x-kom hosting

Czy to wirus?

Kaaas
utworzono
utworzono

Witam.
Otóż mój problem wygląda następująco:
[url="https://vimeo.com/42468336"]https://vimeo.com/42468336[/url]
Słyszałem, że trojany robią z kompem podobne rzeczy, skanowałem dysk avastem, trybem expresowym, lecz nic nie znalazł. Może to grafa? Kompa mam od niespełna miesiąca...
Zdarzyło mi się to 3 razy w ciągu 1,5 tygodnia. Komp sie zwiesza i trzeba restartować. Wie ktoś może co to za świnstwo?

Igorrodz
komentarz
komentarz

Pożycz od kogoś inną kartę graficzna, wsadź do swojego peceta i przetestuj czy błędy będą nadal - a swoją sprawdź u koleżanki.

BTW- jaki masz zasilacz?

kml700
komentarz
komentarz

Podaj markę i model zasilacza. :gobi:

Igorrodz
komentarz
komentarz

ewentualnie daj logi z OTL i RIST http://www.forumpc.pl/index.php?showtopic=104338

Doman
komentarz
komentarz

Jeśli już skanowałeś ten dysk, to przy rozruchu, a nie trybem ekspresowym... Mi wygląda na wine grafiki. Sprawdź na innej.

Kaaas
komentarz
komentarz

Zasilacz to:
TACENS RADIX V- 450
Grafa:
ASUS GT440
Otóż przy instalowaniu sterów do grafiki, nie usunąłem wcześniej starych, podobno to przeciąża. Jak mi poszła ta karta to ja nie wiem co zrobię, bo wyrzuciłem gwarancję, razem z pudełkiem (nie wiedziałem, że w nim jest).
Mam w domu też ASUSa 9500GT, więc moge sprawdzić, chociaż siedzieć na starej karcie bóg wie ile, żeby tylko zobaczyć czy stanie sie coś takiego, i kiedy, to też bedzie problematyczne.
Igorrodz tu są logi:
[log]OTL logfile created on: 2012-05-20 10:02:49 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Maciek\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,98 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 59,07% Memory free
7,96 Gb Paging File | 5,87 Gb Available in Paging File | 73,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 107,42 Gb Total Space | 3,20 Gb Free Space | 2,98% Space Free | Partition Type: NTFS
Drive D: | 358,34 Gb Total Space | 165,53 Gb Free Space | 46,19% Space Free | Partition Type: NTFS
Drive E: | 5,12 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 7,32 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: MACIEK-PC | User Name: Maciek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-05-20 09:59:21 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Maciek\Desktop\OTL.exe
PRC - [2012-05-19 22:34:46 | 000,283,304 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012-05-17 12:47:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-05-16 20:42:59 | 003,402,376 | ---- | M] (Electronic Arts) -- D:\Origin\Origin.exe
PRC - [2012-05-09 05:04:54 | 001,240,048 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-03-07 01:15:13 | 000,134,920 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-02-28 17:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-05-20 09:59:21 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Maciek\Desktop\OTL.exe
MOD - [2012-05-16 20:43:00 | 018,604,544 | ---- | M] () -- D:\Origin\QtWebKit4.dll
MOD - [2012-05-16 20:43:00 | 003,564,544 | ---- | M] () -- D:\Origin\QtXmlPatterns4.dll
MOD - [2012-05-16 20:43:00 | 001,106,944 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\Origin\libeay32.dll
MOD - [2012-05-16 20:43:00 | 000,413,184 | ---- | M] () -- D:\Origin\QtXml4.dll
MOD - [2012-05-16 20:43:00 | 000,312,320 | ---- | M] () -- D:\Origin\imageformats\qtiff4.dll
MOD - [2012-05-16 20:43:00 | 000,264,192 | ---- | M] () -- D:\Origin\imageformats\qmng4.dll
MOD - [2012-05-16 20:43:00 | 000,237,568 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\Origin\ssleay32.dll
MOD - [2012-05-16 20:43:00 | 000,211,456 | ---- | M] () -- D:\Origin\imageformats\qjpeg4.dll
MOD - [2012-05-16 20:43:00 | 000,032,256 | ---- | M] () -- D:\Origin\imageformats\qico4.dll
MOD - [2012-05-16 20:43:00 | 000,028,672 | ---- | M] () -- D:\Origin\imageformats\qgif4.dll
MOD - [2012-05-16 20:42:59 | 029,974,664 | ---- | M] (Electronic Arts) -- D:\Origin\OriginClient.dll
MOD - [2012-05-16 20:42:59 | 009,440,256 | ---- | M] () -- D:\Origin\QtGui4.dll
MOD - [2012-05-16 20:42:59 | 003,402,376 | ---- | M] (Electronic Arts) -- D:\Origin\Origin.exe
MOD - [2012-05-16 20:42:59 | 002,694,144 | ---- | M] () -- D:\Origin\QtCore4.dll
MOD - [2012-05-16 20:42:59 | 001,152,512 | ---- | M] () -- D:\Origin\QtNetwork4.dll
MOD - [2012-05-16 20:42:58 | 006,835,344 | ---- | M] (Electronic Arts) -- D:\Origin\IGO32.dll
MOD - [2012-05-15 16:14:52 | 000,040,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12052000\uiext.dll
MOD - [2012-05-09 05:04:54 | 001,240,048 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
MOD - [2012-05-09 05:04:52 | 000,441,840 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
MOD - [2012-05-09 05:04:51 | 003,921,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll
MOD - [2012-05-09 05:03:36 | 000,553,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libglesv2.dll
MOD - [2012-05-09 05:03:35 | 000,117,744 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libegl.dll
MOD - [2012-05-09 05:03:34 | 009,962,480 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\icudt.dll
MOD - [2012-05-09 05:03:28 | 035,876,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\chrome.dll
MOD - [2012-05-09 05:03:25 | 000,134,656 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avutil-51.dll
MOD - [2012-05-09 05:03:24 | 000,250,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avformat-54.dll
MOD - [2012-05-09 05:03:23 | 002,375,680 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avcodec-54.dll
MOD - [2012-04-27 07:12:11 | 000,120,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MOD - [2012-04-21 06:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
MOD - [2012-04-11 16:25:07 | 004,470,432 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll
MOD - [2012-04-07 21:34:15 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2012-04-07 21:34:14 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012-04-07 21:34:14 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012-03-07 01:15:28 | 000,228,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll
MOD - [2012-03-07 01:15:28 | 000,095,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll
MOD - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2012-03-07 01:15:15 | 004,675,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2012-03-07 01:15:13 | 000,215,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2012-03-07 01:15:10 | 000,399,088 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2012-03-07 01:15:10 | 000,214,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2012-03-07 01:15:10 | 000,027,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2012-03-07 01:15:09 | 000,217,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2012-03-07 01:15:08 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2012-03-07 01:15:07 | 000,337,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2012-03-07 01:15:07 | 000,184,872 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2012-03-07 01:15:07 | 000,164,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2012-03-07 01:15:07 | 000,153,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2012-03-07 01:15:07 | 000,098,864 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2012-03-07 01:15:07 | 000,050,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2012-03-07 01:15:06 | 000,406,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2012-03-07 01:15:06 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2012-03-07 01:15:04 | 000,042,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwRpc.dll
MOD - [2012-03-07 01:15:03 | 000,345,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2012-03-07 01:15:03 | 000,164,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCoreClient.dll
MOD - [2012-03-07 01:15:03 | 000,096,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2012-03-07 01:15:03 | 000,035,528 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCore.dll
MOD - [2012-03-07 01:15:03 | 000,034,992 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwGeoIP.dll
MOD - [2012-03-02 11:48:28 | 004,280,992 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Toolbars\Shared\SkypePnr.dll
MOD - [2012-03-01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-03-01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-03-01 02:02:00 | 015,009,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll
MOD - [2012-02-28 17:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
MOD - [2012-02-28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-02-28 03:12:01 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-02-28 03:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-02-28 03:04:32 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-02-23 17:23:15 | 002,111,448 | ---- | M] (AVAST! Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll
MOD - [2012-02-01 10:18:26 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Origin Games\Battlefield 3\Core\MSVCR100.dll
MOD - [2012-02-01 10:18:26 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Origin Games\Battlefield 3\Core\MSVCP100.dll
MOD - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2012-01-04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-01-04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011-12-16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-11-17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2011-11-17 07:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2011-11-17 07:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2011-11-17 07:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-07-16 06:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-07-16 06:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011-06-16 06:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-05-24 12:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-05-24 12:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011-05-24 12:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-20 14:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-20 14:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010-11-20 14:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll
MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-20 14:21:34 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-20 14:21:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sqmapi.dll
MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010-11-20 14:21:03 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-20 14:19:33 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-20 14:19:05 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll
MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010-11-20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-20 14:19:01 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll
MOD - [2010-11-20 14:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010-11-20 14:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-20 14:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll
MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-20 14:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-20 14:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-05-26 11:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DCompiler_43.dll
MOD - [2010-05-26 11:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DX9_43.dll
MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 03:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll
MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 03:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 03:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PeerDist.dll
MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 03:15:46 | 002,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll
MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 03:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll
MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 03:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 03:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009-07-14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009-07-14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 03:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWOW64\l3codeca.acm
MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-07-14 03:05:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icmp.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2012-03-07 01:15:13 | 000,134,920 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-05-19 22:34:46 | 000,283,304 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012-05-17 12:47:51 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-02-28 17:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-02-14 18:55:04 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R)
SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-04-07 16:26:50 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2012-03-07 01:04:31 | 000,141,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:[b]64bit:[/b] - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2012-03-07 01:03:29 | 000,258,904 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:[b]64bit:[/b] - [2012-03-07 01:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2012-03-07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-23 16:54:51 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:[b]64bit:[/b] - [2012-02-14 18:47:38 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012-01-17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2011-07-13 13:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)
DRV:[b]64bit:[/b] - [2011-07-13 13:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)
DRV:[b]64bit:[/b] - [2011-06-10 08:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-04-08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:[b]64bit:[/b] - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3072253
IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A}
IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\SearchScopes\{1CF28E44-71E2-4F49-9B56-28F2F8A987D0}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-04-07 14:57:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-07 17:22:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-04-16 18:58:46 | 000,000,000 | ---D | M]

