExec.exe /X{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09} Nero Video 11-->MsiExec.exe /X{0D7A4289-99CF-4B8D-B812-86BE50A54552} Nero WaveEditor 11 Help (CHM)-->MsiExec.exe /X{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44} Nero WaveEditor 11-->MsiExec.exe /X{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE} NVIDIA PhysX-->MsiExec.exe /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9} NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask Origin-->D:\Origin\OriginUninstall.exe Pando Media Booster-->C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe" PunkBuster Services-->C:\Program Files (x86)\Origin Games\Battlefield 3\pbsvc.exe -u QuickTime Alternative 3.2.2-->"C:\Program Files (x86)\QuickTime Alternative\unins000.exe" Real Alternative 2.0.2-->"C:\Program Files (x86)\Real Alternative\unins000.exe" Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly Rockstar Games Social Club-->"C:\Program Files (x86)\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly Saints Row The Third version 1.0-->"D:\Gry\Saints Row\Saints Row The Third\unins000.exe" Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120} Skype™ 5.8-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8} Syndicate-->"D:\Gry\Syndicate 2012\Syndicate\unins000.exe" System Requirements Lab CYRI-->MsiExec.exe /I{943A8D28-80D6-41DC-AE94-81FEB42041BF} The Darkness II-->"D:\Gry\The Darkness II\The Darkness II\unins000.exe" Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended Update for Microsoft .NET Framework 4 Extended (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended Update for Microsoft .NET Framework 4 Extended (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended uTorrentControl2 Toolbar-->C:\Program Files (x86)\uTorrentControl2\uninstall.exe toolbar welcome-->MsiExec.exe /X{CCE210DF-7EEF-4A76-A63C-3EB091FDB992} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} World of Warcraft-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe ======System event log====== Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Cryptographic Services weszła w stan stopped. Record Number: 5 Source Name: Service Control Manager Time Written: 20090714051424.262212-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Windows Modules Installer weszła w stan stopped. Record Number: 4 Source Name: Service Control Manager Time Written: 20090714051424.168612-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Software Protection weszła w stan stopped. Record Number: 3 Source Name: Service Control Manager Time Written: 20090714051424.059412-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Windows Event Log weszła w stan stopped. Record Number: 2 Source Name: Service Control Manager Time Written: 20090714051424.012612-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Volume Shadow Copy weszła w stan stopped. Record Number: 1 Source Name: Service Control Manager Time Written: 20090714051423.934612-000 Event Type: Informacje User: =====Application event log===== Computer Name: Maciek-PC Event Code: 2 Message: The NVIDIA OpenGL driver has encountered an out of memory error. This application might behave inconsistently and fail. Record Number: 3680799 Source Name: NVIDIA OpenGL Driver Time Written: 20120420170217.000000-000 Event Type: Ostrzeżenia User: Computer Name: Maciek-PC Event Code: 2 Message: The NVIDIA OpenGL driver has encountered an out of memory error. This application might behave inconsistently and fail. Record Number: 3680798 Source Name: NVIDIA OpenGL Driver Time Written: 20120420170217.000000-000 Event Type: Ostrzeżenia User: Computer Name: Maciek-PC Event Code: 2 Message: The NVIDIA OpenGL driver has encountered an out of memory error. This application might behave inconsistently and fail. Record Number: 3680797 Source Name: NVIDIA OpenGL Driver Time Written: 20120420170217.000000-000 Event Type: Ostrzeżenia User: Computer Name: Maciek-PC Event Code: 2 Message: The NVIDIA OpenGL driver has encountered an out of memory error. This application might behave inconsistently and fail. Record Number: 3680796 Source Name: NVIDIA OpenGL Driver Time Written: 20120420170217.000000-000 Event Type: Ostrzeżenia User: Computer Name: Maciek-PC Event Code: 2 Message: The NVIDIA OpenGL driver has encountered an out of memory error. This application might behave inconsistently and fail. Record Number: 3680795 Source Name: NVIDIA OpenGL Driver Time Written: 20120420170217.000000-000 Event Type: Ostrzeżenia User: =====Security event log===== Computer Name: 37L4247E29-32 Event Code: 4735 Message: Zmieniono grupę lokalną z włączonymi zabezpieczeniami. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: 37L4247E29-32$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Grupa: Identyfikator zabezpieczeń: S-1-5-32-551 Nazwa grupy: Operatorzy kopii zapasowych Domena grupy: Builtin Zmienione atrybuty: Nazwa konta SAM: - Historia identyfikatora SID: - Informacje dodatkowe: Uprawnienia: - Record Number: 5 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120407105403.506461-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4731 Message: Utworzono grupę lokalną z włączonymi zabezpieczeniami. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: 37L4247E29-32$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Nowa grupa: Identyfikator zabezpieczeń: S-1-5-32-551 Nazwa grupy: Operatorzy kopii zapasowych Domena grupy: Builtin Atrybuty: Nazwa konta SAM: Operatorzy kopii zapasowych Historia identyfikatora SID: - Informacje dodatkowe: Uprawnienia: - Record Number: 4 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120407105403.506461-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4902 Message: Utworzono tabelę zasad inspekcji użytkownika. Liczba elementów: 0 Identyfikator zasad: 0x30140 Record Number: 3 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120407105403.178860-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-0-0 Nazwa konta: - Domena konta: - Identyfikator logowania: 0x0 Typ logowania: 0 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x4 Nazwa procesu: Informacje o sieci: Nazwa stacji roboczej: - Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: - Pakiet uwierzytelniania: - Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 2 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120407105401.228857-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4608 Message: Trwa uruchamianie systemu Windows. To zdarzenie jest rejestrowane w momencie uruchamiania programu LSASS.EXE i inicjowania podsystemu inspekcji. Record Number: 1 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120407105401.150857-000 Event Type: Sukcesy inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\QuickTime Alternative\QTSystem "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=2a07 "RGSCLauncher"=D:\Gry\GTA IV\Rockstar Games Social Club "RGSC"=D:\Gry\GTA IV\Rockstar Games Social Club\1_0_0_0 -----------------EOF-----------------[/log] Wybaczcie jeżeli źle to wstawiłem. Dzięki z góry za pomoc
Igorrodz komentarz 20 maja 2012 komentarz 20 maja 2012 Brakuje jeszcze loga [b]Extras [/b]z OTL. Wykonaj.[quote name='Kaaas' timestamp='1337501197' post='1504068'] Otóż przy instalowaniu sterów do grafiki, nie usunąłem wcześniej starych, podobno to przeciąża. [/quote] Wykonaj jeszcze to http://www.forumpc.pl/index.php?showtopic=134008 i ponownie zainstaluj sterowniki od karty graficznej. Daj info, czy pomogło.
Kaaas komentarz 20 maja 2012 Autor komentarz 20 maja 2012 [log]OTL Extras logfile created on: 2012-05-20 10:02:49 - Run 1 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Maciek\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,98 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 59,07% Memory free 7,96 Gb Paging File | 5,87 Gb Available in Paging File | 73,74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 107,42 Gb Total Space | 3,20 Gb Free Space | 2,98% Space Free | Partition Type: NTFS Drive D: | 358,34 Gb Total Space | 165,53 Gb Free Space | 46,19% Space Free | Partition Type: NTFS Drive E: | 5,12 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive G: | 7,32 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: MACIEK-PC | User Name: Maciek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00B6B287-EEAE-4C11-8382-820536F5F882}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{0A10444B-5BB6-4A68-BDAF-274D051F4A40}" = rport=139 | protocol=6 | dir=out | app=system | "{0CFB2AA0-59AF-46FF-B878-2BCFEEED853B}" = lport=139 | protocol=6 | dir=in | app=system | "{154C4B47-C443-4891-B3CD-FAD9BAE78FD7}" = rport=445 | protocol=6 | dir=out | app=system | "{3563DAD2-D63D-4E92-B32F-6F2479A200CF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{37FC8060-1A09-4445-9074-797DEBD29C57}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{464FDED9-D4F8-4697-BC5B-30D7E4B2F708}" = lport=138 | protocol=17 | dir=in | app=system | "{4FD7352C-E0A4-4B3A-9735-111F53F0BD63}" = lport=56595 | protocol=6 | dir=in | name=pando media booster | "{50419CBE-D7C8-4C29-A192-970A122CD407}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{52E29AE4-14B8-4507-88E6-B60B26978CEE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{66D3972E-77F5-4A10-A300-51B5F78D62D5}" = rport=138 | protocol=17 | dir=out | app=system | "{83F83DC6-BB4B-4554-9123-34606AD50572}" = lport=10243 | protocol=6 | dir=in | app=system | "{A4A33962-737B-41FA-8AF8-58E5CF2B8DD8}" = lport=56595 | protocol=17 | dir=in | name=pando media booster | "{ABEB99AE-5BD3-477C-B77B-8CFD6C751987}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{B032EDE3-F786-4346-8ED5-79EE4891E813}" = lport=445 | protocol=6 | dir=in | app=system | "{B0498F64-D06A-41E6-B3CB-084752A7EAF2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BB0B2194-5BC2-4FCB-9446-8736771FC19D}" = lport=56595 | protocol=17 | dir=in | name=pando media booster | "{C243BDB3-ECE3-42B4-ACD3-A0FF70F328B9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{CB5DA72E-D600-41D8-B34F-00CFC1D07BDF}" = rport=10243 | protocol=6 | dir=out | app=system | "{D7E51338-0DBD-4F42-84CF-796A9E502955}" = lport=2869 | protocol=6 | dir=in | app=system | "{DEFDE887-73A5-43A2-9B2A-5E94E83E9028}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | "{E1CD9800-5C42-4631-9932-51A62A9E2252}" = rport=137 | protocol=17 | dir=out | app=system | "{E66AFE27-B955-44E1-8388-ADDD188333FC}" = lport=137 | protocol=17 | dir=in | app=system | "{E6B6001A-233B-455C-95DB-3271C04FD892}" = lport=56595 | protocol=6 | dir=in | name=pando media booster | "{E861DE07-8937-44EC-B727-63F41988D5C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F00AC0BB-F42B-45A2-AB30-76EDB9187233}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05EAC0DA-D0A4-4533-A623-21F00F4E377E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{07721A08-0D02-4D7A-954B-60FAC3994D00}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{0874C17D-FA8C-4FE3-94FB-FA3A31F1460B}" = protocol=17 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraftsp.exe | "{08F1B77B-D7D4-402F-B3B0-3729D8F19E80}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{1332346E-1D12-4B43-AA46-62C75635DED8}" = protocol=6 | dir=in | app=d:\gry\lol\league of legends\lol.launcher.exe | "{14D365EC-8CBC-4E50-8F99-BA6960984E29}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{164057B2-2D45-464F-AA77-7F0B3BF12898}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{18D34C5C-C3B8-4EF4-827D-9963DC0304A1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{20BC96D8-523D-4CBF-85E3-C13B13F5C8E5}" = protocol=17 | dir=in | app=d:\gry\mass effect\binaries\masseffect.exe | "{2606B609-BDD8-4930-9301-81E489147816}" = protocol=6 | dir=out | app=system | "{292CA7CB-994C-47A6-815E-CB573CBACB56}" = protocol=17 | dir=in | app=d:\gry\mass effect\masseffectlauncher.exe | "{2E53B238-6B5B-4434-8602-89E0E8941C46}" = protocol=6 | dir=in | app=d:\gry\mass effect\masseffectlauncher.exe | "{32BF485D-D018-4648-A253-7A9AAA39741E}" = protocol=17 | dir=in | app=d:\gry\gta iv\rockstar games social club\rgsclauncher.exe | "{3D9AB241-76B3-43CA-94F5-5FEFFD5D1E0A}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{3F3A721F-1BE6-47A9-AE09-342C350BB138}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe | "{43FFA393-6349-46CF-9861-AE7E9804F00F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{440D085A-0406-4767-9CF0-CA75E0DFD74B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{459F4534-59E0-4DF6-9916-B9EC48A0B3BC}" = protocol=17 | dir=in | app=d:\gry\assasin's creed\assassinscreed_dx9.exe | "{50B68ACC-6089-45CB-AAC9-F75B736773EA}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | "{52FC4CE1-48A7-41BA-9BE9-F8B0F29B4398}" = protocol=58 | dir=in | app=system | "{5C99E82F-83B5-47BE-BB21-BC4BA8A36980}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5E5C1403-2DE0-4486-AE29-60DD970BA3DC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{5EC09460-0B81-4921-A26B-7608827759FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{624FE9F7-84A4-4F9E-9A3B-10F9E0AFE765}" = protocol=17 | dir=in | app=d:\gry\assasin's creed\assassinscreed_launcher.exe | "{6335DE28-54BC-4316-85E6-61BA65DA1FB4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{657DE16C-17CD-485E-9B15-AD3C33C6D96F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{6A8C19EF-2AC3-4778-A084-B415E87F6312}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{6ADC8A8A-8F1F-4A34-B986-C18B37FF862D}" = protocol=17 | dir=in | app=d:\gry\diabolo\diablo iii beta\diablo iii.exe | "{6DE6E086-4AB4-4627-8BE0-F9794AF4FE0E}" = protocol=17 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraft_server.exe | "{6DFAFD6B-43F0-4882-8771-053EA5BFC95E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{76A88BEC-2DE8-433D-BC22-A836FA847499}" = protocol=6 | dir=in | app=d:\gry\assasin's creed\assassinscreed_dx10.exe | "{77FA3CC1-BCA7-445A-86A2-21AF0E7AC232}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{789A172D-5FED-4A6C-9027-215465A03E58}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | "{7C88B876-0695-4602-8DB8-83D613B79F4D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{7CF30507-00BE-4D6F-B490-FF7BDB9BA07A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{9077F31A-656F-4132-941B-558EB4C9CF20}" = protocol=6 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraft_server.exe | "{919D15CC-C8D5-49DF-AD7E-6361E2B6D3F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{9249E279-17EA-4F6C-A99D-3FD4CC416D1D}" = protocol=6 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\binaries\masseffect2.exe | "{9B2DEAE0-1AE6-42B9-8118-F706EA672001}" = protocol=6 | dir=in | app=d:\gry\assasin's creed\assassinscreed_dx9.exe | "{9CDE218C-CC28-4844-9A10-F39AFA355B29}" = protocol=6 | dir=in | app=d:\gry\assasin's creed\assassinscreed_launcher.exe | "{9F2C458D-12D4-4352-9338-EA0BF1C57CCC}" = protocol=6 | dir=in | app=d:\gry\mass effect\binaries\masseffect.exe | "{A17E4769-52D6-4C87-AE18-C0801EE98072}" = protocol=6 | dir=in | app=d:\gry\diabolo\diablo iii beta\diablo iii.exe | "{A1CF1784-E45B-4021-86E4-6991D20633D7}" = protocol=6 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraftsp.exe | "{A8C31C5D-CA85-421C-8363-01CAB5BD7388}" = protocol=17 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\binaries\masseffect2.exe | "{A8F809A5-1030-4D90-8B32-9BB825F1BA67}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{ACCF55E0-6386-4A12-A09A-DB66202C7E2F}" = protocol=17 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\masseffect2launcher.exe | "{AE845F42-34DF-49B1-861D-E1CF3BF384BC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | "{B17D08D8-E488-4204-B893-9C46C9F954B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B43DEBC7-B7DA-4082-9DF7-4113F7E4634A}" = protocol=6 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\masseffect2launcher.exe | "{B48045AF-5F20-435D-83BD-86665D44B53F}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{BD5F24B2-47B4-4329-958E-F7260BBD7F92}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C14231F2-8529-40D7-88B0-CC6057F69513}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\gears of war\binaries\wargame-g4wlive.exe | "{C38CD189-7D0E-432C-AAB1-DD62AF5FA781}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C4B90775-8900-44C6-A774-E8BE9B504FCB}" = protocol=6 | dir=in | app=d:\gry\gta iv\rockstar games social club\rgsclauncher.exe | "{C6D6B105-B4D6-4463-9D4C-390AA75785B0}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{CB991A80-6219-4136-9393-5AC464C5B75A}" = protocol=17 | dir=in | app=d:\gry\lol\league of legends\lol.launcher.exe | "{CCC71F2E-59C1-4564-B0B1-2FDD39A39D1F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\gears of war\binaries\wargame-g4wlive.exe | "{CE2C2B45-6977-480B-AFD8-4CCCE72A1E3B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe | "{D2E9A87D-0105-47BA-97C0-56CB9C368983}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{D4C8DAF6-0547-4251-B54F-A5786253D5D1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{D8E7FF74-A395-4FFB-9ABE-079475F94B34}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{E4203F55-4F04-4194-82CF-8EF7506939C2}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | "{E90139A2-0A37-4833-A127-E626CD4EF4F6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{ED875282-D50B-45A6-AD93-AEF1A7A5F086}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{EF370D10-6362-42DC-AA3B-C1B38F00521F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{EF7D6612-162A-4A9D-8F1D-AFE5C33EDA14}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F11522AD-E4F6-4FC4-AB5D-05E3D92FDC6D}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{F6A25FFA-DF24-4B2E-B222-4C7CBE145068}" = protocol=17 | dir=in | app=d:\gry\assasin's creed\assassinscreed_dx10.exe | "{FD3963EB-16D2-4B47-83B0-44968B0E8DF5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "TCP Query User{01F75668-4267-40F7-86EB-1DEF702746D5}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{276FB2D9-C8AC-4494-BCFA-36236E42EE06}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{7E3F414B-20AB-4E9A-BAA5-7523F257916A}C:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe" = protocol=6 | dir=in | app=c:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe | "TCP Query User{B515DC96-C442-460A-8CE5-044C4290EF0B}D:\gry\saints row\saints row the third\saintsrowthethird.exe" = protocol=6 | dir=in | app=d:\gry\saints row\saints row the third\saintsrowthethird.exe | "TCP Query User{D4657D97-9ADD-400C-9E12-3AD24C3F84A7}D:\gry\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\gry\crysis 2\bin32\crysis2.exe | "TCP Query User{FF0CA6BD-8BE8-4A20-BDDF-51129BE2B6BA}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | "UDP Query User{1CA19F1E-6D4B-43B0-9BC9-B38DC779C5AA}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{39349563-572B-46D0-AC58-02673D363861}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | "UDP Query User{5B5AA6BF-0264-4757-8DE4-56C4271F0167}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{6D5DDE5C-4E2B-4248-AB45-7B20ED2F8AF2}D:\gry\saints row\saints row the third\saintsrowthethird.exe" = protocol=17 | dir=in | app=d:\gry\saints row\saints row the third\saintsrowthethird.exe | "UDP Query User{CB77C7BA-8CCA-4DC7-8FE4-6A9783A050FE}C:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe" = protocol=17 | dir=in | app=c:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe | "UDP Query User{E631569E-CFFD-4095-9E59-BDF3E4210D64}D:\gry\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\gry\crysis 2\bin32\crysis2.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit) "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0015-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0016-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0018-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-0019-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001A-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001B-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-001F-0415-1000-0000000FF1CE}_Office14.PROPLUS_{329A3D98-9583-4B84-B18B-498E7AB65C43}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-002C-0415-1000-0000000FF1CE}_Office14.PROPLUS_{BFEB53FA-3044-47FD-BB50-9DCBBEED79EF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010 "{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010 "{90140000-0043-0415-1000-0000000FF1CE}_Office14.PROPLUS_{FF5F6090-64DF-4BF6-BADD-71A64FDA70D2}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-0044-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-006E-0415-1000-0000000FF1CE}_Office14.PROPLUS_{3A96ABFF-5202-47B1-B5A2-DDE76563AF61}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00A1-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{90140000-00BA-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.12.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "WinRAR archiver" = WinRAR 4.01 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11 "{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War "{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11 "{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic "{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM) "{3B418709-D688-4E3A-BE0E-7D71FA84C948}" = Nero 11 PiP Effects 1 "{4382FC76-8100-4951-8658-31834E625E88}" = Nero 11 Video Transitions 1 "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B7IL77L-LKS1-ROW3-SAINTS-18CD6E6334R1}_is1" = Saints Row The Third version 1.0 "{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM) "{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM) "{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM) "{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable "{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic "{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3 "{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM) "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2 "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2 "{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{8A7ABBD4-A617-4AE8-9C6D-1510DE46EC35}" = Nero 11 "{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback "{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1 "{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples "{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2 "{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Polish "{ACD6B383-EC5B-4000-A455-CCB308B447FE}" = Nero 11 Kwik Themes 4 "{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts "{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11 "{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM) "{BA499CC0-12C0-4BA5-9007-76844B721158}" = Nero 11 Kwik Themes 3 "{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11 "{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome "{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM) "{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM) "{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM) "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11 "{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi "{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic "{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM) "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples "{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic "{F69FB940-5031-4FE8-AFAD-085802D0BF63}" = Nero Recode 11 "{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM) "{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11 "Adobe AIR" = Adobe AIR "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "avast" = avast! Internet Security "Battlelog Web Plugins" = Battlelog Web Plugins "Diablo III Beta" = Diablo III Beta "ESN Sonar-0.70.4" = ESN Sonar "facemoods" = facemoods "Fraps" = Fraps (remove only) "Gears of War - spolszczenie" = Gears of War - spolszczenie "Google Chrome" = Google Chrome "InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 8.4.0 (Full) "LogMeIn Hamachi" = LogMeIn Hamachi "Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl) "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Origin" = Origin "Picasa 3" = Picasa 3 "PunkBusterSvc" = PunkBuster Services "QuicktimeAlt_is1" = QuickTime Alternative 3.2.2 "RealAlt_is1" = Real Alternative 2.0.2 "Syndicate_is1" = Syndicate "The Darkness II_is1" = The Darkness II "uTorrent" = µTorrent "uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar "World of Warcraft" = World of Warcraft [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "63d6f3171a6bd7a3" = Theatre of Dreams Launcher "GG" = GG [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-04-25 07:22:17 | Computer Name = Maciek-PC | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: AssassinsCreed_Dx10.exe, wersja: 1.0.2.1, sygnatura czasowa: 0x48067113 Nazwa modułu powodującego błąd: AssassinsCreed_Dx10.exe, wersja: 1.0.2.1, sygnatura czasowa: 0x48067113 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00bdf2f9 Identyfikator procesu powodującego błąd: 0xa30 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd22d3f20ae810 Ścieżka aplikacji powodującej błąd: D:\Gry\Assasin's Creed\AssassinsCreed_Dx10.exe Ścieżka modułu powodującego błąd: D:\Gry\Assasin's Creed\AssassinsCreed_Dx10.exe Identyfikator raportu: e985d5bf-8ec8-11e1-a49e-5404a69c7cfa Error - 2012-04-25 07:22:26 | Computer Name = Maciek-PC | Source = | ID = 0 Description = Error - 2012-04-25 07:22:26 | Computer Name = Maciek-PC | Source = | ID = 0 Description = Error - 2012-04-27 06:15:55 | Computer Name = Maciek-PC | Source = Application Hang | ID = 1002 Description = Program chrome.exe w wersji 18.0.1025.162 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 878 Godzina rozpoczęcia: 01cd24573a12f781 Godzina zakończenia: 10 Ścieżka aplikacji: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Identyfikator raportu: f61d4de5-9051-11e1-9372-5404a69c7cfa Error - 2012-05-07 02:48:07 | Computer Name = Maciek-PC | Source = Application Hang | ID = 1002 Description = Program chrome.exe w wersji 18.0.1025.168 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1290 Godzina rozpoczęcia: 01cd2c1cb90fa32e Godzina zakończenia: 0 Ścieżka aplikacji: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Identyfikator raportu: 954a9b70-9810-11e1-9346-5404a69c7cfa Error - 2012-05-08 07:19:53 | Computer Name = Maciek-PC | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: rads_user_kernel.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4e65c1ac Nazwa modułu powodującego błąd: rads_user_kernel.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4e65c1ac Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000b8554 Identyfikator procesu powodującego błąd: 0x1150 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd2d0c7c5039d3 Ścieżka aplikacji powodującej błąd: D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Ścieżka modułu powodującego błąd: D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Identyfikator raportu: bb381fd9-98ff-11e1-aa3a-5404a69c7cfa Error - 2012-05-11 14:32:49 | Computer Name = Maciek-PC | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: rads_user_kernel.