[2012-04-07 15:30:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maciek\AppData\Roaming\mozilla\Extensions
[2012-05-02 11:10:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maciek\AppData\Roaming\mozilla\Firefox\Profiles\3l1olj9a.default\extensions
[2012-04-25 19:13:28 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Maciek\AppData\Roaming\mozilla\Firefox\Profiles\3l1olj9a.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012-04-07 23:00:55 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Maciek\AppData\Roaming\mozilla\Firefox\Profiles\3l1olj9a.default\extensions\ffxtlbr@Facemoods.com
[2012-04-07 22:52:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-04-07 22:52:25 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-04-16 18:14:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012-04-07 15:32:07 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-04-16 18:14:46 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012-04-07 15:32:04 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-07 15:32:04 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-12-13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2012-04-07 15:32:04 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-07 15:32:04 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-07 15:32:04 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-07 15:32:04 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Skype Click to Call = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\
CHR - Extension: Gmail = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000..\Run: [EADM] D:\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDFE84E1-D405-43C1-B049-F795ADE67950}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-03-28 22:09:19 | 000,131,720 | R--- | M] (InstallShield Software Corporation) - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008-02-22 18:08:27 | 000,058,601 | R--- | M] () - E:\autorun.ico -- [ UDF ]
O32 - AutoRun File - [2008-02-22 18:08:27 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008-02-22 18:08:44 | 000,000,382 | R--- | M] () - E:\autorun.ini -- [ UDF ]
O32 - AutoRun File - [2009-10-26 18:45:39 | 000,779,496 | R--- | M] (BioWare) - G:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2009-10-26 23:21:41 | 000,000,054 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{37be76c0-80c4-11e1-87ed-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{37be76c0-80c4-11e1-87ed-806e6f6e6963}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2009-10-26 18:45:39 | 000,779,496 | R--- | M] (BioWare)
O33 - MountPoints2\{f13dbdcb-809f-11e1-95d5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f13dbdcb-809f-11e1-95d5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2008-03-28 22:09:19 | 000,131,720 | R--- | M] (InstallShield Software Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpReg: [b]facemoods[/b] - hkey= - key= - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)
MsConfig:64bit - StartUpReg: [b]LogMeIn Hamachi Ui[/b] - hkey= - key= - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-05-20 09:59:13 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Maciek\Desktop\OTL.exe
[2012-05-17 12:43:19 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\PunkBuster
[2012-05-17 12:43:13 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Battlefield 3
[2012-05-17 12:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2012-05-17 01:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
[2012-05-17 01:11:22 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2012-05-16 20:43:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2012-05-16 20:43:03 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Origin
[2012-05-16 20:42:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012-05-12 09:06:32 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\ME2 ENG
[2012-05-12 09:01:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012-05-12 09:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2
[2012-05-09 21:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012-05-09 21:34:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012-05-09 21:34:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012-05-07 19:44:06 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\Music
[2012-04-28 09:12:02 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Nero
[2012-04-22 21:52:02 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Diablo III
[2012-04-22 20:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Beta
[2012-04-22 20:36:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012-04-22 14:47:10 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\mama
[2012-04-17 16:24:32 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\GRY BABCI
[2012-04-16 19:22:53 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\.minecraft
[2012-04-16 18:14:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012-04-16 18:14:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012-04-15 16:43:33 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft Games
[2012-04-15 16:38:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2012-04-15 16:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2012-04-14 19:08:16 | 000,000,000 | ---D | C] -- C:\Users\Maciek\riotsGamesLogs
[2012-04-14 19:08:01 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\LolClient
[2012-04-14 14:27:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2012-04-14 08:55:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012-04-14 08:40:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012-04-13 16:05:05 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Ubisoft
[2012-04-13 16:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2012-04-13 15:45:23 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\InstallShield
[2012-04-12 21:13:15 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2012-04-12 21:13:10 | 000,000,000 | ---D | C] -- C:\Fraps
[2012-04-11 20:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\GG
[2012-04-11 17:15:10 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Rockstar Games
[2012-04-11 17:14:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012-04-11 16:50:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012-04-11 16:27:47 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-04-11 16:24:43 | 000,000,000 | RH-D | C] -- C:\Users\Maciek\AppData\Roaming\SecuROM
[2012-04-11 15:35:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-04-11 14:57:45 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012-04-11 14:54:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012-04-11 14:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012-04-11 13:57:34 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Rockstar Games
[2012-04-11 13:57:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012-04-10 20:08:37 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2012-04-10 20:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012-04-10 20:08:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012-04-10 15:00:41 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Media Player Classic
[2012-04-09 23:29:57 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\NVIDIA
[2012-04-09 23:18:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\LogMeIn Hamachi
[2012-04-09 20:42:25 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\PMB Files
[2012-04-09 20:42:24 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012-04-09 20:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012-04-08 22:45:31 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Skyrim
[2012-04-08 22:45:31 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\My Games
[2012-04-08 22:36:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2012-04-08 21:44:01 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\BioWare
[2012-04-08 21:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2012-04-08 21:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
[2012-04-08 21:41:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2012-04-08 17:53:03 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Microsoft Games
[2012-04-08 15:51:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012-04-08 15:51:54 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Conduit
[2012-04-08 15:51:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrentControl2
[2012-04-08 15:51:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012-04-08 15:51:19 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\uTorrent
[2012-04-08 11:41:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\ToD
[2012-04-08 11:40:09 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ToD Team
[2012-04-08 11:39:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Deployment
[2012-04-08 11:39:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Apps
[2012-04-08 11:04:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012-04-08 11:04:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2012-04-08 10:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012-04-08 10:45:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012-04-08 10:45:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
[2012-04-08 09:41:00 | 000,000,000 | --SD | C] -- C:\Users\Maciek\GG dysk
[2012-04-08 09:38:08 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\GG
[2012-04-08 09:38:07 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG
[2012-04-08 09:38:04 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\GG
[2012-04-08 00:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saints Row The Third
[2012-04-08 00:55:13 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-04-08 00:44:39 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Syndicate
[2012-04-07 23:58:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\SKIDROW
[2012-04-07 23:58:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\DarknessII
[2012-04-07 23:55:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2k Games
[2012-04-07 23:34:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012-04-07 23:34:03 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Origin
[2012-04-07 23:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012-04-07 23:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2012-04-07 23:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2012-04-07 23:05:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2012-04-07 23:05:26 | 000,000,000 | ---D | C] -- C:\Users\Maciek\SystemRequirementsLab
[2012-04-07 23:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader
[2012-04-07 23:00:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\facemoods.com
[2012-04-07 23:00:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2012-04-07 22:52:16 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Skype
[2012-04-07 22:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-04-07 22:52:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-04-07 22:52:03 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012-04-07 22:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012-04-07 22:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012-04-07 22:43:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012-04-07 22:43:24 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012-04-07 22:43:24 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012-04-07 22:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012-04-07 22:42:46 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-04-07 22:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012-04-07 22:38:15 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012-04-07 20:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2012-04-07 20:49:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2012-04-07 20:49:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012-04-07 20:45:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2012-04-07 20:45:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012-04-07 20:07:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012-04-07 20:06:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012-04-07 20:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2012-04-07 20:05:40 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012-04-07 20:05:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012-04-07 20:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012-04-07 20:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2012-04-07 20:03:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012-04-07 20:03:35 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Microsoft Help
[2012-04-07 20:03:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012-04-07 20:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012-04-07 20:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012-04-07 20:03:07 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012-04-07 20:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2012-04-07 20:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012-04-07 18:50:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012-04-07 18:50:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012-04-07 17:27:05 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Alcohol 120%
[2012-04-07 17:26:21 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\Obrazy
[2012-04-07 17:25:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012-04-07 17:25:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012-04-07 17:24:35 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012-04-07 17:24:34 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012-04-07 17:24:34 | 000,220,512 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012-04-07 17:24:34 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012-04-07 17:24:34 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012-04-07 17:24:34 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012-04-07 17:24:34 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012-04-07 17:24:34 | 000,078,176 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012-04-07 17:24:34 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012-04-07 17:24:27 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012-04-07 17:24:27 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012-04-07 17:24:27 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012-04-07 17:24:26 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012-04-07 17:24:26 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012-04-07 17:24:26 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012-04-07 17:24:21 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012-04-07 17:24:21 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012-04-07 17:24:21 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012-04-07 17:24:21 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012-04-07 17:24:20 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012-04-07 17:24:20 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012-04-07 17:24:18 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012-04-07 17:24:17 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012-04-07 17:24:17 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012-04-07 17:24:17 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012-04-07 17:24:16 | 000,603,472 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2012-04-07 17:24:09 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012-04-07 17:24:07 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012-04-07 17:24:07 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012-04-07 17:24:06 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012-04-07 17:24:06 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012-04-07 17:24:06 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012-04-07 17:24:04 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012-04-07 17:24:04 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012-04-07 17:24:04 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012-04-07 17:24:03 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012-04-07 17:24:03 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012-04-07 17:24:03 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012-04-07 17:24:03 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012-04-07 17:23:38 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012-04-07 17:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012-04-07 17:22:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative
[2012-04-07 17:22:39 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2012-04-07 17:22:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real Alternative
[2012-04-07 17:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
[2012-04-07 17:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2012-04-07 17:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime Alternative
[2012-04-07 17:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012-04-07 17:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime Alternative
[2012-04-07 17:16:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012-04-07 17:16:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2012-04-07 17:01:38 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2012-04-07 17:01:05 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2012-04-07 16:40:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012-04-07 16:39:21 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-07 16:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-07 16:38:37 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\WinRAR
[2012-04-07 16:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012-04-07 16:15:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012-04-07 16:15:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012-04-07 15:43:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012-04-07 15:42:45 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-04-07 15:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012-04-07 15:41:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012-04-07 15:41:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012-04-07 15:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-04-07 15:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012-04-07 15:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012-04-07 15:40:40 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Macromedia
[2012-04-07 15:40:40 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Adobe
[2012-04-07 15:40:40 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Adobe
[2012-04-07 15:38:21 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\Programy
[2012-04-07 15:32:33 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Google
[2012-04-07 15:30:44 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Mozilla
[2012-04-07 15:30:44 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Mozilla
[2012-04-07 15:30:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-04-07 14:41:51 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012-04-07 14:41:51 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012-04-07 14:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012-04-07 14:41:50 | 000,141,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2012-04-07 14:41:41 | 000,258,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2012-04-07 14:41:41 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012-04-07 14:41:41 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012-04-07 14:41:41 | 000,028,504 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012-04-07 14:41:40 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012-04-07 14:41:38 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012-04-07 14:41:37 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012-04-07 14:41:21 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012-04-07 14:41:18 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2012-04-07 14:41:15 | 000,539,240 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012-04-07 14:41:10 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012-04-07 14:41:10 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-04-07 14:41:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012-04-07 14:41:08 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012-04-07 14:40:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012-04-07 14:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012-04-07 13:53:04 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012-04-07 13:52:50 | 000,000,000 | -HSD | C] -- C:\Boot
[2012-04-07 13:48:25 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012-04-07 13:48:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012-04-07 13:01:51 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012-04-07 13:00:40 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-04-07 13:00:40 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Searches
[2012-04-07 13:00:40 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-04-07 13:00:27 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Identities
[2012-04-07 13:00:19 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Contacts
[2012-04-07 13:00:15 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\VirtualStore
[2012-04-07 12:59:58 | 000,000,000 | --SD | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft
[2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Favorites
[2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Downloads
[2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Documents
[2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Desktop
[2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Ustawienia lokalne
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\AppData\Local\Temporary Internet Files
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Szablony
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\SendTo
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Recent
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\PrintHood
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\NetHood
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Documents\Moje wideo
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Documents\Moje obrazy
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Moje dokumenty
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Documents\Moja muzyka
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Menu Start
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\AppData\Local\Historia
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Dane aplikacji
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\AppData\Local\Dane aplikacji
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Cookies
[2012-04-07 12:59:58 | 000,000,000 | -H-D | C] -- C:\Users\Maciek\AppData
[2012-04-07 12:59:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Temp
[2012-04-07 12:59:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Microsoft
[2012-04-07 12:59:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Media Center Programs
[2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Videos
[2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Saved Games
[2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Pictures
[2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Music
[2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Links
[2012-04-07 12:59:49 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2012-04-07 12:54:05 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012-04-07 12:53:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-05-20 10:04:16 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-05-20 10:04:16 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-05-20 09:59:21 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Maciek\Desktop\OTL.exe
[2012-05-20 09:59:17 | 000,781,383 | ---- | M] () -- C:\Users\Maciek\Desktop\RSIT.exe
[2012-05-20 09:49:25 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-05-20 09:48:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-05-19 23:32:54 | 000,067,994 | ---- | M] () -- C:\Users\Maciek\Desktop\Przechwytywanie.PNG
[2012-05-19 22:34:46 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-05-19 22:34:46 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-05-19 22:34:30 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-05-19 21:59:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-05-19 21:52:12 | 001,672,256 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-05-19 21:52:12 | 000,741,328 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-05-19 21:52:12 | 000,655,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-05-19 21:52:12 | 000,155,924 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-05-19 21:52:12 | 000,121,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-05-19 21:45:32 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-05-19 21:45:16 | 3207,315,456 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-19 21:43:00 | 000,319,589 | ---- | M] () -- C:\Users\Maciek\Desktop\Film0109.mp4
[2012-05-17 12:47:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-05-17 01:11:24 | 000,001,180 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2012-05-16 20:42:13 | 000,000,536 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2012-05-12 09:04:30 | 000,001,224 | ---- | M] () -- C:\Users\Maciek\Documents\ax_files.xml
[2012-05-09 19:50:56 | 000,415,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-05-07 07:39:49 | 000,532,538 | ---- | M] () -- C:\Users\Maciek\Desktop\forum13_14.pdf
[2012-04-25 20:01:16 | 001,638,614 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-04-24 08:53:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01007.Wdf
[2012-04-11 17:12:29 | 375,767,249 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-04-11 14:57:45 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012-04-07 17:23:24 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2012-04-07 17:22:43 | 000,026,782 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2012-04-07 16:26:50 | 000,530,488 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2012-04-07 15:38:15 | 000,000,351 | ---- | M] () -- C:\Users\Maciek\Desktop\Gry.lnk
[2012-04-07 15:32:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012-04-07 15:32:02 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012-04-07 14:57:57 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-04-07 13:52:52 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-04-07 13:20:24 | 000,407,946 | RHS- | M] () -- C:\SFVXZ
[2012-04-07 13:19:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-07 12:57:25 | 000,067,908 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012-04-07 12:57:25 | 000,067,908 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-05-20 09:58:47 | 000,781,383 | ---- | C] () -- C:\Users\Maciek\Desktop\RSIT.exe
[2012-05-19 23:32:54 | 000,067,994 | ---- | C] () -- C:\Users\Maciek\Desktop\Przechwytywanie.PNG
[2012-05-19 22:00:21 | 000,319,589 | ---- | C] () -- C:\Users\Maciek\Desktop\Film0109.mp4
[2012-05-19 21:59:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-05-17 12:43:24 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-05-17 01:11:24 | 000,001,180 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2012-05-17 01:10:39 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-05-17 01:10:39 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-05-17 01:10:35 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-05-16 20:42:13 | 000,000,536 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2012-05-07 07:40:59 | 000,532,538 | ---- | C] () -- C:\Users\Maciek\Desktop\forum13_14.pdf
[2012-04-24 08:55:22 | 001,638,614 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-04-24 08:53:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01007.Wdf
[2012-04-11 16:39:39 | 002,515,790 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012-04-11 16:27:35 | 375,767,249 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-04-11 15:34:51 | 000,001,060 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-11 15:34:50 | 000,001,056 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-07 22:43:24 | 000,011,770 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012-04-07 17:23:58 | 000,001,224 | ---- | C] () -- C:\Users\Maciek\Documents\ax_files.xml
[2012-04-07 17:03:00 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2012-04-07 17:02:47 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2012-04-07 17:00:35 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2012-04-07 17:00:16 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2012-04-07 17:00:16 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2012-04-07 16:58:37 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2012-04-07 16:58:37 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2012-04-07 16:41:10 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012-04-07 16:26:50 | 000,530,488 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2012-04-07 15:38:15 | 000,000,351 | ---- | C] () -- C:\Users\Maciek\Desktop\Gry.lnk
[2012-04-07 15:32:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012-04-07 15:32:02 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012-04-07 15:30:41 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-04-07 14:41:38 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012-04-07 14:41:15 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012-04-07 13:52:52 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012-04-07 13:52:51 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2012-04-07 13:47:45 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012-04-07 13:47:39 | 000,026,782 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012-04-07 13:20:24 | 000,407,946 | RHS- | C] () -- C:\SFVXZ
[2012-04-07 13:19:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-07 13:00:50 | 000,001,427 | ---- | C] () -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012-04-07 13:00:42 | 000,001,461 | ---- | C] () -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-04-07 12:57:17 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012-04-07 12:57:11 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012-04-07 12:53:47 | 3207,315,456 | -HS- | C] () -- C:\hiberfil.sys
[2012-02-29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012-02-14 18:47:06 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012-02-14 18:47:06 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012-02-14 18:47:06 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012-02-14 18:44:24 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-02-14 17:59:56 | 013,209,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

[color=#E56717]========== LOP Check ==========[/color]

[2012-04-21 22:31:06 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\.minecraft
[2012-04-14 19:06:36 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\DarknessII
[2012-05-19 22:01:50 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\GG
[2012-04-14 19:08:01 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\LolClient
[2012-04-07 23:34:43 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\Origin
[2012-04-08 11:43:38 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\ToD
[2012-04-13 16:05:05 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\Ubisoft
[2012-05-14 17:46:48 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\uTorrent
[2012-05-07 19:37:15 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-11-20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2012-04-07 13:52:52 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-05-19 21:45:16 | 3207,315,456 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-19 21:45:18 | 4276,424,704 | -HS- | M] () -- C:\pagefile.sys
[2012-04-07 13:20:24 | 000,407,946 | RHS- | M] () -- C:\SFVXZ

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2010-11-20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010-11-20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010-11-20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2010-11-20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010-11-20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010-11-20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< End of report >[/log]
[log]Logfile of random's system information tool 1.09 (written by random/random)
Run by Maciek at 2012-05-20 10:13:13
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 3 GB (3%) free of 110 GB
Total RAM: 4078 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:14:22, on 2012-05-20
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Origin\Origin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Maciek\Desktop\OTL.exe
C:\Users\Maciek\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Maciek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3072253
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [EADM] "D:\Origin\Origin.exe" -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-21-2626984496-4133979409-3266373985-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2626984496-4133979409-3266373985-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10400 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\3l1olj9a.default

prefs.js - "browser.startup.homepage" - "http://www.google.pl/"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.118.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
nprpjplug.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
allegro-pl.xml
fbc-pl.xml
fcmdSrchddr.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml

C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\3l1olj9a.default\extensions\
ffxtlbr@Facemoods.com
{687578b9-7132-4a7a-80e4-30ee31099e03}

C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\3l1olj9a.default\searchplugins\
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll [2010-10-26 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-04-16 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02 4296864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-04-16 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll [2010-10-26 217088]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2011-07-21 910208]
"EADM"=D:\Origin\Origin.exe [2012-05-16 3402376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-05-20 10:13:16 ----D---- C:\Program Files (x86)\trend micro
2012-05-20 10:13:13 ----D---- C:\rsit
2012-05-17 12:42:41 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2012-05-17 01:11:22 ----HD---- C:\Program Files (x86)\Common Files\EAInstaller
2012-05-17 01:10:39 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe
2012-05-17 01:10:35 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe
2012-05-16 20:43:03 ----D---- C:\Program Files (x86)\Origin Games
2012-05-12 09:01:55 ----D---- C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
2012-05-12 09:01:51 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-05-09 21:34:25 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-05-09 19:08:17 ----A---- C:\Windows\SysWOW64\DWrite.dll
2012-05-09 19:08:11 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2012-05-09 19:08:11 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2012-04-28 09:12:02 ----D---- C:\Users\Maciek\AppData\Roaming\Nero
2012-04-24 08:55:22 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2012-04-22 20:36:06 ----D---- C:\ProgramData\Battle.net

======List of files/folders modified in the last 1 month======

2012-05-20 10:13:45 ----D---- C:\Windows\Temp
2012-05-20 10:13:16 ----RD---- C:\Program Files (x86)
2012-05-20 10:12:31 ----D---- C:\Windows\Prefetch
2012-05-19 22:34:51 ----D---- C:\Windows\SysWOW64
2012-05-19 22:01:50 ----D---- C:\Users\Maciek\AppData\Roaming\GG
2012-05-19 21:59:29 ----D---- C:\Windows\System32
2012-05-19 21:52:12 ----D---- C:\Windows\inf
2012-05-19 21:45:21 ----D---- C:\ProgramData\NVIDIA
2012-05-19 21:35:41 ----D---- C:\Users\Maciek\AppData\Roaming\Skype
2012-05-19 13:48:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-05-17 15:04:03 ----D---- C:\ProgramData\EA Logs
2012-05-17 12:41:23 ----D---- C:\ProgramData\Electronic Arts
2012-05-17 12:41:14 ----D---- C:\ProgramData\Origin
2012-05-17 01:11:22 ----D---- C:\Program Files (x86)\Common Files
2012-05-17 01:10:01 ----RSD---- C:\Windows\assembly
2012-05-14 17:46:48 ----D---- C:\Users\Maciek\AppData\Roaming\uTorrent
2012-05-12 20:41:59 ----D---- C:\Windows\LiveKernelReports
2012-05-12 09:01:55 ----SHD---- C:\Windows\Installer
2012-05-12 09:01:55 ----D---- C:\Windows
2012-05-12 09:01:44 ----D---- C:\Program Files (x86)\Common Files\BioWare
2012-05-10 07:53:46 ----D---- C:\Windows\Microsoft.NET
2012-05-09 21:34:25 ----RD---- C:\Program Files
2012-05-09 19:51:13 ----D---- C:\Windows\winsxs
2012-05-09 19:15:45 ----D---- C:\ProgramData\Microsoft Help
2012-04-28 09:15:02 ----D---- C:\Program Files (x86)\JDownloader
2012-04-25 16:56:00 ----SD---- C:\Users\Maciek\AppData\Roaming\Microsoft
2012-04-24 08:55:54 ----D---- C:\Windows\SysWOW64\pl-PL
2012-04-22 21:52:02 ----D---- C:\ProgramData\Blizzard Entertainment
2012-04-22 20:38:17 ----D---- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2012-04-22 20:36:06 ----HD---- C:\ProgramData
2012-04-21 22:31:06 ----D---- C:\Users\Maciek\AppData\Roaming\.minecraft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys []
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\SysWOW64\drivers\aswNdis2.sys []
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys []
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys []
R1 aswFW;avast! TDI Firewall driver; C:\Windows\SysWOW64\drivers\aswFW.sys []
R1 aswKbd;aswKbd; C:\Windows\SysWOW64\drivers\aswKbd.sys []
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys []
R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
S3 akzfpaj8;akzfpaj8; C:\Windows\SysWOW64\drivers\akzfpaj8.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
S3 xnacc;Usługa sterownika kontrolera konsoli XBOX 360 dla systemu Windows; C:\Windows\system32\DRIVERS\xnacc.sys []
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-03-07 134920]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-05-17 76888]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2012-05-19 283304]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-11 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;„Usługa stanu ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-14 276248]
S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-11 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------[/log]
[log]info.txt logfile of random's system information tool 1.09 2012-05-20 10:14:28

======Uninstall list======

-->MsiExec /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{47FA2C44-D148-4DBC-AF60-B91934AA4842}
Adobe Reader X (10.1.3) - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-AA1000000001}
Adobe Shockwave Player 11.6-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Assassin's Creed-->C:\Program Files (x86)\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x0015 -removeonly
avast! Internet Security-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Battlefield 3™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging
Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe
Crysis® 2-->MsiExec.exe /X{6033673D-2530-4587-8AD0-EB059FC263F9}
Diablo III Beta-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\Diablo III Beta\Uninstall.exe
ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
facemoods-->"C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\uninstall.exe"
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Gears of War - spolszczenie-->C:\Program Files (x86)\Microsoft Games\Gears of War\Uninstal.exe
Gears of War-->C:\Program Files (x86)\InstallShield Installation Information\{1170D24F-42B7-40CF-AA1B-6395CE562354}\setup.exe -runfromtemp -l0x0409
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
High-Definition Video Playback-->MsiExec.exe /X{9193490D-5229-4FC4-9BB9-A6D63C09574A}
Java(TM) 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF}
JDownloader-->C:\Program Files (x86)\JDownloader\uninstall.exe
K-Lite Codec Pack 8.4.0 (Full)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
League of Legends-->"C:\Program Files (x86)\InstallShield Installation Information\{918A9082-6287-4D25-9002-5E5D5E4971CB}\setup.exe" -runfromtemp -l0x0415 -removeonly
LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {E2494AD8-314D-44F8-B39C-4358A60DC184} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{E2494AD8-314D-44F8-B39C-4358A60DC184}
Mass Effect 2-->C:\Program Files (x86)\Common Files\BioWare\Uninstall Mass Effect 2.exe
Mass Effect-->C:\Program Files (x86)\Common Files\BioWare\Uninstall Mass Effect.exe
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{59E4543A-D49D-4489-B445-473D763C79AF}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Mozilla Firefox 11.0 (x86 pl)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Nero 11 Cliparts-->MsiExec.exe /X{B160A672-F326-4414-9BB0-A056C61B357C}
Nero 11 Disc Menus 1-->MsiExec.exe /X{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}
Nero 11 Disc Menus 2-->MsiExec.exe /X{7DF2B5EE-2C16-4E86-9C71-8678068AD805}
Nero 11 Disc Menus 3-->MsiExec.exe /X{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}
Nero 11 Disc Menus Basic-->MsiExec.exe /X{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}
Nero 11 Effects Basic-->MsiExec.exe /X{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}
Nero 11 Image Samples-->MsiExec.exe /X{F3743A2C-5D5F-4456-8F98-5DF36A954C50}
Nero 11 Kwik Themes 1-->MsiExec.exe /X{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}
Nero 11 Kwik Themes 2-->MsiExec.exe /X{A4F6BE36-4826-45BA-A396-04F265A3B61D}
Nero 11 Kwik Themes 3-->MsiExec.exe /X{BA499CC0-12C0-4BA5-9007-76844B721158}
Nero 11 Kwik Themes 4-->MsiExec.exe /X{ACD6B383-EC5B-4000-A455-CCB308B447FE}
Nero 11 Kwik Themes Basic-->MsiExec.exe /X{5A212B2D-140D-46F4-B625-2D1CA5A00594}
Nero 11 PiP Effects 1-->MsiExec.exe /X{3B418709-D688-4E3A-BE0E-7D71FA84C948}
Nero 11 PiP Effects Basic-->MsiExec.exe /X{2CA7225D-CB12-462A-9DD1-50319E158BA5}
Nero 11 Video Samples-->MsiExec.exe /X{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}
Nero 11 Video Transitions 1-->MsiExec.exe /X{4382FC76-8100-4951-8658-31834E625E88}
Nero 11-->MsiExec.exe /I{8A7ABBD4-A617-4AE8-9C6D-1510DE46EC35}
Nero Audio Pack 1-->MsiExec.exe /X{A7A0BF2E-31CC-49E3-9913-52C503EB969D}
Nero BackItUp 11 Help (CHM)-->MsiExec.exe /X{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}
Nero Burning ROM 11 Help (CHM)-->MsiExec.exe /X{53F7746A-96AA-49A5-86B8-59989680DAC5}
Nero Burning ROM 11-->MsiExec.exe /X{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}
Nero ControlCenter 11 Help (CHM)-->MsiExec.exe /X{D4D66270-9147-4BDF-9946-FCA2B303AA8F}
Nero ControlCenter 11-->MsiExec.exe /X{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}
Nero Core Components 11-->MsiExec.exe /X{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
Nero CoverDesigner 11 Help (CHM)-->MsiExec.exe /X{55C2143E-FBA5-442F-9AFA-726FF068F39D}
Nero CoverDesigner 11-->MsiExec.exe /X{FF44BCE5-5A18-4051-85F0-BC172D7B4695}
Nero Express 11 Help (CHM)-->MsiExec.exe /X{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}
Nero Express 11-->MsiExec.exe /X{E10AAE4A-98B8-420A-BD93-E0520C23D624}
Nero Kwik Media Help (CHM)-->MsiExec.exe /X{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}
Nero Recode 11 Help (CHM)-->MsiExec.exe /X{57F80ECF-E27C-4EEE-AB58-E971BACE2639}
Nero Recode 11-->MsiExec.exe /X{F69FB940-5031-4FE8-AFAD-085802D0BF63}
Nero RescueAgent 11 Help (CHM)-->MsiExec.exe /X{D01CE99A-8802-483C-A79F-298B691EB432}
Nero SoundTrax 11 Help (CHM)-->MsiExec.exe /X{390757AA-8830-43DC-AEE0-4E5B6F8439EB}
Nero Video 11 Help (CHM)-->MsiExec.exe /X{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}
Nero Video 11-->MsiExec.exe /X{0D7A4289-99CF-4B8D-B812-86BE50A54552}
Nero WaveEditor 11 Help (CHM)-->MsiExec.exe /X{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}
Nero WaveEditor 11-->MsiExec.exe /X{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}
NVIDIA PhysX-->MsiExec.exe /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
Origin-->D:\Origin\OriginUninstall.exe
Pando Media Booster-->C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
PunkBuster Services-->C:\Program Files (x86)\Origin Games\Battlefield 3\pbsvc.exe -u
QuickTime Alternative 3.2.2-->"C:\Program Files (x86)\QuickTime Alternative\unins000.exe"
Real Alternative 2.0.2-->"C:\Program Files (x86)\Real Alternative\unins000.exe"
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
Rockstar Games Social Club-->"C:\Program Files (x86)\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly
Saints Row The Third version 1.0-->"D:\Gry\Saints Row\Saints Row The Third\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.8-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
Syndicate-->"D:\Gry\Syndicate 2012\Syndicate\unins000.exe"
System Requirements Lab CYRI-->MsiExec.exe /I{943A8D28-80D6-41DC-AE94-81FEB42041BF}
The Darkness II-->"D:\Gry\The Darkness II\The Darkness II\unins000.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
uTorrentControl2 Toolbar-->C:\Program Files (x86)\uTorrentControl2\uninstall.exe toolbar
welcome-->MsiExec.exe /X{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
World of Warcraft-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe

======System event log======

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Cryptographic Services weszła w stan stopped.
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714051424.262212-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Windows Modules Installer weszła w stan stopped.
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714051424.168612-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Software Protection weszła w stan stopped.
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714051424.059412-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Windows Event Log weszła w stan stopped.
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714051424.012612-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Volume Shadow Copy weszła w stan stopped.
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714051423.934612-000
Event Type: Informacje
User:

=====Application event log=====

Computer Name: Maciek-PC
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 3680799
Source Name: NVIDIA OpenGL Driver
Time Written: 20120420170217.000000-000
Event Type: Ostrzeżenia
User:

Computer Name: Maciek-PC
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 3680798
Source Name: NVIDIA OpenGL Driver
Time Written: 20120420170217.000000-000
Event Type: Ostrzeżenia
User:

Computer Name: Maciek-PC
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 3680797
Source Name: NVIDIA OpenGL Driver
Time Written: 20120420170217.000000-000
Event Type: Ostrzeżenia
User:

Computer Name: Maciek-PC
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 3680796
Source Name: NVIDIA OpenGL Driver
Time Written: 20120420170217.000000-000
Event Type: Ostrzeżenia
User:

Computer Name: Maciek-PC
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 3680795
Source Name: NVIDIA OpenGL Driver
Time Written: 20120420170217.000000-000
Event Type: Ostrzeżenia
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4735
Message: Zmieniono grupę lokalną z włączonymi zabezpieczeniami.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: 37L4247E29-32$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Grupa:
Identyfikator zabezpieczeń: S-1-5-32-551
Nazwa grupy: Operatorzy kopii zapasowych
Domena grupy: Builtin

Zmienione atrybuty:
Nazwa konta SAM: -
Historia identyfikatora SID: -

Informacje dodatkowe:
Uprawnienia: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120407105403.506461-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4731
Message: Utworzono grupę lokalną z włączonymi zabezpieczeniami.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: 37L4247E29-32$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Nowa grupa:
Identyfikator zabezpieczeń: S-1-5-32-551
Nazwa grupy: Operatorzy kopii zapasowych
Domena grupy: Builtin

Atrybuty:
Nazwa konta SAM: Operatorzy kopii zapasowych
Historia identyfikatora SID: -

Informacje dodatkowe:
Uprawnienia: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120407105403.506461-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Utworzono tabelę zasad inspekcji użytkownika.

Liczba elementów: 0
Identyfikator zasad: 0x30140
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120407105403.178860-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-0-0
Nazwa konta: -
Domena konta: -
Identyfikator logowania: 0x0

Typ logowania: 0

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x4
Nazwa procesu:

Informacje o sieci:
Nazwa stacji roboczej: -
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: -
Pakiet uwierzytelniania: -
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120407105401.228857-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Trwa uruchamianie systemu Windows.

To zdarzenie jest rejestrowane w momencie uruchamiania programu LSASS.EXE i inicjowania podsystemu inspekcji.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120407105401.150857-000
Event Type: Sukcesy inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\QuickTime Alternative\QTSystem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"RGSCLauncher"=D:\Gry\GTA IV\Rockstar Games Social Club
"RGSC"=D:\Gry\GTA IV\Rockstar Games Social Club\1_0_0_0

-----------------EOF-----------------[/log]
Wybaczcie jeżeli źle to wstawiłem. Dzięki z góry za pomoc

Igorrodz
komentarz
komentarz

Brakuje jeszcze loga [b]Extras [/b]z OTL. Wykonaj.