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4e65c1ac Nazwa modułu powodującego błąd: rads_user_kernel.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4e65c1ac Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000b8554 Identyfikator procesu powodującego błąd: 0x554 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd2fa389449a6b Ścieżka aplikacji powodującej błąd: D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Ścieżka modułu powodującego błąd: D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Identyfikator raportu: b54637d4-9b97-11e1-88cb-5404a69c7cfa Error - 2012-05-12 03:01:55 | Computer Name = Maciek-PC | Source = MsiInstaller | ID = 1013 Description = Error - 2012-05-12 07:31:19 | Computer Name = Maciek-PC | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: MassEffect2.exe, wersja: 1.0.1593.2, sygnatura czasowa: 0x4b2845cd Nazwa modułu powodującego błąd: MassEffect2.exe, wersja: 1.0.1593.2, sygnatura czasowa: 0x4b2845cd Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00511db0 Identyfikator procesu powodującego błąd: 0xdc8 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd302e5cb88d65 Ścieżka aplikacji powodującej błąd: D:\Gry\Mass Effect 2PL\Mass Effect 2\Binaries\MassEffect2.exe Ścieżka modułu powodującego błąd: D:\Gry\Mass Effect 2PL\Mass Effect 2\Binaries\MassEffect2.exe Identyfikator raportu: fdf85236-9c25-11e1-ab99-5404a69c7cfa Error - 2012-05-16 14:42:11 | Computer Name = Maciek-PC | Source = Windows Installer 3.1 | ID = 921877 Description = [ System Events ] Error - 2012-04-10 14:08:41 | Computer Name = Maciek-PC | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą LogMeIn Hamachi Tunneling Engine. Error - 2012-04-10 14:08:41 | Computer Name = Maciek-PC | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi LogMeIn Hamachi Tunneling Engine z powodu następującego błędu: %%1053 Error - 2012-04-11 10:27:47 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 16:26:13 na ?2012-?04-?11 było nieoczekiwane. Error - 2012-04-11 10:27:51 | Computer Name = MACIEK-PC | Source = BugCheck | ID = 1001 Description = Error - 2012-04-11 11:12:37 | Computer Name = Maciek-PC | Source = BugCheck | ID = 1001 Description = Error - 2012-04-13 02:05:35 | Computer Name = Maciek-PC | Source = Service Control Manager | ID = 7023 Description = Usługa Serwer zakończyła działanie; wystąpił następujący błąd: %%1062 Error - 2012-04-17 01:53:14 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 21:23:57 na ?2012-?04-?16 było nieoczekiwane. Error - 2012-04-20 02:28:03 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 22:03:36 na ?2012-?04-?19 było nieoczekiwane. Error - 2012-05-10 17:30:40 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 23:29:07 na ?2012-?05-?10 było nieoczekiwane. Error - 2012-05-19 15:45:21 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 21:43:21 na ?2012-?05-?19 było nieoczekiwane. < End of report >[/log] To powinno być to. Sterowniki do karty już się instalują. Nie ma reguły kiedy komp sie pierdzieli, także na "wynik" bedziesz musiał trochę poczekać. Anyway, dzięki za pomoc.
Gość komentarz 20 maja 2012 komentarz 20 maja 2012 W logach nie ma infekcji. Odinstaluj smieci z przegladarek [code]"facemoods" = facemoods uTorrentControl2 Toolbar[/code] Pobierz [b]AdwCleaner[/b] i wykonaj skan z opcji [b]Search. [/b]Przedstaw raport. http://general-changelog-team.fr/outils/289-adwcleaner
Kaaas komentarz 20 maja 2012 Autor komentarz 20 maja 2012 [log]# AdwCleaner v1.606 - Logfile created 05/20/2012 at 14:07:03 # Updated 10/05/2012 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (64 bits) # User : Maciek - MACIEK-PC # Running from : C:\Users\Maciek\Downloads\adwcleaner.exe # Option [Search] ***** [Services] ***** ***** [Files / Folders] ***** Folder Found : C:\Users\Maciek\AppData\Local\Conduit Folder Found : C:\Users\Maciek\AppData\LocalLow\Conduit Folder Found : C:\Users\Maciek\AppData\LocalLow\facemoods.com Folder Found : C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\3l1olj9a.default\ConduitCommon Folder Found : C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\3l1olj9a.default\extensions\ffxtlbr@Facemoods.com Folder Found : C:\Program Files (x86)\Conduit File Found : C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\3l1olj9a.default\searchplugins\Conduit.xml ***** [Registry] ***** [*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253 Key Found : HKCU\Software\Softonic Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKLM\SOFTWARE\Conduit Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1 Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Google\chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif [x64] Key Found : HKCU\Software\Softonic [x64] Key Found : HKCU\Software\AppDataLow\Toolbar [x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit [x64] Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes [x64] Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr [x64] Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1 [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL ***** [Registre - GUID] ***** Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC} Key Found : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78} Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} [x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9} ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT3072253 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 -\\ Mozilla Firefox v11.0 (pl) Profile name : default File : C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\3l1olj9a.default\prefs.js Found : user_pref("CT3072253..clientLogIsEnabled", false); Found : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Found : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Found : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); Found : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Found : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true); Found : user_pref("CT3072253.BrowserCompStateIsOpen_129749445530228833", true); Found : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true); Found : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true); Found : user_pref("CT3072253.CTID", "CT3072253"); Found : user_pref("CT3072253.CurrentServerDate", "19-5-2012"); Found : user_pref("CT3072253.DSInstall", true); Found : user_pref("CT3072253.DialogsAlignMode", "LTR"); Found : user_pref("CT3072253.DialogsGetterLastCheckTime", "Thu May 17 2012 18:05:08 GMT+0200"); Found : user_pref("CT3072253.DownloadReferralCookieData", ""); Found : user_pref("CT3072253.FirstServerDate", "8-4-2012"); Found : user_pref("CT3072253.FirstTime", true); Found : user_pref("CT3072253.FirstTimeFF3", true); Found : user_pref("CT3072253.FixPageNotFoundErrors", true); Found : user_pref("CT3072253.GroupingServerCheckInterval", 1440); Found : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Found : user_pref("CT3072253.HPInstall", true); Found : user_pref("CT3072253.HasUserGlobalKeys", true); Found : user_pref("CT3072253.HomePageProtectorEnabled", false); Found : user_pref("CT3072253.HomepageBeforeUnload", "hxxp://www.google.pl/"); Found : user_pref("CT3072253.Initialize", true); Found : user_pref("CT3072253.InitializeCommonPrefs", true); Found : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3); Found : user_pref("CT3072253.InstallationId", "ConduitXPEIntegration"); Found : user_pref("CT3072253.InstallationType", "ConduitXPEIntegration"); Found : user_pref("CT3072253.InstalledDate", "Sun Apr 08 2012 19:33:35 GMT+0200"); Found : user_pref("CT3072253.IsAlertDBUpdated", true); Found : user_pref("CT3072253.IsGrouping", false); Found : user_pref("CT3072253.IsInitSetupIni", true); Found : user_pref("CT3072253.IsMulticommunity", false); Found : user_pref("CT3072253.IsOpenThankYouPage", true); Found : user_pref("CT3072253.IsOpenUninstallPage", false); Found : user_pref("CT3072253.IsProtectorsInit", true); Found : user_pref("CT3072253.LanguagePackLastCheckTime", "Sat May 19 2012 13:48:28 GMT+0200"); Found : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440); Found : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Found : user_pref("CT3072253.LastLogin_3.10.0.1", "Sun Apr 08 2012 19:33:36 GMT+0200"); Found : user_pref("CT3072253.LastLogin_3.12.0.7", "Wed Apr 25 2012 18:27:28 GMT+0200"); Found : user_pref("CT3072253.LastLogin_3.12.2.3", "Sat May 19 2012 13:48:29 GMT+0200"); Found : user_pref("CT3072253.LatestVersion", "3.12.2.3"); Found : user_pref("CT3072253.Locale", "en"); Found : user_pref("CT3072253.MCDetectTooltipHeight", "83"); Found : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Found : user_pref("CT3072253.MCDetectTooltipWidth", "295"); Found : user_pref("CT3072253.MyStuffEnabledAtInstallation", true); Found : user_pref("CT3072253.OriginalFirstVersion", "3.10.0.1"); Found : user_pref("CT3072253.SavedHomepage", "www.google.pl"); Found : user_pref("CT3072253.SearchBoxWidth", 143); Found : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search"); Found : user_pref("CT3072253.SearchEngineBeforeUnload", "uTorrentControl2 Customized Web Search"); Found : user_pref("CT3072253.SearchFromAddressBarIsInit", true); Found : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT307[...] Found : user_pref("CT3072253.SearchInNewTabEnabled", true); Found : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440); Found : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Sat May 19 2012 13:48:28 GMT+0200"); Found : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Found : user_pref("CT3072253.SearchProtectorEnabled", true); Found : user_pref("CT3072253.SearchProtectorToolbarDisabled", false); Found : user_pref("CT3072253.SendProtectorDataViaLogin", true); Found : user_pref("CT3072253.ServiceMapLastCheckTime", "Sat May 19 2012 13:48:28 GMT+0200"); Found : user_pref("CT3072253.SettingsLastCheckTime", "Sat May 19 2012 13:48:28 GMT+0200"); Found : user_pref("CT3072253.SettingsLastUpdate", "1337169810"); Found : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13"); Found : user_pref("CT3072253.ThirdPartyComponentsInterval", 504); Found : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Sun Apr 08 2012 19:33:34 GMT+0200"); Found : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1312887586"); Found : user_pref("CT3072253.ToolbarShrinkedFromSetup", false); Found : user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253"); Found : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Found : user_pref("CT3072253.UserID", "UN81533185649200419"); Found : user_pref("CT3072253.ValidationData_Toolbar", 2); Found : user_pref("CT3072253.alertChannelId", "1463702"); Found : user_pref("CT3072253.autoDisableScopes", -1); Found : user_pref("CT3072253.backendstorage.cbcountry_000", "504C"); Found : user_pref("CT3072253.backendstorage.cbfirsttime", "53756E2041707220303820323031322031393A33333A33372[...] Found : user_pref("CT3072253.backendstorage.facebook_mode", "32"); Found : user_pref("CT3072253.backendstorage.facebook_user_locale", "656E"); Found : user_pref("CT3072253.backendstorage.youtubelang", "5553"); Found : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Found : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Sun Apr 08 2012 19:33:35 GMT+0200"); Found : user_pref("CT3072253.homepageProtectorEnableByLogin", true); Found : user_pref("CT3072253.initDone", true); Found : user_pref("CT3072253.isAppTrackingManagerOn", true); Found : user_pref("CT3072253.myStuffEnabled", true); Found : user_pref("CT3072253.myStuffPublihserMinWidth", 400); Found : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Found : user_pref("CT3072253.myStuffServiceIntervalMM", 1440); Found : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Found : user_pref("CT3072253.navigateToUrlOnSearch", false); Found : user_pref("CT3072253.revertSettingsEnabled", true); Found : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10); Found : user_pref("CT3072253.searchProtectorEnableByLogin", true); Found : user_pref("CT3072253.testingCtid", ""); Found : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Sat May 19 2012 13:48:28 GMT+0200"); Found : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Sun Apr 08 2012 19:33:36 GMT+0200"); Found : user_pref("CT3072253.usagesFlag", 2); Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3072253&Search[...] Found : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentControl2 Customized Web Search"); Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253[...] Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1463702/1459356/PL", "\"0\"[...] Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", [...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...] Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253",[...] Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"67e[...] Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Maciek\\AppData\\Roaming\\Mozilla\\[...] Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.10.0.1"); Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", ""); Found : user_pref("CommunityToolbar.ToolbarsList", "CT3072253"); Found : user_pref("CommunityToolbar.ToolbarsList2", "CT3072253"); Found : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253"); Found : user_pref("CommunityToolbar.globalUserId", "c500261d-789c-4525-b686-fc3c2fd1d13b"); Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253"); Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Apr 08 2012 19:33:3[...] Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60); Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Apr 08 2012 19:33:44 GMT+020[...] Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Found : user_pref("CommunityToolbar.notifications.locale", "en"); Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Apr 08 2012 19:33:35 GMT+0200"); Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Found : user_pref("CommunityToolbar.notifications.userId", "aa5e2372-36fd-4ff0-a74e-0f6cdc25fe38"); Found : user_pref("CommunityToolbar.originalHomepage", "www.google.pl"); Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...] Found : user_pref("browser.search.defaultthis.engineName", "uTorrentControl2 Customized Web Search"); Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&Sea[...] Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=[...] -\\ Google Chrome v18.0.1025.168 File : C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Preferences Found : "explicit_host": [ "hxxp://igor.facemoods.com/*", "hxxp://reports.facemoods.com/*" ], Found : "css": [ "style/facemoods_chrome_1.0.1.css" ], Found : "name": "Facemoods", Found : "permissions": [ "tabs", "hxxp://igor.facemoods.com/", "hxxp://reports.facemoods.com/[...] Found : "update_url": "hxxp://facemoods.com/public/download/chrome/update.xml", Found : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT307225[...] ************************* AdwCleaner[R1].txt - [18402 octets] - [20/05/2012 14:07:03] ########## EOF - C:\AdwCleaner[R1].txt - [18531 octets] ##########[/log] Proszę Cię bardzo.