[quote name='Kaaas' timestamp='1337501197' post='1504068'] Otóż przy instalowaniu sterów do grafiki, nie usunąłem wcześniej starych, podobno to przeciąża. [/quote]
Wykonaj jeszcze to http://www.forumpc.pl/index.php?showtopic=134008 i ponownie zainstaluj sterowniki od karty graficznej. Daj info, czy pomogło.

Kaaas
komentarz
komentarz

[log]OTL Extras logfile created on: 2012-05-20 10:02:49 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Maciek\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,98 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 59,07% Memory free
7,96 Gb Paging File | 5,87 Gb Available in Paging File | 73,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 107,42 Gb Total Space | 3,20 Gb Free Space | 2,98% Space Free | Partition Type: NTFS
Drive D: | 358,34 Gb Total Space | 165,53 Gb Free Space | 46,19% Space Free | Partition Type: NTFS
Drive E: | 5,12 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 7,32 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: MACIEK-PC | User Name: Maciek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B6B287-EEAE-4C11-8382-820536F5F882}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A10444B-5BB6-4A68-BDAF-274D051F4A40}" = rport=139 | protocol=6 | dir=out | app=system |
"{0CFB2AA0-59AF-46FF-B878-2BCFEEED853B}" = lport=139 | protocol=6 | dir=in | app=system |
"{154C4B47-C443-4891-B3CD-FAD9BAE78FD7}" = rport=445 | protocol=6 | dir=out | app=system |
"{3563DAD2-D63D-4E92-B32F-6F2479A200CF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{37FC8060-1A09-4445-9074-797DEBD29C57}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{464FDED9-D4F8-4697-BC5B-30D7E4B2F708}" = lport=138 | protocol=17 | dir=in | app=system |
"{4FD7352C-E0A4-4B3A-9735-111F53F0BD63}" = lport=56595 | protocol=6 | dir=in | name=pando media booster |
"{50419CBE-D7C8-4C29-A192-970A122CD407}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{52E29AE4-14B8-4507-88E6-B60B26978CEE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{66D3972E-77F5-4A10-A300-51B5F78D62D5}" = rport=138 | protocol=17 | dir=out | app=system |
"{83F83DC6-BB4B-4554-9123-34606AD50572}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A4A33962-737B-41FA-8AF8-58E5CF2B8DD8}" = lport=56595 | protocol=17 | dir=in | name=pando media booster |
"{ABEB99AE-5BD3-477C-B77B-8CFD6C751987}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B032EDE3-F786-4346-8ED5-79EE4891E813}" = lport=445 | protocol=6 | dir=in | app=system |
"{B0498F64-D06A-41E6-B3CB-084752A7EAF2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB0B2194-5BC2-4FCB-9446-8736771FC19D}" = lport=56595 | protocol=17 | dir=in | name=pando media booster |
"{C243BDB3-ECE3-42B4-ACD3-A0FF70F328B9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CB5DA72E-D600-41D8-B34F-00CFC1D07BDF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D7E51338-0DBD-4F42-84CF-796A9E502955}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DEFDE887-73A5-43A2-9B2A-5E94E83E9028}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{E1CD9800-5C42-4631-9932-51A62A9E2252}" = rport=137 | protocol=17 | dir=out | app=system |
"{E66AFE27-B955-44E1-8388-ADDD188333FC}" = lport=137 | protocol=17 | dir=in | app=system |
"{E6B6001A-233B-455C-95DB-3271C04FD892}" = lport=56595 | protocol=6 | dir=in | name=pando media booster |
"{E861DE07-8937-44EC-B727-63F41988D5C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F00AC0BB-F42B-45A2-AB30-76EDB9187233}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05EAC0DA-D0A4-4533-A623-21F00F4E377E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{07721A08-0D02-4D7A-954B-60FAC3994D00}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{0874C17D-FA8C-4FE3-94FB-FA3A31F1460B}" = protocol=17 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraftsp.exe |
"{08F1B77B-D7D4-402F-B3B0-3729D8F19E80}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{1332346E-1D12-4B43-AA46-62C75635DED8}" = protocol=6 | dir=in | app=d:\gry\lol\league of legends\lol.launcher.exe |
"{14D365EC-8CBC-4E50-8F99-BA6960984E29}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{164057B2-2D45-464F-AA77-7F0B3BF12898}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{18D34C5C-C3B8-4EF4-827D-9963DC0304A1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{20BC96D8-523D-4CBF-85E3-C13B13F5C8E5}" = protocol=17 | dir=in | app=d:\gry\mass effect\binaries\masseffect.exe |
"{2606B609-BDD8-4930-9301-81E489147816}" = protocol=6 | dir=out | app=system |
"{292CA7CB-994C-47A6-815E-CB573CBACB56}" = protocol=17 | dir=in | app=d:\gry\mass effect\masseffectlauncher.exe |
"{2E53B238-6B5B-4434-8602-89E0E8941C46}" = protocol=6 | dir=in | app=d:\gry\mass effect\masseffectlauncher.exe |
"{32BF485D-D018-4648-A253-7A9AAA39741E}" = protocol=17 | dir=in | app=d:\gry\gta iv\rockstar games social club\rgsclauncher.exe |
"{3D9AB241-76B3-43CA-94F5-5FEFFD5D1E0A}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{3F3A721F-1BE6-47A9-AE09-342C350BB138}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{43FFA393-6349-46CF-9861-AE7E9804F00F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{440D085A-0406-4767-9CF0-CA75E0DFD74B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{459F4534-59E0-4DF6-9916-B9EC48A0B3BC}" = protocol=17 | dir=in | app=d:\gry\assasin's creed\assassinscreed_dx9.exe |
"{50B68ACC-6089-45CB-AAC9-F75B736773EA}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{52FC4CE1-48A7-41BA-9BE9-F8B0F29B4398}" = protocol=58 | dir=in | app=system |
"{5C99E82F-83B5-47BE-BB21-BC4BA8A36980}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5E5C1403-2DE0-4486-AE29-60DD970BA3DC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5EC09460-0B81-4921-A26B-7608827759FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{624FE9F7-84A4-4F9E-9A3B-10F9E0AFE765}" = protocol=17 | dir=in | app=d:\gry\assasin's creed\assassinscreed_launcher.exe |
"{6335DE28-54BC-4316-85E6-61BA65DA1FB4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{657DE16C-17CD-485E-9B15-AD3C33C6D96F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6A8C19EF-2AC3-4778-A084-B415E87F6312}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{6ADC8A8A-8F1F-4A34-B986-C18B37FF862D}" = protocol=17 | dir=in | app=d:\gry\diabolo\diablo iii beta\diablo iii.exe |
"{6DE6E086-4AB4-4627-8BE0-F9794AF4FE0E}" = protocol=17 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraft_server.exe |
"{6DFAFD6B-43F0-4882-8771-053EA5BFC95E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{76A88BEC-2DE8-433D-BC22-A836FA847499}" = protocol=6 | dir=in | app=d:\gry\assasin's creed\assassinscreed_dx10.exe |
"{77FA3CC1-BCA7-445A-86A2-21AF0E7AC232}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{789A172D-5FED-4A6C-9027-215465A03E58}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{7C88B876-0695-4602-8DB8-83D613B79F4D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{7CF30507-00BE-4D6F-B490-FF7BDB9BA07A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9077F31A-656F-4132-941B-558EB4C9CF20}" = protocol=6 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraft_server.exe |
"{919D15CC-C8D5-49DF-AD7E-6361E2B6D3F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9249E279-17EA-4F6C-A99D-3FD4CC416D1D}" = protocol=6 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\binaries\masseffect2.exe |
"{9B2DEAE0-1AE6-42B9-8118-F706EA672001}" = protocol=6 | dir=in | app=d:\gry\assasin's creed\assassinscreed_dx9.exe |
"{9CDE218C-CC28-4844-9A10-F39AFA355B29}" = protocol=6 | dir=in | app=d:\gry\assasin's creed\assassinscreed_launcher.exe |
"{9F2C458D-12D4-4352-9338-EA0BF1C57CCC}" = protocol=6 | dir=in | app=d:\gry\mass effect\binaries\masseffect.exe |
"{A17E4769-52D6-4C87-AE18-C0801EE98072}" = protocol=6 | dir=in | app=d:\gry\diabolo\diablo iii beta\diablo iii.exe |
"{A1CF1784-E45B-4021-86E4-6991D20633D7}" = protocol=6 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraftsp.exe |
"{A8C31C5D-CA85-421C-8363-01CAB5BD7388}" = protocol=17 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\binaries\masseffect2.exe |
"{A8F809A5-1030-4D90-8B32-9BB825F1BA67}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{ACCF55E0-6386-4A12-A09A-DB66202C7E2F}" = protocol=17 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\masseffect2launcher.exe |
"{AE845F42-34DF-49B1-861D-E1CF3BF384BC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{B17D08D8-E488-4204-B893-9C46C9F954B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B43DEBC7-B7DA-4082-9DF7-4113F7E4634A}" = protocol=6 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\masseffect2launcher.exe |
"{B48045AF-5F20-435D-83BD-86665D44B53F}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BD5F24B2-47B4-4329-958E-F7260BBD7F92}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C14231F2-8529-40D7-88B0-CC6057F69513}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\gears of war\binaries\wargame-g4wlive.exe |
"{C38CD189-7D0E-432C-AAB1-DD62AF5FA781}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C4B90775-8900-44C6-A774-E8BE9B504FCB}" = protocol=6 | dir=in | app=d:\gry\gta iv\rockstar games social club\rgsclauncher.exe |
"{C6D6B105-B4D6-4463-9D4C-390AA75785B0}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{CB991A80-6219-4136-9393-5AC464C5B75A}" = protocol=17 | dir=in | app=d:\gry\lol\league of legends\lol.launcher.exe |
"{CCC71F2E-59C1-4564-B0B1-2FDD39A39D1F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\gears of war\binaries\wargame-g4wlive.exe |
"{CE2C2B45-6977-480B-AFD8-4CCCE72A1E3B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{D2E9A87D-0105-47BA-97C0-56CB9C368983}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D4C8DAF6-0547-4251-B54F-A5786253D5D1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D8E7FF74-A395-4FFB-9ABE-079475F94B34}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E4203F55-4F04-4194-82CF-8EF7506939C2}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{E90139A2-0A37-4833-A127-E626CD4EF4F6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ED875282-D50B-45A6-AD93-AEF1A7A5F086}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{EF370D10-6362-42DC-AA3B-C1B38F00521F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{EF7D6612-162A-4A9D-8F1D-AFE5C33EDA14}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F11522AD-E4F6-4FC4-AB5D-05E3D92FDC6D}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{F6A25FFA-DF24-4B2E-B222-4C7CBE145068}" = protocol=17 | dir=in | app=d:\gry\assasin's creed\assassinscreed_dx10.exe |
"{FD3963EB-16D2-4B47-83B0-44968B0E8DF5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"TCP Query User{01F75668-4267-40F7-86EB-1DEF702746D5}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{276FB2D9-C8AC-4494-BCFA-36236E42EE06}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{7E3F414B-20AB-4E9A-BAA5-7523F257916A}C:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe" = protocol=6 | dir=in | app=c:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe |
"TCP Query User{B515DC96-C442-460A-8CE5-044C4290EF0B}D:\gry\saints row\saints row the third\saintsrowthethird.exe" = protocol=6 | dir=in | app=d:\gry\saints row\saints row the third\saintsrowthethird.exe |
"TCP Query User{D4657D97-9ADD-400C-9E12-3AD24C3F84A7}D:\gry\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\gry\crysis 2\bin32\crysis2.exe |
"TCP Query User{FF0CA6BD-8BE8-4A20-BDDF-51129BE2B6BA}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe |
"UDP Query User{1CA19F1E-6D4B-43B0-9BC9-B38DC779C5AA}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{39349563-572B-46D0-AC58-02673D363861}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe |
"UDP Query User{5B5AA6BF-0264-4757-8DE4-56C4271F0167}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{6D5DDE5C-4E2B-4248-AB45-7B20ED2F8AF2}D:\gry\saints row\saints row the third\saintsrowthethird.exe" = protocol=17 | dir=in | app=d:\gry\saints row\saints row the third\saintsrowthethird.exe |
"UDP Query User{CB77C7BA-8CCA-4DC7-8FE4-6A9783A050FE}C:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe" = protocol=17 | dir=in | app=c:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe |
"UDP Query User{E631569E-CFFD-4095-9E59-BDF3E4210D64}D:\gry\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\gry\crysis 2\bin32\crysis2.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0015-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0016-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0018-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-0019-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001A-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001B-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-001F-0415-1000-0000000FF1CE}_Office14.PROPLUS_{329A3D98-9583-4B84-B18B-498E7AB65C43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-002C-0415-1000-0000000FF1CE}_Office14.PROPLUS_{BFEB53FA-3044-47FD-BB50-9DCBBEED79EF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010
"{90140000-0043-0415-1000-0000000FF1CE}_Office14.PROPLUS_{FF5F6090-64DF-4BF6-BADD-71A64FDA70D2}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-0044-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-006E-0415-1000-0000000FF1CE}_Office14.PROPLUS_{3A96ABFF-5202-47B1-B5A2-DDE76563AF61}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00A1-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{90140000-00BA-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR 4.01 (64-bitowy)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3B418709-D688-4E3A-BE0E-7D71FA84C948}" = Nero 11 PiP Effects 1
"{4382FC76-8100-4951-8658-31834E625E88}" = Nero 11 Video Transitions 1
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B7IL77L-LKS1-ROW3-SAINTS-18CD6E6334R1}_is1" = Saints Row The Third version 1.0
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A7ABBD4-A617-4AE8-9C6D-1510DE46EC35}" = Nero 11
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1
"{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples
"{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Polish
"{ACD6B383-EC5B-4000-A455-CCB308B447FE}" = Nero 11 Kwik Themes 4
"{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BA499CC0-12C0-4BA5-9007-76844B721158}" = Nero 11 Kwik Themes 3
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F69FB940-5031-4FE8-AFAD-085802D0BF63}" = Nero Recode 11
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"avast" = avast! Internet Security
"Battlelog Web Plugins" = Battlelog Web Plugins
"Diablo III Beta" = Diablo III Beta
"ESN Sonar-0.70.4" = ESN Sonar
"facemoods" = facemoods
"Fraps" = Fraps (remove only)
"Gears of War - spolszczenie" = Gears of War - spolszczenie
"Google Chrome" = Google Chrome
"InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.4.0 (Full)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"RealAlt_is1" = Real Alternative 2.0.2
"Syndicate_is1" = Syndicate
"The Darkness II_is1" = The Darkness II
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"World of Warcraft" = World of Warcraft

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"63d6f3171a6bd7a3" = Theatre of Dreams Launcher
"GG" = GG