Gość komentarz 20 maja 2012 komentarz 20 maja 2012 Zamknij przegladarki. Uruchom AdwCleaner i kliknij [b]Delete.[/b] Potem uruchom go znowu i kliknij [b]Uninstall.[/b] Odpal OTL i wykonaj skan, przedstaw raport. Extras juz nie potrzebny.
Kaaas komentarz 20 maja 2012 Autor komentarz 20 maja 2012 uTorrent toolbara nie udało mi się odinstalować. Nie znalazłem go poprostu. [log]OTL Extras logfile created on: 2012-05-20 14:28:45 - Run 2 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Maciek\Desktop\Programy 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,98 Gb Total Physical Memory | 2,68 Gb Available Physical Memory | 67,30% Memory free 7,96 Gb Paging File | 6,53 Gb Available in Paging File | 82,05% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 107,42 Gb Total Space | 49,58 Gb Free Space | 46,16% Space Free | Partition Type: NTFS Drive D: | 358,34 Gb Total Space | 214,19 Gb Free Space | 59,77% Space Free | Partition Type: NTFS Computer Name: MACIEK-PC | User Name: Maciek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00B6B287-EEAE-4C11-8382-820536F5F882}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{0A10444B-5BB6-4A68-BDAF-274D051F4A40}" = rport=139 | protocol=6 | dir=out | app=system | "{0CFB2AA0-59AF-46FF-B878-2BCFEEED853B}" = lport=139 | protocol=6 | dir=in | app=system | "{154C4B47-C443-4891-B3CD-FAD9BAE78FD7}" = rport=445 | protocol=6 | dir=out | app=system | "{3563DAD2-D63D-4E92-B32F-6F2479A200CF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{37FC8060-1A09-4445-9074-797DEBD29C57}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{464FDED9-D4F8-4697-BC5B-30D7E4B2F708}" = lport=138 | protocol=17 | dir=in | app=system | "{4FD7352C-E0A4-4B3A-9735-111F53F0BD63}" = lport=56595 | protocol=6 | dir=in | name=pando media booster | "{50419CBE-D7C8-4C29-A192-970A122CD407}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{52E29AE4-14B8-4507-88E6-B60B26978CEE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{66D3972E-77F5-4A10-A300-51B5F78D62D5}" = rport=138 | protocol=17 | dir=out | app=system | "{83F83DC6-BB4B-4554-9123-34606AD50572}" = lport=10243 | protocol=6 | dir=in | app=system | "{A4A33962-737B-41FA-8AF8-58E5CF2B8DD8}" = lport=56595 | protocol=17 | dir=in | name=pando media booster | "{ABEB99AE-5BD3-477C-B77B-8CFD6C751987}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{B032EDE3-F786-4346-8ED5-79EE4891E813}" = lport=445 | protocol=6 | dir=in | app=system | "{B0498F64-D06A-41E6-B3CB-084752A7EAF2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BB0B2194-5BC2-4FCB-9446-8736771FC19D}" = lport=56595 | protocol=17 | dir=in | name=pando media booster | "{C243BDB3-ECE3-42B4-ACD3-A0FF70F328B9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{CB5DA72E-D600-41D8-B34F-00CFC1D07BDF}" = rport=10243 | protocol=6 | dir=out | app=system | "{D7E51338-0DBD-4F42-84CF-796A9E502955}" = lport=2869 | protocol=6 | dir=in | app=system | "{DEFDE887-73A5-43A2-9B2A-5E94E83E9028}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | "{E1CD9800-5C42-4631-9932-51A62A9E2252}" = rport=137 | protocol=17 | dir=out | app=system | "{E66AFE27-B955-44E1-8388-ADDD188333FC}" = lport=137 | protocol=17 | dir=in | app=system | "{E6B6001A-233B-455C-95DB-3271C04FD892}" = lport=56595 | protocol=6 | dir=in | name=pando media booster | "{E861DE07-8937-44EC-B727-63F41988D5C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F00AC0BB-F42B-45A2-AB30-76EDB9187233}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05EAC0DA-D0A4-4533-A623-21F00F4E377E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{07721A08-0D02-4D7A-954B-60FAC3994D00}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{0874C17D-FA8C-4FE3-94FB-FA3A31F1460B}" = protocol=17 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraftsp.exe | "{08F1B77B-D7D4-402F-B3B0-3729D8F19E80}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{1332346E-1D12-4B43-AA46-62C75635DED8}" = protocol=6 | dir=in | app=d:\gry\lol\league of legends\lol.launcher.exe | "{14D365EC-8CBC-4E50-8F99-BA6960984E29}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{164057B2-2D45-464F-AA77-7F0B3BF12898}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{18D34C5C-C3B8-4EF4-827D-9963DC0304A1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{20BC96D8-523D-4CBF-85E3-C13B13F5C8E5}" = protocol=17 | dir=in | app=d:\gry\mass effect\binaries\masseffect.exe | "{2606B609-BDD8-4930-9301-81E489147816}" = protocol=6 | dir=out | app=system | "{292CA7CB-994C-47A6-815E-CB573CBACB56}" = protocol=17 | dir=in | app=d:\gry\mass effect\masseffectlauncher.exe | "{2E53B238-6B5B-4434-8602-89E0E8941C46}" = protocol=6 | dir=in | app=d:\gry\mass effect\masseffectlauncher.exe | "{32BF485D-D018-4648-A253-7A9AAA39741E}" = protocol=17 | dir=in | app=d:\gry\gta iv\rockstar games social club\rgsclauncher.exe | "{3D9AB241-76B3-43CA-94F5-5FEFFD5D1E0A}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{3F3A721F-1BE6-47A9-AE09-342C350BB138}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe | "{433E1D93-B23B-4822-AA9B-E0FB0F55ECAA}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{43FFA393-6349-46CF-9861-AE7E9804F00F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{440D085A-0406-4767-9CF0-CA75E0DFD74B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{50B68ACC-6089-45CB-AAC9-F75B736773EA}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | "{5C99E82F-83B5-47BE-BB21-BC4BA8A36980}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5E5C1403-2DE0-4486-AE29-60DD970BA3DC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{5EC09460-0B81-4921-A26B-7608827759FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6335DE28-54BC-4316-85E6-61BA65DA1FB4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{657DE16C-17CD-485E-9B15-AD3C33C6D96F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{6ADC8A8A-8F1F-4A34-B986-C18B37FF862D}" = protocol=17 | dir=in | app=d:\gry\diabolo\diablo iii beta\diablo iii.exe | "{6DE6E086-4AB4-4627-8BE0-F9794AF4FE0E}" = protocol=17 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraft_server.exe | "{6DFAFD6B-43F0-4882-8771-053EA5BFC95E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{77FA3CC1-BCA7-445A-86A2-21AF0E7AC232}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{789A172D-5FED-4A6C-9027-215465A03E58}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | "{7C88B876-0695-4602-8DB8-83D613B79F4D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{7CF30507-00BE-4D6F-B490-FF7BDB9BA07A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{9077F31A-656F-4132-941B-558EB4C9CF20}" = protocol=6 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraft_server.exe | "{919D15CC-C8D5-49DF-AD7E-6361E2B6D3F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{9249E279-17EA-4F6C-A99D-3FD4CC416D1D}" = protocol=6 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\binaries\masseffect2.exe | "{9F2C458D-12D4-4352-9338-EA0BF1C57CCC}" = protocol=6 | dir=in | app=d:\gry\mass effect\binaries\masseffect.exe | "{A17E4769-52D6-4C87-AE18-C0801EE98072}" = protocol=6 | dir=in | app=d:\gry\diabolo\diablo iii beta\diablo iii.exe | "{A1CF1784-E45B-4021-86E4-6991D20633D7}" = protocol=6 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraftsp.exe | "{A8C31C5D-CA85-421C-8363-01CAB5BD7388}" = protocol=17 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\binaries\masseffect2.exe | "{A8F809A5-1030-4D90-8B32-9BB825F1BA67}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{ACCF55E0-6386-4A12-A09A-DB66202C7E2F}" = protocol=17 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\masseffect2launcher.exe | "{AE845F42-34DF-49B1-861D-E1CF3BF384BC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | "{B17D08D8-E488-4204-B893-9C46C9F954B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B43DEBC7-B7DA-4082-9DF7-4113F7E4634A}" = protocol=6 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\masseffect2launcher.exe | "{B48045AF-5F20-435D-83BD-86665D44B53F}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{BD5F24B2-47B4-4329-958E-F7260BBD7F92}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C14231F2-8529-40D7-88B0-CC6057F69513}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\gears of war\binaries\wargame-g4wlive.exe | "{C38CD189-7D0E-432C-AAB1-DD62AF5FA781}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C4B90775-8900-44C6-A774-E8BE9B504FCB}" = protocol=6 | dir=in | app=d:\gry\gta iv\rockstar games social club\rgsclauncher.exe | "{C6D6B105-B4D6-4463-9D4C-390AA75785B0}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{C6FFBE17-72E1-4EE5-9216-DC5DE7BD06D9}" = protocol=58 | dir=in | app=system | "{CB991A80-6219-4136-9393-5AC464C5B75A}" = protocol=17 | dir=in | app=d:\gry\lol\league of legends\lol.launcher.exe | "{CCC71F2E-59C1-4564-B0B1-2FDD39A39D1F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\gears of war\binaries\wargame-g4wlive.exe | "{CE2C2B45-6977-480B-AFD8-4CCCE72A1E3B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe | "{D2E9A87D-0105-47BA-97C0-56CB9C368983}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{D4C8DAF6-0547-4251-B54F-A5786253D5D1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{D8E7FF74-A395-4FFB-9ABE-079475F94B34}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{E4203F55-4F04-4194-82CF-8EF7506939C2}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | "{E90139A2-0A37-4833-A127-E626CD4EF4F6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{ED875282-D50B-45A6-AD93-AEF1A7A5F086}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{EF370D10-6362-42DC-AA3B-C1B38F00521F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{EF7D6612-162A-4A9D-8F1D-AFE5C33EDA14}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F11522AD-E4F6-4FC4-AB5D-05E3D92FDC6D}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{FD3963EB-16D2-4B47-83B0-44968B0E8DF5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "TCP Query User{01F75668-4267-40F7-86EB-1DEF702746D5}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{276FB2D9-C8AC-4494-BCFA-36236E42EE06}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{7E3F414B-20AB-4E9A-BAA5-7523F257916A}C:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe" = protocol=6 | dir=in | app=c:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe | "TCP Query User{B515DC96-C442-460A-8CE5-044C4290EF0B}D:\gry\saints row\saints row the third\saintsrowthethird.exe" = protocol=6 | dir=in | app=d:\gry\saints row\saints row the third\saintsrowthethird.exe | "TCP Query User{D4657D97-9ADD-400C-9E12-3AD24C3F84A7}D:\gry\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\gry\crysis 2\bin32\crysis2.exe | "TCP Query User{FF0CA6BD-8BE8-4A20-BDDF-51129BE2B6BA}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | "UDP Query User{1CA19F1E-6D4B-43B0-9BC9-B38DC779C5AA}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{39349563-572B-46D0-AC58-02673D363861}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | "UDP Query User{5B5AA6BF-0264-4757-8DE4-56C4271F0167}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{6D5DDE5C-4E2B-4248-AB45-7B20ED2F8AF2}D:\gry\saints row\saints row the third\saintsrowthethird.exe" = protocol=17 | dir=in | app=d:\gry\saints row\saints row the third\saintsrowthethird.exe | "UDP Query User{CB77C7BA-8CCA-4DC7-8FE4-6A9783A050FE}C:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe" = protocol=17 | dir=in | app=c:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe | "UDP Query User{E631569E-CFFD-4095-9E59-BDF3E4210D64}D:\gry\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\gry\crysis 2\bin32\crysis2.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit) "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0015-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0016-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0018-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-0019-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001A-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001B-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-001F-0415-1000-0000000FF1CE}_Office14.PROPLUS_{329A3D98-9583-4B84-B18B-498E7AB65C43}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-002C-0415-1000-0000000FF1CE}_Office14.PROPLUS_{BFEB53FA-3044-47FD-BB50-9DCBBEED79EF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010 "{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010 "{90140000-0043-0415-1000-0000000FF1CE}_Office14.PROPLUS_{FF5F6090-64DF-4BF6-BADD-71A64FDA70D2}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-0044-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-006E-0415-1000-0000000FF1CE}_Office14.PROPLUS_{3A96ABFF-5202-47B1-B5A2-DDE76563AF61}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00A1-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{90140000-00BA-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.12.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "WinRAR archiver" = WinRAR 4.01 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11 "{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War "{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11 "{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic "{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM) "{3B418709-D688-4E3A-BE0E-7D71FA84C948}" = Nero 11 PiP Effects 1 "{4382FC76-8100-4951-8658-31834E625E88}" = Nero 11 Video Transitions 1 "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B7IL77L-LKS1-ROW3-SAINTS-18CD6E6334R1}_is1" = Saints Row The Third version 1.0 "{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM) "{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM) "{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM) "{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable "{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic "{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper wersja 3.1.0 "{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3 "{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM) "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2 "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2 "{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{8A7ABBD4-A617-4AE8-9C6D-1510DE46EC35}" = Nero 11 "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback "{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1 "{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples "{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2 "{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Polish "{ACD6B383-EC5B-4000-A455-CCB308B447FE}" = Nero 11 Kwik Themes 4 "{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts "{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11 "{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM) "{BA499CC0-12C0-4BA5-9007-76844B721158}" = Nero 11 Kwik Themes 3 "{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11 "{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome "{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM) "{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM) "{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM) "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11 "{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi "{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic "{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM) "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples "{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic "{F69FB940-5031-4FE8-AFAD-085802D0BF63}" = Nero Recode 11 "{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM) "{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11 "Adobe AIR" = Adobe AIR "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "avast" = avast! Internet Security "Battlelog Web Plugins" = Battlelog Web Plugins "ESN Sonar-0.70.4" = ESN Sonar "Fraps" = Fraps (remove only) "Gears of War - spolszczenie" = Gears of War - spolszczenie "Google Chrome" = Google Chrome "InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 8.4.0 (Full) "LogMeIn Hamachi" = LogMeIn Hamachi "Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl) "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Origin" = Origin "Picasa 3" = Picasa 3 "PunkBusterSvc" = PunkBuster Services "QuicktimeAlt_is1" = QuickTime Alternative 3.2.2 "RealAlt_is1" = Real Alternative 2.0.2 "Syndicate_is1" = Syndicate "uTorrent" = µTorrent "uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-04-25 07:22:26 | Computer Name = Maciek-PC | Source = | ID = 0 Description = Error - 2012-04-25 07:22:26 | Computer Name = Maciek-PC | Source = | ID = 0 Description = Error - 2012-04-27 06:15:55 | Computer Name = Maciek-PC | Source = Application Hang | ID = 1002 Description = Program chrome.exe w wersji 18.0.1025.162 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 878 Godzina rozpoczęcia: 01cd24573a12f781 Godzina zakończenia: 10 Ścieżka aplikacji: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Identyfikator raportu: f61d4de5-9051-11e1-9372-5404a69c7cfa Error - 2012-05-07 02:48:07 | Computer Name = Maciek-PC | Source = Application Hang | ID = 1002 Description = Program chrome.exe w wersji 18.0.1025.168 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1290 Godzina rozpoczęcia: 01cd2c1cb90fa32e Godzina zakończenia: 0 Ścieżka aplikacji: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Identyfikator raportu: 954a9b70-9810-11e1-9346-5404a69c7cfa Error - 2012-05-08 07:19:53 | Computer Name = Maciek-PC | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: rads_user_kernel.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4e65c1ac Nazwa modułu powodującego błąd: rads_user_kernel.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4e65c1ac Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000b8554 Identyfikator procesu powodującego błąd: 0x1150 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd2d0c7c5039d3 Ścieżka aplikacji powodującej błąd: D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Ścieżka modułu powodującego błąd: D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Identyfikator raportu: bb381fd9-98ff-11e1-aa3a-5404a69c7cfa Error - 2012-05-11 14:32:49 | Computer Name = Maciek-PC | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: rads_user_kernel.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4e65c1ac Nazwa modułu powodującego błąd: rads_user_kernel.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4e65c1ac Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000b8554 Identyfikator procesu powodującego błąd: 0x554 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd2fa389449a6b Ścieżka aplikacji powodującej błąd: D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Ścieżka modułu powodującego błąd: D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Identyfikator raportu: b54637d4-9b97-11e1-88cb-5404a69c7cfa Error - 2012-05-12 03:01:55 | Computer Name = Maciek-PC | Source = MsiInstaller | ID = 1013 Description = Error - 2012-05-12 07:31:19 | Computer Name = Maciek-PC | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: MassEffect2.exe, wersja: 1.0.1593.2, sygnatura czasowa: 0x4b2845cd Nazwa modułu powodującego błąd: MassEffect2.exe, wersja: 1.0.1593.2, sygnatura czasowa: 0x4b2845cd Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00511db0 Identyfikator procesu powodującego błąd: 0xdc8 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd302e5cb88d65 Ścieżka aplikacji powodującej błąd: D:\Gry\Mass Effect 2PL\Mass Effect 2\Binaries\MassEffect2.exe Ścieżka modułu powodującego błąd: D:\Gry\Mass Effect 2PL\Mass Effect 2\Binaries\MassEffect2.exe Identyfikator raportu: fdf85236-9c25-11e1-ab99-5404a69c7cfa Error - 2012-05-16 14:42:11 | Computer Name = Maciek-PC | Source = Windows Installer 3.1 | ID = 921877 Description = Error - 2012-05-20 07:35:20 | Computer Name = Maciek-PC | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\Maciek\Downloads\SoftonicDownloader_for_driver-sweeper.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. [ System Events ] Error - 2012-04-11 10:27:47 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 16:26:13 na ?2012-?04-?11 było nieoczekiwane. Error - 2012-04-11 10:27:51 | Computer Name = MACIEK-PC | Source = BugCheck | ID = 1001 Description = Error - 2012-04-11 11:12:37 | Computer Name = Maciek-PC | Source = BugCheck | ID = 1001 Description = Error - 2012-04-13 02:05:35 | Computer Name = Maciek-PC | Source = Service Control Manager | ID = 7023 Description = Usługa Serwer zakończyła działanie; wystąpił następujący błąd: %%1062 Error - 2012-04-17 01:53:14 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 21:23:57 na ?2012-?04-?16 było nieoczekiwane. Error - 2012-04-20 02:28:03 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 22:03:36 na ?2012-?04-?19 było nieoczekiwane. Error - 2012-05-10 17:30:40 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 23:29:07 na ?2012-?05-?10 było nieoczekiwane. Error - 2012-05-19 15:45:21 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 21:43:21 na ?2012-?05-?19 było nieoczekiwane. Error - 2012-05-20 07:15:02 | Computer Name = Maciek-PC | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2012-05-20 07:27:35 | Computer Name = Maciek-PC | Source = DCOM | ID = 10010 Description = < End of report >[/log] I tu masz Extras.
Gość komentarz 20 maja 2012 komentarz 20 maja 2012 [quote]I tu masz Extras. [/quote] Ja nie chce Extras tylko [b]OTL.txt[/b]
Kaaas komentarz 20 maja 2012 Autor komentarz 20 maja 2012 No tak, moje czytanie ze zrozumieniem leży i kwiczy. Wybacz [log]OTL logfile created on: 2012-05-20 15:06:46 - Run 3 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Maciek\Desktop\Programy 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,98 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 57,13% Memory free 7,96 Gb Paging File | 6,10 Gb Available in Paging File | 76,59% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 107,42 Gb Total Space | 49,58 Gb Free Space | 46,15% Space Free | Partition Type: NTFS Drive D: | 358,34 Gb Total Space | 214,19 Gb Free Space | 59,77% Space Free | Partition Type: NTFS Computer Name: MACIEK-PC | User Name: Maciek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-05-20 09:59:21 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Maciek\Desktop\Programy\OTL.exe PRC - [2012-05-17 12:47:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012-05-16 20:42:59 | 003,402,376 | ---- | M] (Electronic Arts) -- D:\Origin\Origin.exe PRC - [2012-05-09 05:04:54 | 001,240,048 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-03-07 01:15:13 | 000,134,920 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe PRC - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2009-07-14 03:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-05-20 09:59:21 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Maciek\Desktop\Programy\OTL.exe MOD - [2012-05-16 20:43:00 | 018,604,544 | ---- | M] () -- D:\Origin\QtWebKit4.dll MOD - [2012-05-16 20:43:00 | 003,564,544 | ---- | M] () -- D:\Origin\QtXmlPatterns4.dll MOD - [2012-05-16 20:43:00 | 001,106,944 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\Origin\libeay32.dll MOD - [2012-05-16 20:43:00 | 000,413,184 | ---- | M] () -- D:\Origin\QtXml4.dll MOD - [2012-05-16 20:43:00 | 000,312,320 | ---- | M] () -- D:\Origin\imageformats\qtiff4.dll MOD - [2012-05-16 20:43:00 | 000,264,192 | ---- | M] () -- D:\Origin\imageformats\qmng4.dll MOD - [2012-05-16 20:43:00 | 000,237,568 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\Origin\ssleay32.dll MOD - [2012-05-16 20:43:00 | 000,211,456 | ---- | M] () -- D:\Origin\imageformats\qjpeg4.dll MOD - [2012-05-16 20:43:00 | 000,032,256 | ---- | M] () -- D:\Origin\imageformats\qico4.dll MOD - [2012-05-16 20:43:00 | 000,028,672 | ---- | M] () -- D:\Origin\imageformats\qgif4.dll MOD - [2012-05-16 20:42:59 | 029,974,664 | ---- | M] (Electronic Arts) -- D:\Origin\OriginClient.dll MOD - [2012-05-16 20:42:59 | 009,440,256 | ---- | M] () -- D:\Origin\QtGui4.dll MOD - [2012-05-16 20:42:59 | 003,402,376 | ---- | M] (Electronic Arts) -- D:\Origin\Origin.exe MOD - [2012-05-16 20:42:59 | 002,694,144 | ---- | M] () -- D:\Origin\QtCore4.dll MOD - [2012-05-16 20:42:59 | 001,152,512 | ---- | M] () -- D:\Origin\QtNetwork4.dll MOD - [2012-05-16 20:42:58 | 006,835,344 | ---- | M] (Electronic Arts) -- D:\Origin\IGO32.dll MOD - [2012-05-15 16:14:52 | 000,040,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12052000\uiext.dll MOD - [2012-05-09 05:04:54 | 001,240,048 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe MOD - [2012-05-09 05:04:52 | 000,441,840 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll MOD - [2012-05-09 05:04:51 | 003,921,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll MOD - [2012-05-09 05:03:36 | 000,553,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libglesv2.dll MOD - [2012-05-09 05:03:35 | 000,117,744 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libegl.dll MOD - [2012-05-09 05:03:34 | 009,962,480 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\icudt.dll MOD - [2012-05-09 05:03:28 | 035,876,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\chrome.dll MOD - [2012-05-09 05:03:25 | 000,134,656 