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-04-25 07:22:17 | Computer Name = Maciek-PC | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: AssassinsCreed_Dx10.exe, wersja:
1.0.2.1, sygnatura czasowa: 0x48067113 Nazwa modułu powodującego błąd: AssassinsCreed_Dx10.exe,
wersja: 1.0.2.1, sygnatura czasowa: 0x48067113 Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0x00bdf2f9 Identyfikator procesu powodującego błąd: 0xa30 Godzina uruchomienia
aplikacji powodującej błąd: 0x01cd22d3f20ae810 Ścieżka aplikacji powodującej błąd:
D:\Gry\Assasin's Creed\AssassinsCreed_Dx10.exe Ścieżka modułu powodującego błąd:
D:\Gry\Assasin's Creed\AssassinsCreed_Dx10.exe Identyfikator raportu: e985d5bf-8ec8-11e1-a49e-5404a69c7cfa

Error - 2012-04-25 07:22:26 | Computer Name = Maciek-PC | Source = | ID = 0
Description =

Error - 2012-04-25 07:22:26 | Computer Name = Maciek-PC | Source = | ID = 0
Description =

Error - 2012-04-27 06:15:55 | Computer Name = Maciek-PC | Source = Application Hang | ID = 1002
Description = Program chrome.exe w wersji 18.0.1025.162 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: 878 Godzina rozpoczęcia: 01cd24573a12f781 Godzina zakończenia:
10 Ścieżka aplikacji: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Identyfikator
raportu: f61d4de5-9051-11e1-9372-5404a69c7cfa

Error - 2012-05-07 02:48:07 | Computer Name = Maciek-PC | Source = Application Hang | ID = 1002
Description = Program chrome.exe w wersji 18.0.1025.168 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: 1290 Godzina rozpoczęcia: 01cd2c1cb90fa32e Godzina zakończenia:
0 Ścieżka aplikacji: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Identyfikator
raportu: 954a9b70-9810-11e1-9346-5404a69c7cfa

Error - 2012-05-08 07:19:53 | Computer Name = Maciek-PC | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: rads_user_kernel.exe, wersja: 0.0.0.0,
sygnatura czasowa: 0x4e65c1ac Nazwa modułu powodującego błąd: rads_user_kernel.exe,
wersja: 0.0.0.0, sygnatura czasowa: 0x4e65c1ac Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0x000b8554 Identyfikator procesu powodującego błąd: 0x1150 Godzina uruchomienia
aplikacji powodującej błąd: 0x01cd2d0c7c5039d3 Ścieżka aplikacji powodującej błąd:
D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Ścieżka modułu powodującego
błąd: D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Identyfikator
raportu: bb381fd9-98ff-11e1-aa3a-5404a69c7cfa

Error - 2012-05-11 14:32:49 | Computer Name = Maciek-PC | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: rads_user_kernel.exe, wersja: 0.0.0.0,
sygnatura czasowa: 0x4e65c1ac Nazwa modułu powodującego błąd: rads_user_kernel.exe,
wersja: 0.0.0.0, sygnatura czasowa: 0x4e65c1ac Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0x000b8554 Identyfikator procesu powodującego błąd: 0x554 Godzina uruchomienia
aplikacji powodującej błąd: 0x01cd2fa389449a6b Ścieżka aplikacji powodującej błąd:
D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Ścieżka modułu powodującego
błąd: D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Identyfikator
raportu: b54637d4-9b97-11e1-88cb-5404a69c7cfa

Error - 2012-05-12 03:01:55 | Computer Name = Maciek-PC | Source = MsiInstaller | ID = 1013
Description =

Error - 2012-05-12 07:31:19 | Computer Name = Maciek-PC | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: MassEffect2.exe, wersja: 1.0.1593.2,
sygnatura czasowa: 0x4b2845cd Nazwa modułu powodującego błąd: MassEffect2.exe, wersja:
1.0.1593.2, sygnatura czasowa: 0x4b2845cd Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x00511db0 Identyfikator procesu powodującego błąd: 0xdc8 Godzina uruchomienia aplikacji
powodującej błąd: 0x01cd302e5cb88d65 Ścieżka aplikacji powodującej błąd: D:\Gry\Mass
Effect 2PL\Mass Effect 2\Binaries\MassEffect2.exe Ścieżka modułu powodującego błąd:
D:\Gry\Mass Effect 2PL\Mass Effect 2\Binaries\MassEffect2.exe Identyfikator raportu:
fdf85236-9c25-11e1-ab99-5404a69c7cfa

Error - 2012-05-16 14:42:11 | Computer Name = Maciek-PC | Source = Windows Installer 3.1 | ID = 921877
Description =

[ System Events ]
Error - 2012-04-10 14:08:41 | Computer Name = Maciek-PC | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą LogMeIn Hamachi Tunneling Engine.

Error - 2012-04-10 14:08:41 | Computer Name = Maciek-PC | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi LogMeIn Hamachi Tunneling Engine z powodu
następującego błędu: %%1053

Error - 2012-04-11 10:27:47 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 16:26:13 na ?2012-?04-?11 było
nieoczekiwane.

Error - 2012-04-11 10:27:51 | Computer Name = MACIEK-PC | Source = BugCheck | ID = 1001
Description =

Error - 2012-04-11 11:12:37 | Computer Name = Maciek-PC | Source = BugCheck | ID = 1001
Description =

Error - 2012-04-13 02:05:35 | Computer Name = Maciek-PC | Source = Service Control Manager | ID = 7023
Description = Usługa Serwer zakończyła działanie; wystąpił następujący błąd: %%1062

Error - 2012-04-17 01:53:14 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 21:23:57 na ?2012-?04-?16 było
nieoczekiwane.

Error - 2012-04-20 02:28:03 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 22:03:36 na ?2012-?04-?19 było
nieoczekiwane.

Error - 2012-05-10 17:30:40 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 23:29:07 na ?2012-?05-?10 było
nieoczekiwane.

Error - 2012-05-19 15:45:21 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 21:43:21 na ?2012-?05-?19 było
nieoczekiwane.


< End of report >[/log]
To powinno być to.
Sterowniki do karty już się instalują. Nie ma reguły kiedy komp sie pierdzieli, także na "wynik" bedziesz musiał trochę poczekać. Anyway, dzięki za pomoc.

Gość
komentarz
komentarz

W logach nie ma infekcji.
Odinstaluj smieci z przegladarek

[code]"facemoods" = facemoods
uTorrentControl2 Toolbar[/code]

Pobierz [b]AdwCleaner[/b] i wykonaj skan z opcji [b]Search. [/b]Przedstaw raport.
http://general-changelog-team.fr/outils/289-adwcleaner

Kaaas
komentarz
komentarz

[log]# AdwCleaner v1.606 - Logfile created 05/20/2012 at 14:07:03
# Updated 10/05/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Maciek - MACIEK-PC
# Running from : C:\Users\Maciek\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Maciek\AppData\Local\Conduit
Folder Found : C:\Users\Maciek\AppData\LocalLow\Conduit
Folder Found : C:\Users\Maciek\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\3l1olj9a.default\ConduitCommon
Folder Found : C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\3l1olj9a.default\extensions\ffxtlbr@Facemoods.com
Folder Found : C:\Program Files (x86)\Conduit
File Found : C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\3l1olj9a.default\searchplugins\Conduit.xml

***** [Registry] *****

[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Google\chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
[x64] Key Found : HKCU\Software\Softonic
[x64] Key Found : HKCU\Software\AppDataLow\Toolbar
[x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit
[x64] Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[x64] Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
[x64] Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT3072253
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4

-\\ Mozilla Firefox v11.0 (pl)

Profile name : default
File : C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\3l1olj9a.default\prefs.js

Found : user_pref("CT3072253..clientLogIsEnabled", false);
Found : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Found : user_pref("CT3072253.BrowserCompStateIsOpen_129749445530228833", true);
Found : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Found : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Found : user_pref("CT3072253.CTID", "CT3072253");
Found : user_pref("CT3072253.CurrentServerDate", "19-5-2012");
Found : user_pref("CT3072253.DSInstall", true);
Found : user_pref("CT3072253.DialogsAlignMode", "LTR");
Found : user_pref("CT3072253.DialogsGetterLastCheckTime", "Thu May 17 2012 18:05:08 GMT+0200");
Found : user_pref("CT3072253.DownloadReferralCookieData", "");
Found : user_pref("CT3072253.FirstServerDate", "8-4-2012");
Found : user_pref("CT3072253.FirstTime", true);
Found : user_pref("CT3072253.FirstTimeFF3", true);
Found : user_pref("CT3072253.FixPageNotFoundErrors", true);
Found : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Found : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT3072253.HPInstall", true);
Found : user_pref("CT3072253.HasUserGlobalKeys", true);
Found : user_pref("CT3072253.HomePageProtectorEnabled", false);
Found : user_pref("CT3072253.HomepageBeforeUnload", "hxxp://www.google.pl/");
Found : user_pref("CT3072253.Initialize", true);
Found : user_pref("CT3072253.InitializeCommonPrefs", true);
Found : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT3072253.InstallationId", "ConduitXPEIntegration");
Found : user_pref("CT3072253.InstallationType", "ConduitXPEIntegration");
Found : user_pref("CT3072253.InstalledDate", "Sun Apr 08 2012 19:33:35 GMT+0200");
Found : user_pref("CT3072253.IsAlertDBUpdated", true);
Found : user_pref("CT3072253.IsGrouping", false);
Found : user_pref("CT3072253.IsInitSetupIni", true);
Found : user_pref("CT3072253.IsMulticommunity", false);
Found : user_pref("CT3072253.IsOpenThankYouPage", true);
Found : user_pref("CT3072253.IsOpenUninstallPage", false);
Found : user_pref("CT3072253.IsProtectorsInit", true);
Found : user_pref("CT3072253.LanguagePackLastCheckTime", "Sat May 19 2012 13:48:28 GMT+0200");
Found : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT3072253.LastLogin_3.10.0.1", "Sun Apr 08 2012 19:33:36 GMT+0200");
Found : user_pref("CT3072253.LastLogin_3.12.0.7", "Wed Apr 25 2012 18:27:28 GMT+0200");
Found : user_pref("CT3072253.LastLogin_3.12.2.3", "Sat May 19 2012 13:48:29 GMT+0200");
Found : user_pref("CT3072253.LatestVersion", "3.12.2.3");
Found : user_pref("CT3072253.Locale", "en");
Found : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Found : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Found : user_pref("CT3072253.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT3072253.OriginalFirstVersion", "3.10.0.1");
Found : user_pref("CT3072253.SavedHomepage", "www.google.pl");
Found : user_pref("CT3072253.SearchBoxWidth", 143);
Found : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Found : user_pref("CT3072253.SearchEngineBeforeUnload", "uTorrentControl2 Customized Web Search");
Found : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Found : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT307[...]
Found : user_pref("CT3072253.SearchInNewTabEnabled", true);
Found : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Sat May 19 2012 13:48:28 GMT+0200");
Found : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT3072253.SearchProtectorEnabled", true);
Found : user_pref("CT3072253.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Found : user_pref("CT3072253.ServiceMapLastCheckTime", "Sat May 19 2012 13:48:28 GMT+0200");
Found : user_pref("CT3072253.SettingsLastCheckTime", "Sat May 19 2012 13:48:28 GMT+0200");
Found : user_pref("CT3072253.SettingsLastUpdate", "1337169810");
Found : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Found : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Sun Apr 08 2012 19:33:34 GMT+0200");
Found : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
Found : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT3072253.UserID", "UN81533185649200419");
Found : user_pref("CT3072253.ValidationData_Toolbar", 2);
Found : user_pref("CT3072253.alertChannelId", "1463702");
Found : user_pref("CT3072253.autoDisableScopes", -1);
Found : user_pref("CT3072253.backendstorage.cbcountry_000", "504C");
Found : user_pref("CT3072253.backendstorage.cbfirsttime", "53756E2041707220303820323031322031393A33333A33372[...]
Found : user_pref("CT3072253.backendstorage.facebook_mode", "32");
Found : user_pref("CT3072253.backendstorage.facebook_user_locale", "656E");
Found : user_pref("CT3072253.backendstorage.youtubelang", "5553");
Found : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Sun Apr 08 2012 19:33:35 GMT+0200");
Found : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Found : user_pref("CT3072253.initDone", true);
Found : user_pref("CT3072253.isAppTrackingManagerOn", true);
Found : user_pref("CT3072253.myStuffEnabled", true);
Found : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Found : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT3072253.navigateToUrlOnSearch", false);
Found : user_pref("CT3072253.revertSettingsEnabled", true);
Found : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Found : user_pref("CT3072253.testingCtid", "");
Found : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Sat May 19 2012 13:48:28 GMT+0200");
Found : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Sun Apr 08 2012 19:33:36 GMT+0200");
Found : user_pref("CT3072253.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3072253&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentControl2 Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1463702/1459356/PL", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"67e[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Maciek\\AppData\\Roaming\\Mozilla\\[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.10.0.1");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Found : user_pref("CommunityToolbar.ToolbarsList", "CT3072253");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT3072253");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253");
Found : user_pref("CommunityToolbar.globalUserId", "c500261d-789c-4525-b686-fc3c2fd1d13b");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Apr 08 2012 19:33:3[...]
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Apr 08 2012 19:33:44 GMT+020[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Apr 08 2012 19:33:35 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "aa5e2372-36fd-4ff0-a74e-0f6cdc25fe38");
Found : user_pref("CommunityToolbar.originalHomepage", "www.google.pl");
Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Found : user_pref("browser.search.defaultthis.engineName", "uTorrentControl2 Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&Sea[...]
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=[...]

-\\ Google Chrome v18.0.1025.168

File : C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found : "explicit_host": [ "hxxp://igor.facemoods.com/*", "hxxp://reports.facemoods.com/*" ],
Found : "css": [ "style/facemoods_chrome_1.0.1.css" ],
Found : "name": "Facemoods",
Found : "permissions": [ "tabs", "hxxp://igor.facemoods.com/", "hxxp://reports.facemoods.com/[...]
Found : "update_url": "hxxp://facemoods.com/public/download/chrome/update.xml",
Found : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT307225[...]

*************************

AdwCleaner[R1].txt - [18402 octets] - [20/05/2012 14:07:03]

########## EOF - C:\AdwCleaner[R1].txt - [18531 octets] ##########[/log]
Proszę Cię bardzo.

Gość
komentarz
komentarz

Zamknij przegladarki. Uruchom AdwCleaner i kliknij [b]Delete.[/b]
Potem uruchom go znowu i kliknij [b]Uninstall.[/b]

Odpal OTL i wykonaj skan, przedstaw raport. Extras juz nie potrzebny.

Kaaas
komentarz
komentarz

uTorrent toolbara nie udało mi się odinstalować. Nie znalazłem go poprostu.
[log]OTL Extras logfile created on: 2012-05-20 14:28:45 - Run 2
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Maciek\Desktop\Programy
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,98 Gb Total Physical Memory | 2,68 Gb Available Physical Memory | 67,30% Memory free
7,96 Gb Paging File | 6,53 Gb Available in Paging File | 82,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 107,42 Gb Total Space | 49,58 Gb Free Space | 46,16% Space Free | Partition Type: NTFS
Drive D: | 358,34 Gb Total Space | 214,19 Gb Free Space | 59,77% Space Free | Partition Type: NTFS

Computer Name: MACIEK-PC | User Name: Maciek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B6B287-EEAE-4C11-8382-820536F5F882}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A10444B-5BB6-4A68-BDAF-274D051F4A40}" = rport=139 | protocol=6 | dir=out | app=system |
"{0CFB2AA0-59AF-46FF-B878-2BCFEEED853B}" = lport=139 | protocol=6 | dir=in | app=system |
"{154C4B47-C443-4891-B3CD-FAD9BAE78FD7}" = rport=445 | protocol=6 | dir=out | app=system |
"{3563DAD2-D63D-4E92-B32F-6F2479A200CF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{37FC8060-1A09-4445-9074-797DEBD29C57}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{464FDED9-D4F8-4697-BC5B-30D7E4B2F708}" = lport=138 | protocol=17 | dir=in | app=system |
"{4FD7352C-E0A4-4B3A-9735-111F53F0BD63}" = lport=56595 | protocol=6 | dir=in | name=pando media booster |
"{50419CBE-D7C8-4C29-A192-970A122CD407}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{52E29AE4-14B8-4507-88E6-B60B26978CEE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{66D3972E-77F5-4A10-A300-51B5F78D62D5}" = rport=138 | protocol=17 | dir=out | app=system |
"{83F83DC6-BB4B-4554-9123-34606AD50572}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A4A33962-737B-41FA-8AF8-58E5CF2B8DD8}" = lport=56595 | protocol=17 | dir=in | name=pando media booster |
"{ABEB99AE-5BD3-477C-B77B-8CFD6C751987}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B032EDE3-F786-4346-8ED5-79EE4891E813}" = lport=445 | protocol=6 | dir=in | app=system |
"{B0498F64-D06A-41E6-B3CB-084752A7EAF2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB0B2194-5BC2-4FCB-9446-8736771FC19D}" = lport=56595 | protocol=17 | dir=in | name=pando media booster |
"{C243BDB3-ECE3-42B4-ACD3-A0FF70F328B9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CB5DA72E-D600-41D8-B34F-00CFC1D07BDF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D7E51338-0DBD-4F42-84CF-796A9E502955}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DEFDE887-73A5-43A2-9B2A-5E94E83E9028}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{E1CD9800-5C42-4631-9932-51A62A9E2252}" = rport=137 | protocol=17 | dir=out | app=system |
"{E66AFE27-B955-44E1-8388-ADDD188333FC}" = lport=137 | protocol=17 | dir=in | app=system |
"{E6B6001A-233B-455C-95DB-3271C04FD892}" = lport=56595 | protocol=6 | dir=in | name=pando media booster |
"{E861DE07-8937-44EC-B727-63F41988D5C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F00AC0BB-F42B-45A2-AB30-76EDB9187233}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05EAC0DA-D0A4-4533-A623-21F00F4E377E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{07721A08-0D02-4D7A-954B-60FAC3994D00}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{0874C17D-FA8C-4FE3-94FB-FA3A31F1460B}" = protocol=17 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraftsp.exe |
"{08F1B77B-D7D4-402F-B3B0-3729D8F19E80}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{1332346E-1D12-4B43-AA46-62C75635DED8}" = protocol=6 | dir=in | app=d:\gry\lol\league of legends\lol.launcher.exe |
"{14D365EC-8CBC-4E50-8F99-BA6960984E29}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{164057B2-2D45-464F-AA77-7F0B3BF12898}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{18D34C5C-C3B8-4EF4-827D-9963DC0304A1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{20BC96D8-523D-4CBF-85E3-C13B13F5C8E5}" = protocol=17 | dir=in | app=d:\gry\mass effect\binaries\masseffect.exe |
"{2606B609-BDD8-4930-9301-81E489147816}" = protocol=6 | dir=out | app=system |
"{292CA7CB-994C-47A6-815E-CB573CBACB56}" = protocol=17 | dir=in | app=d:\gry\mass effect\masseffectlauncher.exe |
"{2E53B238-6B5B-4434-8602-89E0E8941C46}" = protocol=6 | dir=in | app=d:\gry\mass effect\masseffectlauncher.exe |
"{32BF485D-D018-4648-A253-7A9AAA39741E}" = protocol=17 | dir=in | app=d:\gry\gta iv\rockstar games social club\rgsclauncher.exe |
"{3D9AB241-76B3-43CA-94F5-5FEFFD5D1E0A}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{3F3A721F-1BE6-47A9-AE09-342C350BB138}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{433E1D93-B23B-4822-AA9B-E0FB0F55ECAA}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{43FFA393-6349-46CF-9861-AE7E9804F00F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{440D085A-0406-4767-9CF0-CA75E0DFD74B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{50B68ACC-6089-45CB-AAC9-F75B736773EA}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{5C99E82F-83B5-47BE-BB21-BC4BA8A36980}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5E5C1403-2DE0-4486-AE29-60DD970BA3DC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5EC09460-0B81-4921-A26B-7608827759FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6335DE28-54BC-4316-85E6-61BA65DA1FB4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{657DE16C-17CD-485E-9B15-AD3C33C6D96F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6ADC8A8A-8F1F-4A34-B986-C18B37FF862D}" = protocol=17 | dir=in | app=d:\gry\diabolo\diablo iii beta\diablo iii.exe |
"{6DE6E086-4AB4-4627-8BE0-F9794AF4FE0E}" = protocol=17 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraft_server.exe |
"{6DFAFD6B-43F0-4882-8771-053EA5BFC95E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77FA3CC1-BCA7-445A-86A2-21AF0E7AC232}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{789A172D-5FED-4A6C-9027-215465A03E58}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{7C88B876-0695-4602-8DB8-83D613B79F4D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{7CF30507-00BE-4D6F-B490-FF7BDB9BA07A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9077F31A-656F-4132-941B-558EB4C9CF20}" = protocol=6 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraft_server.exe |
"{919D15CC-C8D5-49DF-AD7E-6361E2B6D3F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9249E279-17EA-4F6C-A99D-3FD4CC416D1D}" = protocol=6 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\binaries\masseffect2.exe |
"{9F2C458D-12D4-4352-9338-EA0BF1C57CCC}" = protocol=6 | dir=in | app=d:\gry\mass effect\binaries\masseffect.exe |
"{A17E4769-52D6-4C87-AE18-C0801EE98072}" = protocol=6 | dir=in | app=d:\gry\diabolo\diablo iii beta\diablo iii.exe |
"{A1CF1784-E45B-4021-86E4-6991D20633D7}" = protocol=6 | dir=in | app=c:\users\maciek\appdata\roaming\.minecraft\minecraftsp.exe |
"{A8C31C5D-CA85-421C-8363-01CAB5BD7388}" = protocol=17 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\binaries\masseffect2.exe |
"{A8F809A5-1030-4D90-8B32-9BB825F1BA67}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{ACCF55E0-6386-4A12-A09A-DB66202C7E2F}" = protocol=17 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\masseffect2launcher.exe |
"{AE845F42-34DF-49B1-861D-E1CF3BF384BC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{B17D08D8-E488-4204-B893-9C46C9F954B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B43DEBC7-B7DA-4082-9DF7-4113F7E4634A}" = protocol=6 | dir=in | app=d:\gry\mass effect 2pl\mass effect 2\masseffect2launcher.exe |
"{B48045AF-5F20-435D-83BD-86665D44B53F}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BD5F24B2-47B4-4329-958E-F7260BBD7F92}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C14231F2-8529-40D7-88B0-CC6057F69513}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\gears of war\binaries\wargame-g4wlive.exe |
"{C38CD189-7D0E-432C-AAB1-DD62AF5FA781}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C4B90775-8900-44C6-A774-E8BE9B504FCB}" = protocol=6 | dir=in | app=d:\gry\gta iv\rockstar games social club\rgsclauncher.exe |
"{C6D6B105-B4D6-4463-9D4C-390AA75785B0}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C6FFBE17-72E1-4EE5-9216-DC5DE7BD06D9}" = protocol=58 | dir=in | app=system |
"{CB991A80-6219-4136-9393-5AC464C5B75A}" = protocol=17 | dir=in | app=d:\gry\lol\league of legends\lol.launcher.exe |
"{CCC71F2E-59C1-4564-B0B1-2FDD39A39D1F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\gears of war\binaries\wargame-g4wlive.exe |
"{CE2C2B45-6977-480B-AFD8-4CCCE72A1E3B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{D2E9A87D-0105-47BA-97C0-56CB9C368983}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D4C8DAF6-0547-4251-B54F-A5786253D5D1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D8E7FF74-A395-4FFB-9ABE-079475F94B34}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E4203F55-4F04-4194-82CF-8EF7506939C2}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{E90139A2-0A37-4833-A127-E626CD4EF4F6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ED875282-D50B-45A6-AD93-AEF1A7A5F086}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{EF370D10-6362-42DC-AA3B-C1B38F00521F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{EF7D6612-162A-4A9D-8F1D-AFE5C33EDA14}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F11522AD-E4F6-4FC4-AB5D-05E3D92FDC6D}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{FD3963EB-16D2-4B47-83B0-44968B0E8DF5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"TCP Query User{01F75668-4267-40F7-86EB-1DEF702746D5}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{276FB2D9-C8AC-4494-BCFA-36236E42EE06}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{7E3F414B-20AB-4E9A-BAA5-7523F257916A}C:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe" = protocol=6 | dir=in | app=c:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe |
"TCP Query User{B515DC96-C442-460A-8CE5-044C4290EF0B}D:\gry\saints row\saints row the third\saintsrowthethird.exe" = protocol=6 | dir=in | app=d:\gry\saints row\saints row the third\saintsrowthethird.exe |
"TCP Query User{D4657D97-9ADD-400C-9E12-3AD24C3F84A7}D:\gry\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\gry\crysis 2\bin32\crysis2.exe |
"TCP Query User{FF0CA6BD-8BE8-4A20-BDDF-51129BE2B6BA}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe |
"UDP Query User{1CA19F1E-6D4B-43B0-9BC9-B38DC779C5AA}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{39349563-572B-46D0-AC58-02673D363861}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe |
"UDP Query User{5B5AA6BF-0264-4757-8DE4-56C4271F0167}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{6D5DDE5C-4E2B-4248-AB45-7B20ED2F8AF2}D:\gry\saints row\saints row the third\saintsrowthethird.exe" = protocol=17 | dir=in | app=d:\gry\saints row\saints row the third\saintsrowthethird.exe |
"UDP Query User{CB77C7BA-8CCA-4DC7-8FE4-6A9783A050FE}C:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe" = protocol=17 | dir=in | app=c:\users\maciek\appdata\local\apps\2.0\5agrpayq.ckm\ewvyyc4l.y0v\tadz..tion_0000000000000000_0001.0000_6680277c9ae85a85\tadzik.exe |
"UDP Query User{E631569E-CFFD-4095-9E59-BDF3E4210D64}D:\gry\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\gry\crysis 2\bin32\crysis2.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0015-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0016-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0018-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-0019-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001A-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001B-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-001F-0415-1000-0000000FF1CE}_Office14.PROPLUS_{329A3D98-9583-4B84-B18B-498E7AB65C43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-002C-0415-1000-0000000FF1CE}_Office14.PROPLUS_{BFEB53FA-3044-47FD-BB50-9DCBBEED79EF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010
"{90140000-0043-0415-1000-0000000FF1CE}_Office14.PROPLUS_{FF5F6090-64DF-4BF6-BADD-71A64FDA70D2}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-0044-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-006E-0415-1000-0000000FF1CE}_Office14.PROPLUS_{3A96ABFF-5202-47B1-B5A2-DDE76563AF61}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00A1-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{90140000-00BA-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR 4.01 (64-bitowy)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3B418709-D688-4E3A-BE0E-7D71FA84C948}" = Nero 11 PiP Effects 1
"{4382FC76-8100-4951-8658-31834E625E88}" = Nero 11 Video Transitions 1
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B7IL77L-LKS1-ROW3-SAINTS-18CD6E6334R1}_is1" = Saints Row The Third version 1.0
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper wersja 3.1.0
"{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A7ABBD4-A617-4AE8-9C6D-1510DE46EC35}" = Nero 11
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1
"{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples
"{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Polish
"{ACD6B383-EC5B-4000-A455-CCB308B447FE}" = Nero 11 Kwik Themes 4
"{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BA499CC0-12C0-4BA5-9007-76844B721158}" = Nero 11 Kwik Themes 3
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F69FB940-5031-4FE8-AFAD-085802D0BF63}" = Nero Recode 11
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"avast" = avast! Internet Security
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps (remove only)
"Gears of War - spolszczenie" = Gears of War - spolszczenie
"Google Chrome" = Google Chrome
"InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.4.0 (Full)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"RealAlt_is1" = Real Alternative 2.0.2
"Syndicate_is1" = Syndicate
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GG" = GG

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-04-25 07:22:26 | Computer Name = Maciek-PC | Source = | ID = 0
Description =

Error - 2012-04-25 07:22:26 | Computer Name = Maciek-PC | Source = | ID = 0
Description =

Error - 2012-04-27 06:15:55 | Computer Name = Maciek-PC | Source = Application Hang | ID = 1002
Description = Program chrome.exe w wersji 18.0.1025.162 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: 878 Godzina rozpoczęcia: 01cd24573a12f781 Godzina zakończenia:
10 Ścieżka aplikacji: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Identyfikator
raportu: f61d4de5-9051-11e1-9372-5404a69c7cfa

Error - 2012-05-07 02:48:07 | Computer Name = Maciek-PC | Source = Application Hang | ID = 1002
Description = Program chrome.exe w wersji 18.0.1025.168 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: 1290 Godzina rozpoczęcia: 01cd2c1cb90fa32e Godzina zakończenia:
0 Ścieżka aplikacji: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Identyfikator
raportu: 954a9b70-9810-11e1-9346-5404a69c7cfa

Error - 2012-05-08 07:19:53 | Computer Name = Maciek-PC | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: rads_user_kernel.exe, wersja: 0.0.0.0,
sygnatura czasowa: 0x4e65c1ac Nazwa modułu powodującego błąd: rads_user_kernel.exe,
wersja: 0.0.0.0, sygnatura czasowa: 0x4e65c1ac Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0x000b8554 Identyfikator procesu powodującego błąd: 0x1150 Godzina uruchomienia
aplikacji powodującej błąd: 0x01cd2d0c7c5039d3 Ścieżka aplikacji powodującej błąd:
D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Ścieżka modułu powodującego
błąd: D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Identyfikator
raportu: bb381fd9-98ff-11e1-aa3a-5404a69c7cfa