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avutil-51.dll MOD - [2012-05-09 05:03:24 | 000,250,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avformat-54.dll MOD - [2012-05-09 05:03:23 | 002,375,680 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avcodec-54.dll MOD - [2012-05-09 04:09:13 | 008,743,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll MOD - [2012-05-09 04:09:13 | 008,743,584 | ---- | M] () -- C:\PROGRA~2\Google\Chrome\APPLIC~1\190108~1.46\gcswf32.dll MOD - [2012-04-27 07:12:11 | 000,120,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll MOD - [2012-04-21 06:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll MOD - [2012-04-07 21:34:15 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll MOD - [2012-04-07 21:34:14 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2012-04-07 21:34:14 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MOD - [2012-03-20 13:18:24 | 001,145,344 | ---- | M] (ESN Social Software AB) -- C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll MOD - [2012-03-07 01:15:28 | 000,228,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll MOD - [2012-03-07 01:15:28 | 000,095,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll MOD - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe MOD - [2012-03-07 01:15:15 | 004,675,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll MOD - [2012-03-07 01:15:13 | 000,215,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2012-03-07 01:15:10 | 000,399,088 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll MOD - [2012-03-07 01:15:10 | 000,214,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll MOD - [2012-03-07 01:15:10 | 000,027,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll MOD - [2012-03-07 01:15:09 | 000,217,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll MOD - [2012-03-07 01:15:08 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll MOD - [2012-03-07 01:15:07 | 000,337,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll MOD - [2012-03-07 01:15:07 | 000,184,872 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll MOD - [2012-03-07 01:15:07 | 000,164,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll MOD - [2012-03-07 01:15:07 | 000,153,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll MOD - [2012-03-07 01:15:07 | 000,098,864 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll MOD - [2012-03-07 01:15:07 | 000,050,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll MOD - [2012-03-07 01:15:06 | 000,406,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll MOD - [2012-03-07 01:15:06 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll MOD - [2012-03-07 01:15:04 | 000,042,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwRpc.dll MOD - [2012-03-07 01:15:03 | 000,345,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll MOD - [2012-03-07 01:15:03 | 000,164,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCoreClient.dll MOD - [2012-03-07 01:15:03 | 000,096,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll MOD - [2012-03-07 01:15:03 | 000,035,528 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCore.dll MOD - [2012-03-07 01:15:03 | 000,034,992 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwGeoIP.dll MOD - [2012-03-01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2012-03-01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll MOD - [2012-03-01 02:02:00 | 015,009,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll MOD - [2012-02-28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll MOD - [2012-02-28 03:12:01 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2012-02-28 03:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2012-02-28 03:04:32 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2012-02-23 17:23:15 | 002,111,448 | ---- | M] (AVAST! Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll MOD - [2012-02-01 10:18:26 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Origin Games\Battlefield 3\Core\MSVCR100.dll MOD - [2012-02-01 10:18:26 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Origin Games\Battlefield 3\Core\MSVCP100.dll MOD - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe MOD - [2012-01-04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2012-01-04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2011-12-16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2011-11-17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2011-11-17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll MOD - [2011-11-17 07:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll MOD - [2011-11-17 07:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2011-11-17 07:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2011-11-03 16:08:56 | 000,122,216 | ---- | M] (ESN Social Software AB) -- C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2011-07-16 06:26:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\acwow64.dll MOD - [2011-07-16 06:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2011-07-16 06:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2011-06-16 06:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll MOD - [2011-05-24 12:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2011-05-24 12:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2010-11-20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll MOD - [2010-11-20 14:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll MOD - [2010-11-20 14:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2010-11-20 14:21:34 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2010-11-20 14:21:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sqmapi.dll MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2010-11-20 14:21:03 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2010-11-20 14:19:33 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010-11-20 14:19:05 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll MOD - [2010-11-20 14:19:01 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll MOD - [2010-11-20 14:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2010-11-20 14:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2010-11-20 14:18:01 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv MOD - [2010-11-20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2010-11-20 14:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2010-11-20 14:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2010-11-20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-05-26 11:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DCompiler_43.dll MOD - [2010-05-26 11:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DX9_43.dll MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009-07-14 03:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009-07-14 03:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll MOD - [2009-07-14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll MOD - [2009-07-14 03:15:46 | 002,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll MOD - [2009-07-14 03:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll MOD - [2009-07-14 03:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll MOD - [2009-07-14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll MOD - [2009-07-14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 03:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll MOD - [2009-07-14 03:05:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icmp.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2012-03-07 01:15:13 | 000,134,920 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-05-17 12:47:51 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-02-28 17:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-02-14 18:55:04 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R) SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-04-07 16:26:50 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2012-03-07 01:04:31 | 000,141,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW) DRV:[b]64bit:[/b] - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2012-03-07 01:03:29 | 000,258,904 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2) DRV:[b]64bit:[/b] - [2012-03-07 01:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd) DRV:[b]64bit:[/b] - [2012-03-07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-23 16:54:51 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis) DRV:[b]64bit:[/b] - [2012-02-14 18:47:38 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2012-01-17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2011-07-13 13:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol) DRV:[b]64bit:[/b] - [2011-07-13 13:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp) DRV:[b]64bit:[/b] - [2011-06-10 08:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-04-08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:[b]64bit:[/b] - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A} IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\SearchScopes\{1CF28E44-71E2-4F49-9B56-28F2F8A987D0}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-04-07 14:57:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-07 17:22:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-04-16 18:58:46 | 000,000,000 | ---D | M] [2012-04-07 15:30:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maciek\AppData\Roaming\mozilla\Extensions [2012-05-20 14:25:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maciek\AppData\Roaming\mozilla\Firefox\Profiles\3l1olj9a.default\extensions [2012-04-25 19:13:28 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Maciek\AppData\Roaming\mozilla\Firefox\Profiles\3l1olj9a.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} [2012-04-07 22:52:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012-04-07 22:52:25 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-04-16 18:14:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-04-07 15:32:07 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-04-16 18:14:46 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012-04-07 15:32:04 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-04-07 15:32:04 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2010-12-13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml [2012-04-07 15:32:04 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-04-07 15:32:04 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-04-07 15:32:04 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-04-07 15:32:04 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: YouTube = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\ CHR - Extension: Gmail = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000..\Run: [EADM] D:\Origin\Origin.exe (Electronic Arts) O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDFE84E1-D405-43C1-B049-F795ADE67950}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpReg: [b]facemoods[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]LogMeIn Hamachi Ui[/b] - hkey= - key= - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-05-20 13:28:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012-05-20 13:24:46 | 000,000,000 | ---D | C] -- C:\NVIDIA [2012-05-20 13:18:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012-05-20 13:11:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phyxion.net [2012-05-20 10:13:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro [2012-05-20 10:13:13 | 000,000,000 | ---D | C] -- C:\rsit [2012-05-17 12:43:19 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\PunkBuster [2012-05-17 12:43:13 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Battlefield 3 [2012-05-17 12:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins [2012-05-17 01:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3 [2012-05-17 01:11:22 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller [2012-05-16 20:43:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games [2012-05-16 20:43:03 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Origin [2012-05-16 20:42:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2012-05-12 09:06:32 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\ME2 ENG [2012-05-12 09:01:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2012-05-12 09:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2 [2012-05-09 21:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012-05-09 21:34:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012-05-09 21:34:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012-05-07 19:44:06 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\Music [2012-04-28 09:12:02 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Nero [2012-04-22 21:52:02 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Diablo III [2012-04-22 20:36:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [2012-04-22 14:47:10 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\mama [2012-04-17 16:24:32 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\GRY BABCI [2012-04-16 19:22:53 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\.minecraft [2012-04-16 18:14:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012-04-16 18:14:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012-04-15 16:43:33 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft Games [2012-04-15 16:38:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games [2012-04-15 16:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games [2012-04-14 19:08:16 | 000,000,000 | ---D | C] -- C:\Users\Maciek\riotsGamesLogs [2012-04-14 19:08:01 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\LolClient [2012-04-14 14:27:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2012-04-14 08:55:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012-04-14 08:40:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2012-04-13 16:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2012-04-12 21:13:15 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2012-04-12 21:13:10 | 000,000,000 | ---D | C] -- C:\Fraps [2012-04-11 20:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\GG [2012-04-11 17:15:10 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Rockstar Games [2012-04-11 17:14:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2012-04-11 16:27:47 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012-04-11 16:24:43 | 000,000,000 | RH-D | C] -- C:\Users\Maciek\AppData\Roaming\SecuROM [2012-04-11 15:35:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-04-11 14:57:45 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2012-04-11 14:54:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2012-04-11 14:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2012-04-11 13:57:34 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Rockstar Games [2012-04-11 13:57:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2012-04-10 20:08:37 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys [2012-04-10 20:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012-04-10 20:08:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2012-04-10 15:00:41 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Media Player Classic [2012-04-09 23:29:57 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\NVIDIA [2012-04-09 23:18:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\LogMeIn Hamachi [2012-04-09 20:42:25 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\PMB Files [2012-04-09 20:42:24 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2012-04-09 20:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2012-04-08 22:45:31 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Skyrim [2012-04-08 22:45:31 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\My Games [2012-04-08 22:36:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911 [2012-04-08 21:44:01 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\BioWare [2012-04-08 21:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs [2012-04-08 21:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect [2012-04-08 21:41:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare [2012-04-08 17:53:03 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Microsoft Games [2012-04-08 15:51:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrentControl2 [2012-04-08 15:51:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent [2012-04-08 15:51:19 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\uTorrent [2012-04-08 11:41:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\ToD [2012-04-08 11:39:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Deployment [2012-04-08 11:39:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Apps [2012-04-08 11:04:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2012-04-08 11:04:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment [2012-04-08 10:45:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard [2012-04-08 09:41:00 | 000,000,000 | --SD | C] -- C:\Users\Maciek\GG dysk [2012-04-08 09:38:08 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\GG [2012-04-08 09:38:07 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG [2012-04-08 09:38:04 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\GG [2012-04-08 00:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saints Row The Third [2012-04-08 00:55:13 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012-04-08 00:44:39 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Syndicate [2012-04-07 23:58:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\SKIDROW [2012-04-07 23:58:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\DarknessII [2012-04-07 23:34:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2012-04-07 23:34:03 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Origin [2012-04-07 23:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2012-04-07 23:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs [2012-04-07 23:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2012-04-07 23:05:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab [2012-04-07 23:05:26 | 000,000,000 | ---D | C] -- C:\Users\Maciek\SystemRequirementsLab [2012-04-07 23:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader [2012-04-07 23:00:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2012-04-07 22:52:16 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Skype [2012-04-07 22:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-04-07 22:52:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012-04-07 22:52:03 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012-04-07 22:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012-04-07 22:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2012-04-07 22:43:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012-04-07 22:43:24 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012-04-07 22:43:24 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012-04-07 22:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012-04-07 22:38:15 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2012-04-07 20:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero [2012-04-07 20:49:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2012-04-07 20:49:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2012-04-07 20:45:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero [2012-04-07 20:45:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012-04-07 20:07:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012-04-07 20:06:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012-04-07 20:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2012-04-07 20:05:40 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-04-07 20:05:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012-04-07 20:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2012-04-07 20:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2012-04-07 20:03:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2012-04-07 20:03:35 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Microsoft Help [2012-04-07 20:03:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012-04-07 20:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012-04-07 20:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2012-04-07 20:03:07 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012-04-07 20:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 [2012-04-07 20:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2012-04-07 18:50:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2012-04-07 18:50:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2012-04-07 17:27:05 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Alcohol 120% [2012-04-07 17:25:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2012-04-07 17:25:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012-04-07 17:24:35 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2012-04-07 17:24:34 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2012-04-07 17:24:34 | 000,220,512 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll [2012-04-07 17:24:34 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2012-04-07 17:24:34 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2012-04-07 17:24:34 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2012-04-07 17:24:34 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll [2012-04-07 17:24:34 | 000,078,176 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll [2012-04-07 17:24:34 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2012-04-07 17:24:27 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2012-04-07 17:24:27 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2012-04-07 17:24:27 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2012-04-07 17:24:26 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2012-04-07 17:24:26 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2012-04-07 17:24:26 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2012-04-07 17:24:21 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2012-04-07 17:24:21 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2012-04-07 17:24:21 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2012-04-07 17:24:21 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2012-04-07 17:24:20 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2012-04-07 17:24:20 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2012-04-07 17:24:18 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll [2012-04-07 17:24:17 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2012-04-07 17:24:17 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2012-04-07 17:24:17 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2012-04-07 17:24:16 | 000,603,472 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll [2012-04-07 17:24:09 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2012-04-07 17:24:07 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2012-04-07 17:24:07 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2012-04-07 17:24:06 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2012-04-07 17:24:06 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2012-04-07 17:24:06 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2012-04-07 17:24:04 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2012-04-07 17:24:04 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2012-04-07 17:24:04 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2012-04-07 17:24:03 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2012-04-07 17:24:03 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2012-04-07 17:24:03 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2012-04-07 17:24:03 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2012-04-07 17:23:38 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2012-04-07 17:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012-04-07 17:22:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative [2012-04-07 17:22:39 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll [2012-04-07 17:22:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real Alternative [2012-04-07 17:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120% [2012-04-07 17:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft [2012-04-07 17:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime Alternative [2012-04-07 17:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012-04-07 17:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime Alternative [2012-04-07 17:16:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2012-04-07 17:16:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack [2012-04-07 17:01:38 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll [2012-04-07 17:01:05 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll [2012-04-07 16:40:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012-04-07 16:39:21 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-07 16:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-07 16:38:37 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\WinRAR [2012-04-07 16:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2012-04-07 16:15:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2012-04-07 16:15:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2012-04-07 15:43:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe [2012-04-07 15:42:45 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-04-07 15:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012-04-07 15:41:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2012-04-07 15:41:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012-04-07 15:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012-04-07 15:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2012-04-07 15:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012-04-07 15:40:40 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Macromedia [2012-04-07 15:40:40 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Adobe [2012-04-07 15:40:40 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Adobe [2012-04-07 15:38:21 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\Programy [2012-04-07 15:32:33 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Google [2012-04-07 15:30:44 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Mozilla [2012-04-07 15:30:44 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Mozilla [2012-04-07 15:30:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012-04-07 14:41:51 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012-04-07 14:41:51 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012-04-07 14:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security [2012-04-07 14:41:50 | 000,141,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys [2012-04-07 14:41:41 | 000,258,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys [2012-04-07 14:41:41 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012-04-07 14:41:41 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2012-04-07 14:41:41 | 000,028,504 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys [2012-04-07 14:41:40 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012-04-07 14:41:38 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012-04-07 14:41:37 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012-04-07 14:41:21 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012-04-07 14:41:18 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys [2012-04-07 14:41:15 | 000,539,240 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2012-04-07 14:41:10 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012-04-07 14:41:10 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012-04-07 14:41:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2012-04-07 14:41:08 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012-04-07 14:40:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012-04-07 14:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012-04-07 13:53:04 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012-04-07 13:52:50 | 000,000,000 | -HSD | C] -- C:\Boot [2012-04-07 13:48:25 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2012-04-07 13:48:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2012-04-07 13:01:51 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012-04-07 13:00:40 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-04-07 13:00:40 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Searches [2012-04-07 13:00:40 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-04-07 13:00:27 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Identities [2012-04-07 13:00:19 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Contacts [2012-04-07 13:00:15 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\VirtualStore [2012-04-07 12:59:58 | 000,000,000 | --SD | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft [2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Favorites [2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Downloads [2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Documents [2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Desktop [2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Ustawienia lokalne [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\AppData\Local\Temporary Internet Files [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Szablony [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\SendTo [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Recent [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\PrintHood [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\NetHood [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Documents\Moje wideo [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Documents\Moje obrazy [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Moje dokumenty [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Documents\Moja muzyka [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Menu Start [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\AppData\Local\Historia [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Dane aplikacji [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\AppData\Local\Dane aplikacji [2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Cookies [2012-04-07 12:59:58 | 000,000,000 | -H-D | C] -- C:\Users\Maciek\AppData [2012-04-07 12:59:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Temp [2012-04-07 12:59:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Microsoft [2012-04-07 12:59:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Media Center Programs [2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Videos [2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Saved Games [2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Pictures [2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Music [2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Links [2012-04-07 12:59:49 | 000,000,000 | -HSD | C] -- C:\Recovery [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2012-04-07 12:54:05 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012-04-07 12:53:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-05-20 14:44:00 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-05-20 14:33:39 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-05-20 14:33:39 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-05-20 14:31:45 | 001,672,256 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-05-20 14:31:45 | 000,741,328 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-05-20 14:31:45 | 000,655,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-05-20 14:31:45 | 000,155,924 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-05-20 14:31:45 | 000,121,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-05-20 14:26:39 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-05-20 14:26:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-05-20 14:26:16 | 3207,315,456 | -HS- | M] () -- C:\hiberfil.sys [2012-05-20 13:29:42 | 000,001,224 | ---- | M] () -- C:\Users\Maciek\Documents\ax_files.xml [2012-05-20 11:04:46 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012-05-20 11:04:46 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-05-20 11:04:26 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012-05-19 21:59:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-05-19 21:43:00 | 000,319,589 | ---- | M] () -- C:\Users\Maciek\Desktop\Film0109.mp4 [2012-05-17 12:47:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012-05-17 01:11:24 | 000,001,180 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [2012-05-09 19:50:56 | 000,415,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-05-07 07:39:49 | 000,532,538 | ---- | M] () -- C:\Users\Maciek\Desktop\forum13_14.pdf [2012-04-25 20:01:16 | 001,638,614 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-04-24 08:53:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01007.Wdf [2012-04-11 17:12:29 | 375,767,249 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012-04-11 14:57:45 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2012-04-07 17:23:24 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini [2012-04-07 17:22:43 | 000,026,782 | ---- | M] () -- C:\Windows\Ascd_tmp.ini [2012-04-07 16:26:50 | 000,530,488 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys [2012-04-07 15:38:15 | 000,000,351 | ---- | M] () -- C:\Users\Maciek\Desktop\Gry.lnk [2012-04-07 15:32:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012-04-07 15:32:02 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012-04-07 14:57:57 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012-04-07 13:52:52 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-04-07 13:20:24 | 000,407,946 | RHS- | M] () -- C:\SFVXZ [2012-04-07 13:19:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-07 12:57:25 | 000,067,908 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012-04-07 12:57:25 | 000,067,908 | ---- | M] () -- C:\Windows\SysNative\license.rtf [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-05-19 22:00:21 | 000,319,589 | ---- | C] () -- C:\Users\Maciek\Desktop\Film0109.mp4 [2012-05-19 21:59:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-05-17 12:43:24 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012-05-17 01:11:24 | 000,001,180 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [2012-05-17 01:10:39 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-05-17 01:10:39 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012-05-17 01:10:35 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012-05-07 07:40:59 | 000,532,538 | ---- | C] () -- C:\Users\Maciek\Desktop\forum13_14.pdf [2012-04-24 08:55:22 | 001,638,614 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-04-24 08:53:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01007.Wdf [2012-04-11 16:39:39 | 002,515,790 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin [2012-04-11 16:27:35 | 375,767,249 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012-04-11 15:34:51 | 000,001,060 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-11 15:34:50 | 000,001,056 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-07 22:43:24 | 000,011,770 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2012-04-07 17:23:58 | 000,001,224 | ---- | C] () -- C:\Users\Maciek\Documents\ax_files.xml [2012-04-07 17:03:00 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe [2012-04-07 17:02:47 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd [2012-04-07 17:00:35 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml [2012-04-07 17:00:16 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml [2012-04-07 17:00:16 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml [2012-04-07 16:58:37 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc [2012-04-07 16:58:37 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml [2012-04-07 16:41:10 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012-04-07 16:26:50 | 000,530,488 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys [2012-04-07 15:38:15 | 000,000,351 | ---- | C] () -- C:\Users\Maciek\Desktop\Gry.lnk [2012-04-07 15:32:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012-04-07 15:32:02 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012-04-07 15:30:41 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012-04-07 14:41:38 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2012-04-07 14:41:15 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2012-04-07 13:52:52 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2012-04-07 13:52:51 | 000,383,786 | RHS- | C] () -- C:\bootmgr [2012-04-07 13:47:45 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012-04-07 13:47:39 | 000,026,782 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2012-04-07 13:20:24 | 000,407,946 | RHS- | C] () -- C:\SFVXZ [2012-04-07 13:19:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-07 13:00:50 | 000,001,427 | ---- | C] () -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012-04-07 13:00:42 | 000,001,461 | ---- | C] () -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012-04-07 12:57:17 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012-04-07 12:57:11 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012-04-07 12:53:47 | 3207,315,456 | -HS- | C] () -- C:\hiberfil.sys [2012-02-29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012-02-14 18:47:06 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012-02-14 18:47:06 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012-02-14 18:47:06 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2012-02-14 18:44:24 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012-02-14 17:59:56 | 013,209,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [color=#E56717]========== LOP Check ==========[/color] [2012-04-21 22:31:06 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\.minecraft [2012-04-14 19:06:36 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\DarknessII [2012-05-20 14:16:15 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\GG [2012-04-14 19:08:01 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\LolClient [2012-04-07 23:34:43 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\Origin [2012-04-08 11:43:38 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\ToD [2012-05-20 14:23:55 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\uTorrent [2012-05-07 19:37:15 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-11-20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2012-04-07 13:52:52 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-05-20 14:26:16 | 3207,315,456 | -HS- | M] () -- C:\hiberfil.sys [2012-05-20 14:26:18 | 4276,424,704 | -HS- | M] () -- C:\pagefile.sys [2012-04-07 13:20:24 | 000,407,946 | RHS- | M] () -- C:\SFVXZ [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2010-11-20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010-11-20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010-11-20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2010-11-20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys [2010-11-20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010-11-20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010-11-20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe < End of report >[/log] Tu jest (mam nadzieje) to czego potrzebujesz.
Gość komentarz 20 maja 2012 komentarz 20 maja 2012 Uruchom OTL i w oknie [b]Własne opcje skanowania/skryp[/b]t wklej Kliknij w [color=#0000ff][b]Wykonaj skrypt[/b][/color] [code]:Files C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml :OTL IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\SearchScopes\{1CF28E44-71E2-4F49-9B56-28F2F8A987D0}: "URL" = http://search.condui...&ctid=CT3072253 FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) [2012-04-25 19:13:28 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Maciek\AppData\Roaming\mozilla\Firefox\Profiles\3l1olj9a.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) :Commands [emptyflash] [emptytemp][/code] Odinstaluj [b]RSIT[/b] 2. Uruchom OTL i kliknij [b]Sprzatanie.[/b]
Kaaas komentarz 20 maja 2012 Autor komentarz 20 maja 2012 Done. Dzięki wielkie za pomoc. Dam znać czy pomogło
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.