Error - 2012-05-11 14:32:49 | Computer Name = Maciek-PC | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: rads_user_kernel.exe, wersja: 0.0.0.0,
sygnatura czasowa: 0x4e65c1ac Nazwa modułu powodującego błąd: rads_user_kernel.exe,
wersja: 0.0.0.0, sygnatura czasowa: 0x4e65c1ac Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0x000b8554 Identyfikator procesu powodującego błąd: 0x554 Godzina uruchomienia
aplikacji powodującej błąd: 0x01cd2fa389449a6b Ścieżka aplikacji powodującej błąd:
D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Ścieżka modułu powodującego
błąd: D:\Gry\LoL\League of Legends\RADS\system\rads_user_kernel.exe Identyfikator
raportu: b54637d4-9b97-11e1-88cb-5404a69c7cfa

Error - 2012-05-12 03:01:55 | Computer Name = Maciek-PC | Source = MsiInstaller | ID = 1013
Description =

Error - 2012-05-12 07:31:19 | Computer Name = Maciek-PC | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: MassEffect2.exe, wersja: 1.0.1593.2,
sygnatura czasowa: 0x4b2845cd Nazwa modułu powodującego błąd: MassEffect2.exe, wersja:
1.0.1593.2, sygnatura czasowa: 0x4b2845cd Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x00511db0 Identyfikator procesu powodującego błąd: 0xdc8 Godzina uruchomienia aplikacji
powodującej błąd: 0x01cd302e5cb88d65 Ścieżka aplikacji powodującej błąd: D:\Gry\Mass
Effect 2PL\Mass Effect 2\Binaries\MassEffect2.exe Ścieżka modułu powodującego błąd:
D:\Gry\Mass Effect 2PL\Mass Effect 2\Binaries\MassEffect2.exe Identyfikator raportu:
fdf85236-9c25-11e1-ab99-5404a69c7cfa

Error - 2012-05-16 14:42:11 | Computer Name = Maciek-PC | Source = Windows Installer 3.1 | ID = 921877
Description =

Error - 2012-05-20 07:35:20 | Computer Name = Maciek-PC | Source = SideBySide | ID = 16842832
Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\Maciek\Downloads\SoftonicDownloader_for_driver-sweeper.exe”.
Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana
przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki
powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Składnik
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

[ System Events ]
Error - 2012-04-11 10:27:47 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 16:26:13 na ?2012-?04-?11 było
nieoczekiwane.

Error - 2012-04-11 10:27:51 | Computer Name = MACIEK-PC | Source = BugCheck | ID = 1001
Description =

Error - 2012-04-11 11:12:37 | Computer Name = Maciek-PC | Source = BugCheck | ID = 1001
Description =

Error - 2012-04-13 02:05:35 | Computer Name = Maciek-PC | Source = Service Control Manager | ID = 7023
Description = Usługa Serwer zakończyła działanie; wystąpił następujący błąd: %%1062

Error - 2012-04-17 01:53:14 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 21:23:57 na ?2012-?04-?16 było
nieoczekiwane.

Error - 2012-04-20 02:28:03 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 22:03:36 na ?2012-?04-?19 było
nieoczekiwane.

Error - 2012-05-10 17:30:40 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 23:29:07 na ?2012-?05-?10 było
nieoczekiwane.

Error - 2012-05-19 15:45:21 | Computer Name = Maciek-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 21:43:21 na ?2012-?05-?19 było
nieoczekiwane.

Error - 2012-05-20 07:15:02 | Computer Name = Maciek-PC | Source = Service Control Manager | ID = 7034
Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2012-05-20 07:27:35 | Computer Name = Maciek-PC | Source = DCOM | ID = 10010
Description =


< End of report >[/log]
I tu masz Extras.

Gość
komentarz
komentarz

[quote]I tu masz Extras. [/quote]

Ja nie chce Extras tylko [b]OTL.txt[/b]

Kaaas
komentarz
komentarz

No tak, moje czytanie ze zrozumieniem leży i kwiczy. Wybacz :)
[log]OTL logfile created on: 2012-05-20 15:06:46 - Run 3
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Maciek\Desktop\Programy
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,98 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 57,13% Memory free
7,96 Gb Paging File | 6,10 Gb Available in Paging File | 76,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 107,42 Gb Total Space | 49,58 Gb Free Space | 46,15% Space Free | Partition Type: NTFS
Drive D: | 358,34 Gb Total Space | 214,19 Gb Free Space | 59,77% Space Free | Partition Type: NTFS

Computer Name: MACIEK-PC | User Name: Maciek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-05-20 09:59:21 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Maciek\Desktop\Programy\OTL.exe
PRC - [2012-05-17 12:47:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-05-16 20:42:59 | 003,402,376 | ---- | M] (Electronic Arts) -- D:\Origin\Origin.exe
PRC - [2012-05-09 05:04:54 | 001,240,048 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-03-07 01:15:13 | 000,134,920 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2009-07-14 03:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-05-20 09:59:21 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Maciek\Desktop\Programy\OTL.exe
MOD - [2012-05-16 20:43:00 | 018,604,544 | ---- | M] () -- D:\Origin\QtWebKit4.dll
MOD - [2012-05-16 20:43:00 | 003,564,544 | ---- | M] () -- D:\Origin\QtXmlPatterns4.dll
MOD - [2012-05-16 20:43:00 | 001,106,944 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\Origin\libeay32.dll
MOD - [2012-05-16 20:43:00 | 000,413,184 | ---- | M] () -- D:\Origin\QtXml4.dll
MOD - [2012-05-16 20:43:00 | 000,312,320 | ---- | M] () -- D:\Origin\imageformats\qtiff4.dll
MOD - [2012-05-16 20:43:00 | 000,264,192 | ---- | M] () -- D:\Origin\imageformats\qmng4.dll
MOD - [2012-05-16 20:43:00 | 000,237,568 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- D:\Origin\ssleay32.dll
MOD - [2012-05-16 20:43:00 | 000,211,456 | ---- | M] () -- D:\Origin\imageformats\qjpeg4.dll
MOD - [2012-05-16 20:43:00 | 000,032,256 | ---- | M] () -- D:\Origin\imageformats\qico4.dll
MOD - [2012-05-16 20:43:00 | 000,028,672 | ---- | M] () -- D:\Origin\imageformats\qgif4.dll
MOD - [2012-05-16 20:42:59 | 029,974,664 | ---- | M] (Electronic Arts) -- D:\Origin\OriginClient.dll
MOD - [2012-05-16 20:42:59 | 009,440,256 | ---- | M] () -- D:\Origin\QtGui4.dll
MOD - [2012-05-16 20:42:59 | 003,402,376 | ---- | M] (Electronic Arts) -- D:\Origin\Origin.exe
MOD - [2012-05-16 20:42:59 | 002,694,144 | ---- | M] () -- D:\Origin\QtCore4.dll
MOD - [2012-05-16 20:42:59 | 001,152,512 | ---- | M] () -- D:\Origin\QtNetwork4.dll
MOD - [2012-05-16 20:42:58 | 006,835,344 | ---- | M] (Electronic Arts) -- D:\Origin\IGO32.dll
MOD - [2012-05-15 16:14:52 | 000,040,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12052000\uiext.dll
MOD - [2012-05-09 05:04:54 | 001,240,048 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
MOD - [2012-05-09 05:04:52 | 000,441,840 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
MOD - [2012-05-09 05:04:51 | 003,921,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll
MOD - [2012-05-09 05:03:36 | 000,553,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libglesv2.dll
MOD - [2012-05-09 05:03:35 | 000,117,744 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libegl.dll
MOD - [2012-05-09 05:03:34 | 009,962,480 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\icudt.dll
MOD - [2012-05-09 05:03:28 | 035,876,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\chrome.dll
MOD - [2012-05-09 05:03:25 | 000,134,656 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avutil-51.dll
MOD - [2012-05-09 05:03:24 | 000,250,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avformat-54.dll
MOD - [2012-05-09 05:03:23 | 002,375,680 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avcodec-54.dll
MOD - [2012-05-09 04:09:13 | 008,743,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
MOD - [2012-05-09 04:09:13 | 008,743,584 | ---- | M] () -- C:\PROGRA~2\Google\Chrome\APPLIC~1\190108~1.46\gcswf32.dll
MOD - [2012-04-27 07:12:11 | 000,120,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MOD - [2012-04-21 06:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
MOD - [2012-04-07 21:34:15 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2012-04-07 21:34:14 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012-04-07 21:34:14 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012-03-20 13:18:24 | 001,145,344 | ---- | M] (ESN Social Software AB) -- C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
MOD - [2012-03-07 01:15:28 | 000,228,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll
MOD - [2012-03-07 01:15:28 | 000,095,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll
MOD - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2012-03-07 01:15:15 | 004,675,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2012-03-07 01:15:13 | 000,215,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2012-03-07 01:15:10 | 000,399,088 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2012-03-07 01:15:10 | 000,214,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2012-03-07 01:15:10 | 000,027,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2012-03-07 01:15:09 | 000,217,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2012-03-07 01:15:08 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2012-03-07 01:15:07 | 000,337,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2012-03-07 01:15:07 | 000,184,872 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2012-03-07 01:15:07 | 000,164,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2012-03-07 01:15:07 | 000,153,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2012-03-07 01:15:07 | 000,098,864 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2012-03-07 01:15:07 | 000,050,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2012-03-07 01:15:06 | 000,406,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2012-03-07 01:15:06 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2012-03-07 01:15:04 | 000,042,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwRpc.dll
MOD - [2012-03-07 01:15:03 | 000,345,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2012-03-07 01:15:03 | 000,164,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCoreClient.dll
MOD - [2012-03-07 01:15:03 | 000,096,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2012-03-07 01:15:03 | 000,035,528 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwCore.dll
MOD - [2012-03-07 01:15:03 | 000,034,992 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwGeoIP.dll
MOD - [2012-03-01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-03-01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-03-01 02:02:00 | 015,009,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll
MOD - [2012-02-28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-02-28 03:12:01 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-02-28 03:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-02-28 03:04:32 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-02-23 17:23:15 | 002,111,448 | ---- | M] (AVAST! Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll
MOD - [2012-02-01 10:18:26 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Origin Games\Battlefield 3\Core\MSVCR100.dll
MOD - [2012-02-01 10:18:26 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Origin Games\Battlefield 3\Core\MSVCP100.dll
MOD - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2012-01-04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-01-04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011-12-16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-11-17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2011-11-17 07:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2011-11-17 07:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2011-11-17 07:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2011-11-03 16:08:56 | 000,122,216 | ---- | M] (ESN Social Software AB) -- C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-07-16 06:26:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\acwow64.dll
MOD - [2011-07-16 06:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-07-16 06:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011-06-16 06:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-05-24 12:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-05-24 12:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-20 14:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010-11-20 14:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll
MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-20 14:21:34 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-20 14:21:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sqmapi.dll
MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010-11-20 14:21:03 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-20 14:19:33 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-20 14:19:05 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll
MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010-11-20 14:19:01 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll
MOD - [2010-11-20 14:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010-11-20 14:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-20 14:18:01 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll
MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-20 14:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-20 14:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-05-26 11:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DCompiler_43.dll
MOD - [2010-05-26 11:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DX9_43.dll
MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 03:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll
MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 03:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 03:15:46 | 002,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll
MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 03:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 03:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009-07-14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009-07-14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-07-14 03:05:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icmp.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2012-03-07 01:15:13 | 000,134,920 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-05-17 12:47:51 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-02-28 17:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-02-14 18:55:04 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R)
SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-04-07 16:26:50 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2012-03-07 01:04:31 | 000,141,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:[b]64bit:[/b] - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2012-03-07 01:03:29 | 000,258,904 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:[b]64bit:[/b] - [2012-03-07 01:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2012-03-07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-23 16:54:51 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:[b]64bit:[/b] - [2012-02-14 18:47:38 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012-01-17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2011-07-13 13:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)
DRV:[b]64bit:[/b] - [2011-07-13 13:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)
DRV:[b]64bit:[/b] - [2011-06-10 08:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-04-08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:[b]64bit:[/b] - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A}
IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\SearchScopes\{1CF28E44-71E2-4F49-9B56-28F2F8A987D0}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-04-07 14:57:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-07 17:22:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-04-16 18:58:46 | 000,000,000 | ---D | M]

[2012-04-07 15:30:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maciek\AppData\Roaming\mozilla\Extensions
[2012-05-20 14:25:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maciek\AppData\Roaming\mozilla\Firefox\Profiles\3l1olj9a.default\extensions
[2012-04-25 19:13:28 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Maciek\AppData\Roaming\mozilla\Firefox\Profiles\3l1olj9a.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012-04-07 22:52:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-04-07 22:52:25 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-04-16 18:14:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012-04-07 15:32:07 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-04-16 18:14:46 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012-04-07 15:32:04 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-07 15:32:04 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-12-13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2012-04-07 15:32:04 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-07 15:32:04 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-07 15:32:04 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-07 15:32:04 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000..\Run: [EADM] D:\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDFE84E1-D405-43C1-B049-F795ADE67950}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpReg: [b]facemoods[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]LogMeIn Hamachi Ui[/b] - hkey= - key= - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-05-20 13:28:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012-05-20 13:24:46 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-05-20 13:18:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012-05-20 13:11:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phyxion.net
[2012-05-20 10:13:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012-05-20 10:13:13 | 000,000,000 | ---D | C] -- C:\rsit
[2012-05-17 12:43:19 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\PunkBuster
[2012-05-17 12:43:13 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Battlefield 3
[2012-05-17 12:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2012-05-17 01:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
[2012-05-17 01:11:22 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2012-05-16 20:43:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2012-05-16 20:43:03 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Origin
[2012-05-16 20:42:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012-05-12 09:06:32 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\ME2 ENG
[2012-05-12 09:01:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012-05-12 09:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2
[2012-05-09 21:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012-05-09 21:34:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012-05-09 21:34:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012-05-07 19:44:06 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\Music
[2012-04-28 09:12:02 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Nero
[2012-04-22 21:52:02 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Diablo III
[2012-04-22 20:36:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012-04-22 14:47:10 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\mama
[2012-04-17 16:24:32 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\GRY BABCI
[2012-04-16 19:22:53 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\.minecraft
[2012-04-16 18:14:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012-04-16 18:14:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012-04-15 16:43:33 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft Games
[2012-04-15 16:38:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2012-04-15 16:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2012-04-14 19:08:16 | 000,000,000 | ---D | C] -- C:\Users\Maciek\riotsGamesLogs
[2012-04-14 19:08:01 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\LolClient
[2012-04-14 14:27:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2012-04-14 08:55:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012-04-14 08:40:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012-04-13 16:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2012-04-12 21:13:15 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2012-04-12 21:13:10 | 000,000,000 | ---D | C] -- C:\Fraps
[2012-04-11 20:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\GG
[2012-04-11 17:15:10 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Rockstar Games
[2012-04-11 17:14:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012-04-11 16:27:47 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-04-11 16:24:43 | 000,000,000 | RH-D | C] -- C:\Users\Maciek\AppData\Roaming\SecuROM
[2012-04-11 15:35:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-04-11 14:57:45 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012-04-11 14:54:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012-04-11 14:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012-04-11 13:57:34 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Rockstar Games
[2012-04-11 13:57:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012-04-10 20:08:37 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2012-04-10 20:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012-04-10 20:08:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012-04-10 15:00:41 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Media Player Classic
[2012-04-09 23:29:57 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\NVIDIA
[2012-04-09 23:18:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\LogMeIn Hamachi
[2012-04-09 20:42:25 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\PMB Files
[2012-04-09 20:42:24 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012-04-09 20:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012-04-08 22:45:31 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Skyrim
[2012-04-08 22:45:31 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\My Games
[2012-04-08 22:36:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2012-04-08 21:44:01 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\BioWare
[2012-04-08 21:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2012-04-08 21:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
[2012-04-08 21:41:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2012-04-08 17:53:03 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Microsoft Games
[2012-04-08 15:51:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrentControl2
[2012-04-08 15:51:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012-04-08 15:51:19 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\uTorrent
[2012-04-08 11:41:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\ToD
[2012-04-08 11:39:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Deployment
[2012-04-08 11:39:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Apps
[2012-04-08 11:04:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012-04-08 11:04:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2012-04-08 10:45:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
[2012-04-08 09:41:00 | 000,000,000 | --SD | C] -- C:\Users\Maciek\GG dysk
[2012-04-08 09:38:08 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\GG
[2012-04-08 09:38:07 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG
[2012-04-08 09:38:04 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\GG
[2012-04-08 00:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saints Row The Third
[2012-04-08 00:55:13 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-04-08 00:44:39 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Syndicate
[2012-04-07 23:58:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\SKIDROW
[2012-04-07 23:58:52 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\DarknessII
[2012-04-07 23:34:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012-04-07 23:34:03 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Origin
[2012-04-07 23:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012-04-07 23:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2012-04-07 23:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2012-04-07 23:05:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2012-04-07 23:05:26 | 000,000,000 | ---D | C] -- C:\Users\Maciek\SystemRequirementsLab
[2012-04-07 23:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader
[2012-04-07 23:00:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2012-04-07 22:52:16 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Skype
[2012-04-07 22:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-04-07 22:52:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-04-07 22:52:03 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012-04-07 22:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012-04-07 22:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012-04-07 22:43:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012-04-07 22:43:24 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012-04-07 22:43:24 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012-04-07 22:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012-04-07 22:38:15 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012-04-07 20:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2012-04-07 20:49:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2012-04-07 20:49:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012-04-07 20:45:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2012-04-07 20:45:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012-04-07 20:07:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012-04-07 20:06:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012-04-07 20:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2012-04-07 20:05:40 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012-04-07 20:05:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012-04-07 20:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012-04-07 20:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2012-04-07 20:03:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012-04-07 20:03:35 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Microsoft Help
[2012-04-07 20:03:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012-04-07 20:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012-04-07 20:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012-04-07 20:03:07 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012-04-07 20:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2012-04-07 20:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012-04-07 18:50:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012-04-07 18:50:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012-04-07 17:27:05 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Documents\Alcohol 120%
[2012-04-07 17:25:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012-04-07 17:25:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012-04-07 17:24:35 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012-04-07 17:24:34 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012-04-07 17:24:34 | 000,220,512 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012-04-07 17:24:34 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012-04-07 17:24:34 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012-04-07 17:24:34 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012-04-07 17:24:34 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012-04-07 17:24:34 | 000,078,176 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012-04-07 17:24:34 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012-04-07 17:24:27 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012-04-07 17:24:27 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012-04-07 17:24:27 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012-04-07 17:24:26 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012-04-07 17:24:26 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012-04-07 17:24:26 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012-04-07 17:24:21 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012-04-07 17:24:21 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012-04-07 17:24:21 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012-04-07 17:24:21 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012-04-07 17:24:20 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012-04-07 17:24:20 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012-04-07 17:24:18 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012-04-07 17:24:17 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012-04-07 17:24:17 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012-04-07 17:24:17 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012-04-07 17:24:16 | 000,603,472 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2012-04-07 17:24:09 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012-04-07 17:24:07 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012-04-07 17:24:07 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012-04-07 17:24:06 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012-04-07 17:24:06 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012-04-07 17:24:06 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012-04-07 17:24:04 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012-04-07 17:24:04 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012-04-07 17:24:04 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012-04-07 17:24:03 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012-04-07 17:24:03 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012-04-07 17:24:03 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012-04-07 17:24:03 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012-04-07 17:23:38 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012-04-07 17:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012-04-07 17:22:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative
[2012-04-07 17:22:39 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2012-04-07 17:22:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real Alternative
[2012-04-07 17:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
[2012-04-07 17:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2012-04-07 17:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime Alternative
[2012-04-07 17:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012-04-07 17:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime Alternative
[2012-04-07 17:16:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012-04-07 17:16:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2012-04-07 17:01:38 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2012-04-07 17:01:05 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2012-04-07 16:40:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012-04-07 16:39:21 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-07 16:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-07 16:38:37 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\WinRAR
[2012-04-07 16:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012-04-07 16:15:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012-04-07 16:15:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012-04-07 15:43:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012-04-07 15:42:45 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-04-07 15:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012-04-07 15:41:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012-04-07 15:41:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012-04-07 15:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-04-07 15:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012-04-07 15:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012-04-07 15:40:40 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Macromedia
[2012-04-07 15:40:40 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Adobe
[2012-04-07 15:40:40 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Adobe
[2012-04-07 15:38:21 | 000,000,000 | ---D | C] -- C:\Users\Maciek\Desktop\Programy
[2012-04-07 15:32:33 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Google
[2012-04-07 15:30:44 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Mozilla
[2012-04-07 15:30:44 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Mozilla
[2012-04-07 15:30:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-04-07 14:41:51 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012-04-07 14:41:51 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012-04-07 14:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012-04-07 14:41:50 | 000,141,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2012-04-07 14:41:41 | 000,258,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2012-04-07 14:41:41 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012-04-07 14:41:41 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012-04-07 14:41:41 | 000,028,504 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012-04-07 14:41:40 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012-04-07 14:41:38 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012-04-07 14:41:37 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012-04-07 14:41:21 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012-04-07 14:41:18 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2012-04-07 14:41:15 | 000,539,240 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012-04-07 14:41:10 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012-04-07 14:41:10 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-04-07 14:41:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012-04-07 14:41:08 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012-04-07 14:40:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012-04-07 14:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012-04-07 13:53:04 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012-04-07 13:52:50 | 000,000,000 | -HSD | C] -- C:\Boot
[2012-04-07 13:48:25 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012-04-07 13:48:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012-04-07 13:01:51 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012-04-07 13:00:40 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-04-07 13:00:40 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Searches
[2012-04-07 13:00:40 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-04-07 13:00:27 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Identities
[2012-04-07 13:00:19 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Contacts
[2012-04-07 13:00:15 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\VirtualStore
[2012-04-07 12:59:58 | 000,000,000 | --SD | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft
[2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Favorites
[2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Downloads
[2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Documents
[2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Desktop
[2012-04-07 12:59:58 | 000,000,000 | R--D | C] -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Ustawienia lokalne
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\AppData\Local\Temporary Internet Files
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Szablony
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\SendTo
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Recent
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\PrintHood
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\NetHood
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Documents\Moje wideo
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Documents\Moje obrazy
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Moje dokumenty
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Documents\Moja muzyka
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Menu Start
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\AppData\Local\Historia
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Dane aplikacji
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\AppData\Local\Dane aplikacji
[2012-04-07 12:59:58 | 000,000,000 | -HSD | C] -- C:\Users\Maciek\Cookies
[2012-04-07 12:59:58 | 000,000,000 | -H-D | C] -- C:\Users\Maciek\AppData
[2012-04-07 12:59:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Temp
[2012-04-07 12:59:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Local\Microsoft
[2012-04-07 12:59:58 | 000,000,000 | ---D | C] -- C:\Users\Maciek\AppData\Roaming\Media Center Programs
[2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Videos
[2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Saved Games
[2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Pictures
[2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Music
[2012-04-07 12:59:57 | 000,000,000 | R--D | C] -- C:\Users\Maciek\Links
[2012-04-07 12:59:49 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2012-04-07 12:59:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2012-04-07 12:54:05 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012-04-07 12:53:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-05-20 14:44:00 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-05-20 14:33:39 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-05-20 14:33:39 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-05-20 14:31:45 | 001,672,256 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-05-20 14:31:45 | 000,741,328 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-05-20 14:31:45 | 000,655,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-05-20 14:31:45 | 000,155,924 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-05-20 14:31:45 | 000,121,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-05-20 14:26:39 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-05-20 14:26:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-05-20 14:26:16 | 3207,315,456 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-20 13:29:42 | 000,001,224 | ---- | M] () -- C:\Users\Maciek\Documents\ax_files.xml
[2012-05-20 11:04:46 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-05-20 11:04:46 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-05-20 11:04:26 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-05-19 21:59:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-05-19 21:43:00 | 000,319,589 | ---- | M] () -- C:\Users\Maciek\Desktop\Film0109.mp4
[2012-05-17 12:47:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-05-17 01:11:24 | 000,001,180 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2012-05-09 19:50:56 | 000,415,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-05-07 07:39:49 | 000,532,538 | ---- | M] () -- C:\Users\Maciek\Desktop\forum13_14.pdf
[2012-04-25 20:01:16 | 001,638,614 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-04-24 08:53:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01007.Wdf
[2012-04-11 17:12:29 | 375,767,249 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-04-11 14:57:45 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012-04-07 17:23:24 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2012-04-07 17:22:43 | 000,026,782 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2012-04-07 16:26:50 | 000,530,488 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2012-04-07 15:38:15 | 000,000,351 | ---- | M] () -- C:\Users\Maciek\Desktop\Gry.lnk
[2012-04-07 15:32:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012-04-07 15:32:02 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012-04-07 14:57:57 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-04-07 13:52:52 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-04-07 13:20:24 | 000,407,946 | RHS- | M] () -- C:\SFVXZ
[2012-04-07 13:19:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-07 12:57:25 | 000,067,908 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012-04-07 12:57:25 | 000,067,908 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-05-19 22:00:21 | 000,319,589 | ---- | C] () -- C:\Users\Maciek\Desktop\Film0109.mp4
[2012-05-19 21:59:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-05-17 12:43:24 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-05-17 01:11:24 | 000,001,180 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2012-05-17 01:10:39 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-05-17 01:10:39 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-05-17 01:10:35 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-05-07 07:40:59 | 000,532,538 | ---- | C] () -- C:\Users\Maciek\Desktop\forum13_14.pdf
[2012-04-24 08:55:22 | 001,638,614 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-04-24 08:53:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01007.Wdf
[2012-04-11 16:39:39 | 002,515,790 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012-04-11 16:27:35 | 375,767,249 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-04-11 15:34:51 | 000,001,060 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-11 15:34:50 | 000,001,056 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-07 22:43:24 | 000,011,770 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012-04-07 17:23:58 | 000,001,224 | ---- | C] () -- C:\Users\Maciek\Documents\ax_files.xml
[2012-04-07 17:03:00 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2012-04-07 17:02:47 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2012-04-07 17:00:35 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2012-04-07 17:00:16 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2012-04-07 17:00:16 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2012-04-07 16:58:37 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2012-04-07 16:58:37 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2012-04-07 16:41:10 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012-04-07 16:26:50 | 000,530,488 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2012-04-07 15:38:15 | 000,000,351 | ---- | C] () -- C:\Users\Maciek\Desktop\Gry.lnk
[2012-04-07 15:32:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012-04-07 15:32:02 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012-04-07 15:30:41 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-04-07 14:41:38 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012-04-07 14:41:15 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012-04-07 13:52:52 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012-04-07 13:52:51 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2012-04-07 13:47:45 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012-04-07 13:47:39 | 000,026,782 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012-04-07 13:20:24 | 000,407,946 | RHS- | C] () -- C:\SFVXZ
[2012-04-07 13:19:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-07 13:00:50 | 000,001,427 | ---- | C] () -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012-04-07 13:00:42 | 000,001,461 | ---- | C] () -- C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-04-07 12:57:17 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012-04-07 12:57:11 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012-04-07 12:53:47 | 3207,315,456 | -HS- | C] () -- C:\hiberfil.sys
[2012-02-29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012-02-14 18:47:06 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012-02-14 18:47:06 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012-02-14 18:47:06 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012-02-14 18:44:24 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-02-14 17:59:56 | 013,209,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

[color=#E56717]========== LOP Check ==========[/color]

[2012-04-21 22:31:06 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\.minecraft
[2012-04-14 19:06:36 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\DarknessII
[2012-05-20 14:16:15 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\GG
[2012-04-14 19:08:01 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\LolClient
[2012-04-07 23:34:43 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\Origin
[2012-04-08 11:43:38 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\ToD
[2012-05-20 14:23:55 | 000,000,000 | ---D | M] -- C:\Users\Maciek\AppData\Roaming\uTorrent
[2012-05-07 19:37:15 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-11-20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2012-04-07 13:52:52 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-05-20 14:26:16 | 3207,315,456 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-20 14:26:18 | 4276,424,704 | -HS- | M] () -- C:\pagefile.sys
[2012-04-07 13:20:24 | 000,407,946 | RHS- | M] () -- C:\SFVXZ

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2010-11-20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010-11-20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010-11-20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2010-11-20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010-11-20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010-11-20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< End of report >[/log]
Tu jest (mam nadzieje) to czego potrzebujesz.

Gość
komentarz
komentarz

Uruchom OTL i w oknie [b]Własne opcje skanowania/skryp[/b]t wklej

Kliknij w [color=#0000ff][b]Wykonaj skrypt[/b][/color]

[code]:Files
C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml

:OTL
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2626984496-4133979409-3266373985-1000\..\SearchScopes\{1CF28E44-71E2-4F49-9B56-28F2F8A987D0}: "URL" = http://search.condui...&ctid=CT3072253
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
[2012-04-25 19:13:28 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Maciek\AppData\Roaming\mozilla\Firefox\Profiles\3l1olj9a.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)

:Commands
[emptyflash]
[emptytemp][/code]


Odinstaluj [b]RSIT[/b]

2. Uruchom OTL i kliknij [b]Sprzatanie.[/b]

Kaaas
komentarz
komentarz

Done. Dzięki wielkie za pomoc. Dam znać czy pomogło :)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.